Linux----------cobbler自動化安裝系統

時間 2019-12-04

標籤 linux cobbler 自動化安裝系統欄目 Linux 简体版

原文原文鏈接

目錄python

1、cobbler基本概念

1.1 Cobbler介紹

Cobbler:linux

快速網絡安裝linux操做系統的服務，支持衆多的Linux發行版：Red Hat、Fedora、CentOS、Debian、Ubuntu和SuSE，也能夠支持網絡安裝windows
PXE的二次封裝，將多種安裝參數封裝到一個菜單ios
Python編寫git
可使用命令行方式管理，也提供了基於Web的界面管理工具(cobbler-web)，還提供了API接口，能夠方便二次開發使用。github
較早前的kickstart的升級版，優勢是比較容易配置，還自帶web界面比較易於管理。web
內置了一個輕量級配置管理系統，但它也支持和其它配置管理系統集成，如Puppet，暫時不支持SaltStack。shell

1.2 cobbler工做流程

client裸機配置了從網絡啓動後，開機後會廣播包請求DHCP服務器（cobbler server）發送其分配好的一個IPvim
DHCP服務器（cobbler server）收到請求後發送responese，包括其ip地址windows
client裸機拿到ip後再向cobbler server發送請求OS引導文件的請求服務器
cobbler server告訴裸機OS引導文件的名字和TFTP server的ip和port
client裸機經過上面告知的TFTP server地址通訊，下載引導文件
client裸機執行執行該引導文件，肯定加載信息，選擇要安裝的os，期間會再向cobbler server請求kickstart文件和os image
cobbler server發送請求的kickstart和os iamge
client裸機加載kickstart文件
client裸機接收os image，安裝該os image

1.3 cobbler介紹及組成

cobbler需經過epel源安裝

cobbler服務集成：

PXE服務支持
DHCP服務管理
rsync同步服務
YUM倉庫
Apache（提供kickstart的安裝源，並提供定製化的配置）
DNS服務管理（可選bind，dnsmasq）
Kickstart服務支持
IPMI 電源管理

檢查cobbler環境命令

cobbler check

2、cobbler配置組成

2.1 cobbler相關術語

發行版：

表示一個操做系統版本，它承載了內核和 initrd 的信息，以及內核參數等其餘數據

配置文件：

包含一個發行版、一個 kickstart 文件以及可能的存儲庫，還包含更多特定的內核參數等其餘數據

系統：

表示要配置的主機，它包含一個配置文件或一個鏡像，還包含IP 和 MAC 地址、電源管理（地址、憑據、類型）以及更爲專業的數據等信息

存儲庫：

保存一個 yum 或 rsync 存儲庫的鏡像信息

鏡像：

可替換一個包含不屬於此類別的文件的發行版對象（例如，沒法分爲內核和 initrd 的對象）

2.2 cobbler各類配置目錄說明

安裝：yum install cobbler dhcp

配置文件目錄 /etc/cobbler
/etc/cobbler/settings : cobbler 主配置文件
/etc/cobbler/iso/: iso模板配置文件
/etc/cobbler/pxe: pxe模板文件
/etc/cobbler/power: 電源配置文件
/etc/cobbler/user.conf: web服務受權配置文件
/etc/cobbler/users.digest: web訪問的用戶名密碼配置文件
/etc/cobbler/dhcp.template : dhcp服務器的的配置末班
/etc/cobbler/dnsmasq.template : dns服務器的配置模板
/etc/cobbler/tftpd.template : tftp服務的配置模板
/etc/cobbler/modules.conf : 模塊的配置文件

2.3 目錄介紹

數據目錄   
/var/lib/cobbler/config/: 用於存放distros，system，profiles 等信息配置文件
/var/lib/cobbler/triggers/: 用於存放用戶定義的cobbler命令
/var/lib/cobbler/kickstart/: 默認存放kickstart文件
/var/lib/cobbler/loaders/: 存放各類引導程序

