centos7.4之cobbler自動化部署工具安裝

時間 2019-11-20

標籤 centos7.4 centos cobbler 自動化部署工具安裝欄目 CentOS 简体版

原文原文鏈接

環境介紹：

　　服務器：172.16.5.241html

　　操做系統版本：centos7.4python

　　客戶端：虛擬機客戶端，內存最少2GBlinux

cobbler介紹：

　　運維自動化在生產環境中佔據着舉足輕重的地位，尤爲是面對幾百臺，幾千臺甚至幾萬臺的服務器時，僅僅是安裝操做系統，若是不經過自動化來完成，根本是不可想象的。面對生產環境中不一樣服務器的需求，該如何實現批量部署多版本的操做系統呢？Cobbler即可以知足這一實際需求，實現多版本操做系統批量部署git

　　Cobbler是一個Linux服務器安裝的服務，能夠經過網絡啓動(PXE)的方式來快速安裝、重裝物理服務器和虛擬機，同時還能夠管理DHCP，DNS等。github

　　Cobbler可使用命令行方式管理，也提供了基於Web的界面管理工具(cobbler-web)，還提供了API接口，能夠方便二次開發使用。web

　　Cobbler是較早前的kickstart的升級版，優勢是比較容易配置，還自帶web界面比較易於管理。shell

　　Cobbler內置了一個輕量級配置管理系統。vim

　　Cobbler官網http://cobbler.github.iocentos

　　在使用cobbler以前須要瞭解kickstart的使用： http://www.cnblogs.com/clsn/p/7833333.htmlapi

　　 cobbler集成的服務：

　　 PXE服務支持

　　 DHCP服務管理

　　 DNS服務管理(可選bind,dnsmasq)

　　電源管理

　　Kickstart服務支持

　　YUM倉庫管理

　　TFTP(PXE啓動時須要)

　　Apache(提供kickstart的安裝源，並提供定製化的kickstart配置)

1、服務器安裝。

　　注意我這裏使用虛擬機實現的，由於cobbler須要搭建dhcp服務，因此我這裏先安裝了全部的須要安裝包，啓動了全部應該啓動的服務，除了dhcp。測試的時候我使用虛擬機nat網卡模式，並關閉了虛擬機自帶的dhcp服務。

　　一、安裝基本組件

yum -y install wget net-tools curl epel-release

　　二、更新

yum -y update

　　三、關閉iptables與selinux，下面的全部操做完成後，重啓服務器，不然後面會報錯。
　　vim /etc/selinux/config
　　SELINUX=disabled

　　關閉iptables或者firewalld，開機不啓動。

2、安裝基礎服務

　　一、安裝全部依賴服務

yum -y install dhcp httpd xinetd tftp-server rsync fence-agents pykickstart

　　二、設置開機自啓動，dhcpd服務咱們後面再啓動。

systemctl enable xinetd dhcpd httpd rsyncd
systemctl start xinetd  httpd rsyncd

　　三、安裝cobbler

yum -y install cobbler-web

　　設置開機啓動：

systemctl enable cobblerd
systemctl start cobblerd

　　四、效驗cobbler安裝條件，注意觀察是否有報錯

cobbler check

[root@localhost ~]# cobbler check
httpd does not appear to be running and proxying cobbler, or SELinux is in the way. Original traceback:
Traceback (most recent call last):
  File "/usr/lib/python2.7/site-packages/cobbler/cli.py", line 251, in check_setup
    s.ping()
  File "/usr/lib64/python2.7/xmlrpclib.py", line 1233, in __call__
    return self.__send(self.__name, args)
  File "/usr/lib64/python2.7/xmlrpclib.py", line 1591, in __request
    verbose=self.__verbose
  File "/usr/lib64/python2.7/xmlrpclib.py", line 1273, in request
    return self.single_request(host, handler, request_body, verbose)
  File "/usr/lib64/python2.7/xmlrpclib.py", line 1321, in single_request
    response.msg,
ProtocolError: <ProtocolError for 127.0.0.1:80/cobbler_api: 404 Not Found>

