自動化運維之cobbler安裝centos7.3

自動化運維之cobbler安裝centos7.3

 

1、cobbler簡介和服務

Cobbler是一款自動化操做系統安裝的實現，與PXE安裝系統的區別就是能夠同時部署多個版本的系統，而PXE只能選擇一種系統。而現在的架構動輒就是上千臺的服務器。而存在一些操做系統不統一的現象，例如最初的架構採用的是CentOS5系列的系統，而新出現了一些技術後，須要新的操做系統的支持，一方面是須要批量部署裝機，而另外一方面還須要考慮到若是老版本的服務器出現故障後還須要從新去部署。而且提供Web配置頁面，能夠只須要一些點擊就能夠完成一些操做。

2、cobbler實戰

安裝cobbler 等依賴服務

# yum install cobbler cobbler-web dhcp tftp-server pykickstart httpd -y
啓動httpd 和cobbler服務

# /etc/init.d/httpd restart
# /etc/init.d/cobblerd start
使用 cobbler check （五、六、8三步並不須要執行）檢查，檢查後使用cobbler sync同步操做
# cobbler check

若是執行# cobbler check 報錯，執行 # /etc/init.d/cobblerd restart 重啓便可

Traceback (most recent call last):
File "/usr/bin/cobbler", line 36, in <module>
sys.exit(app.main())
File "/usr/lib/python2.6/site-packages/cobbler/cli.py", line 657, in main
rc = cli.run(sys.argv)
File "/usr/lib/python2.6/site-packages/cobbler/cli.py", line 270, in run
self.token = self.remote.login("", self.shared_secret)
File "/usr/lib64/python2.6/xmlrpclib.py", line 1199, in __call__
return self.__send(self.__name, args)
File "/usr/lib64/python2.6/xmlrpclib.py", line 1489, in __request
verbose=self.__verbose
File "/usr/lib64/python2.6/xmlrpclib.py", line 1253, in request
return self._parse_response(h.getfile(), sock)
File "/usr/lib64/python2.6/xmlrpclib.py", line 1392, in _parse_response
return u.close()
File "/usr/lib64/python2.6/xmlrpclib.py", line 838, in close
raise Fault(**self._stack[0])
xmlrpclib.Fault: <Fault 1: "<class 'cobbler.cexceptions.CX'>:'login failed'">
[root@mini1 html]# /etc/init.d/cobblerd restart

The following are potential configuration items that you may want to fix:

1 : The 'server' field in /etc/cobbler/settings must be set to something other than localhost, or kickstarting features will not work. This should be a resolvable hostname or IP for the boot server as reachable by all machines that will use it.
2 : For PXE to be functional, the 'next_server' field in /etc/cobbler/settings must be set to something other than 127.0.0.1, and should match the IP of the boot server on the PXE network.
3 : some network boot-loaders are missing from /var/lib/cobbler/loaders, you may run 'cobbler get-loaders' to download them, or, if you only want to handle x86/x86_64 netbooting, you may ensure that you have installed a *recent* version of the syslinux package installed and can ignore this message entirely. Files in this directory, should you want to support all architectures, should include pxelinux.0, menu.c32, elilo.efi, and yaboot. The 'cobbler get-loaders' command is the easiest way to resolve these requirements.
4 : file /etc/xinetd.d/rsync does not exist
5 : since iptables may be running, ensure 69, 80/443, and 25151 are unblocked
6 : debmirror package is not installed, it will be required to manage debian deployments and repositories
7 : The default password used by the sample templates for newly installed machines (default_password_crypted in /etc/cobbler/settings) is still set to 'cobbler' and should be changed, try: "openssl passwd -1 -salt 'random-phrase-here' 'your-password-here'" to generate new one
8 : fencing tools were not found, and are required to use the (optional) power management features. install cman or fence-agents to use them

Restart cobblerd and then run 'cobbler sync' to apply changes.

 

上述結果直接告訴了安裝cobbler須要哪些步驟，一步步按照提示進行操做便可
部署第一步+第二步+第七步

vim /etc/cobbler/settings 
server: 192.168.3.12
next_server: 192.168.3.12 #指定tftp所在的服務器
manage_dhcp: 1 #使用cobbler管理dhcp

使用openssl對密碼加密（前面的cadmin是加鹽隨機值，後面的admin是密碼）

# openssl passwd -1 -salt 'admin' 'admin'
$1$admin$1kgWpnZpUx.vTroWPXPIB0

修改password
vim /etc/cobbler/settings

default_password_crypted: "$1$admin$1kgWpnZpUx.vTroWPXPIB0"
保存文件再次使用# cobbler check從新檢查

部署第三步:

# cobbler get-loaders

部署第四步：把disable選項改成no，並從新啓動xinetd

# vim /etc/xinetd.d/rsync
service rsync
{
disable = no # 將disable 改成 no
flags = IPv6
socket_type = stream
wait = no
user = root
server = /usr/bin/rsync
server_args = --daemon
log_on_failure += USERID
}

