cobbler
Cobbler是一个自动化和简化系统安装的工具,通过使用网络引导来实现系统自动化安装。Cobbler是较早前的kickstart的升级版,优点是比较容易配置,还自带web界面比较易于管理。
Cobbler构成组件包括:
Distros(发行版):表示一个操作系统,它承载了内核和initrd的信息,以及内核参数等其他数据
Profile(配置文件):包含一个发行版、一个kickstart文件以及可能的存储库,还包含更多特定的内核参数等其他数据
Systems(系统):表示要配给的额机器。它包含一个配置文件或一个景象,还包含IP和MAC地址、电源管理(地址、凭据、类型)、(网卡绑定、设置valn等)
Repository(镜像):保存一个yum或rsync存储库的镜像信息
Image(存储库):可替换一个包含不属于此类比的额文件的发行版对象(例如,无法分为内核和initrd的对象)。
本次实例我使用一台虚拟机来模拟pxe+cobbler,相关服务都安装在此服务器上,系统为centos 7
部署架构拓扑图配置pxe支持服务
首先需要安装pxe支持所需要的相关服务:
[root@cobbler ~]# yum install -y tftp tftp-server dhcp httpd #pxe可通过http或ftp等方式提供yum repository,本次我使用http提供仓库
[root@cobbler ~]# yum install -y syslinux #提供pxe安装所需要的pxelinux.0等文件
接着配置dhcp服务,编辑创建dhcp配置文件:
[root@cobbler ~]# vim /etc/dhcp/dhcpd.conf
option domain-name "magedu.com";
option domain-name-servers 114.114.114.114,8.8.8.8;
default-lease-time 600;
max-lease-time 7200;
log-facility local7;
subnet 10.10.10.0 netmask 255.255.255.0 {
range 10.10.10.100 10.10.10.200;
option routers 10.10.10.254;
filename "pxelinux.0";
next-server 10.10.10.254;
}
配置完成后启动dhcp服务:
[root@cobbler ~]# systemctl start dhcpd
服务启动后可以查看下面的文件来查看dhcp的租借情况:
[root@cobbler ~]# cat /var/lib/dhcpd/dhcpd.leases
接着启动httpd和tftp服务:
[root@cobbler ~]# systemctl start httpd
[root@cobbler ~]# systemctl start tftp.socket
配置cobbler
首先安装cobbler:
[root@cobbler ~]# yum install -y epel-release
[root@cobbler ~]# yum install -y cobbler
接着启动cobbler服务:
[root@cobbler ~]# systemctl start cobblerd
然后执行cobbler check:
[root@cobbler ~]# cobbler check
The following are potential configuration items that you may want to fix:
1 : The 'server' field in /etc/cobbler/settings must be set to something other than localhost, or kickstarting features will not work. This should be a resolvable hostname or IP for the boot server as reachable by all machines that will use it.
2 : For PXE to be functional, the 'next_server' field in /etc/cobbler/settings must be set to something other than 127.0.0.1, and should match the IP of the boot server on the PXE network.
3 : SELinux is enabled. Please review the following wiki page for details on ensuring cobbler works correctly in your SELinux environment:
https://github.com/cobbler/cobbler/wiki/Selinux
4 : change 'disable' to 'no' in /etc/xinetd.d/tftp
5 : Some network boot-loaders are missing from /var/lib/cobbler/loaders, you may run 'cobbler get-loaders' to download them, or, if you only want to handle x86/x86_64 netbooting, you may ensure that you have installed a *recent* version of the syslinux package installed and can ignore this message entirely. Files in this directory, should you want to support all architectures, should include pxelinux.0, menu.c32, elilo.efi, and yaboot. The 'cobbler get-loaders' command is the easiest way to resolve these requirements.
6 : enable and start rsyncd.service with systemctl
7 : debmirror package is not installed, it will be required to manage debian deployments and repositories
8 : ksvalidator was not found, install pykickstart
9 : The default password used by the sample templates for newly installed machines (default_password_crypted in /etc/cobbler/settings) is still set to 'cobbler' and should be changed, try: "openssl passwd -1 -salt 'random-phrase-here' 'your-password-here'" to generate new one
10 : fencing tools were not found, and are required to use the (optional) power management features. install cman or fence-agents to use them
Restart cobblerd and then run 'cobbler sync' to apply changes.