報錯

　　五、隨機生成一個密碼,這個密碼就是你待會兒自動安裝完操做系統之後的開機密碼。複製生成的密碼，待會兒須要寫到配置文件中。

openssl passwd -1 -salt "root" "yunwei.123"

　　六、更改cobbler配置文件

 vim /etc/cobbler/settings

　　只須要改配置文件中的這幾項便可。

..........
default_password_crypted: "$1$cobbler$zPOuqy9SLOb87DIQb3RbQ." #第三步生成的密碼
manage_dhcp: 1 #dhcp服務
manage_tftpd: 1 #xinetd服務
manage_rsync: 1 #rsyncd服務
next_server: 172.16.5.241 #替換成本機IP地址，dhcp服務地址
server: 172.16.5.241 #替換爲本機IP地址，cobber服務地址
..........

　　七、更新load信息

cobbler get-loaders

[root@bogon ~]# cobbler get-loaders
task started: 2018-08-07_103302_get_loaders
task started (id=Download Bootloader Content, time=Tue Aug  7 10:33:02 2018)
downloading https://cobbler.github.io/loaders/README to /var/lib/cobbler/loaders/README
downloading https://cobbler.github.io/loaders/COPYING.elilo to /var/lib/cobbler/loaders/COPYING.elilo
downloading https://cobbler.github.io/loaders/COPYING.yaboot to /var/lib/cobbler/loaders/COPYING.yaboot
downloading https://cobbler.github.io/loaders/COPYING.syslinux to /var/lib/cobbler/loaders/COPYING.syslinux
downloading https://cobbler.github.io/loaders/elilo-3.8-ia64.efi to /var/lib/cobbler/loaders/elilo-ia64.efi
downloading https://cobbler.github.io/loaders/yaboot-1.3.17 to /var/lib/cobbler/loaders/yaboot
downloading https://cobbler.github.io/loaders/pxelinux.0-3.86 to /var/lib/cobbler/loaders/pxelinux.0
downloading https://cobbler.github.io/loaders/menu.c32-3.86 to /var/lib/cobbler/loaders/menu.c32
downloading https://cobbler.github.io/loaders/grub-0.97-x86.efi to /var/lib/cobbler/loaders/grub-x86.efi
downloading https://cobbler.github.io/loaders/grub-0.97-x86_64.efi to /var/lib/cobbler/loaders/grub-x86_64.efi
*** TASK COMPLETE ***

命令結果

　　八、vim /etc/xinetd.d/tftp，設置tftp配置文件，‘disable'爲'no'

service tftp
{
disable = no
socket_type = dgram
protocol = udp
wait = yes
user = root
server = /usr/sbin/in.tftpd
server_args = -B 1380 -v -s /var/lib/tftpboot
per_source = 11
cps = 100 2
flags = IPv4
}

　　九、修改dhcp配置文件，先不要啓動dhcp。

vim /etc/cobbler/dhcp.template

ddns-update-style interim;
allow booting;
allow bootp;
ignore client-updates;
set vendorclass = option vendor-class-identifier;
option pxe-system-type code 93 = unsigned integer 16;
subnet 172.16.5.0 netmask 255.255.255.0 {
option routers 172.16.5.1;
option domain-name-servers 202.96.209.5,202.96.209.133;
option subnet-mask 255.255.255.0;
range dynamic-bootp 172.16.5.60 172.16.5.100;
default-lease-time 21600;
max-lease-time 43200;
next-server $next_server;
class "pxeclients" {
match if substring (option vendor-class-identifier, 0, 9) = "PXEClient";
if option pxe-system-type = 00:02 {
filename "ia64/elilo.efi";
} else if option pxe-system-type = 00:06 {
filename "grub/grub-x86.efi";
} else if option pxe-system-type = 00:07 {
filename "grub/grub-x86_64.efi";
} else if option pxe-system-type = 00:09 {
filename "grub/grub-x86_64.efi";
} else {
filename "pxelinux.0";
}
}