鏡像目錄
/var/www/cobbler/ks_mirror/: 導入的發行版系統的全部數據
/var/www/cobbler/images/ : 導入發行版的kernel和initrd鏡像用於

遠程網絡啓動
/var/www/cobbler/repo_mirror/: yum 倉庫存儲目錄

日誌目錄
/var/log/cobbler/installing: 客戶端安裝日誌
/var/log/cobbler/cobbler.log : cobbler日誌

2.4 cobbler命令介紹

cobbler commands      介紹
cobbler check              覈對當前設置是否有問題
cobbler list                   列出全部的cobbler元素
cobbler report              列出元素的詳細信息
cobbler sync                同步配置到數據目錄,更改配置最好都要執行下
cobbler reposync         同步yum倉庫
cobbler distro               查看導入的發行版系統信息
cobbler system            查看添加的系統信息
cobbler profile              查看配置信息

3、cobbler服務端部署

//配置yum源
[root@localhost ~]# curl -o /etc/yum.repos.d/CentOS7-Base-163.repo http://mirrors.163.com/.help/CentOS7-Base-163.repo
--2018-08-10 12:07:17--  http://mirrors.163.com/.help/CentOS7-Base-163.repo
Resolving mirrors.163.com (mirrors.163.com)... 59.111.0.251
Connecting to mirrors.163.com (mirrors.163.com)|59.111.0.251|:80... connected.
HTTP request sent, awaiting response... 200 OK
Length: 1572 (1.5K) [application/octet-stream]
Saving to: ‘CentOS7-Base-163.repo’

100%[=================================>] 1,572       --.-K/s   in 0s

2018-08-10 12:07:17 (191 MB/s) - ‘CentOS7-Base-163.repo’ saved [1572/1572]
[root@localhost ~]# sed -i 's/\$releasever/7/g' /etc/yum.repos.d/CentOS7-Base-163.repo
[root@localhost ~]# sed -i 's/^enabled=.*/enabled=1/g' /etc/yum.repos.d/CentOS7-Base-163.repo
[root@localhost ~]# yum -y install epel-release
安裝過程略。。。。

//安裝cobbler以及相關的軟件
[root@localhost ~]# yum -y install httpd dhcp tftp python-ctypes cobbler  xinetd cobbler-web pykickstart
安裝過程略....


//啓動服務並設置開機自啓
[root@localhost ~]# systemctl start httpd
[root@localhost ~]# systemctl start cobblerd
[root@localhost ~]# systemctl enable httpd
Created symlink from /etc/systemd/system/multi-user.target.wants/httpd.service to /usr/lib/systemd/system/httpd.service.
[root@localhost ~]# systemctl enable cobblerd
Created symlink from /etc/systemd/system/multi-user.target.wants/cobblerd.service to /usr/lib/systemd/system/cobblerd.service.


//修改server的ip地址爲本機ip
[root@localhost ~]# sed -i 's/^server: 127.0.0.1/server: 172.16.12.128/' /etc/cobbler/settings

//設置tftp的ip地址爲本機ip
[root@localhost ~]# sed -i 's/^next_server: 127.0.0.1/next_server: 172.16.12.128/' /etc/cobbler/settings

