使用cobbler批量安裝操做系統

1.cobbler簡介

Cobbler是一個Linux服務器安裝的服務，能夠經過網絡啓動(PXE)的方式來快速安裝、重裝物理服務器和虛擬機，同時還能夠管理DHCP，DNS等。
Cobbler能夠使用命令行方式管理，也提供了基於Web的界面管理工具(cobbler-web)，還提供了API接口，能夠方便二次開發使用。
Cobbler是較早前的kickstart的升級版，優勢是比較容易配置，還自帶web界面比較易於管理。
Cobbler內置了一個輕量級配置管理系統，但它也支持和其它配置管理系統集成，如Puppet，暫時不支持SaltStack。
Cobbler官網http://cobbler.github.io

2.安裝cobbler

環境說明

[root@CentOS7_1 09:43 ~]#cat /etc/redhat-release 
CentOS Linux release 7.6.1810 (Core) 
[root@CentOS7_1 09:43 ~]#uname -r
3.10.0-957.el7.x86_64
[root@CentOS7_1 09:43 ~]#systemctl status firewalld.service
● firewalld.service - firewalld - dynamic firewall daemon
   Loaded: loaded (/usr/lib/systemd/system/firewalld.service; enabled; vendor preset: enabled)
   Active: inactive (dead) since Sat 2019-06-29 09:42:51 CST; 21s ago
     Docs: man:firewalld(1)
  Process: 6801 ExecStart=/usr/sbin/firewalld --nofork --nopid $FIREWALLD_ARGS (code=exited, status=0/SUCCESS)
 Main PID: 6801 (code=exited, status=0/SUCCESS)

Jun 29 09:24:35 CentOS7_1.localdomain systemd[1]: Starting firewalld - dynami...
Jun 29 09:24:53 CentOS7_1.localdomain systemd[1]: Started firewalld - dynamic...
Jun 29 09:42:50 CentOS7_1.localdomain systemd[1]: Stopping firewalld - dynami...
Jun 29 09:42:51 CentOS7_1.localdomain systemd[1]: Stopped firewalld - dynamic...
Hint: Some lines were ellipsized, use -l to show in full.
[root@CentOS7_1 09:43 ~]#hostname -I             
172.16.11.1 192.168.10.254 192.168.122.1

使用yum安裝cobbler和相關服務

#yum install cobbler httpd dhcp tftp -y

說明：cobbler是依賴與epel源下載
啓動相關服務

#systemctl start tftp httpd cobbler

進行語法檢查

#cobbler check
[root@CentOS7_1 09:47 ~]# cobbler check
The following are potential configuration items that you may want to fix:

1 : The 'server' field in /etc/cobbler/settings must be set to something other than localhost, or kickstarting features will not work.  This should be a resolvable hostname or IP for the boot server as reachable by all machines that will use it.

2 : For PXE to be functional, the 'next_server' field in /etc/cobbler/settings must be set to something other than 127.0.0.1, and should match the IP of the boot server on the PXE network.

3 : change 'disable' to 'no' in /etc/xinetd.d/tftp

4 : Some network boot-loaders are missing from /var/lib/cobbler/loaders, you may run 'cobbler get-loaders' to download them, or, if you only want to handle x86/x86_64 netbooting, you may ensure that you have installed a *recent* version of the syslinux package installed and can ignore this message entirely.  Files in this directory, should you want to support all architectures, should include pxelinux.0, menu.c32, elilo.efi, and yaboot. The 'cobbler get-loaders' command is the easiest way to resolve these requirements.

5 : enable and start rsyncd.service with systemctl

6 : debmirror package is not installed, it will be required to manage debian deployments and repositories

7 : The default password used by the sample templates for newly installed machines (default_password_crypted in /etc/cobbler/settings) is still set to 'cobbler' and should be changed, try: "openssl passwd -1 -salt 'random-phrase-here' 'your-password-here'" to generate new one

8 : fencing tools were not found, and are required to use the (optional) power management features. install cman or fence-agents to use them

Restart cobblerd and then run 'cobbler sync' to apply changes.