}

dhcp修改內容

　　十、同步Cobbler，這裏會把/etc/cobbler/dhcp.template這個文件咱們配置好的內容同步到/etc/dhcp/dhcpd.conf文件中，不然dhcp不能正常使用。

cobbler sync

[root@bogon dhcp]# cobbler sync
task started: 2018-08-07_120115_sync
task started (id=Sync, time=Tue Aug  7 12:01:15 2018)
running pre-sync triggers
cleaning trees
removing: /var/lib/tftpboot/grub/images
copying bootloaders
trying hardlink /var/lib/cobbler/loaders/pxelinux.0 -> /var/lib/tftpboot/pxelinux.0
trying hardlink /var/lib/cobbler/loaders/menu.c32 -> /var/lib/tftpboot/menu.c32
trying hardlink /var/lib/cobbler/loaders/yaboot -> /var/lib/tftpboot/yaboot
trying hardlink /usr/share/syslinux/memdisk -> /var/lib/tftpboot/memdisk
trying hardlink /var/lib/cobbler/loaders/grub-x86.efi -> /var/lib/tftpboot/grub/grub-x86.efi
trying hardlink /var/lib/cobbler/loaders/grub-x86_64.efi -> /var/lib/tftpboot/grub/grub-x86_64.efi
copying distros to tftpboot
copying images
generating PXE configuration files
generating PXE menu structure
rendering DHCP files
generating /etc/dhcp/dhcpd.conf
rendering TFTPD files
generating /etc/xinetd.d/tftp
cleaning link caches
rendering Rsync files
running post-sync triggers
running python triggers from /var/lib/cobbler/triggers/sync/post/*
running python trigger cobbler.modules.sync_post_restart_services
running: dhcpd -t -q
received on stdout: 
received on stderr: 
running: service dhcpd restart
received on stdout: 
received on stderr: Redirecting to /bin/systemctl restart dhcpd.service

running shell triggers from /var/lib/cobbler/triggers/sync/post/*
running python triggers from /var/lib/cobbler/triggers/change/*
running python trigger cobbler.modules.scm_track
running shell triggers from /var/lib/cobbler/triggers/change/*
*** TASK COMPLETE ***

提示信息

allow booting;
allow bootp;

ignore client-updates;
set vendorclass = option vendor-class-identifier;

option pxe-system-type code 93 = unsigned integer 16;

subnet 172.16.5.0 netmask 255.255.255.0 {
     option routers             172.16.5.1;
     option domain-name-servers 172.16.5.1;
     option subnet-mask         255.255.255.0;
     range dynamic-bootp        172.16.5.100 172.16.5.254;
     default-lease-time         21600;
     max-lease-time             43200;
     next-server                172.16.5.241;
     class "pxeclients" {
          match if substring (option vendor-class-identifier, 0, 9) = "PXEClient";
          if option pxe-system-type = 00:02 {
                  filename "ia64/elilo.efi";
          } else if option pxe-system-type = 00:06 {
                  filename "grub/grub-x86.efi";
          } else if option pxe-system-type = 00:07 {
                  filename "grub/grub-x86_64.efi";
          } else if option pxe-system-type = 00:09 {
                  filename "grub/grub-x86_64.efi";
          } else {
                  filename "pxelinux.0";
          }
     }

