( 每日一记)Pxe+Cobbler环境部署

Pxe+Cobbler环境部署

1.关闭selinux,防火墙

#sed -i 's/SELINUX=enforcing/SELINUX=disabled/g' /etc/sysconfig/selinux
#setenforce 0
#systemctl stop firewalld  
#systemctl disable firewalld

2.安装epel包及所需服务

#yum install epel-release -y
#yum makecache
#yum install cobbler pykickstart dhcp xinetd tftp-server pykickstart httpd -y

3.启动httpd

#systemctl start httpd
#systemctl enable httpd

4.启动cobbler

#systemctl start cobblerd
#systemctl enable cobblerd

5.启动rsync服务

# systemctl start rsyncd.service  
# systemctl enable rsyncd.service

6.配置dhcp

# vim /etc/cobbler/dhcp.template 
subnet 192.168.171.0 netmask 255.255.255.0 {				           #
     option routers             192.168.171.1;		 				   #GATEWAY
     option domain-name-servers 192.168.171.2;				           #DNS
     option subnet-mask         255.255.255.0;				           #NETMASK
     range dynamic-bootp        192.168.171.100 192.168.171.128;	   #dhcp地址池
     default-lease-time         21600;
     max-lease-time             43200;
     next-server                $next_server;

7.配置参数

#设置cobbler的IP

sed -i 's/server: 127.0.0.1/server: 192.168.171.129/g' /etc/cobbler/settings

#设置DHCP server的IP

sed -i 's/next_server: 127.0.0.1/next_server: 192.168.171.129/g' /etc/cobbler/settings

#设置Cobbler管理rsync

sed -i 's/manage_rsync: 0/manage_rsync: 1/g' /etc/cobbler/settings

#设置Cobbler管理DHCP

sed -i 's/manage_dhcp: 0/manage_dhcp: 1/g' /etc/cobbler/settings

#设置tftp服务和rsync服务

sed -i '/disable/c\\tdisable\t\t\t= no' /etc/xinetd.d/tftp
sed -i -e 's/\=\ yes/\=\ no/g' /etc/xinetd.d/rsync

#设置Cobbler一次安装开关(可选)

sed -i 's/pxe_just_once: 0/pxe_just_once: 1/g' /etc/cobbler/settings

#设置Cobbler管理DNS(可选)

sed -i 's/manage_dns: 0/manage_dns: 1/g' /etc/cobbler/settings

#开启动态更新(可选)

sed -i 's/allow_dynamic_settings: 0/allow_dynamic_settings: 1/g' /etc/cobbler/settings

#初始化Cobbler管理员用户初始密码 使用盐值加密

# openssl passwd -1 -salt '123' '123' 
$1$cobbler$yvUCMps1IlTa5ocamRXv1.     #对应的'123'的加密密文
# #vim /etc/cobbler/settings
default_password_crypted: "$1$cobbler$yvUCMps1IlTa5ocamRXv1."

#下载启动菜单,启动报错请尝试service cobblerd restart

cobbler get-loaders

#重启相关服务

# systemctl restart cobblerd.service
# systemctl restart dhcpd.service
# systemctl restart xinetd.service
# systemctl restart httpd.service

#同步配置

# cobbler sync

#检查cobbler配置,常见错误如下

#cobbler check

  • 1 : The 'server' field in /etc/cobbler/settings must be set to something other than localhost, or kickstarting features will not work. This should be a resolvable hostname or IP for the boot server as reachable by all machines that will use it.

  • 2 : For PXE to be functional, the 'next_server' field in /etc/cobbler/settings must be set to something other than 127.0.0.1, and should match the IP of the boot server on the PXE network.

  • 3 : change 'disable' to 'no' in /etc/xinetd.d/tftp

  • 4 : some network boot-loaders are missing from /var/lib/cobbler/loaders, you may run 'cobbler get-loaders' to download them, or, if you only want to handle x86/x86_64 netbooting, you may ensure that you have installed a recent version of the syslinux package installed and can ignore this message entirely. Files in this directory, should you want to support all architectures, should include pxelinux.0, menu.c32, elilo.efi, and yaboot. The 'cobbler get-loaders' command is the easiest way to resolve these requirements.