通常来说cobbler服务在初次检查时总会有各种各样的报错,我们只需要按照对应的报错寻找解决办法即可。
首先第1,2、9点都是cobbler 的配置文件,编辑修改cobbler 的配置文件即可:
[root@cobbler ~]# openssl passwd -1 -salt '123456' 'magedu' #创建新建系统默认登录密码的密钥串
$1$123456$QMBx42LRqK1ZWPfItmpYG0
[root@cobbler ~]# vim /etc/cobbler/settings #在cobbler配置文件中修改以下配置
server: 10.10.10.254
next_server: 10.10.10.254
default_password_crypted: "$1$123456$QMBx42LRqK1ZWPfItmpYG0" #此处是指定自动安装的系统的登录密钥
接着第三点为selinux的状态,我们这里直接把selinux关闭并关掉firewalld,以免影响结果:
[root@cobbler ~]# systemctl stop firewalld
[root@cobbler ~]# systemctl disable firewalld
[root@cobbler ~]# setenforce 0
第四点,更改/etc/xinetd.d/tftp的状态为启动:
[root@cobbler ~]# vim /etc/xinetd.d/tftp
disable = no
第五点,如果当前节点可以访问互联网,执行“cobblerget-loader”命令下载pxelinux.0,menu.c32,elilo.efi, 或yaboot文件,否则,需要安装syslinux程序包,而后复制/usr/share/syslinux/中的pxelinux.0,menu.c32等文件至/var/lib/cobbler/loaders目录中,此处我们先直接复制/usr/share/syslinux目录中的文件到指定目录,看看是否能解决:
[root@cobbler ~]# cp -ar /usr/share/syslinux/* /var/lib/cobbler/loaders/
第六点,启动rsyncd服务:
[root@cobbler ~]# systemctl start rsyncd
[root@cobbler ~]# systemctl enable rsyncd
Created symlink from /etc/systemd/system/multi-user.target.wants/rsyncd.service to /usr/lib/systemd/system/rsyncd
第七、八、十点,分别安装指定的程序包:
[root@cobbler ~]# yum install -y debmirror pykickstart fence-agents
执行完后重启cobblerd服务,再次执行cobbler check:
[root@cobbler ~]# systemctl restart cobblerd
[root@cobbler ~]# cobbler check
The following are potential configuration items that you may want to fix:
1 : SELinux is enabled. Please review the following wiki page for details on ensuring cobbler works correctly in your SELinux environment:
https://github.com/cobbler/cobbler/wiki/Selinux
2 : Some network boot-loaders are missing from /var/lib/cobbler/loaders, you may run 'cobbler get-loaders' to download them, or, if you only want to handle x86/x86_64 netbooting, you may ensure that you have installed a *recent* version of the syslinux package installed and can ignore this message entirely. Files in this directory, should you want to support all architectures, should include pxelinux.0, menu.c32, elilo.efi, and yaboot. The 'cobbler get-loaders' command is the easiest way to resolve these requirements.
3 : comment out 'dists' on /etc/debmirror.conf for proper debian support
4 : comment out 'arches' on /etc/debmirror.conf for proper debian support
第一点报错已经停用了,所以无关要紧;第二点依旧有报错,可根据提示执行cobbler get-loaders
即可解决,但是前提是服务器能上网。
最后两点在的指定的文件中注释掉相应的配置段即可:
[root@cobbler ~]# vim /etc/debmirror.conf
#@arches="i386";
#@dists="sid";
最后重启cobblerd服务,并执行cobbler sync:
[root@cobbler ~]# systemctl restart cobblerd
[root@cobbler ~]# cobbler sync
接着挂载系统光驱(这里我们挂载的是centos7的系统光盘),然后使用cobbler命令导入系统镜像:
[root@cobbler ~]# mount /dev/cdrom /mnt
mount: /dev/sr0 写保护,将以只读方式挂载
[root@cobbler ~]# cobbler import --name=centos-7.2-x86_64 --path=/mnt #此过程耗时较长,需耐心等待
[root@cobbler ~]# cobbler distro list #导入完成后,即可查看到相应的distro名字
centos-7.2-x86_64
镜像会被自动导入到此路径下/var/www/cobbler/ks_mirror,方便后续通过http的方式获取安装源。
另外默认情况下,cobbler会生成一个最小化安装的kickstart文件,如果想要自定义其对应的kickstart profile,可通过下面操作进行:
[root@cobbler ~]# cp centos7.cfg /var/lib/cobbler/kickstarts/ #复制自定义的kickstart文件到指定的目录下
[root@cobbler ~]# cobbler profile add --name=centos-7.2-x86_64-custom --distro=centos-7.2-x86_64 --kickstart=/var/lib/cobbler/kickstarts/centos7.cfg #创建自定义的kickstart profile
