美文网首页linux tools
cobbler+pxe自动化安装系统

cobbler+pxe自动化安装系统

作者: SRE1 | 来源:发表于2019-10-08 10:18 被阅读0次

    cobbler

    Cobbler是一个自动化和简化系统安装的工具,通过使用网络引导来实现系统自动化安装。Cobbler是较早前的kickstart的升级版,优点是比较容易配置,还自带web界面比较易于管理。
    Cobbler构成组件包括:

    Distros(发行版):表示一个操作系统,它承载了内核和initrd的信息,以及内核参数等其他数据
    Profile(配置文件):包含一个发行版、一个kickstart文件以及可能的存储库,还包含更多特定的内核参数等其他数据
    Systems(系统):表示要配给的额机器。它包含一个配置文件或一个景象,还包含IP和MAC地址、电源管理(地址、凭据、类型)、(网卡绑定、设置valn等)
    Repository(镜像):保存一个yum或rsync存储库的镜像信息
    Image(存储库):可替换一个包含不属于此类比的额文件的发行版对象(例如,无法分为内核和initrd的对象)。

    本次实例我使用一台虚拟机来模拟pxe+cobbler,相关服务都安装在此服务器上,系统为centos 7

    部署架构拓扑图

    配置pxe支持服务

    首先需要安装pxe支持所需要的相关服务:

    [root@cobbler ~]# yum install -y tftp tftp-server dhcp httpd    #pxe可通过http或ftp等方式提供yum repository,本次我使用http提供仓库
    [root@cobbler ~]# yum install -y syslinux  #提供pxe安装所需要的pxelinux.0等文件
    
    

    接着配置dhcp服务,编辑创建dhcp配置文件:

    [root@cobbler ~]# vim /etc/dhcp/dhcpd.conf
    option domain-name "magedu.com";
    option domain-name-servers 114.114.114.114,8.8.8.8;
    default-lease-time 600;
    max-lease-time 7200;
    log-facility local7;
    subnet 10.10.10.0 netmask 255.255.255.0 {
            range 10.10.10.100 10.10.10.200;
            option routers 10.10.10.254;
            filename "pxelinux.0";
            next-server 10.10.10.254;
    }
    
    

    配置完成后启动dhcp服务:

    [root@cobbler ~]# systemctl start dhcpd
    

    服务启动后可以查看下面的文件来查看dhcp的租借情况:

    [root@cobbler ~]# cat /var/lib/dhcpd/dhcpd.leases
    

    接着启动httpd和tftp服务:

    [root@cobbler ~]# systemctl start httpd
    [root@cobbler ~]# systemctl start tftp.socket
    

    配置cobbler

    首先安装cobbler:

    [root@cobbler ~]# yum install -y epel-release
    [root@cobbler ~]# yum install -y cobbler
    
    

    接着启动cobbler服务:

    [root@cobbler ~]# systemctl start cobblerd
    

    然后执行cobbler check:

    [root@cobbler ~]# cobbler check
    The following are potential configuration items that you may want to fix:
    
    1 : The 'server' field in /etc/cobbler/settings must be set to something other than localhost, or kickstarting features will not work.  This should be a resolvable hostname or IP for the boot server as reachable by all machines that will use it.
    2 : For PXE to be functional, the 'next_server' field in /etc/cobbler/settings must be set to something other than 127.0.0.1, and should match the IP of the boot server on the PXE network.
    3 : SELinux is enabled. Please review the following wiki page for details on ensuring cobbler works correctly in your SELinux environment:
        https://github.com/cobbler/cobbler/wiki/Selinux
    4 : change 'disable' to 'no' in /etc/xinetd.d/tftp
    5 : Some network boot-loaders are missing from /var/lib/cobbler/loaders, you may run 'cobbler get-loaders' to download them, or, if you only want to handle x86/x86_64 netbooting, you may ensure that you have installed a *recent* version of the syslinux package installed and can ignore this message entirely.  Files in this directory, should you want to support all architectures, should include pxelinux.0, menu.c32, elilo.efi, and yaboot. The 'cobbler get-loaders' command is the easiest way to resolve these requirements.
    6 : enable and start rsyncd.service with systemctl
    7 : debmirror package is not installed, it will be required to manage debian deployments and repositories
    8 : ksvalidator was not found, install pykickstart
    9 : The default password used by the sample templates for newly installed machines (default_password_crypted in /etc/cobbler/settings) is still set to 'cobbler' and should be changed, try: "openssl passwd -1 -salt 'random-phrase-here' 'your-password-here'" to generate new one
    10 : fencing tools were not found, and are required to use the (optional) power management features. install cman or fence-agents to use them
    