}

# group for Cobbler DHCP tag: default
group {
}

/etc/dhcp/dhcpd.conf信息

3、導入鏡像

　　一、建立操做系統文件夾,虛擬機添加對應的操做系統iso文件，而後掛載。

mkdir -p /data/iso/centos7.4
#掛載
mount /dev/cdrom  /data/iso/centos7.4

　　二、把掛載光盤鏡像的mnt目錄中的內容導入到cobbler

 cobbler import --path=/data/iso/centos7.4  --name=centos7.4

　　三、接着同步cobber report查看導入信息

cobbler report

[root@bogon centos7.4]# cobbler import --path=/data/iso/centos7.4  --name=centos7.4
task started: 2018-08-07_103802_import
task started (id=Media import, time=Tue Aug  7 10:38:02 2018)
Found a candidate signature: breed=redhat, version=rhel6
Found a candidate signature: breed=redhat, version=rhel7
Found a matching signature: breed=redhat, version=rhel7
Adding distros from path /var/www/cobbler/ks_mirror/centos7.4:
creating new distro: centos7.4-x86_64
trying symlink: /var/www/cobbler/ks_mirror/centos7.4 -> /var/www/cobbler/links/centos7.4-x86_64
creating new profile: centos7.4-x86_64
associating repos
checking for rsync repo(s)
checking for rhn repo(s)
checking for yum repo(s)
starting descent into /var/www/cobbler/ks_mirror/centos7.4 for centos7.4-x86_64
processing repo at : /var/www/cobbler/ks_mirror/centos7.4
need to process repo/comps: /var/www/cobbler/ks_mirror/centos7.4
looking for /var/www/cobbler/ks_mirror/centos7.4/repodata/*comps*.xml
Keeping repodata as-is :/var/www/cobbler/ks_mirror/centos7.4/repodata
*** TASK COMPLETE ***

返回信息

　　web界面查看，已經看到了咱們剛纔生成的操做系統。

　　注意：

　　前面咱們不是執行cobbler check命令報錯麼，如今咱們在check一下，　

cobbler check

[root@bogon centos7.4]# cobbler check
The following are potential configuration items that you may want to fix:

1 : The 'server' field in /etc/cobbler/settings must be set to something other than localhost, or kickstarting features will not work.  This should be a resolvable hostname or IP for the boot server as reachable by all machines that will use it.
2 : For PXE to be functional, the 'next_server' field in /etc/cobbler/settings must be set to something other than 127.0.0.1, and should match the IP of the boot server on the PXE network.
3 : debmirror package is not installed, it will be required to manage debian deployments and repositories
4 : The default password used by the sample templates for newly installed machines (default_password_crypted in /etc/cobbler/settings) is still set to 'cobbler' and should be changed, try: "openssl passwd -1 -salt 'random-phrase-here' 'your-password-here'" to generate new one

Restart cobblerd and then run 'cobbler sync' to apply changes.

check結果

4、測試

　　一、前面服務器都支直接鏈接互聯網的，這裏面是有dhcp服務器，若是我啓動cobbler的dhcp，那同事就得「炸鍋了」,因此這裏我先把服務器網卡換NAT模式，並關閉vmware workstation裏面的DHCP服務。

　　二、檢查前面咱們安裝的服務是否正常。

　　三、啓動DHCP服務。

　　四、新建一個虛擬機，網卡選擇NAT，不須要掛載操做系統光盤，直接開機便可。

　　五、啓動客戶端，這裏若是等待時間很長的話，證實的你的tftp服務有問題，重啓一下服務器，客戶端在從新啓動就OK了。

　　六、開始安裝，剛纔咱們生成的鏡像，上下鍵選擇要安裝的操做系統，回車便可，剩下的只有等。

　　七、默認分區

5、web界面

　　https://服務器IP地址/cobbler_web默認用戶名和密碼是cobbler，在這裏面咱們能看到剛纔咱們建立的這個centos7的鏡像。

　　若是想修改cobbler登陸密碼使用以下命令：

htdigest /etc/cobbler/users.digest "Cobbler" cobbler

　　查看一下咱們的版本庫列表

　　 cobbler distro list

　　 #report詳細查看一下庫信息

　　 cobbler distro report

　　#查看配置的詳細信息，這個就很是有用了，標紅的文件是默認配置文件，。

　　cobbler profile report

參考地址：

　　一、https://www.linuxidc.com/Linux/2018-03/151347.htm

　　二、https://www.cnblogs.com/clsn/p/7839965.html?utm_source=debugrun&utm_medium=referral

問題一：

　　設置安裝密碼，上面咱們設置了cobbler的頁面密碼，若是咱們有不少的操做系統，隨便一個服務器啓動後dhcp就能夠安裝操做系統，沒有密碼很危險。

　　一、建立密碼　

 #生成密碼（yunwei.123纔是密碼，前面的root隨意）
openssl passwd -1 -salt root  yunwei.123

#生成的密碼
$1$root$vQ5iF/QlePLjafcRq8lCw/

　　第二步：編輯文件pxedefault：

　　# vim /etc/cobbler/pxe/pxedefault.template

DEFAULT menu
PROMPT 0
MENU TITLE Cobbler | http://cobbler.github.io/   #細心的同窗發現，http是安裝界面的顯示內容
MENU MASTER PASSWD $1$root$vQ5iF/QlePLjafcRq8lCw/    #加入這一行，把前面的密碼加進來
TIMEOUT 200
TOTALTIMEOUT 6000
ONTIMEOUT $pxe_timeout_profile

