1. cobbler簡介
cobbler官網:http://cobbler.github.io/
Cobbler是一個Linux伺服器安裝的服務,可以通過網絡啟動(PXE)的方式來快速安裝、重裝實體伺服器和虛拟機,同時還可以管理DHCP,DNS等。
Cobbler可以使用指令行方式管理,也提供了基于Web的界面管理工具(cobbler-web),還提供了API接口,可以友善二次開發使用。
Cobbler是較早前的kickstart的更新版,優點是比較容易配置,還自帶web界面比較易于管理。
Cobbler内置了一個輕量級配置管理系統,但它也支援和其它配置管理系統內建,如Puppet,暫時不支援SaltStack。
2、cobbler內建的服務
- PXE服務支援
- DHCP服務管理
- DNS服務管理(可選bind,dnsmasq)
- 電源管理
- Kickstart服務支援
- YUM倉庫管理
- TFTP(PXE啟動時需要)
- Apache(提供kickstart的安裝源,并提供定制化的kickstart配置)
3、cobbler配置檔案詳解
cobbler配置檔案目錄在/etc/cobbler
配置檔案 作用
/etc/cobbler/settings cobbler 主配置檔案
/etc/cobbler/iso/ iso模闆配置檔案
/etc/cobbler/pxe pxe模闆配置檔案
/etc/cobbler/power 電源配置檔案
/etc/cobbler/user.conf web服務授權配置檔案
/etc/cobbler/users.digest web通路的使用者名密碼配置檔案
/etc/cobbler/dhcp.template dhcp伺服器的的配置模闆
/etc/cobbler/dnsmasq.templat e dns伺服器的配置模闆
/etc/cobbler/tftpd.template tftp服務的配置模闆
/etc/cobbler/modules.conf 子產品的配置檔案 - cobbler資料目錄
目錄 作用 /var/lib/cobbler/config/ 用于存放distros,system,profiles等資訊配置檔案 /var/lib/cobbler/triggers/ 用于存放使用者定義的cobbler指令 /var/lib/cobbler/kickstart/ 預設存放kickstart檔案 /var/lib/cobbler/loaders/ 存放各種引導程式以鏡像目錄 /var/www/cobbler/ks_mirror/ 導入的發行版系統的所有資料 /var/www/cobbler/images/ 導入發行版的kernel和initrd鏡像用于遠端網絡啟動 /var/www/cobbler/repo_mirror/ yum倉庫存儲目錄 - cobbler的日志檔案
日志檔案路徑 說明 /var/log/cobbler/installing 用戶端安裝日志 /var/log/cobbler/cobbler.log cobbler日志 - cobbler指令詳解
cobbler check //核對目前設定是否有問題 cobbler list //列出所有的cobbler元素 cobbler report //列出元素的詳細資訊 cobbler sync //同步配置到資料目錄,更改配置最好都要執行下 cobbler reposync //同步yum倉庫 cobbler distro //檢視導入的發行版系統資訊 cobbler system //檢視添加的系統資訊 cobbler profile //檢視配置資訊
4.cobbler 部署
4.2cobbler 部署
//關閉防火牆
[root@localhost ~]# systemctl stop firewalld
[root@localhost ~]# systemctl disable firewalld
Removed symlink /etc/systemd/system/multi-user.target.wants/firewalld.service.
Removed symlink /etc/systemd/system/dbus-org.fedoraproject.FirewallD1.service.