  • 5 : change 'disable' to 'no' in /etc/xinetd.d/rsync

  • 6 : file /etc/xinetd.d/rsync does not exist

  • 7 : debmirror package is not installed, it will be required to manage debian deployments and repositories

  • 8 : ksvalidator was not found, install pykickstart

  • 9 : The default password used by the sample templates for newly installed machines (default_password_crypted in /etc/cobbler/settings) is still set to 'cobbler' and should be changed, try: "openssl passwd -1 -salt 'random-phrase-here' 'your-password-here'" to generate new one

  • 10 : fencing tools were not found, and are required to use the (optional) power management features. install cman or fence-agents to use them

  • 1.编辑/etc/cobbler/settings文件,找到 server选项,修改为本机IP即可

  • 2.编辑/etc/cobbler/settings文件,找到 next_server选项,修改为本机IP即可

  • 3.SELinux的设置, 如果上面已经关闭了SELinux就不用管了

  • 4.执行 cobbler get-loaders,系统将自动下载loader程序,完成提示4的修复工作。

  • 5.编辑/etc/xinetd.d/tftp文件,将文件中的disable字段的配置由yes改为no

  • 6.编辑/etc/xinetd.d/rsync文件,将文件中的disable字段的配置由yes改为no

  • 7.在iptables中将69,80,25151端口打开。如果仅仅只是在内部环境中使用,建议直接将防火墙关掉

  • 8.提示说debmirror没安装。如果不是安装 debian之类的系统,此提示可以忽略

  • 9.修改cobbler用户的默认密码,可以使用如下命令生成密码,并使用生成后的密码替换/etc/cobbler/settings中的密码。生成密码命令:openssl passwd -1 -salt 'random-phrase-here' 'your-password-here'其中“random-phrase-here”为任意字符

  • 10.安装cman或者fence-agents

8.配置kickstarts文件

#mbr安装配置文件

#vim /var/lib/cobbler/kickstarts/centos_ks/centos7.6_mbr.cfg

# This kickstart file should only be used with EL > 5 and/or Fedora > 7.
# For older versions please use the sample.ks kickstart file.
#platform=x86, AMD64, or Intel EM64T
# System authorization information
auth  --useshadow  --enablemd5
# System bootloader configuration
#bootloader --location=mbr
bootloader --location=mbr --driveorder=sda --append="crashkernel=auto rhgb quiet" 
# Use text mode install
text
# Firewall configuration
firewall --enabled --ssh --port=6000:tcp
# Network information
network --bootproto=dhcp --device=eth0 --noipv6
# Run the Setup Agent on first boot
firstboot --enabled
# System keyboard
keyboard us
# System language
lang en_US
# Use network installation
#url --url=$tree
url --url="http://192.168.171.129/cobbler/ks_mirror/CentOS-7-x86_64/"
# If any cobbler repo definitions were referenced in the kickstart profile, include them here.
#$yum_repo_stanza
# Reboot after installation
reboot

#Root password
#rootpw --iscrypted $default_password_crypted
rootpw --iscrypted $1$fHCxVJdI$sCJLssft17kVzG03nrZsG. 
# SELinux configuration
selinux --disabled
# Do not configure the X Window System
skipx
# System timezone
timezone  Asia/Shanghai
# Install OS instead of upgrade
install
# Clear the Master Boot Record
zerombr
# Partition clearing information
clearpart --all
# Disk partitioning information 
part /boot --fstype="xfs" --asprimary --size=300 --ondisk sda
part / --fstype="xfs" --asprimary --size=1 --grow --ondisk sda
part swap --recommended --fstype="swap" --ondisk sda

%pre
$SNIPPET('log_ks_pre')
$SNIPPET('kickstart_start')
$SNIPPET('pre_install_network_config')
# Enable installation monitoring
$SNIPPET('pre_anamon')
%end

