centos7部署cobbler
centos7部署cobbler
简介
Cobbler 可以用来快速建立 Linux 网络安装环境,它已将 Linux 网络安装的技术门槛,从大专以上文化水平,成功降低到初中以下,连补鞋匠都能学会。
cobbler可以使用命令行方式管理,也提供了基于web界面管理工具,还提供了API接口,可以方便二次开发使用。
cobbler内置了一个轻量级配置管理系统,但是它也支持和其他配置管理系统集成,如Puppet,暂时不支持satlkstack。
cobbler的官网:http://cobbler.github.io/
网络安装服务器套件 Cobbler(补鞋匠)从前,我们一直在做装机民工这份很有前途的职业。自打若干年前 Red Hat 推出了 Kickstart,此后我们顿觉身价倍增。不再需要刻了光盘一台一台地安装 Linux,只要搞定 PXE、DHCP、TFTP,还有那满屏眼花缭乱不知所云的 Kickstart 脚本,我们就可以像哈里波特一样,轻点魔棒,瞬间安装上百台服务器。这一堆花里胡哨的东西可不是一般人都能整明白的,没有大专以上学历,通不过英语四级, 根本别想玩转。总而言之,这是一份多么有前途,多么有技术含量的工作啊。很不幸,Red Hat 最新(Cobbler项目最初在2008年左右发布)发布了网络安装服务器套件 Cobbler(补鞋匠),它已将 Linux 网络安装的技术门槛,从大专以上文化水平,成功降低到初中以下,连补鞋匠都能学会。对于我们这些在装机领域经营多年,经验丰富,老骥伏枥,志在千里的民工兄弟们来说,不啻为一个晴天霹雳。
cobbler集成的服务
PXE服务支持
DHCP服务管理
DNS服务管理
电源管理
Kickstart服务支持
YUM仓库管理
TFTP(PXE启动时需要)
Apache(提供kickstart的安装源,并提供定制化的kickstart配置)
cobbler配置文件详解
| 配置文件 | 作用 |
|---|---|
| /etc/cobbler/settings | cobbler 主配置文件 |
| /etc/cobbler/iso/ | iso模板配置文件 |
| /etc/cobbler/pxe | pxe模板配置文件 |
| /etc/cobbler/power | 电源配置文件 |
| /etc/cobbler/user.conf | web服务授权配置文件 |
| /etc/cobbler/users.digest | web访问的用户名密码配置文件 |
| /etc/cobbler/dhcp.template | dhcp服务器的的配置模板 |
| /etc/cobbler/dnsmasq.template | dns服务器的配置模板 |
| /etc/cobbler/tftpd.template | tftp服务的配置模板 |
| /etc/cobbler/modules.conf | 模块的配置文件 |
cobbler数据目录
目录 | 作用
/var/lib/cobbler/config/ | 用于存放distros,system,profiles等信息配置文件
/var/lib/cobbler/triggers/ | 用于存放用户定义的cobbler命令
/var/lib/cobbler/kickstart/ | 默认存放kickstart文件
/var/lib/cobbler/loaders/ | 存放各种引导程序以及镜像目录
/var/www/cobbler/ks_mirror/ | 导入的发行版系统的所有数据
/var/www/cobbler/images/ | 导入发行版的kernel和initrd镜像用于远程网络启动
/var/www/cobbler/repo_mirror/ | yum仓库存储目录
cobbler日志文件
日志文件路径 | 说明
/var/log/cobbler/installing | 客户端安装日志
/var/log/cobbler/cobbler.log | cobbler日志
cobbler命令详解
cobbler check //核对当前设置是否有问题
cobbler list //列出所有的cobbler元素
cobbler report //列出元素的详细信息
cobbler sync //同步配置到数据目录,更改配置最好都要执行下
cobbler reposync //同步yum仓库
cobbler distro //查看导入的发行版系统信息
cobbler system //查看添加的系统信息
cobbler profile //查看配置信息
cobbler服务端部署
环境说明:
| 系统 | IP |
|---|---|
| centos7.5 | 192.168.170.133 |
//关闭防火墙和selinux
[root@localhost ~]# systemctl disable --now firewalld
Removed symlink /etc/systemd/system/multi-user.target.wants/firewalld.service.