[root@localhost ~]# vim /etc/selinux/config
**//将第六行中的 enforcing 改為 disabled**
# This file controls the state of SELinux on the system.
# SELINUX= can take one of these three values:
# enforcing - SELinux security policy is enforced.
# permissive - SELinux prints warnings instead of enforcing.
# disabled - No SELinux policy is loaded.
SELINUX=disabled
[root@localhost ~]# setenforce 0
//配置yum源
//下載下傳之前請確定電腦有網和本地倉庫可用
//163網絡源下載下傳好後請将原來的源移走或删除
[root@localhost yum.repos.d]# yum install -y wget
[root@server ~]# curl -o /etc/yum.repos.d/CentOS7-Base-163.repo http://mirrors.163.com/.help/CentOS7-Base-163.repo
[root@server ~]# sed -i 's/\$releasever/7/g' /etc/yum.repos.d/CentOS7-Base-163.repo
[root@server ~]# sed -i 's/^enabled=.*/enabled=1/g' /etc/yum.repos.d/CentOS7-Base-163.repo
[root@server ~]# yum install -y epel-release
//安裝cobbler以及相關的軟體
[root@server ~]# yum -y install httpd dhcp tftp python-ctypes cobbler xinetd cobbler-web pykickstart
//啟動服務并設定開機自啟
[root@server ~]# systemctl start httpd
[root@server ~]# systemctl start cobblerd
[root@server ~]# systemctl enable httpd
Created symlink from /etc/systemd/system/multi-user.target.wants/httpd.service to /usr/lib/systemd/system/httpd.service.
[root@sever ~]# systemctl enable cobblerd
Created symlink from /etc/systemd/system/multi-user.target.wants/cobblerd.service to /usr/lib/systemd/system/cobblerd.service.
//修改server的ip位址為本機ip
[root@server ~]# sed -i 's/^server: 127.0.0.1/server: 192.168.66.130/' /etc/cobbler/settings
//設定tftp的ip位址為本機ip
[root@server ~]# sed -i 's/^next_server: 127.0.0.1/next_server: 192.168.66.130/' /etc/cobbler/settings
//開啟tftp
[root@server ~]# sed -i '/disable/s/yes/no/g' /etc/xinetd.d/tftp
//下載下傳缺失檔案
[root@server ~]# cobbler get-loaders
task started: 2020-05-28_172454_get_loaders
task started (id=Download Bootloader Content, time=Thu May 28 17:24:54 2020)
downloading https://cobbler.github.io/loaders/README to /var/lib/cobbler/loaders/README
downloading https://cobbler.github.io/loaders/COPYING.elilo to /var/lib/cobbler/loaders/COPYING.elilo
downloading https://cobbler.github.io/loaders/COPYING.yaboot to /var/lib/cobbler/loaders/COPYING.yaboot
downloading https://cobbler.github.io/loaders/COPYING.syslinux to /var/lib/cobbler/loaders/COPYING.syslinux
downloading https://cobbler.github.io/loaders/elilo-3.8-ia64.efi to /var/lib/cobbler/loaders/elilo-ia64.efi
downloading https://cobbler.github.io/loaders/yaboot-1.3.17 to /var/lib/cobbler/loaders/yaboot
downloading https://cobbler.github.io/loaders/pxelinux.0-3.86 to /var/lib/cobbler/loaders/pxelinux.0
downloading https://cobbler.github.io/loaders/menu.c32-3.86 to /var/lib/cobbler/loaders/menu.c32
downloading https://cobbler.github.io/loaders/grub-0.97-x86.efi to /var/lib/cobbler/loaders/grub-x86.efi
downloading https://cobbler.github.io/loaders/grub-0.97-x86_64.efi to /var/lib/cobbler/loaders/grub-x86_64.efi
*** TASK COMPLETE ***
//啟動rsync并設定開機自啟
[root@server ~]# systemctl start rsyncd
[root@server ~]# systemctl enable rsyncd
Created symlink from /etc/systemd/system/multi-user.target.wants/rsyncd.service to /usr/lib/systemd/system/rsyncd.service.
//生成加密的密碼
[root@server ~]# openssl passwd -1 -salt "$RANDOM" 'wlw123!'
$1$30214$snHY66HJF6ZeMh8ul1eW..//這是密碼加密後的形式
//将新生成的加密密碼加入到配置檔案
[root@server ~]# vim /etc/cobbler/settings
//修改密碼
default_password_crypted: "$1$30214$snHY66HJF6ZeMh8ul1eW.."
