###Cobbler简介
Cobbler是一个Linux安装服务器,允许快速设置网络安装环境。它将许多相关的Linux任务聚合在一起并自动
化,因此在部署新系统时,您不必在许多不同的命令和应用程序之间来回切换,在某些情况下,还可以更改现
有的系统。Cobbler可以帮助提供、管理DNS和DHCP、包更新、电源管理、配置管理编制等。Cobbler支持众多
的Linux发行版:Red Hat、 Fedora、CentOS、Debian、Ubuntu和SuSE,也可以支持网络安装windows。
cobbler是PXE的二次封装,将多种安装参数封装到一个菜单 。Cobbler是一个让部署系统简单方便的自动化
部署工具。同时还可以制作内部Yum源,对于日常运维工作或者批量系统安装部署新系统都是非常好的工具
Cobbler是一种构建和部署系统。cobbler的主要功能是通过自动化重复操作简化管理员的工作,并通过使用
模板鼓励重用现有工作。我们遵循的主要原则之一是提供选项和灵活性,而不是将管理员锁定在单一的工作方
式上。因此,可以将cobbler与越来越多的配置管理系统和远程脚本实用程序集成在一起,同时可以部署许多
不同的操作系统类型。Cobbler还提供了一个简化虚拟化部署的工具(koan)。
Cobbler集成的服务
● PXE服务支持
● DHCP服务管理
● DNS服务管理(可选bind,dnsmasq)
● 电源管理
● Kickstart服务支持
● YUM仓库管理
● TFTP(PXE启动时需要)
● Apache(提供kickstart的安装源,并提供定制化的kickstart配置)
环境准备
本次安装采用CentOS 7.5。
1,关闭防火墙
systemctl stop firewalld
systemctl disable firewalld
2,禁用SELinux
sed -i “s/^SELINUX=enforcing/SELINUX=disabled/g” /etc/selinux/config
3,配置固定IP地址为172.16.60.2
4,设置hostname为cobbler.cluster.local
5,安装epel源
yum install -y epel-release
安装Cobbler
1,安装cobbler相关软件包
yum -y install cobbler cobbler-web dhcp tftp-server pykickstart httpd xinetd
2,启动httpd和cobblerd服务并设置自动启动
systemctl start httpd
systemctl start cobblerd
systemctl enable httpd
systemctl enable cobblerd
3,运行cobbler check检查存在的问题
cobbler check
The following are potential configuration items that you may want to fix:
1 : The ‘server’ field in /etc/cobbler/settings must be set to something other than localhost, or kickstarting features will not work. This should be a resolvable hostname or IP for the boot server as reachable by all machines that will use it.
2 : For PXE to be functional, the ‘next_server’ field in /etc/cobbler/settings must be set to something other than 127.0.0.1, and should match the IP of the boot server on the PXE network.
3 : change ‘disable’ to ‘no’ in /etc/xinetd.d/tftp
4 : Some network boot-loaders are missing from /var/lib/cobbler/loaders, you may run ‘cobbler get-loaders’ to download them, or, if you only want to handle x86/x86_64 netbooting, you may ensure that you have installed a recent version of the syslinux package installed and can ignore this message entirely. Files in this directory, should you want to support all architectures, should include pxelinux.0, menu.c32, elilo.efi, and yaboot. The ‘cobbler get-loaders’ command is the easiest way to resolve these requirements.
5 : enable and start rsyncd.service with systemctl
6 : debmirror package is not installed, it will be required to manage debian deployments and repositories
7 : The default password used by the sample templates for newly installed machines (default_password_crypted in /etc/cobbler/settings) is still set to ‘cobbler’ and should be changed, try: “openssl passwd -1 -salt ‘random-phrase-here’ ‘your-password-here’” to generate new one
8 : fencing tools were not found, and are required to use the (optional) power management features. install cman or fence-agents to use them
Restart cobblerd and then run ‘cobbler sync’ to apply changes.
解决上述问题的方法如下:
问题1:修改/etc/cobbler/settings文件中的server参数的值为提供cobbler服务的主机相应的IP地址或
主机名
sed -i ‘s/server: 127.0.0.1/server: 172.16.60.2/‘ /etc/cobbler/settings
问题2:修改/etc/cobbler/settings文件中的next_server参数的值为提供PXE服务的主机相应的IP地址
sed -i ‘s/next_server: 127.0.0.1/next_server: 172.16.60.2/‘ /etc/cobbler/settings
问题3:修改/etc/xinetd.d/tftp文件中的disable参数修改为disable = no
sed -i ‘s#yes#no#’ /etc/xinetd.d/tftp
问题4:执行cobbler get-loaders命令即可;否则,需要安装syslinux程序包,而后复制/usr/share/sys
linux/{pxelinux.0,memu.c32}等文件至/var/lib/cobbler/loaders/目录中
cobbler get-loaders
问题5:启动rsyncd服务并设置自动启动
systemctl start rsyncd
systemctl enable rsyncd
问题6:如果不是部署debian系统,这一项可以忽略。如需解决,安装debmirror,然后注释掉下面两项,
否则会报错。
yum –y install debmirror
comment out ‘dists’ on /etc/debmirror.conf for proper debian support
comment out ‘arches’ on /etc/debmirror.conf for proper debian support
问题7:生成新的密码来取代默认的密码,”random-phrase-here” = 随机的干扰码, “your-password-here” = 新密码,
sed -ri “/default_password_crypted/s#(.*: ).*#\1\“`openssl passwd -1 -salt ‘cobbleradmin’ ‘123456’`\“#” /etc/cobbler/settings
问题8:安装cman fence-agents
yum –y install cman fence-agents
完成以上操作后,执行以下操作:
1,重启cobblerd服务
systemctl restart cobblerd
2,执行cobbler sync 进行同步,否由配置不生效
cobbler sync
3,运行cobbler check检查存在的问题,如下提示配置正确
[root@cobbler ~]# cobbler check
No configuration problems found. All systems go.