%packages   
$SNIPPET('func_install_if_enabled')
@ base      
@ core     
ntp 
lrzsz         
tree  
telnet
gcc 
gcc-c++
wget
vim 
net-tools 
%end

%post --nochroot
$SNIPPET('log_ks_post_nochroot')
%end

%post
$SNIPPET('log_ks_post')
# Start yum configuration
$yum_config_stanza
# End yum configuration
$SNIPPET('post_install_kernel_options')
$SNIPPET('post_install_network_config')
$SNIPPET('func_register_if_enabled')
$SNIPPET('download_config_files')
$SNIPPET('koan_environment')
$SNIPPET('redhat_register')
$SNIPPET('cobbler_register')
# Enable post-install boot notification
$SNIPPET('post_anamon')
# Start final steps
$SNIPPET('kickstart_done')
#port
rm -rf /etc/yum.repos.d/cobbler-config.repo
wget -P /root  http://192.168.171.129/cobbler/ks_mirror/CentOS7_bash/static-ip.sh
chmod +x /root/static_ip.sh
sh /root/ip.sh
rm -rf /root/ip.sh
/bin/sed -i "s/#Port 22/Port 6000/g" /etc/ssh/sshd_config
systemctl restart sshd.service
systemctl start firewalld  
systemctl enable firewalld
service network restart
# End final steps
%end

#配置gpt安装

#vim /var/lib/cobbler/kickstarts/centos_ks/centos7.6_gpt.cfg


# This kickstart file should only be used with EL > 5 and/or Fedora > 7.
# For older versions please use the sample.ks kickstart file.

#platform=x86, AMD64, or Intel EM64T
# System authorization information
auth  --useshadow  --enablemd5
# System bootloader configuration
#bootloader --location=mbr
bootloader --location=mbr --driveorder=sda --append="crashkernel=auto rhgb quiet"
# Use text mode install
text
# Firewall configuration
#firewall --disabled
firewall --enabled --ssh --port=6000:tcp
# Network information
network --bootproto=dhcp --device=eth0
# Run the Setup Agent on first boot
firstboot --enabled
# System keyboard
keyboard us
# System language
lang en_US
# Use network installation
#url --url=$tree
url --url="http://192.168.171.129/cobbler/ks_mirror/CentOS-7-x86_64/"
# If any cobbler repo definitions were referenced in the kickstart profile, include them here.
#$yum_repo_stanza
# Network information
#$SNIPPET('network_config')
# Reboot after installation
reboot

#Root password
#rootpw --iscrypted $default_password_crypted
rootpw --iscrypted $1$fHCxVJdI$sCJLssft17kVzG03nrZsG.
# SELinux configuration
selinux --disabled
# Do not configure the X Window System
skipx
# System timezone
timezone  Asia/Shanghai
# Install OS instead of upgrade
install
# Clear the Master Boot Record
zerombr
# Partition clearing information
clearpart --all
# Disk partitioning information 
#part /boot/efi --fstype="efi" --ondisk=sda --size=300 --fsoptions="defaults,uid=0,gid=0,umask=0077,shortname=winnt"
part /boot --fstype="ext4" --size=300 --ondisk=sda
part swap --fstype="swap" --recommended --ondisk=sda
part / --fstype="xfs" --grow --size=1 --ondisk=sda

%pre
parted -s /dev/sda mklabel gpt
$SNIPPET('log_ks_pre')
$SNIPPET('kickstart_start')
$SNIPPET('pre_install_network_config')
# Enable installation monitoring
$SNIPPET('pre_anamon')
%end

%packages   
$SNIPPET('func_install_if_enabled')
@ base      
@ core     
ntp 
lrzsz         
tree  
telnet
gcc 
gcc-c++
wget
vim 
screen
net-tools 
%end