//重新開機cobbler
[root@server ~]# systemctl restart cobblerd
[root@server ~]# ss -antl
State Recv-Q Send-Q Local Address:Port Peer Address:Port
LISTEN 0 128 *:22 *:*
LISTEN 0 100 127.0.0.1:25 *:*
LISTEN 0 5 127.0.0.1:25151 *:*
LISTEN 0 5 *:873 *:*
LISTEN 0 128 :::80 :::*
LISTEN 0 128 :::22 :::*
LISTEN 0 100 ::1:25 :::*
LISTEN 0 128 :::443 :::*
LISTEN 0 5 :::873 :::*
//通過cobbler check 核對目前設定是否有問題
//要是有Seliux錯誤要重新開機虛拟機
[root@wan ~]# cobbler check
The following are potential configuration items that you may want to fix:
1 : debmirror package is not installed, it will be required to manage debian deployments and repositories
2 : fencing tools were not found, and are required to use the (optional) power management features. install cman or fence-agents to use them
Restart cobblerd and then run 'cobbler sync' to apply changes.
//以上兩個是關于debian系統的錯誤,請忽略
//配置cobbler dhcp
//修改cobbler配置檔案,讓cobbler控制dhcp
[root@wan ~]# sed -i '/^manage_dhcp/s/0/1/g' /etc/cobbler/settings
[root@wan ~]# sed -n '/^manage_dhcp/p' /etc/cobbler/settings
manage_dhcp: 1
//配置dhcp
[root@wan ~]# vim /etc/cobbler/dhcp.template
subnet 192.168.66.0 netmask 255.255.255.0 {
option routers 192.168.66.2; // 指定網關
option domain-name-servers 192.168.66.2; // 此處為系統安裝好後指定的dns位址
option subnet-mask 255.255.255.0;
range dynamic-bootp 192.168.66.100 192.168.66.200; // 配置設定的ip位址範圍(批量安裝機子,最多252,253台)
default-lease-time 21600;
max-lease-time 43200;
next-server $next_server;
//重新開機服務并同步配置,改完dhcp必須要sync同步配置
[root@wan ~]# systemctl restart cobblerd
[root@wan ~]# cobbler sync
.......
*** TASK COMPLETE *** #最後出現這個表示正常
//檢查dhcp是否正常
[root@wan ~]# netstat -anulp | grep dhcp
udp 0 0 0.0.0.0:67 0.0.0.0:* 1392/dhcpd
//導入redhat7鏡像
[root@wan ~]# mount /dev/cdrom /mnt/
mount: /dev/sr0 寫保護,将以隻讀方式挂載
[root@wan ~]# cobbler import --path=/mnt --name=rhel-7 --arch=x86_64
.......
*** TASK COMPLETE *** #最後出現這個表示正常
# 說明:
--path //鏡像路徑
--name //為安裝源定義一個名字
--arch //指定安裝源平台
//安裝源的唯一标示就是根據name參數來定義,本例導入成功後,安裝源的唯一标示就是CentOS-7-x86_64,如果重複,系統會提示導入失敗
//檢視cobbler鏡像清單
[root@wan ~]# cobbler list
distros:
rhel-7-x86_64
profiles:
rhel-7-x86_64
systems:
repos:
images:
mgmtclasses:
packages:
files:
//建立kickstarts自動安裝腳本
[root@wan ~]# cat > /var/lib/cobbler/kickstarts/rhel-7-x86_64.ks <<'EOF'
auth --enableshadow --passalgo=sha512
bootloader --location=mbr
clearpart --all --initlabel
part /boot --asprimary --fstype="ext4" --size=500
part swap --fstype="swap" --size=4096
part / --fstype="ext4" --grow --size=15000
text
firewall --disabled
firstboot --disable
keyboard us