LABEL local
        MENU LABEL (local)
        MENU DEFAULT
        LOCALBOOT -1

$pxe_menu_items

MENU end

　　第三步：配置pxeprofile：

　　#vim /etc/cobbler/pxe/pxeprofile.template

LABEL $profile_name
        MENU PASSWD     #只須要加這一行便可
        kernel $kernel_path
        $menu_label
        $append_line
        ipappend 2

　　第四步：檢查、同步配置使其生效

　　#cobbler check

　　#cobbler sync

　　#/etc/init.d/cobblerd restart

　　第五步：PXE裝機選擇版本查看效果：

問題二：

　　自定義配置和分區

　　這個功能咱們必須得會，由於默認操做系統會.ks文件加參數autopart，意思就是自動分區。咱們生產中哪怕是試驗，也沒有這麼分區的（/var/lib/cobbler/kickstarts/sample_end.ks，我這裏的centos7.4是這個默認安裝配置文件）

　　一、首先咱們得知道咱們安裝的這個操做系統默認用的是哪一個.ks文件，圈紅色的全都是默認的ks文件。

　　那咱們的操做系統默認用的是哪一個呢？

　　我這裏默認是這個配置文件

　　二、首先咱們點擊sample_end.ks這個咱們默認的配置文件，而後全選裏面的內容。最後按照以下，咱們新建一個本身ks文件，把剛纔複製的內容所有粘貼到裏面。

　　這裏還設置了默認關閉selinux，固然，你還能夠寫默認要安裝哪些軟件。

# This kickstart file should only be used with EL > 5 and/or Fedora > 7.
# For older versions please use the sample.ks kickstart file.

#platform=x86, AMD64, or Intel EM64T
# System authorization information
auth  --useshadow  --enablemd5
# System bootloader configuration
bootloader --location=mbr
# Partition clearing information
clearpart --all --initlabel
part /boot --fstype xfs --size 500
part swap --size 2048
part / --fstype xfs --size 3000
part /data --fstype xfs --size 1 --grow
# Use text mode install
text
# Firewall configuration
firewall --enabled
# Run the Setup Agent on first boot
firstboot --disable
# System keyboard
keyboard us
# System language
lang en_US
# Use network installation
url --url=$tree
# If any cobbler repo definitions were referenced in the kickstart profile, include them here.
$yum_repo_stanza
# Network information
$SNIPPET('network_config')
# Reboot after installation
reboot

#Root password
rootpw --iscrypted $default_password_crypted
# SELinux configuration
selinux --disabled
firewall --disabled
# Do not configure the X Window System
skipx
# System timezone
timezone  Asia/Shanghai
# Install OS instead of upgrade
install
# Clear the Master Boot Record
zerombr
# Allow anaconda to partition the system as needed
#autopart

%pre
$SNIPPET('log_ks_pre')
$SNIPPET('kickstart_start')
$SNIPPET('pre_install_network_config')
# Enable installation monitoring
$SNIPPET('pre_anamon')
%end

%packages
$SNIPPET('func_install_if_enabled')
%end

%post --nochroot
$SNIPPET('log_ks_post_nochroot')
%end

%post
$SNIPPET('log_ks_post')
# Start yum configuration
$yum_config_stanza
# End yum configuration
$SNIPPET('post_install_kernel_options')
$SNIPPET('post_install_network_config')
$SNIPPET('func_register_if_enabled')
$SNIPPET('download_config_files')
$SNIPPET('koan_environment')
$SNIPPET('redhat_register')
$SNIPPET('cobbler_register')
# Enable post-install boot notification
$SNIPPET('post_anamon')
# Start final steps
$SNIPPET('kickstart_done')
# End final steps
%end