%post --nochroot
$SNIPPET('log_ks_post_nochroot')
%end

%post
$SNIPPET('log_ks_post')
# Start yum configuration
$yum_config_stanza
# End yum configuration
$SNIPPET('post_install_kernel_options')
$SNIPPET('post_install_network_config')
$SNIPPET('func_register_if_enabled')
$SNIPPET('download_config_files')
$SNIPPET('koan_environment')
$SNIPPET('redhat_register')
$SNIPPET('cobbler_register')
# Enable post-install boot notification
$SNIPPET('post_anamon')
# Start final steps
$SNIPPET('kickstart_done')

#port
wget -P /root  http://192.168.171.129/cobbler/ks_mirror/CentOS7_bash/static-ip.sh
chmod +x /root/ip.sh
sh /root/ip.sh
rm -rf /root/ip.sh
rm -rf /etc/yum.repos.d/cobbler-config.repo
/bin/sed -i "s/#Port 22/Port 6000/g" /etc/ssh/sshd_config
systemctl restart sshd.service
systemctl start firewalld
systemctl enable firewalld
# End final steps
%end

#配置data环境安装

#vim /var/lib/cobbler/kickstarts/centos_ks/centos7.6-data.cfg 

# This kickstart file should only be used with EL > 5 and/or Fedora > 7.
# For older versions please use the sample.ks kickstart file.

#platform=x86, AMD64, or Intel EM64T
# System authorization information
auth  --useshadow  --enablemd5
# System bootloader configuration
#bootloader --location=mbr
bootloader --location=mbr --driveorder=sda --append="crashkernel=auto rhgb quiet"
# Use text mode install
text
# Firewall configuration
#firewall --disabled
firewall --enabled --ssh --port=6000:tcp
# Network information
network --bootproto=dhcp --device=eth0
# Run the Setup Agent on first boot
firstboot --enabled
# System keyboard
keyboard us
# System language
lang en_US
# Use network installation
#url --url=$tree
url --url="http://192.168.171.129/cobbler/ks_mirror/CentOS-7-x86_64/"
# If any cobbler repo definitions were referenced in the kickstart profile, include them here.
#$yum_repo_stanza
# Network information
#$SNIPPET('network_config')
# Reboot after installation
reboot

#Root password
#rootpw --iscrypted $default_password_crypted
rootpw --iscrypted $1$fHCxVJdI$sCJLssft17kVzG03nrZsG.
# SELinux configuration
selinux --disabled
# Do not configure the X Window System
skipx
# System timezone
timezone  Asia/Shanghai
# Install OS instead of upgrade
install
# Clear the Master Boot Record
zerombr
# Partition clearing information
clearpart --all
# Disk partitioning information 
part /boot --fstype="ext4" --size=300 --ondisk=sda 
part swap --fstype="swap" --recommended --ondisk=sda
part / --fstype="xfs" --grow --size=1 --ondisk=sda

%pre
parted -s /dev/sda mklabel gpt
$SNIPPET('log_ks_pre')
$SNIPPET('kickstart_start')
$SNIPPET('pre_install_network_config')
# Enable installation monitoring
$SNIPPET('pre_anamon')
%end

%packages   
$SNIPPET('func_install_if_enabled')
wget
@ base
@ core
ntp
lrzsz
tree
telnet
gcc
gcc-c++
wget
vim
screen
net-tools
%end

%post --nochroot
$SNIPPET('log_ks_post_nochroot')
%end

%post
$SNIPPET('log_ks_post')
# Start yum configuration
$yum_config_stanza
# End yum configuration
$SNIPPET('post_install_kernel_options')
$SNIPPET('post_install_network_config')
$SNIPPET('func_register_if_enabled')
$SNIPPET('download_config_files')
$SNIPPET('koan_environment')
$SNIPPET('redhat_register')
$SNIPPET('cobbler_register')
# Enable post-install boot notification
$SNIPPET('post_anamon')
# Start final steps
$SNIPPET('kickstart_done')