[root@cobbler ~]#
配置DHCP服务
1,修改cobbler-dhcp配置,由cobbler控制dhcp,将manage_dhcp改为1。
vi /etc/cobbler/settings
2,修改DHCP服务配置文件如下,以下为需要进行修改的部分。
vi /etc/cobbler/dhcp.template
subnet 172.16.60.0 netmask 255.255.255.0 {
option routers 172.16.0.1;
option domain-name-servers 172.16.0.1;
option subnet-mask 255.255.255.0;
range dynamic-bootp 172.16.60.100 172.16.60.200;
default-lease-time 21600;
max-lease-time 43200;
next-server 172.16.60.2;
3,修改完成后,执行cobbler sync 进行同步。
cobbler sync
4,完成以上操作后,重启所有服务
systemctl restart httpd
systemctl restart cobblerd
systemctl restart dhcpd
systemctl restart rsyncd
systemctl restart xinetd
登录及使用Cobbler web控制台
1,使用IP地址通过浏览器登录Cobbler web控制台,默认账号密码为cobbler/cobbler
https://172.16.60.2/cobbler\_web
2,导入镜像
2.1 在Cobbler服务器上挂载光盘镜像文件
mount /dev/cdrom /mnt
2.2 点击左侧的 “Import DVD”,Prefix=文件前缀,Arch=架构,Breed=系统类型,Path=导入路径
(这里是/mnt/)
2.3,点击”Events”查看日志,可以查看镜像导入的进度
2.4,导入完成后,检查导入的文件,我们导入两个系统镜像:CentOS7.5和Ubuntu16.04
cd /var/www/cobbler/ks_mirror
验证部署系统
1,验证可以正确引导到启动菜单
2,默认为最小化系统部署,并且为字符安装界面
3,确认系统可以正常部署并可以正常启动使用
4,部署Ubuntu系统
定制化安装
1,通过”Distros”查看导入的镜像,点击edit可以编辑前面导入的镜像的参数,例如添加内核参数,
设置Comment等
2,通过”Profiles”查看镜像的属性,这里可以向系统中添加镜像源
3,在Repos中添加或管理源
4,创建ks文件,点击”Kickstart Templates” – “Create New Kickstart File”创新KS文件,下面是我创建的一个KS文件示例:
Cobbler for Kickstart Configurator for CentOS 7 by Jacky
xconfig –startxonboot
eula –agreed
authconfig –enableshadow –passalgo=sha512
install
url –url=$tree
graphical
lang en_US.UTF-8
keyboard us
zerombr
bootloader –location=mbr –driveorder=sda –append=”crashkernel=auto rhgb quiet”
autopart –type=lvm
clearpart –all –initlabel
Network information
$SNIPPET(‘network_config’)
network –bootproto=dhcp –device=eth0 –onboot=yes –noipv6 – hostname=CentOS7
timezone –utc Asia/Shanghai
rootpw –iscrypted $6$aeRUqqGhIFDslQC3$jcxqPLNCBfdK7EPkz7BcZrDpda7tp1P5z8VS8gPDx25iulUxyms5xE59ShLyKAmYzVkPraGCwu6CRypsxl2Fm0
user –groups=wheel –name=jacky – password=$6$p/.gbURXOe2hdFpU$3ZM5b8Ch0flWzErIHRRMWKSFs7MA1mN8w27M.61erQhzulPuYjZyfz.zYR3ve.aGxwCU4Hvennt8B.IXpTz.N1 –iscrypted –gecos=”jacky”
firstboot –disable
selinux –disabled
firewall –disabled
logging –level=info
reboot
%pre
$SNIPPET(‘log_ks_pre’)
$SNIPPET(‘kickstart_start’)
$SNIPPET(‘pre_install_network_config’)
Enable installation monitoring
$SNIPPET(‘pre_anamon’)
%end
%packages
@^graphical-server-environment
@base
@desktop-debugging
@dial-up
@fonts
@gnome-desktop
@guest-agents
@guest-desktop-agents
@hardware-monitoring
@input-methods
@internet-browser
@multimedia
@print-client
@x11
@compat-libraries
@core
@debugging
@development
bash-completion
chrony
kexec-tools
lrzsz
tree
vim
wget
%end
%post
systemctl disable postfix.service
%end
5,选择systems,创建一个新的系统
通过MAC地址可以控制哪些机器通过此系统进行安装
6,配置完成后,开始部署,可以看到由于指定是MAC地址,系统通过PXE启动后,并不会提示启动菜单而是
直接开始部署。
部署过程全程无需人工干预,通过前面的KS文件,部署界面为图形界面,并全安装的系统也是带有GUI的
CentOS7.5