//開啓tftp
[root@localhost ~]# sed -i '/disable/s/yes/no/g' /etc/xinetd.d/tftp

//下載缺失文件
[root@localhost ~]# cobbler get-loaders
task started: 2018-08-21_152811_get_loaders
task started (id=Download Bootloader Content, time=Tue Aug 21 15:28:11 2018)
downloading https://cobbler.github.io/loaders/README to /var/lib/cobbler/loaders/README
downloading https://cobbler.github.io/loaders/COPYING.elilo to /var/lib/cobbler/loaders/COPYING.elilo
downloading https://cobbler.github.io/loaders/COPYING.yaboot to /var/lib/cobbler/loaders/COPYING.yaboot
downloading https://cobbler.github.io/loaders/COPYING.syslinux to /var/lib/cobbler/loaders/COPYING.syslinux
downloading https://cobbler.github.io/loaders/elilo-3.8-ia64.efi to /var/lib/cobbler/loaders/elilo-ia64.efi
downloading https://cobbler.github.io/loaders/yaboot-1.3.17 to /var/lib/cobbler/loaders/yaboot
downloading https://cobbler.github.io/loaders/pxelinux.0-3.86 to /var/lib/cobbler/loaders/pxelinux.0
downloading https://cobbler.github.io/loaders/menu.c32-3.86 to /var/lib/cobbler/loaders/menu.c32
downloading https://cobbler.github.io/loaders/grub-0.97-x86.efi to /var/lib/cobbler/loaders/grub-x86.efi
downloading https://cobbler.github.io/loaders/grub-0.97-x86_64.efi to /var/lib/cobbler/loaders/grub-x86_64.efi
*** TASK COMPLETE ***

//啓動rsync並設置開機自啓
[root@localhost ~]# systemctl start rsyncd
[root@localhost ~]# systemctl enable rsyncd
Created symlink from /etc/systemd/system/multi-user.target.wants/rsyncd.service to /usr/lib/systemd/system/rsyncd.service.

//生成加密的密碼
[root@localhost ~]# openssl passwd -1 -salt "$RANDOM" 'wangqing123!'
$1$28958$sq1sJFDX0bZo.H8Q.8NLg0         //這是密碼加密後的形式

//將新生成的加密密碼加入到配置文件
[root@localhost ~]# vim /etc/cobbler/settings
....    //此處爲省略內容
default_password_crypted: "$1$28958$sq1sJFDX0bZo.H8Q.8NLg0"
.....   //此處爲省略內容

//重啓cobbler
[root@localhost ~]# systemctl restart cobblerd
[root@localhost ~]# ss -antl
State       Recv-Q Send-Q      Local Address:Port                     Peer Address:Port
LISTEN      0      128                     *:22                                  *:*
LISTEN      0      100             127.0.0.1:25                                  *:*
LISTEN      0      5               127.0.0.1:25151                               *:*
LISTEN      0      5                       *:873                                 *:*
LISTEN      0      128                    :::80                                 :::*
LISTEN      0      128                    :::22                                 :::*
LISTEN      0      100                   ::1:25                                 :::*
LISTEN      0      128                    :::443                                :::*
LISTEN      0      5                      :::873                                :::*

//經過cobbler check 覈對當前設置是否有問題
[root@localhost ~]# cobbler check
The following are potential configuration items that you may want to fix:

1 : debmirror package is not installed, it will be required to manage debian deployments and repositories
2 : fencing tools were not found, and are required to use the (optional) power management features. install cman or fence-agents to use them

Restart cobblerd and then run 'cobbler sync' to apply changes.
//以上兩個是關於debian系統的錯誤，請忽略







//配置cobbler dhcp
//修改cobbler配置文件，讓cobbler控制dhcp
[root@localhost ~]# sed -i '/^manage_dhcp/s/0/1/g' /etc/cobbler/settings
[root@localhost ~]# sed -n '/^manage_dhcp/p' /etc/cobbler/settings
manage_dhcp: 1

//配置dhcp
[root@localhost ~]# vim /etc/cobbler/dhcp.template
....    //此處爲省略內容
subnet 172.16.12.0 netmask 255.255.255.0 {
     option routers             172.16.12.128;
     option domain-name-servers 172.16.12.2;        //此處爲系統安裝好後指定的dns地址
     option subnet-mask         255.255.255.0;
     range dynamic-bootp        172.16.12.100 172.16.12.250;
     default-lease-time         21600;
     max-lease-time             43200;
     next-server                $next_server; 
....    //此處爲省略內容