lang en_US
url --url=http://192.168.66.130/cobbler/ks_mirror/rhel-7-x86_64
$yum_repo_stanza
reboot
## 此處密碼應為本機系統anaconda-ks.cfg檔案裡的 # Root password
rootpw --iscrypted $6$2WTFvfNvAMgCUPuC$MJgWGzhakgxrRObcEbAwSe8vkz0s//xyiTllGwxRsHHruQhcskO69u2LVTU9u0eemHXH2pzcGawyAJ54R2E/x0
selinux --disabled
skipx
timezone Asia/Shanghai --isUtc --nontp
install
zerombr
%packages
@^minimal
@core
kexec-tools
%end
%addon com_redhat_kdump --enable --reserve-mb='auto'
%end
%anaconda
pwpolicy root --minlen=6 --minquality=1 --notstrict --nochanges --notempty
pwpolicy user --minlen=6 --minquality=1 --notstrict --nochanges --emptyok
pwpolicy luks --minlen=6 --minquality=1 --notstrict --nochanges --notempty
%end
EOF
# 檢查ks檔案文法是否有誤
[root@localhost ~]# cobbler validateks
task started: 2018-08-21_171616_validateks
task started (id=Kickstart Validation, time=Tue Aug 21 17:16:16 2018)
----------------------------
osversion: rhel7
checking url: http://192.168.100.96/cblr/svc/op/ks/profile/rhel-7-x86_64
running: /usr/bin/ksvalidator -v "rhel7" "http://192.168.100.96/cblr/svc/op/ks/profile/rhel-7-x86_64"
received on stdout:
received on stderr:
*** all kickstarts seem to be ok ***
*** TASK COMPLETE ***
# 檢視目前cobbler有哪些配置檔案
[root@localhost ~]# cobbler profile list
rhel-7-x86_64
# 修改profile,将我們建立的ks檔案設為預設的kickstarts安裝檔案
[root@localhost ~]# cobbler profile edit --name rhel-7-x86_64 --kickstart=/var/lib/cobbler/kickstarts/rhel-7-x86_64.ks
# 配置網卡名稱為傳統網卡名稱eth0
[root@localhost ~]# cobbler profile edit --name rhel-7-x86_64 --kopts='net.ifnames=0 biosdevname=0'
# 檢查目前系統cobbler配置檔案資訊
[root@localhost ~]# cobbler profile report
Name : rhel-7-x86_64
TFTP Boot Files : {}
Comment :
DHCP Tag : default
Distribution : rhel-7-x86_64 //倉庫名字
Enable gPXE? : 0
Enable PXE Menu? : 1
Fetchable Files : {}
Kernel Options : {'biosdevname': '0', 'net.ifnames': '0'} //網卡設為傳統命名方式
Kernel Options (Post Install) : {}
Kickstart : /var/lib/cobbler/kickstarts/rhel-7-x86_64.ks //使用的kickstarts配置檔案的路徑,必須為我們建立的ks檔案的路徑
Kickstart Metadata : {}
Management Classes : []
Management Parameters : <<inherit>>
Name Servers : []
Name Servers Search Path : []
Owners : ['admin']
Parent Profile :
Internal proxy :
Red Hat Management Key : <<inherit>>
Red Hat Management Server : <<inherit>>
Repos : []
Server Override : <<inherit>>
Template Files : {}
Virt Auto Boot : 1
Virt Bridge : xenbr0
Virt CPUs : 1
Virt Disk Driver Type : raw
Virt File Size(GB) : 5
Virt Path :
Virt RAM (MB) : 512
Virt Type : kvm
# 同步cobbler
[root@localhost ~]# cobbler sync
.......