    Restart cobblerd and then run 'cobbler sync' to apply changes.
    

    通常来说cobbler服务在初次检查时总会有各种各样的报错,我们只需要按照对应的报错寻找解决办法即可。

    首先第1,2、9点都是cobbler 的配置文件,编辑修改cobbler 的配置文件即可:

    [root@cobbler ~]# openssl passwd -1 -salt '123456' 'magedu'    #创建新建系统默认登录密码的密钥串
    $1$123456$QMBx42LRqK1ZWPfItmpYG0
    [root@cobbler ~]# vim /etc/cobbler/settings    #在cobbler配置文件中修改以下配置
    server: 10.10.10.254
    next_server: 10.10.10.254
    default_password_crypted: "$1$123456$QMBx42LRqK1ZWPfItmpYG0"    #此处是指定自动安装的系统的登录密钥
    

    接着第三点为selinux的状态,我们这里直接把selinux关闭并关掉firewalld,以免影响结果:

    [root@cobbler ~]# systemctl stop firewalld
    [root@cobbler ~]# systemctl disable firewalld
    [root@cobbler ~]# setenforce 0
    

    第四点,更改/etc/xinetd.d/tftp的状态为启动:

    [root@cobbler ~]# vim /etc/xinetd.d/tftp
            disable                 = no
    

    第五点,如果当前节点可以访问互联网,执行“cobblerget-loader”命令下载pxelinux.0,menu.c32,elilo.efi, 或yaboot文件,否则,需要安装syslinux程序包,而后复制/usr/share/syslinux/中的pxelinux.0,menu.c32等文件至/var/lib/cobbler/loaders目录中,此处我们先直接复制/usr/share/syslinux目录中的文件到指定目录,看看是否能解决:

    [root@cobbler ~]# cp -ar /usr/share/syslinux/* /var/lib/cobbler/loaders/
    

    第六点,启动rsyncd服务:

    [root@cobbler ~]# systemctl start rsyncd
    [root@cobbler ~]# systemctl enable rsyncd
    Created symlink from /etc/systemd/system/multi-user.target.wants/rsyncd.service to /usr/lib/systemd/system/rsyncd
    

    第七、八、十点,分别安装指定的程序包:

    [root@cobbler ~]# yum install -y debmirror pykickstart fence-agents
    
    

    执行完后重启cobblerd服务,再次执行cobbler check:

    [root@cobbler ~]# systemctl restart cobblerd
    [root@cobbler ~]# cobbler check
    The following are potential configuration items that you may want to fix:
    
    1 : SELinux is enabled. Please review the following wiki page for details on ensuring cobbler works correctly in your SELinux environment:
        https://github.com/cobbler/cobbler/wiki/Selinux
    2 : Some network boot-loaders are missing from /var/lib/cobbler/loaders, you may run 'cobbler get-loaders' to download them, or, if you only want to handle x86/x86_64 netbooting, you may ensure that you have installed a *recent* version of the syslinux package installed and can ignore this message entirely.  Files in this directory, should you want to support all architectures, should include pxelinux.0, menu.c32, elilo.efi, and yaboot. The 'cobbler get-loaders' command is the easiest way to resolve these requirements.
    3 : comment out 'dists' on /etc/debmirror.conf for proper debian support
    4 : comment out 'arches' on /etc/debmirror.conf for proper debian support
    