//重啓服務並同步配置，改完dhcp必需要sync同步配置
[root@localhost ~]# systemctl restart cobblerd
[root@localhost ~]# cobbler sync
task started: 2018-08-21_160420_sync
task started (id=Sync, time=Tue Aug 21 16:04:20 2018)
running pre-sync triggers
cleaning trees
removing: /var/lib/tftpboot/grub/images
copying bootloaders
trying hardlink /var/lib/cobbler/loaders/pxelinux.0 -> /var/lib/tftpboot/pxelinux.0
trying hardlink /var/lib/cobbler/loaders/menu.c32 -> /var/lib/tftpboot/menu.c32
trying hardlink /var/lib/cobbler/loaders/yaboot -> /var/lib/tftpboot/yaboot
trying hardlink /usr/share/syslinux/memdisk -> /var/lib/tftpboot/memdisk
trying hardlink /var/lib/cobbler/loaders/grub-x86.efi -> /var/lib/tftpboot/grub/grub-x86.efi
trying hardlink /var/lib/cobbler/loaders/grub-x86_64.efi -> /var/lib/tftpboot/grub/grub-x86_64.efi
copying distros to tftpboot
copying images
generating PXE configuration files
generating PXE menu structure
rendering DHCP files
generating /etc/dhcp/dhcpd.conf
rendering TFTPD files
generating /etc/xinetd.d/tftp
cleaning link caches
running post-sync triggers
running python triggers from /var/lib/cobbler/triggers/sync/post/*
running python trigger cobbler.modules.sync_post_restart_services
running: dhcpd -t -q
received on stdout:
received on stderr:
running: service dhcpd restart
received on stdout:
received on stderr: Redirecting to /bin/systemctl restart dhcpd.service

running shell triggers from /var/lib/cobbler/triggers/sync/post/*
running python triggers from /var/lib/cobbler/triggers/change/*
running python trigger cobbler.modules.scm_track
running shell triggers from /var/lib/cobbler/triggers/change/*
*** TASK COMPLETE ***

//檢查dhcp是否正常
[root@localhost ~]# netstat -anulp|grep dhcp
udp        0      0 0.0.0.0:67              0.0.0.0:*                           12692/dhcpd 








//導入redhat7鏡像
[root@localhost ~]# mount /dev/cdrom /mnt
mount: /dev/sr0 is write-protected, mounting read-only
[root@localhost ~]# cobbler import --path=/mnt --name=rhel-7 --arch=x86_64
task started: 2018-08-21_162444_import
task started (id=Media import, time=Tue Aug 21 16:24:44 2018)
Found a candidate signature: breed=redhat, version=rhel6
Found a candidate signature: breed=redhat, version=rhel7
Found a matching signature: breed=redhat, version=rhel7
Adding distros from path /var/www/cobbler/ks_mirror/rhel-7-x86_64:
creating new distro: rhel-7-x86_64
trying symlink: /var/www/cobbler/ks_mirror/rhel-7-x86_64 -> /var/www/cobbler/links/rhel-7-x86_64
creating new profile: rhel-7-x86_64
associating repos
checking for rsync repo(s)
checking for rhn repo(s)
checking for yum repo(s)
starting descent into /var/www/cobbler/ks_mirror/rhel-7-x86_64 for rhel-7-x86_64
processing repo at : /var/www/cobbler/ks_mirror/rhel-7-x86_64     //導入鏡像的位置
need to process repo/comps: /var/www/cobbler/ks_mirror/rhel-7-x86_64
looking for /var/www/cobbler/ks_mirror/rhel-7-x86_64/repodata/*comps*.xml
Keeping repodata as-is :/var/www/cobbler/ks_mirror/rhel-7-x86_64/repodata
*** TASK COMPLETE ***

//說明：
    --path      //鏡像路徑
    --name      //爲安裝源定義一個名字
    --arch      //指定安裝源平臺

//安裝源的惟一標示就是根據name參數來定義，本例導入成功後，安裝源的惟一標示就是：CentOS-7-x86_64，若是重複，系統會提示導入失敗


//查看cobbler鏡像列表
[root@localhost ~]# cobbler list
distros:
   rhel-7-x86_64

profiles:
   rhel-7-x86_64

systems:

repos:

images:

mgmtclasses:

packages:

files:








//建立kickstarts自動安裝腳本
[root@localhost ~]# cat > /var/lib/cobbler/kickstarts/rhel-7-x86_64.ks <<'EOF'
auth --enableshadow --passalgo=sha512
bootloader --location=mbr
clearpart --all --initlabel
part /boot --asprimary --fstype="ext4" --size=500
part swap --fstype="swap" --size=4096
part / --fstype="ext4" --grow --size=15000
text
firewall --disabled
firstboot --disable
keyboard us
lang en_US
url --url=http://172.16.12.128/cobbler/ks_mirror/rhel-7-x86_64
$yum_repo_stanza
reboot

rootpw --iscrypted $6$2WTFvfNvAMgCUPuC$MJgWGzhakgxrRObcEbAwSe8vkz0s//xyiTllGwxRsHHruQhcskO69u2LVTU9u0eemHXH2pzcGawyAJ54R2E/x0

selinux --disabled
skipx
timezone Asia/Shanghai --isUtc --nontp
install
zerombr

%packages
@^minimal
@core
kexec-tools

%end

%addon com_redhat_kdump --enable --reserve-mb='auto'

%end

%anaconda
pwpolicy root --minlen=6 --minquality=1 --notstrict --nochanges --notempty
pwpolicy user --minlen=6 --minquality=1 --notstrict --nochanges --emptyok
pwpolicy luks --minlen=6 --minquality=1 --notstrict --nochanges --notempty
%end
EOF

//檢查ks文件語法是否有誤
[root@localhost ~]# cobbler validateks
task started: 2018-08-21_171616_validateks
task started (id=Kickstart Validation, time=Tue Aug 21 17:16:16 2018)
----------------------------
osversion: rhel7
checking url: http://172.16.12.128/cblr/svc/op/ks/profile/rhel-7-x86_64
running: /usr/bin/ksvalidator -v "rhel7" "http://172.16.12.128/cblr/svc/op/ks/profile/rhel-7-x86_64"
received on stdout:
received on stderr:
*** all kickstarts seem to be ok ***
*** TASK COMPLETE ***

//查看當前cobbler有哪些配置文件
[root@localhost ~]# cobbler profile list
   Centos-7-x86_64
   
//修改profile，將咱們新建的ks文件設爲默認的kickstarts安裝文件
[root@localhost ~]# cobbler profile edit --name rhel-7-x86_64 --kickstart=/var/lib/cobbler/kickstarts/rhel-7-x86_64.ks

//配置網卡名稱爲傳統網卡名稱eth0
[root@localhost ~]# cobbler profile edit --name rhel-7-x86_64 --kopts='net.ifnames=0 biosdevname=0'


//檢查當前系統cobbler配置文件信息
[root@localhost ~]# cobbler profile report
Name                           : rhel-7-x86_64
TFTP Boot Files                : {}
Comment                        :
DHCP Tag                       : default
Distribution                   : rhel-7-x86_64        //倉庫名字
Enable gPXE?                   : 0
Enable PXE Menu?               : 1
Fetchable Files                : {}
Kernel Options                 : {'biosdevname': '0', 'net.ifnames': '0'}       //網卡設爲傳統命名方式
Kernel Options (Post Install)  : {}
Kickstart                      : /var/lib/cobbler/kickstarts/rhel-7-x86_64.ks     //使用的kickstarts配置文件的路徑，必須爲咱們新建的ks文件的路徑
Kickstart Metadata             : {}
Management Classes             : []
Management Parameters          : <<inherit>>
Name Servers                   : []
Name Servers Search Path       : []
Owners                         : ['admin']
Parent Profile                 :
Internal proxy                 :
Red Hat Management Key         : <<inherit>>
Red Hat Management Server      : <<inherit>>
Repos                          : []
Server Override                : <<inherit>>
Template Files                 : {}
Virt Auto Boot                 : 1
Virt Bridge                    : xenbr0
Virt CPUs                      : 1
Virt Disk Driver Type          : raw
Virt File Size(GB)             : 5
Virt Path                      :
Virt RAM (MB)                  : 512
Virt Type                      : kvm