Removed symlink /etc/systemd/system/dbus-org.fedoraproject.FirewallD1.service.
[root@localhost ~]# vi /etc/selinux/config
SELINUX=disabled //将此处修改为disabled
[root@localhost ~]# setenforce 0
[root@localhost ~]# getenforce
Permissive
//下载依托源
[root@localhost ~]# yum -y install epel-release
//下载软件和依赖包
[root@localhost ~]# yum -y install httpd dhcp tftp python-ctypes cobbler xinetd cobbler-web pykickstart fence-agents net-tools
//启动httpd cobbler 并设置开机自启
[root@localhost ~]# systemctl enable --now httpd
Created symlink from /etc/systemd/system/multi-user.target.wants/httpd.service to /usr/lib/systemd/system/httpd.service.
[root@localhost ~]# systemctl enable --now cobblerd
Created symlink from /etc/systemd/system/multi-user.target.wants/cobblerd.service to /usr/lib/systemd/system/cobblerd.service.
//查看cobbler状态
[root@localhost ~]# systemctl status cobblerd
● cobblerd.service - Cobbler Helper Daemon
Loaded: loaded (/usr/lib/systemd/system/cobblerd.service; enabled; vendor preset: disabled)
Active: active (running) since 四 2022-08-11 22:53:06 CST; 1min 2s ago
Process: 39985 ExecStartPost=/usr/bin/touch /usr/share/cobbler/web/cobbler.wsgi (code=exited, status=0/SUCCESS)
Main PID: 39984 (cobblerd)
CGroup: /system.slice/cobblerd.service
└─39984 /usr/bin/python2 -s /usr/bin/cobblerd -F
8月 11 22:53:06 localhost.localdomain systemd[1]: Starting Cobbler Helper Daemon...
8月 11 22:53:06 localhost.localdomain systemd[1]: Started Cobbler Helper Daemon.
[root@localhost ~]# systemctl status httpd
● httpd.service - The Apache HTTP Server
Loaded: loaded (/usr/lib/systemd/system/httpd.service; enabled; vendor preset: disabled)
Active: active (running) since 四 2022-08-11 22:52:57 CST; 2min 1s ago
Docs: man:httpd(8)
man:apachectl(8)
Main PID: 39759 (httpd)
Status: "Total requests: 0; Current requests/sec: 0; Current traffic: 0 B/sec"
CGroup: /system.slice/httpd.service
├─39759 /usr/sbin/httpd -DFOREGROUND
├─39760 (wsgi:cobbler_w -DFOREGROUND
├─39761 /usr/sbin/httpd -DFOREGROUND
├─39762 /usr/sbin/httpd -DFOREGROUND
├─39763 /usr/sbin/httpd -DFOREGROUND
├─39764 /usr/sbin/httpd -DFOREGROUND
└─39765 /usr/sbin/httpd -DFOREGROUND
8月 11 22:52:57 localhost.localdomain systemd[1]: Starting The Apache HTTP Server...
8月 11 22:52:57 localhost.localdomain httpd[39759]: AH00558: httpd: Could not reliably d...e
8月 11 22:52:57 localhost.localdomain systemd[1]: Started The Apache HTTP Server.
Hint: Some lines were ellipsized, use -l to show in full.
[root@localhost ~]# ss -antl
State Recv-Q Send-Q Local Address:Port Peer Address:Port
LISTEN 0 5 127.0.0.1:25151 *:*
LISTEN 0 128 *:22 *:*
LISTEN 0 100 127.0.0.1:25 *:*
LISTEN 0 128 :::80 :::*
LISTEN 0 128 :::22 :::*
LISTEN 0 100 ::1:25 :::*
LISTEN 0 128 :::443 :::*
//生成加密密码
[root@localhost ~]# openssl passwd -1
Password:
Verifying - Password:
$1$zHUPbNnR$.iVKewgLYGxA1YMYIlNNP0
//修改配置文件
[root@localhost cobbler]# ls
auth.conf genders.template named.template secondary.template zone.template
cheetah_macros import_rsync_whitelist power settings zone_templates
cobbler_bash iso pxe tftpd.template
completions ldap reporting users.conf
dhcp.template modules.conf rsync.exclude users.digest
dnsmasq.template mongodb.conf rsync.template version
[root@localhost cobbler]# pwd
/etc/cobbler
[root@localhost cobbler]# vim settings
100 # and put the output between the "" below.