*** TASK COMPLETE *** ##出現此表示成功
# 為避免發生未知問題,先把服務端所有服務重新開機
[root@localhost ~]# systemctl restart xinetd
[root@localhost ~]# systemctl restart cobblerd
[root@localhost ~]# systemctl restart httpd
[root@localhost ~]# ss -antl
State Recv-Q Send-Q Local Address:Port Peer Address:Port
LISTEN 0 128 *:22 *:*
LISTEN 0 100 127.0.0.1:25 *:*
LISTEN 0 5 127.0.0.1:25151 *:*
LISTEN 0 5 *:873 *:*
LISTEN 0 128 :::80 :::*
LISTEN 0 128 :::22 :::*
LISTEN 0 100 ::1:25 :::*
LISTEN 0 128 :::443 :::*
LISTEN 0 5 :::873 :::* 5.用戶端安裝系統
手動驗證:
建立一個虛拟機,模式和服務端模式一樣,(這裡我使用的是nat,是以要安裝的虛拟機模式也是nat),然後設定虛拟機
然後,直接開啟虛拟機,看到以下界面,選擇第二個,回車,然後等待系統自動安裝完成即可。
因為這種方式需要手動選擇,如果機器太多,每台伺服器都要選擇,還是很麻煩,是以采用web界面配置定制安裝
# 配置完成後可能導緻通路不了web頁面,猜測python-django版本有問題
[root@localhost ~]# yum -y install python2-pip
[root@localhost ~]# pip install --upgrade pip
[root@localhost ~]# pip install Django==1.9.13
#用pip安裝指定版本的Django 重新開機httpd服務 ,再次通路https://192.168.100.96/cobbler_web出現登入頁面
6.定制安裝
- 統計伺服器mac位址
- 配置cobbler
- 安裝
6.1 擷取mac位址
6.2 配置cobbler
- 直接在浏覽器上搜尋:https://本機ip+/cobbler_web
- 使用者名與密碼都是cobbler
Cobbler1. cobbler簡介2、cobbler內建的服務3、cobbler配置檔案詳解4.cobbler 部署5.用戶端安裝系統6.定制安裝6.1 擷取mac位址6.2 配置cobbler6.3 安裝編寫腳本部署cobbler服務端 Cobbler1. cobbler簡介2、cobbler內建的服務3、cobbler配置檔案詳解4.cobbler 部署5.用戶端安裝系統6.定制安裝6.1 擷取mac位址6.2 配置cobbler6.3 安裝編寫腳本部署cobbler服務端 Cobbler1. cobbler簡介2、cobbler內建的服務3、cobbler配置檔案詳解4.cobbler 部署5.用戶端安裝系統6.定制安裝6.1 擷取mac位址6.2 配置cobbler6.3 安裝編寫腳本部署cobbler服務端 Cobbler1. cobbler簡介2、cobbler內建的服務3、cobbler配置檔案詳解4.cobbler 部署5.用戶端安裝系統6.定制安裝6.1 擷取mac位址6.2 配置cobbler6.3 安裝編寫腳本部署cobbler服務端 Cobbler1. cobbler簡介2、cobbler內建的服務3、cobbler配置檔案詳解4.cobbler 部署5.用戶端安裝系統6.定制安裝6.1 擷取mac位址6.2 配置cobbler6.3 安裝編寫腳本部署cobbler服務端
6.3 安裝
編寫腳本部署cobbler服務端
#!/bin/bash
#配置yum源
curl -o /etc/yum.repos.d/CentOS7-Base-163.repo http://mirrors.163.com/.help/CentOS7-Base-163.repo
sed -i 's/\$releasever/7/g' /etc/yum.repos.d/CentOS7-Base-163.repo
sed -i 's/^enabled=.*/enabled=1/g' /etc/yum.repos.d/CentOS7-Base-163.repo
yum install -y epel-release
#安裝cobbler以及相關的軟體
yum -y install httpd dhcp tftp python-ctypes cobbler xinetd cobbler-web pykickstart
#啟動服務并設定開機自啟
systemctl start httpd
systemctl start cobblerd
systemctl enable httpd
systemctl enable cobblerd
#關閉防火牆
firewall()
{
systemctl stop firewalld
systemctl disable firewalld
systemctl mask firewalld
setenforce 0
}
#修改server的ip位址為本機ip
sed -i 's/^server: 127.0.0.1/server: 192.168.66.130/' /etc/cobbler/settings
#設定tftp的ip位址為本機ip
sed -i 's/^next_server: 127.0.0.1/next_server: 192.168.66.130/' /etc/cobbler/settings
#開啟tftp
sed -i '/disable/s/yes/no/g' /etc/xinetd.d/tftp
#下載下傳缺失檔案