//同步cobbler
[root@localhost ~]# cobbler sync
task started: 2018-08-21_172909_sync
task started (id=Sync, time=Tue Aug 21 17:29:09 2018)
running pre-sync triggers
cleaning trees
removing: /var/www/cobbler/images/rhel-7-x86_64
removing: /var/lib/tftpboot/pxelinux.cfg/default
removing: /var/lib/tftpboot/grub/images
removing: /var/lib/tftpboot/grub/grub-x86.efi
removing: /var/lib/tftpboot/grub/grub-x86_64.efi
removing: /var/lib/tftpboot/grub/efidefault
removing: /var/lib/tftpboot/images/rhel-7-x86_64
removing: /var/lib/tftpboot/s390x/profile_list
copying bootloaders
trying hardlink /var/lib/cobbler/loaders/grub-x86.efi -> /var/lib/tftpboot/grub/grub-x86.efi
trying hardlink /var/lib/cobbler/loaders/grub-x86_64.efi -> /var/lib/tftpboot/grub/grub-x86_64.efi
copying distros to tftpboot
copying files for distro: rhel-7-x86_64
trying hardlink /var/www/cobbler/ks_mirror/rhel-7-x86_64/images/pxeboot/vmlinuz -> /var/lib/tftpboot/images/rhel-7-x86_64/vmlinuz
trying hardlink /var/www/cobbler/ks_mirror/rhel-7-x86_64/images/pxeboot/initrd.img -> /var/lib/tftpboot/images/rhel-7-x86_64/initrd.img
copying images
generating PXE configuration files
generating PXE menu structure
copying files for distro: rhel-7-x86_64
trying hardlink /var/www/cobbler/ks_mirror/rhel-7-x86_64/images/pxeboot/vmlinuz -> /var/www/cobbler/images/rhel-7-x86_64/vmlinuz
trying hardlink /var/www/cobbler/ks_mirror/rhel-7-x86_64/images/pxeboot/initrd.img -> /var/www/cobbler/images/rhel-7-x86_64/initrd.img
Writing template files for rhel-7-x86_64
rendering DHCP files
generating /etc/dhcp/dhcpd.conf
rendering TFTPD files
generating /etc/xinetd.d/tftp
processing boot_files for distro: rhel-7-x86_64
cleaning link caches
running post-sync triggers
running python triggers from /var/lib/cobbler/triggers/sync/post/*
running python trigger cobbler.modules.sync_post_restart_services
running: dhcpd -t -q
received on stdout:
received on stderr:
running: service dhcpd restart
received on stdout:
received on stderr: Redirecting to /bin/systemctl restart dhcpd.service

running shell triggers from /var/lib/cobbler/triggers/sync/post/*
running python triggers from /var/lib/cobbler/triggers/change/*
running python trigger cobbler.modules.scm_track
running shell triggers from /var/lib/cobbler/triggers/change/*
*** TASK COMPLETE ***


//爲避免發生未知問題，先把服務端全部服務重啓
[root@localhost ~]# systemctl restart xinetd
[root@localhost ~]# systemctl restart cobblerd
[root@localhost ~]# systemctl restart httpd
[root@localhost ~]# ss -antl
State      Recv-Q Send-Q Local Address:Port               Peer Address:Port
LISTEN     0      128            *:22                         *:*
LISTEN     0      100    127.0.0.1:25                         *:*
LISTEN     0      5      127.0.0.1:25151                      *:*
LISTEN     0      5              *:873                        *:*
LISTEN     0      128           :::80                        :::*
LISTEN     0      128           :::22                        :::*
LISTEN     0      100          ::1:25                        :::*
LISTEN     0      128           :::443                       :::*
LISTEN     0      5             :::873                       :::*