101 default_password_crypted: "$1$14112$90o1uL12FfbguIp0zu3qH." //修改成生成的密码
102
......
277 # if you do not set this correctly, this will be manifested in TFTP open timeouts.
278 next_server: 192.168.170.133 //修改成本机ip
279
......
389 # of the manpage for how that works.
390 server: 192.168.170.133 //修改成本机ip
391
......
//设置rsyncd开机自启并启动
[root@localhost cobbler]# systemctl status rsyncd
● rsyncd.service - fast remote file copy program daemon
Loaded: loaded (/usr/lib/systemd/system/rsyncd.service; enabled; vendor preset: disabled)
Active: active (running) since 四 2022-08-11 23:02:54 CST; 6s ago
Main PID: 51404 (rsync)
CGroup: /system.slice/rsyncd.service
└─51404 /usr/bin/rsync --daemon --no-detach
8月 11 23:02:54 localhost.localdomain rsyncd[51404]: rsyncd version 3.1.2 starting, list...3
8月 11 23:02:54 localhost.localdomain systemd[1]: Started fast remote file copy program...n.
8月 11 23:02:54 localhost.localdomain systemd[1]: Starting fast remote file copy progra.....
Hint: Some lines were ellipsized, use -l to show in full.
//重启cobblerd(因为修改了配置文件)
[root@localhost cobbler]# systemctl restart cobblerd
//修改tftp配置文件
[root@localhost ~]# cd /etc/xinetd.d
[root@localhost xinetd.d]# vim tftp
disable = no //将此处的yes改为no
//检查错误
[root@centos7 ~]# cobbler check
The following are potential configuration items that you may want to fix:
1 : Some network boot-loaders are missing from /var/lib/cobbler/loaders, you may run 'cobbler get-loaders' to download them, or, if you only want to handle x86/x86_64 netbooting, you may ensure that you have installed a *recent* version of the syslinux package installed and can ignore this message entirely. Files in this directory, should you want to support all architectures, should include pxelinux.0, menu.c32, elilo.efi, and yaboot. The 'cobbler get-loaders' command is the easiest way to resolve these requirements.
2 : debmirror package is not installed, it will be required to manage debian deployments and repositories
3 : fencing tools were not found, and are required to use the (optional) power management features. install cman or fence-agents to use them
Restart cobblerd and then run 'cobbler sync' to apply changes.
第三个问题,安装一个包即可解决
[root@centos7 ~]# yum -y install fence-agents
第二个问题可以忽略,因为这个问题属于debmirror系统的跟我们系统无关,也不影响。
第一个问题需要执行cobbler get-loaders
//第一个问题需要借助8先在Redhat8上进行配置
[root@redhat8 ~]# yum install -y https://mirrors.aliyun.com/epel/epel-release-latest-8.noarch.rpm
[root@redhat8 ~]# curl -o /etc/yum.repos.d/CentOS-Base.repo https://mirrors.aliyun.com/repo/Centos-8.repo
[root@redhat8 ~]# dnf module enable cobbler -y
[root@redhat8 ~]# dnf -y install dhcp-* tftp xinetd pykickstart cobbler cobbler-web syslinux
启动服务并设置开机自启
[root@redhat8 ~]# systemctl enable --now httpd
Created symlink /etc/systemd/system/multi-user.target.wants/httpd.service → /usr/lib/systemd/system/httpd.service.