解決當中的報錯

修改cobbler配置文件
#vim /etc/cobbler/settings
server: 192.168.10.254  修改127.0.0.1爲本機ip地址
next_server: 192.168.10.254  修改127.0.0.1爲本機ip地址
default_password_crypted: "$1$mF86/UHC$WvcIcX2t6crBz2onWxyac."  修改默認密碼，經過openssl password -1生成密碼
manage_dhcp: 1 設置爲1以啓用Cobbler的DHCP管理功能
下載相關文件 
#cobbler  get-loaders
重啓服務
#systemctl restart cobblerd
配置dhcp
#vim /etc/cobbler/dhcp.template 
subnet 192.168.10.0 netmask 255.255.255.0 {
     option routers             192.168.10.2;
     option domain-name-servers 192.168.10.2;
     option subnet-mask         255.255.255.0;
     range dynamic-bootp        192.168.10.100 192.168.10.200;
     default-lease-time         21600;
     max-lease-time             43200;
     next-server                $next_server;
啓動dhcp
#systemctl start dhcpd
#systemctl enable dhcpd
同步
#cobbler sync

導入光盤，建立yum 源

#cobbler import --path=/mnt/centos7 --name=Centos7.6-x86_64 --arch=x86_64
#cobbler profile list
#cobbler distro list

準備ks文件
#vim ks.cfg

#platform=x86, AMD64, or Intel EM64T
#version=DEVEL
#Install OS instead of upgrade
install
 Keyboard layouts
keyboard 'us'
#Root password
rootpw --iscrypted $1$c9qLrVc2$E8ZT3uRc4ut7gBaYSQ44Z.
#Use network installation
url --url=$tree
#System language
lang en_US
#System authorization information
auth  --useshadow  --passalgo=sha512
#Use text mode install
text
firstboot --disable
#SELinux configuration
selinux --disabled

#Firewall configuration
firewall --disabled
#Network information
network  --bootproto=dhcp --device=eth0
#Reboot after installation
reboot
#System timezone
timezone Asia/Shanghai 
#System bootloader configuration
bootloader --append="net.ifnames=0" --location=mbr
#Clear the Master Boot Record
zerombr
#Partition clearing information
clearpart --all --initlabel
#Disk partitioning information
part / --fstype="xfs" --size=102400
part /boot --fstype="xfs" --size=2048
part swap --fstype="swap" --size=4096

%packages
@^minimal
autofs
%end

#cp ks7.cfg /var/lib/cobbler/kickstarts/
#vim /var/lib/cobbler/kickstarts/ks7_mini.cfg
#url --url=$tree
#cobbler profile edit --name Centos7.6-x86_64 --distro=Centos7.6-x86_64 --kickstart=/var/lib/cobbler/kickstarts/ks7_.cfg

測試安裝
建立一臺空白虛擬機，進行測試網路安裝
注意：虛擬機的內存不能小於2G,網卡的配置要保證網絡互通
啓動虛擬機
啓動虛擬機便可發現會有cobbler的選擇界面

安裝web版cobbler
須要使用sohu的yum源，由於要使用低版本的python2-django

[root@CentOS7_1 10:03 /etc/yum.repos.d]#cat epel.repo 
[epel]
name=sohu-epel
baseurl=http://mirrors.sohu.com/fedora-epel/7/x86_64/
enabled=1
gpgcheck=1

#yum install cobbler-web  
#systemctl restart httpd

訪問
https://192.168.10.254/cobbler_web

實現web cobbler管理
使用authn_pam模塊認證cobbler_web用戶

#vim /etc/cobbler/modules.conf
[authentication]
module = authn_pam
建立cobbler用戶：useradd cobbler
vim /etc/cobbler/users.conf
[admins]
admin = "cobbler「
Web訪問cobbler
重啓cobblerd服務

使用authn_configfile模塊認證cobbler_web用戶
建立其認證文件/etc/cobbler/users.digest，並添加所需的用戶
#htdigest -c /etc/cobbler/users.digest Cobbler admin
注意:添加第一個用戶時,使用「-c」