#port
wget -P /root  http://192.168.171.129/cobbler/ks_mirror/CentOS7_bash/data_mount.sh
wget -P /root  http://192.168.171.129/cobbler/ks_mirror/CentOS7_bash/static-ip.sh
chmod +x /root/data_mount.sh
chmod +x /root/static-ip.sh
sh /root/data_mount.sh
sh /root/static-ip.sh
rm -rf /etc/yum.repos.d/cobbler-config.repo
/bin/sed -i "s/#Port 22/Port 6000/g" /etc/ssh/sshd_config
systemctl restart sshd.service
systemctl start firewalld
systemctl enable firewalld
# End final steps
%end

9.配置脚本文件

#配置静态脚本

#vim /var/www/cobbler/ks_mirror/CentOS7_bash/static-ip.sh

#!/bin/bash
#by wiz.top 2019.10.10
echo -e IPADDR=`ifconfig | grep inet | grep 192 | head -1 | cut -d: -f2 |awk '{print $2}'` >>/etc/sysconfig/network-scripts/ifcfg-eth0
echo -e NETMASK=255.255.255.0 >>/etc/sysconfig/network-scripts/ifcfg-eth0
echo -e GATEWAY=192.168.171.1 >>/etc/sysconfig/network-scripts/ifcfg-eth0
echo -e DNS1=114.114.114.114 >>/etc/sysconfig/network-scripts/ifcfg-eth0
echo -e DNS2=8.8.8.8 >>/etc/sysconfig/network-scripts/ifcfg-eth0
sed -i 's/dhcp/static/g' /etc/sysconfig/network-scripts/ifcfg-eth0

#配置data环境分区脚本

#vim /var/www/cobbler/ks_mirror/CentOS7_bash/data_mount.sh 

#!/bin/bash 
#by wiz.top 2019.10.18
PATH=/bin:/sbin:/usr/bin:/usr/sbin
export PATH 
i=1
k=2
x=$(lsblk -S | wc -l)
while [ $k -lt $x ]                  #硬盘数量,
do
j=`echo $i|awk '{printf "%c",97+$i}'` #系统盘是sda,如果是其它的需要修改脚本 
parted /dev/sd$j <<FORMAT               
mklabel gpt
mkpart primary 0 -1
ignore
quit
FORMAT
mkfs.ext4 -T largefile  /dev/sd${j}1    #格式化磁盘
mkdir /data${i}
mount="/dev/sd${j}1       /data${i}  ext4    defaults        0       0"
rm -rf /data${i}/*
echo $mount >>/etc/fstab                #写入分区表
i=$(($i+1))
k=$(($k+1))
done
echo "/n/n*****Formating  and Mounting have finished****/n/n"
mount -a                                #挂载

10.cobbler导入镜像

#使用镜像文件

#mount -o loop /opt/CentOS-7-x86_64-DVD-1810 /opt/centos

#执行镜像导入,并关联自定义的自动安装配置ks脚本,mbr安装

#cobbler import --path=/opt/centos --name=CentOS-7-x86_64 --kickstart=/var/lib/cobbler/kickstarts/centos_ks/centos7.6_mbr.cfg

#添加启动菜单

#cobbler profile add --distro=CentOS-7-x86_64 --name=CentOS-7-x86_64-GPT  --kickstart=/var/lib/cobbler/kickstarts/centos/centos7.6_gpt.cfg
#cobbler profile add --distro=CentOS-7-x86_64 --name=CentOS-7-x86_64-DATA  --kickstart=/var/lib/cobbler/kickstarts/centos/centos7.6-data.cfg

#设置网卡未eth0

#cobbler profile edit --name=CentOS-7-x86_64 --kopts='net.ifnames=0 biosdevname=0'
#cobbler profile edit --name=CentOS-7-x86_64-GPT --kopts='net.ifnames=0 biosdevname=0'
#cobbler profile edit --name=CentOS-7-x86_64-DATA --kopts='net.ifnames=0 biosdevname=0'

#修改efi引导等待时间

#vim /etc/cobbler/pxe/efidefault.template
timeout=20
posted @ 2019-12-20 16:38  在下、剑之初  阅读(386)  评论(0)    收藏  举报