//修改配置文件
[root@redhat8 cobbler]# pwd
/etc/cobbler
server: 192.168.170.132
next_server: 192.168.170.132 //改为i本机IP
[root@redhat8 cobbler]# openssl passwd -1
Password:
Verifying - Password:
$1$wK3Xt3wY$MpX5ORteM1O6P1aWzZvba0
[root@redhat8 cobbler]# vim settings.yaml
default_password_crypted: "$1$wK3Xt3wY$MpX5ORteM1O6P1aWzZvba0"
该为true使为了让cobbler能控制dhcp
manage_dhcp: true //将false改为true
//配置dhcp
[root@redhat8 cobbler]# vim /etc/cobbler/dhcp.template
subnet 192.168.170.0 netmask 255.255.255.0 {
option routers 192.168.170.132;
option domain-name-servers 192.168.170.2;
option subnet-mask 255.255.255.0;
range dynamic-bootp 192.168.170.100 192.168.170.254 default-lease-time 21600;
max-lease-time 43200;
next-server $next_server;
//当配置完成再启动cobbler并查看状态
[root@redhat8 cobbler]# systemctl enable --now cobblerd.service
[root@redhat cobbler]# systemctl status cobblerd.service
● cobblerd.service - Cobbler Helper Daemon
Loaded: loaded (/usr/lib/systemd/system/cobblerd.service; disabled; vendor preset: di>
Active: active (running) since Wed 2021-10-13 09:59:28 CST; 7s ago
Process: 127003 ExecStartPost=/usr/bin/touch /usr/share/cobbler/web/cobbler.wsgi (code>
Main PID: 127002 (cobblerd)
Tasks: 1 (limit: 11301)
Memory: 28.7M
//下载缺失文件
[root@redhat8 ~]# cobbler get-loaders
task started: 2022-08-12_0004130_get_loaders
task started (id=Download Bootloader Content, time=Wed Oct 13 00:41:30 2022)
running python triggers from /var/lib/cobbler/triggers/task/get_loaders/pre/*
running shell triggers from /var/lib/cobbler/triggers/task/get_loaders/pre/*
shell triggers finished successfully
downloading https://cobbler.github.io/loaders/README to /var/lib/cobbler/loaders/README
downloading https://cobbler.github.io/loaders/COPYING.yaboot to /var/lib/cobbler/loaders/COPYING.yaboot
downloading https://cobbler.github.io/loaders/COPYING.syslinux to /var/lib/cobbler/loaders/COPYING.syslinux
downloading https://cobbler.github.io/loaders/yaboot-1.3.17 to /var/lib/cobbler/loaders/yaboot
downloading https://cobbler.github.io/loaders/pxelinux.0-3.86 to /var/lib/cobbler/loaders/pxelinux.0
downloading https://cobbler.github.io/loaders/menu.c32-3.86 to /var/lib/cobbler/loaders/menu.c32
downloading https://cobbler.github.io/loaders/grub-0.97-x86.efi to /var/lib/cobbler/loaders/grub-x86.efi
downloading https://cobbler.github.io/loaders/grub-0.97-x86_64.efi to /var/lib/cobbler/loaders/grub-x86_64.efi
*** TASK COMPLETE ***
//检查问题和同步
[root@redhat8 ~]# cobbler check
The following are potential configuration items that you may want to fix:
1: some network boot-loaders are missing from /var/lib/cobbler/loaders, you may run 'cobbler get-loaders' to download them, or, if you only want to handle x86/x86_64 netbooting, you may ensure that you have installed a *recent* version of the syslinux package installed and can ignore this message entirely. Files in this directory, should you want to support all architectures, should include pxelinux.0, menu.c32, and yaboot. The 'cobbler get-loaders' command is the easiest way to resolve these requirements.
2: reposync is not installed, install yum-utils or dnf-plugins-core
3: yumdownloader is not installed, install yum-utils or dnf-plugins-core
4: debmirror package is not installed, it will be required to manage debian deployments and repositories
5: fencing tools were not found, and are required to use the (optional) power management features. install cman or fence-agents to use them
Restart cobblerd and then run 'cobbler sync' to apply changes.