[root@cobbler ~]# cobbler profile list
centos-7.2-x86_64
centos-7.2-x86_64-custom
最后检查httpd和tftp服务的相关目录下是否已经创建了相应的文件:
[root@cobbler ~]# ll /var/www/cobbler/
总用量 0
drwxr-xr-x. 4 root root 54 1月 5 01:56 images
drwxr-xr-x. 5 root root 67 1月 5 01:54 ks_mirror
drwxr-xr-x. 2 root root 54 1月 5 01:56 links
drwxr-xr-x. 2 root root 6 9月 18 23:16 localmirror
drwxr-xr-x. 2 root root 37 1月 5 00:28 misc
drwxr-xr-x. 2 root root 6 9月 18 23:16 pub
drwxr-xr-x. 2 root root 6 9月 18 23:16 rendered
drwxr-xr-x. 2 root root 6 9月 18 23:16 repo_mirror
drwxr-xr-x. 2 root root 62 1月 5 00:28 svc
[root@cobbler ~]# ll /var/lib/tftpboot/
总用量 308
drwxr-xr-x. 3 root root 17 1月 5 01:00 boot
drwxr-xr-x. 2 root root 6 9月 18 23:16 etc
drwxr-xr-x. 2 root root 77 1月 5 01:00 grub
drwxr-xr-x. 4 root root 54 1月 5 01:56 images
drwxr-xr-x. 2 root root 6 9月 18 23:16 images2
-rw-r--r--. 1 root root 26140 1月 5 01:00 memdisk
-rw-r--r--. 1 root root 55012 1月 5 01:00 menu.c32
drwxr-xr-x. 2 root root 6 9月 18 23:16 ppc
-rw-r--r--. 1 root root 26764 1月 5 01:00 pxelinux.0
drwxr-xr-x. 2 root root 20 1月 5 02:18 pxelinux.cfg
drwxr-xr-x. 2 root root 25 1月 5 01:00 s390x
-rw-r--r--. 1 root root 198236 1月 5 01:00 yaboot
如果确认文件都创建无误,即可进行cobbler的自动化安装测试。
测试安装
我们新建一个虚拟机,连接接到到10.10.10.0/24网段,启动时应该能看到如下界面:
image image此时选择censtos-7.2-x86_64或者censtos-7.2-x86_64-custom都应该能自动完成指定的系统安装。cobbler会在/var/lib/tftpboot/pxelinux.cfg/default文件中自动添加相应的系统menu,另外如果需要修改默认启动的menu,需要在此文件中修改,但需注意的是此文件每次cobbler sync都会恢复默认local启动。
另外,cobbler据说能够同时提供不同版本的系统的自动化安装,此前我们已经尝试添加了centos 7 的光盘镜像,接着我们来尝试下提供一个centos 6的光盘镜像,看看能否完成自动化安装。
[root@cobbler ~]# mount /dev/cdrom /mnt
mount: /dev/sr0 写保护,将以只读方式挂载
[root@cobbler ~]# ll /mnt/ #重新挂载centos 6的系统光盘
总用量 564
-r--r--r--. 2 root root 14 3月 29 2017 CentOS_BuildTag
dr-xr-xr-x. 3 root root 2048 3月 29 2017 EFI
-r--r--r--. 2 root root 212 11月 27 2013 EULA
-r--r--r--. 2 root root 18009 11月 27 2013 GPL
dr-xr-xr-x. 3 root root 2048 3月 29 2017 images
dr-xr-xr-x. 2 root root 2048 3月 29 2017 isolinux
dr-xr-xr-x. 2 root root 534528 3月 29 2017 Packages
-r--r--r--. 2 root root 1359 3月 28 2017 RELEASE-NOTES-en-US.html
dr-xr-xr-x. 2 root root 4096 3月 29 2017 repodata
-r--r--r--. 2 root root 1706 11月 27 2013 RPM-GPG-KEY-CentOS-6
-r--r--r--. 2 root root 1730 11月 27 2013 RPM-GPG-KEY-CentOS-Debug-6
-r--r--r--. 2 root root 1730 11月 27 2013 RPM-GPG-KEY-CentOS-Security-6
-r--r--r--. 2 root root 1734 11月 27 2013 RPM-GPG-KEY-CentOS-Testing-6
-r--r--r--. 1 root root 3380 3月 29 2017 TRANS.TBL
[root@cobbler ~]# cobbler import --name=centos-6.9-x86_64 --path=/mnt #将镜像导入到cobbler中
[root@cobbler ~]# cobbler profile list
centos-6.9-x86_64
centos-7.2-x86_64
centos-7.2-x86_64-custom
接着在客户端上测试自动化安装:
image imagecobbler 的web管理
cobbler支持web管理,使用前需要安装相关程序包:
[root@cobbler ~]# yum install -y cobbler-web
接着需要更改cobbler的认证模块为auth.pam:
[root@cobbler ~]# vim /etc/cobbler/modules.conf
[authentication]
module = authn_pam
然后创建cobbler账号:
[root@cobbler ~]# useradd cbadmin
[root@cobbler ~]# echo "magedu" | passwd --stdin cbadmin
更改用户 cbadmin 的密码 。
passwd:所有的身份验证令牌已经成功更新。
在/etc/cobbler/users.conf文件中指定cbadmin账号为cobbler-web的管理账号:
[root@cobbler ~]# vim /etc/cobbler/users.conf
[admins]
admin = "cbadmin"
配置完成后,重启cobblerd服务和httpd服务:
[root@cobbler ~]# systemctl restart cobblerd
[root@cobbler ~]# systemctl restart httpd
cobbler的web登录界面
cobbler的管理界面
网友评论