cobbler get-loaders
#啟動rsync并設定開機自啟
systemctl start rsyncd
systemctl enable rsyncd
#生成加密密碼并添加到配置檔案
configure_passwd()
{
if [$? -eq 0];then
passwd=`openssl passwd -1 -salt "$RANDOM" 'wlw123!'`
sed -i "101idefault_password_crypted: \"$pass\"" /etc/cobbler/settings
sed -i '102d' /etc/cobbler/settings
fi
}
#重新開機cobbler
systemctl restart cobblerd
#配置cobbler dhcp
#修改cobbler配置檔案,讓cobbler控制dhcp
sed -i '/^manage_dhcp/s/0/1/g' /etc/cobbler/settings
sed -n '/^manage_dhcp/p' /etc/cobbler/settings
#配置cobbler dhcp
configure_dhcp()
{
if [$? -eq 0];then
sed -i '21s/192.168.1/192.168.66/g' /etc/cobbler/dhcp.template
sed -i '22s/192.168.1.5/192.168.66.2/g' /etc/cobbler/dhcp.template
sed -i '23s/192.168.1.1/192.168.66.2/g' /etc/cobbler/dhcp.template
sed -i '25s/192.168.1.100 192.168.1.254/192.168.66.100 192.168.66.200/' /etc/cobbler/dhcp.template
fi
}
#重新開機服務并同步配置,改完dhcp必須要sync同步配置
systemctl restart cobblerd
cobbler sync
main()
{
firewall&&configure_cobbler&&configure_passwd&&configure_dhcp
}
#導入redhat7鏡像
mount /dev/cdrom /mnt/
cobbler import --path=/mnt --name=rhel-7 --arch=x86_64
#提取root密碼
root=`awk 'NR==23{print}' anaconda-ks.cfg`
#建立kickstarts自動安裝腳本
cat > /var/lib/cobbler/kickstarts/rhel-7-x86_64.ks <<'EOF'
auth --enableshadow --passalgo=sha512
bootloader --location=mbr
clearpart --all --initlabel
part /boot --asprimary --fstype="ext4" --size=500
part swap --fstype="swap" --size=4096
part / --fstype="ext4" --grow --size=15000
text
firewall --disabled
firstboot --disable
keyboard us
lang en_US
url --url=http://192.168.66.130/cobbler/ks_mirror/rhel-7-x86_64
$yum_repo_stanza
reboot
## 此處密碼應為本機系統anaconda-ks.cfg檔案裡的 # Root password
rootpw --iscrypted $6$2WTFvfNvAMgCUPuC$MJgWGzhakgxrRObcEbAwSe8vkz0s//xyiTllGwxRsHHruQhcskO69u2LVTU9u0eemHXH2pzcGawyAJ54R2E/x0
selinux --disabled
skipx
timezone Asia/Shanghai --isUtc --nontp
install
zerombr
%packages
@^minimal
@core
kexec-tools
%end
%addon com_redhat_kdump --enable --reserve-mb='auto'
%end
%anaconda
pwpolicy root --minlen=6 --minquality=1 --notstrict --nochanges --notempty
pwpolicy user --minlen=6 --minquality=1 --notstrict --nochanges --emptyok
pwpolicy luks --minlen=6 --minquality=1 --notstrict --nochanges --notempty
%end
EOF
# 修改profile,将我們建立的ks檔案設為預設的kickstarts安裝檔案
cobbler profile edit --name rhel-7-x86_64 --kickstart=/var/lib/cobbler/kickstarts/rhel-7-x86_64.ks
# 配置網卡名稱為傳統網卡名稱eth0
cobbler profile edit --name rhel-7-x86_64 --kopts='net.ifnames=0 biosdevname=0'
# 同步cobbler
cobbler sync
# 為避免發生未知問題,先把服務端所有服務重新開機
systemctl restart xinetd
systemctl restart cobblerd
systemctl restart httpd