Cobbler批量裝系統1、 簡介
網絡安裝服務器套件 Cobbler(補鞋匠)從前,我們一直在做裝機民工這份很有前途的職業。自打若干年前 Red Hat 推出了 Kickstart,此後我們頓覺身價倍增。不再需要刻了光盤一臺一臺地安裝 Linux,只要搞定 PXE、DHCP、TFTP,還有那滿屏眼花繚亂不知所云的 Kickstart 腳本,我們就可以像哈里波特一樣,輕點魔棒,瞬間安裝上百臺服務器。這一堆花裏胡哨的東西可不是一般人都能整明白的,沒有大專以上學歷,通不過英語四級, 根本別想玩轉。總而言之,這是一份多麼有前途,多麼有技術含量的工作啊。很不幸,Red Hat 最新(Cobbler項目最初在2008年左右發佈)發佈了網絡安裝服務器套件 Cobbler(補鞋匠),它已將 Linux 網絡安裝的技術門檻,從大專以上文化水平,成功降低到初中以下,連補鞋匠都能學會。對於我們這些在裝機領域經營多年,經驗豐富,老驥伏櫪,志在千里的民工兄弟們來說,不啻爲一個晴天霹靂。
2、 系統環境準備
[root@bogon ~]# cat /etc/redhat-release
CentOS release 6.7 (Final)
[root@bogon ~]# uname -r
2.6.32-573.el6.x86_64
[root@bogon ~]# ifconfig|awk -F "[ :]+" 'NR==2 {print $4}'
192.168.1.131
添加阿里epel源
[root@bogon ~]# wget -O /etc/yum.repos.d/epel.repo http://mirrors.aliyun.com/repo/epel- 6.repo
準備環境軟件httpd、dhcp、xinetd、rsync、pykickstart、cobbler和cobbler-web:
[root@bogon ~]# yum install -y httpd dhcp xinetd rsync pykickstart
[root@bogon ~]# yum install -y cobbler cobbler-web
報錯:Error: Package: cobbler-web-2.6.11-7.git95749a6.el6.noarch (epel)
Requires: Django >= 1.4
缺少依賴包:Djange,Djange依賴包是python-simplejson,所以
[root@bogon ~]# yum install -y python-simplejson
[root@bogon ~]# wgethttps://kojipkgs.fedoraproject.org//packages/Django14/1.4.14/1.el6/noarch/Django14-1.4.14-1.el6.noarch.rpm
[root@bogon ~]# rpm -ivh Django14-1.4.14-1.el6.noarch.rpm
3、 配置文件
[root@bogon ~]# /etc/init.d/httpd status
httpd (pid 1960) is running...
[root@bogon ~]# /etc/init.d/cobblerd status
cobblerd (pid 1948) is running...
[root@bogon ~]# cobbler check #檢查cobcler配置
The following are potential configuration items that you may want to fix:
1 : The 'server' field in /etc/cobbler/settings must be set to something other than localhost, or kickstarting features will not work. This should be a resolvable hostname or IP for the boot server as reachable by all machines that will use it.
2 : For PXE to be functional, the 'next_server' field in /etc/cobbler/settings must be set to something other than 127.0.0.1, and should match the IP of the boot server on the PXE network.
3 : change 'disable' to 'no' in /etc/xinetd.d/tftp
4 : some network boot-loaders are missing from /var/lib/cobbler/loaders, you may run 'cobbler get-loaders' to download them, or, if you only want to handle x86/x86_64 netbooting, you may ensure that you have installed a recent version of the syslinux package installed and can ignore this message entirely. Files in this directory, should you want to support all architectures, should include pxelinux.0, menu.c32, elilo.efi, and yaboot. The 'cobbler get-loaders' command is the easiest way to resolve these requirements.
5 : change 'disable' to 'no' in /etc/xinetd.d/rsync
6 : since iptables may be running, ensure 69, 80/443, and 25151 are unblocked
7 : debmirror package is not installed, it will be required to manage debian deployments and repositories
8 : The default password used by the sample templates for newly installed machines (default_password_crypted in /etc/cobbler/settings) is still set to 'cobbler' and should be changed, try: "openssl passwd -1 -salt 'random-phrase-here' 'your-password-here'" to generate new one
9 : fencing tools were not found, and are required to use the (optional) power management features. install cman or fence-agents to use them
Restart cobblerd and then run 'cobbler sync' to apply changes.