    第一点报错已经停用了,所以无关要紧;第二点依旧有报错,可根据提示执行cobbler get-loaders即可解决,但是前提是服务器能上网。
    最后两点在的指定的文件中注释掉相应的配置段即可:

    [root@cobbler ~]# vim /etc/debmirror.conf
    #@arches="i386";
    #@dists="sid";
    

    最后重启cobblerd服务,并执行cobbler sync:

    [root@cobbler ~]# systemctl restart cobblerd
    [root@cobbler ~]# cobbler sync
    

    接着挂载系统光驱(这里我们挂载的是centos7的系统光盘),然后使用cobbler命令导入系统镜像:

    [root@cobbler ~]# mount /dev/cdrom /mnt
    mount: /dev/sr0 写保护,将以只读方式挂载
    [root@cobbler ~]# cobbler import --name=centos-7.2-x86_64 --path=/mnt     #此过程耗时较长,需耐心等待
    [root@cobbler ~]# cobbler distro list    #导入完成后,即可查看到相应的distro名字
       centos-7.2-x86_64
    

    镜像会被自动导入到此路径下/var/www/cobbler/ks_mirror,方便后续通过http的方式获取安装源。
    另外默认情况下,cobbler会生成一个最小化安装的kickstart文件,如果想要自定义其对应的kickstart profile,可通过下面操作进行:

    [root@cobbler ~]# cp centos7.cfg /var/lib/cobbler/kickstarts/    #复制自定义的kickstart文件到指定的目录下
    [root@cobbler ~]# cobbler profile add --name=centos-7.2-x86_64-custom --distro=centos-7.2-x86_64 --kickstart=/var/lib/cobbler/kickstarts/centos7.cfg    #创建自定义的kickstart profile
    [root@cobbler ~]# cobbler profile list
       centos-7.2-x86_64
       centos-7.2-x86_64-custom
    

    最后检查httpd和tftp服务的相关目录下是否已经创建了相应的文件:

    [root@cobbler ~]# ll /var/www/cobbler/
    总用量 0
    drwxr-xr-x. 4 root root 54 1月   5 01:56 images
    drwxr-xr-x. 5 root root 67 1月   5 01:54 ks_mirror
    drwxr-xr-x. 2 root root 54 1月   5 01:56 links
    drwxr-xr-x. 2 root root  6 9月  18 23:16 localmirror
    drwxr-xr-x. 2 root root 37 1月   5 00:28 misc
    drwxr-xr-x. 2 root root  6 9月  18 23:16 pub
    drwxr-xr-x. 2 root root  6 9月  18 23:16 rendered
    drwxr-xr-x. 2 root root  6 9月  18 23:16 repo_mirror
    drwxr-xr-x. 2 root root 62 1月   5 00:28 svc
    [root@cobbler ~]# ll /var/lib/tftpboot/
    总用量 308
    drwxr-xr-x. 3 root root     17 1月   5 01:00 boot
    drwxr-xr-x. 2 root root      6 9月  18 23:16 etc
    drwxr-xr-x. 2 root root     77 1月   5 01:00 grub
    drwxr-xr-x. 4 root root     54 1月   5 01:56 images
    drwxr-xr-x. 2 root root      6 9月  18 23:16 images2
    -rw-r--r--. 1 root root  26140 1月   5 01:00 memdisk
    -rw-r--r--. 1 root root  55012 1月   5 01:00 menu.c32
    drwxr-xr-x. 2 root root      6 9月  18 23:16 ppc
    -rw-r--r--. 1 root root  26764 1月   5 01:00 pxelinux.0
    drwxr-xr-x. 2 root root     20 1月   5 02:18 pxelinux.cfg
    drwxr-xr-x. 2 root root     25 1月   5 01:00 s390x
    -rw-r--r--. 1 root root 198236 1月   5 01:00 yaboot
    