依次解决问题
[root@redhat8 ~]# yum -y install syslinux
[root@redhat8 ~]# cobbler get-loaders
[root@redhat8 ~]# yum -y install yum-utils
[root@redhat8 ~]# yum -y install debmirror
[root@redhat8 ~]# vim /etc/debmirror.conf
注释此行#@dists="sid";
[root@redhat8 ~]# vim /etc/debmirror.conf
#@arches="i386";
[root@redhat8 ~]# systemctl restart cobblerd.service
//redhat8上面操作完成之后再到7上面操作
[root@centos7 loaders]# pwd
/var/lib/cobbler/loaders
[root@centos7 cobbler]# scp -r root@192.168.170.133:/var/lib/cobbler/loaders ./
然后重启服务,再进行同步
[root@centos7 cobbler]# systemctl restart cobblerd.service
[root@centos7 cobbler]# cobbler sync
//配置dhcp
[root@centos7 cobbler]# vim settings
[root@centos7 cobbler]# pwd
/etc/cobbler
manage_dhcp: 1 //将0改为1
//修改dhcp的配置文件
[root@centos7 cobbler]# vim /etc/cobbler/dhcp.template
subnet 192.168.170.0 netmask 255.255.255.0 {
option routers 192.168.170.133;
option domain-name-servers 192.168.170.2;
option subnet-mask 255.255.255.0;
range dynamic-bootp 192.168.170.100 192.168.170.254 default-lease-time 21600;
max-lease-time 43200;
next-server $next_server;
重启服务,再进行同步
[root@centos7 cobbler]# systemctl restart cobblerd.service
[root@centos7 cobbler]# cobbler sync
[root@centos7 cobbler]# ss -anulp|grep dhcp
UNCONN 0 0 *:67
//导入镜像
[root@centos7 ~]# mount /dev/sr0 /mnt/
[root@centos7 ~]# cobbler import --path=/mnt --name=centos-7 --arch=x86_64 //因为我们这个地方是centos7版本,所以这个地方根据你的系统和版本进行调整
task started: 2022-08-12_00:43:21_import
task started (id=Media import, time=Wed Oct 13 00:43:21 2021)
Found a candidate signature: breed=redhat, version=rhel6
Found a candidate signature: breed=redhat, version=rhel7
Found a matching signature: breed=redhat, version=rhel7
Adding distros from path /var/www/cobbler/ks_mirror/centos-7-x86_64:
creating new distro: centos-7-x86_64
trying symlink: /var/www/cobbler/ks_mirror/centos-7-x86_64 -> /var/www/cobbler/links/centos-7-x86_64
creating new profile: centos-7-x86_64
associating repos
checking for rsync repo(s)
checking for rhn repo(s)
checking for yum repo(s)
starting descent into /var/www/cobbler/ks_mirror/centos-7-x86_64 for centos-7-x86_64
processing repo at : /var/www/cobbler/ks_mirror/centos-7-x86_64 //导入镜像的位置
need to process repo/comps: /var/www/cobbler/ks_mirror/centos-7-x86_64
looking for /var/www/cobbler/ks_mirror/centos-7-x86_64/repodata/*comps*.xml
Keeping repodata as-is :/var/www/cobbler/ks_mirror/centos-7-x86_64/repodata
*** TASK COMPLETE ***
参数说明:
-- path //镜像路径
-- name //为安装定义一个名字
-- arch //指定安装源平台
//查看cobbler镜像列表
[root@centos7 loaders]# cobbler list
distros:
centos-7-x86_64
profiles:
centos-7-x86_64
systems:
repos:
images:
mgmtclasses:
packages:
files:
//此处存放的使光盘的内容
[root@centos7 centos-7-x86_64]# ls
CentOS_BuildTag GPL LiveOS RPM-GPG-KEY-CentOS-7
EFI images Packages RPM-GPG-KEY-CentOS-Testing-7
EULA isolinux repodata TRANS.TBL
[root@centos7 centos-7-x86_64]# pwd
/var/www/cobbler/ks_mirror/centos-7-x86_64
//创建kickstarts自动安装脚本
[root@centos7 ~]# cat > /var/lib/cobbler/kickstarts/centos-7-x86_64.ks <<'EOF'
auth --enableshadow --passalgo=sha512
bootloader --location=mbr
clearpart --all --initlabel
part /boot --asprimary --fstype="ext4" --size=500
part swap --fstype="swap" --size=4096
part / --fstype="ext4" --grow --size=15000
text
firewall --disabled
firstboot --disable
keyboard us
lang en_US
url --url=http://192.168.170.133/cobbler/ks_mirror/centos-7-x86_64