關於問題:
6、防火牆iptables還在運行
[root@bogon ~]# setenforce 0
setenforce: SELinux is disabled
[root@bogon ~]# service iptables stop
[root@bogon ~]# chkconfig iptables off
[root@bogon ~]# vim /etc/selinux/config
SELINUX=disabled
1、2、在/etc/cobbler/settings修改server,next_server的IP地址
[root@bogon ~]# sed -i "s/next_server: 127.0.0.1/next_server: 192.168.1.131/g" /etc/cobbler/settings
[root@bogon ~]# sed -i "s/server: 127.0.0.1/server: 192.168.1.131/g" /etc/cobbler/settings
修改cobbler管理dhcp和tftp
[root@bogon ~]# sed -i "s/manage_dhcp: 0/manage_dhcp: 1/" /etc/cobbler/settings
[root@bogon ~]# sed -i "s/manage_rsync: 0/manage_rsync: 1/g" /etc/cobbler/settings
PXE啓動時不允許重複裝機
[root@bogon ~]# sed -i 's/pxe_just_once: 0/pxe_just_once: 1/g' /etc/cobbler/settings
8、設置系統登錄的root密碼openssl passwd -1 -salt 'guoge' 'your-password-here'"
[root@bogon ~]# openssl passwd -1 -salt 'guoge' '123456' ##guoge爲干擾內
##123456爲密碼
$1$guoge$4kUDFV7TavolzgIUxLM2m0
[root@bogon ~]# vim /etc/cobbler/settings
default_password_crypted: "$1$guoge$4kUDFV7TavolzgIUxLM2m0" ##紅色爲修改內容
3、5、修改/etc/xinetd.d/rsync 和/etc/xinetd.d/rsync
[root@bogon ~]# sed -i "s/disable = yes/disable = no/g" /etc/xinetd.d/rsync
[root@bogon ~]#sed -i "s/disable = yes/disa disable = no /g" /etc/xinetd.d/tftp
4、需要使用cobbler get-loaders命令下載loaders文件
[root@bogon ~]# cobbler get-loaders
task started: 2018-07-31_080115_get_loaders
task started (id=Download Bootloader Content, time=Tue Jul 31 08:01:15 2018)
downloading http://cobbler.github.io/loaders/README to /var/lib/cobbler/loaders/README
downloading http://cobbler.github.io/loaders/COPYING.elilo to /var/lib/cobbler/loaders/COPYING.elilo
downloading http://cobbler.github.io/loaders/COPYING.yaboot to /var/lib/cobbler/loaders/COPYING.yaboot
downloading http://cobbler.github.io/loaders/COPYING.syslinux to /var/lib/cobbler/loaders/COPYING.syslinux
downloading http://cobbler.github.io/loaders/elilo-3.8-ia64.efi to /var/lib/cobbler/loaders/elilo-ia64.efi
downloading http://cobbler.github.io/loaders/yaboot-1.3.17 to /var/lib/cobbler/loaders/yaboot
downloading http://cobbler.github.io/loaders/pxelinux.0-3.86 to /var/lib/cobbler/loaders/pxelinux.0
downloading http://cobbler.github.io/loaders/menu.c32-3.86 to /var/lib/cobbler/loaders/menu.c32
downloading http://cobbler.github.io/loaders/grub-0.97-x86.efi to /var/lib/cobbler/loaders/grub-x86.efi
downloading http://cobbler.github.io/loaders/grub-0.97-x86_64.efi to /var/lib/cobbler/loaders/grub-x86_64.efi
TASK COMPLETE
所下載的文件在/var/lib/cobbler/loaders/當中
[root@bogon ~]# cobbler sync同步配置
重啓服務
[root@bogon ~]# /etc/init.d/xinetd restart
Stopping xinetd: [FAILED]
Starting xinetd: [ OK ]
[root@bogon ~]# /etc/init.d/cobblerd restart
Stopping cobbler daemon: [ OK ]
Starting cobbler daemon: [ OK ]
[root@bogon ~]# cobbler check
The following are potential configuration items that you may want to fix:
1 : service dhcpd is not running
2 : debmirror package is not installed, it will be required to manage debian deployments and repositories # 和debian系統相關,不需要
3 : fencing tools were not found, and are required to use the (optional) power management features. install cman or fence-agents to use them # fence設備相關,不需要
Restart cobblerd and then run 'cobbler sync' to apply changes.