    如果确认文件都创建无误,即可进行cobbler的自动化安装测试。

    测试安装

    我们新建一个虚拟机,连接接到到10.10.10.0/24网段,启动时应该能看到如下界面:

    image image

    此时选择censtos-7.2-x86_64或者censtos-7.2-x86_64-custom都应该能自动完成指定的系统安装。cobbler会在/var/lib/tftpboot/pxelinux.cfg/default文件中自动添加相应的系统menu,另外如果需要修改默认启动的menu,需要在此文件中修改,但需注意的是此文件每次cobbler sync都会恢复默认local启动。

    另外,cobbler据说能够同时提供不同版本的系统的自动化安装,此前我们已经尝试添加了centos 7 的光盘镜像,接着我们来尝试下提供一个centos 6的光盘镜像,看看能否完成自动化安装。

    [root@cobbler ~]# mount /dev/cdrom /mnt
    mount: /dev/sr0 写保护,将以只读方式挂载
    [root@cobbler ~]# ll /mnt/  #重新挂载centos 6的系统光盘
    总用量 564
    -r--r--r--. 2 root root     14 3月  29 2017 CentOS_BuildTag
    dr-xr-xr-x. 3 root root   2048 3月  29 2017 EFI
    -r--r--r--. 2 root root    212 11月 27 2013 EULA
    -r--r--r--. 2 root root  18009 11月 27 2013 GPL
    dr-xr-xr-x. 3 root root   2048 3月  29 2017 images
    dr-xr-xr-x. 2 root root   2048 3月  29 2017 isolinux
    dr-xr-xr-x. 2 root root 534528 3月  29 2017 Packages
    -r--r--r--. 2 root root   1359 3月  28 2017 RELEASE-NOTES-en-US.html
    dr-xr-xr-x. 2 root root   4096 3月  29 2017 repodata
    -r--r--r--. 2 root root   1706 11月 27 2013 RPM-GPG-KEY-CentOS-6
    -r--r--r--. 2 root root   1730 11月 27 2013 RPM-GPG-KEY-CentOS-Debug-6
    -r--r--r--. 2 root root   1730 11月 27 2013 RPM-GPG-KEY-CentOS-Security-6
    -r--r--r--. 2 root root   1734 11月 27 2013 RPM-GPG-KEY-CentOS-Testing-6
    -r--r--r--. 1 root root   3380 3月  29 2017 TRANS.TBL
    
    [root@cobbler ~]# cobbler import --name=centos-6.9-x86_64 --path=/mnt    #将镜像导入到cobbler中
    [root@cobbler ~]# cobbler profile list
       centos-6.9-x86_64
       centos-7.2-x86_64
       centos-7.2-x86_64-custom
    

    接着在客户端上测试自动化安装:

    image image

    cobbler 的web管理

    cobbler支持web管理,使用前需要安装相关程序包:

    [root@cobbler ~]# yum install -y cobbler-web
    

    接着需要更改cobbler的认证模块为auth.pam:

    [root@cobbler ~]# vim /etc/cobbler/modules.conf
    [authentication]
    module = authn_pam
    

    然后创建cobbler账号:

    [root@cobbler ~]# useradd cbadmin
    [root@cobbler ~]# echo "magedu" | passwd --stdin cbadmin
    更改用户 cbadmin 的密码 。
    passwd:所有的身份验证令牌已经成功更新。
    

    在/etc/cobbler/users.conf文件中指定cbadmin账号为cobbler-web的管理账号:

    [root@cobbler ~]# vim /etc/cobbler/users.conf
    [admins]
    admin = "cbadmin"
    

    配置完成后,重启cobblerd服务和httpd服务:

    [root@cobbler ~]# systemctl restart cobblerd
    [root@cobbler ~]# systemctl restart httpd
    
    cobbler的web登录界面 cobbler的管理界面

    参考博客:https://www.jianshu.com/p/4976d693470d

    相关文章

      网友评论

        本文标题:cobbler+pxe自动化安装系统

        本文链接:https://www.haomeiwen.com/subject/eqtjuctx.html