$yum_repo_stanza
reboot
rootpw --iscrypted $6$2WTFvfNvAMgCUPuC$MJgWGzhakgxrRObcEbAwSe8vkz0s//xyiTllGwxRsHHruQhcskO69u2LVTU9u0eemHXH2pzcGawyAJ54R2E/x0
selinux --disabled
skipx
timezone Asia/Shanghai --isUtc --nontp
install
zerombr
%packages
@^minimal
@core
kexec-tools
%end
%addon com_redhat_kdump --enable --reserve-mb='auto'
%end
%anaconda
pwpolicy root --minlen=6 --minquality=1 --notstrict --nochanges --notempty
pwpolicy user --minlen=6 --minquality=1 --notstrict --nochanges --emptyok
pwpolicy luks --minlen=6 --minquality=1 --notstrict --nochanges --notempty
%end
EOF
//查看当前cobbler有哪些配置文件
[root@centos7 kickstarts]# cobbler profile list
centos-7-x86_64
//检查当前系统cobbler配置文件信息
[root@centos7 kickstarts]# cobbler profile report
Name : centos-7-x86_64
TFTP Boot Files : {}
Comment :
DHCP Tag : default
Distribution : centos-7-x86_64
Enable gPXE? : 0
Enable PXE Menu? : 1
Fetchable Files : {}
Kernel Options : {}
Kernel Options (Post Install) : {}
Kickstart : /var/lib/cobbler/kickstarts/sample_end.ks
Kickstart Metadata : {}
Management Classes : []
Management Parameters : <<inherit>>
Name Servers : []
Name Servers Search Path : []
Owners : ['admin']
Parent Profile :
Internal proxy :
Red Hat Management Key : <<inherit>>
Red Hat Management Server : <<inherit>>
Repos : []
Server Override : <<inherit>>
Template Files : {}
Virt Auto Boot : 1
Virt Bridge : xenbr0
Virt CPUs : 1
Virt Disk Driver Type : raw
Virt File Size(GB) : 5
Virt Path :
Virt RAM (MB) : 512
Virt Type : kvm
//修改profile,将我们新建的ks文件设为默认的kickstarts安装文件
[root@centos7 kickstarts]# cobbler profile edit --name centos-7-x86_64 --kickstart=/var/lib/cobbler/kickstarts/centos-7-x86_64.ks
//配置网卡名称为传统网卡名称eth0
[root@centos7 kickstarts]# cobbler profile edit --name centos-7-x86_64 --kopts='net.ifnames=0 biosdevname=0'
//发现当前系统cobbler配置文件信息的Kickstart发生改变
[root@centos7 kickstarts]# cobbler profile report
Name : centos-7-x86_64
TFTP Boot Files : {}
Comment :
DHCP Tag : default
Distribution : centos-7-x86_64
Enable gPXE? : 0
Enable PXE Menu? : 1
Fetchable Files : {}
Kernel Options : {'biosdevname': '0', 'net.ifnames': '0'}
Kernel Options (Post Install) : {}
Kickstart : /var/lib/cobbler/kickstarts/centos-7-x86_64.ks
Kickstart Metadata : {}
Management Classes : []
Management Parameters : <<inherit>>
Name Servers : []
Name Servers Search Path : []
Owners : ['admin']
Parent Profile :
Internal proxy :
Red Hat Management Key : <<inherit>>
Red Hat Management Server : <<inherit>>
Repos : []
Server Override : <<inherit>>
Template Files : {}
Virt Auto Boot : 1
Virt Bridge : xenbr0
Virt CPUs : 1
Virt Disk Driver Type : raw
Virt File Size(GB) : 5
Virt Path :
Virt RAM (MB) : 512
Virt Type : kvm
//同步文件
[root@centos7 loaders]# pwd
/var/lib/cobbler/loaders
[root@centos7 loaders]# \cp /usr/share/syslinux/pxelinux.0 .
[root@centos7 loaders]# \cp /usr/share/syslinux/menu.c32 menu.c32
//同步cobbler
[root@centos7 kickstarts]# cobbler sync
//重启服务
[root@centos7 kickstarts]# systemctl restart httpd
[root@centos7 kickstarts]# systemctl restart cobblerd.service
[root@centos7 kickstarts]# systemctl restart xinetd.service
客户端安装
安装一台主机进行测试,不给镜像然后开机
[root@centos7 loaders]# pwd
/var/lib/cobbler/loaders
[root@centos7 loaders]# \cp /usr/share/syslinux/menu.c32 menu.c32
[root@centos7 loaders]# \cp /usr/share/syslinux/pxelinux.0 .
浙公网安备 33010602011771号