問題1、配置並啓動DHCP
[root@bogon ~]# vim /etc/cobbler/dhcp.template
subnet 192.168.1.0 netmask 255.255.255.0 {
option routers 192.168.1.131;
option domain-name-servers 192.168.1.131;
option subnet-mask 255.255.255.0;
range dynamic-bootp 192.168.1.100 192.168.1.254;
default-lease-time 21600;
max-lease-time 43200;
next-server $next_server;
[root@bogon ~]# cobbler sync同步配置
設置開機自啓動:
[root@bogon ~]# /etc/init.d/httpd restart
[root@bogon ~]#/etc/init.d/xinetd restart
[root@bogon ~]# /etc/init.d/dhcpd restart
[root@bogon ~]# /etc/init.d/cobblerd restart
[root@bogon ~]# chkconfig --level 35 httpd on
[root@bogon ~]# chkconfig --level 35 xinetd on
[root@bogon ~]# chkconfig --level 35 dhcpd on
[root@bogon ~]# chkconfig --level 35 cobblerd on
4、 設置鏡像
[root@bogon ~]# mount /dev/cdrom /mnt/
[root@bogon ~]# cobbler import --path=/mnt/ --name=Centos-6.7-x86_64 --arch=x86_64
[root@bogon ~]# cobbler sync
[root@bogon ~]# /etc/init.d/httpd restart
[root@bogon ~]#/etc/init.d/xinetd restart
[root@bogon ~]# /etc/init.d/dhcpd restart
[root@bogon ~]# /etc/init.d/cobblerd restart
5、 ks.cfk文件
[root@bogon ~]# cat /var/lib/cobbler/kickstarts/sample_e
sample_end.ks sample_esx4.ks sample_esxi4.ks sample_esxi5.ks
[root@bogon ~]# cat /var/lib/cobbler/kickstarts/sample_e
sample_end.ks sample_esx4.ks sample_esxi4.ks sample_esxi5.ks
[root@bogon ~]# cat /var/lib/cobbler/kickstarts/sample_end.ks
# kickstart template for Fedora 8 and later.
# (includes %end blocks)
# do not use with earlier distros
#platform=x86, AMD64, or Intel EM64T
# System authorization information
auth --useshadow --enablemd5
# System bootloader configuration
bootloader --location=mbr
# Partition clearing information
clearpart --all --initlabel
# Use text mode install
text
# Firewall configuration
firewall --enabled
# Run the Setup Agent on first boot
firstboot --disable
# System keyboard
keyboard us
# System language
lang en_US
# Use network installation
url --url=$tree
# If any cobbler repo definitions were referenced in the kickstart profile, include them here.
$yum_repo_stanza
# Network information
$SNIPPET('network_config')
# Reboot after installation
reboot
#Root password
rootpw --iscrypted $default_password_crypted
# SELinux configuration
selinux --disabled
# Do not configure the X Window System
skipx
# System timezone
timezone America/New_York
# Install OS instead of upgrade
# install
# Clear the Master Boot Record
zerombr
#### Allow anaconda to partition the system as needed
autopart
%pre
$SNIPPET('log_ks_pre')
$SNIPPET('kickstart_start')
$SNIPPET('pre_install_network_config')
#### Enable installation monitoring
$SNIPPET('pre_anamon')
%end
%packages
$SNIPPET('func_install_if_enabled')
%end
%post --nochroot
$SNIPPET('log_ks_post_nochroot')
%end
%post
$SNIPPET('log_ks_post')
#### Start yum configuration
$yum_config_stanza
#### End yum configuration
$SNIPPET('post_install_kernel_options')
$SNIPPET('post_install_network_config')
$SNIPPET('func_register_if_enabled')
$SNIPPET('download_config_files')
$SNIPPET('koan_environment')
$SNIPPET('redhat_register')
$SNIPPET('cobbler_register')
#### Enable post-install boot notification
$SNIPPET('post_anamon')
### Start final steps
$SNIPPET('kickstart_done')
### ## End final steps
%end查看安裝鏡像文件信息
[root@bogon ~]#cobbler distro report --name=CentOS-7.1-x86_64
查看所有的profile設置
[root@bogon ~]# cobbler profile report
查看指定的profile設置
[root@bogon ~]#cobbler profile report --name=CentOS-7.1-x86_64
[root@bogon ~]# cobbler sync同步配置
6、 cobbler-web支持網頁登錄
/etc/cobbler/users.conf # Web服務授權配置文件
/etc/cobbler/users.digest # 用於web訪問的用戶名密碼配置文件 [root@bogon ~]# cat /etc/cobbler/users.digest
cobbler:Cobbler:a2d6bae81669d707b72c0bd9806e01f3
設置Cobbler web用戶登陸密碼
在Cobbler組添加cobbler用戶
[root@linux-node1 ~]# htdigest /etc/cobbler/users.digest "Cobbler" cobbler
Changing password for user cobbler in realm Cobbler
New password: 123456
Re-type new password:123456
登錄地址爲:http://192.168.1.131/cobbler_web或者https://192.168.1.131/cobbler_web
賬戶密碼:cobbler 123456
參考
http://blog.oldboyedu.com/autoinstall-cobbler/
http://blog.51cto.com/mailfile/1395657
http://www.mamicode.com/info-detail-2328653.html