 

# /etc/init.d/xinetd restart

重啓cobbler，並從新cobbler check
修改/etc/cobbler/dhcp.template 文件，該文件經過cobbler sync能夠管理/etc/dhcp/dhcpd.conf文件，因此在此不須要更改/etc/dhcp/dhcpd.conf文件，由於改了也沒用，每次cobbler sync就會按照預約義從新初始化dhcp配置文件

# vim /etc/cobbler/dhcp.template
subnet 192.168.3.0 netmask 255.255.255.0 {
option routers 192.168.3.1;
option domain-name-servers 192.168.1.13;
option subnet-mask 255.255.255.0;
range dynamic-bootp 192.168.3.100 192.168.3.200;
default-lease-time 21600;
max-lease-time 43200;
next-server $next_server;

 

執行# cobbler sync

使用vmvare虛擬機的iso鏡像掛載到/mnt 路徑（以下圖），並導入鏡像

cobbler –name:倒進後的名字 –arch:鏡像架構 –path:掛載路徑

# mount /dev/cdrom /mnt
# cobbler import --path=/mnt/ --name=CentOS-7.3-x86_64 --arch=x86_64
task started: 2017-04-20_174857_import
task started (id=Media import, time=Thu Apr 20 17:48:57 2017)
Found a candidate signature: breed=redhat, version=rhel6
Found a candidate signature: breed=redhat, version=rhel7
Found a matching signature: breed=redhat, version=rhel7
Adding distros from path /var/www/cobbler/ks_mirror/CentOS-7.3-x86_64:
creating new distro: CentOS-7.3-x86_64
trying symlink: /var/www/cobbler/ks_mirror/CentOS-7.3-x86_64 -> /var/www/cobbler/links/CentOS-7.3-x86_64
creating new profile: CentOS-7.3-x86_64
associating repos
checking for rsync repo(s)
checking for rhn repo(s)
checking for yum repo(s)
starting descent into /var/www/cobbler/ks_mirror/CentOS-7.3-x86_64 for CentOS-7.3-x86_64
processing repo at : /var/www/cobbler/ks_mirror/CentOS-7.3-x86_64
need to process repo/comps: /var/www/cobbler/ks_mirror/CentOS-7.3-x86_64
looking for /var/www/cobbler/ks_mirror/CentOS-7.3-x86_64/repodata/*comps*.xml
Keeping repodata as-is :/var/www/cobbler/ks_mirror/CentOS-7.3-x86_64/repodata
*** TASK COMPLETE ***

 

導入後鏡像所在位置：/var/www/cobbler/ks_mirror/

# ls /var/www/cobbler/ks_mirror/
CentOS-7.3-x86_64 config

給kickstart定義ks文件目錄/var/lib/cobbler/kickstarts/爲cobbler默認存放kickstart配置文件的位置

# cd /var/lib/cobbler/kickstarts/

vim /var/lib/cobbler/kickstarts/centos7.3_x86_64.cfg

#version=DEVEL
# System authorization information
auth --enableshadow --passalgo=sha512
# Use network installation
url --url="http://192.168.3.12/cobbler/ks_mirror/CentOS-7.3-x86_64/"
# Use text mode install
text
ignoredisk --only-use=sda
# Keyboard layouts
keyboard --vckeymap=us --xlayouts='us'
# System language
lang en_US.UTF-8
# Firewall configuration
firewall --disabled
selinux --disabled
# Reboot after installation
reboot

# Network information
network --bootproto=dhcp --device=ens33 --onboot=on --ipv6=auto
network --hostname=localhost.localdomain

# Root password
rootpw --iscrypted $6$23hVX55axEtxScyM$jowXwPr8f2xqipe0Xnaj8XHtwNBlufsvCqqDQDrokM1M0kzxwzPlvzHJmJzusubb6zAU/hKpW5oIDCpa.n7zs0
# System services
services --disabled="chronyd"
# System timezone
timezone Asia/Shanghai --isUtc --nontp
# System bootloader configuration
bootloader --append=" crashkernel=auto" --location=mbr --boot-drive=sda
# Clear the Master Boot Record 
zerombr 
# Partition clearing information 
clearpart --all --initlabel
firstboot --disable
# Disk partitioning information
part pv.194 --fstype="lvmpv" --ondisk=sda --size=75779
part /boot --fstype="xfs" --ondisk=sda --size=300
volgroup centos --pesize=4096 pv.194
logvol /data --fstype="xfs" --size=40956 --name=data --vgname=centos
logvol swap --fstype="swap" --size=4096 --name=swap --vgname=centos
logvol / --fstype="xfs" --size=30720 --name=root --vgname=centos

%packages
@^minimal
@core
kexec-tools

%end

# cobbler profile report
Name : CentOS-7.3-x86_64
TFTP Boot Files : {}
Comment : 
DHCP Tag : default
Distribution : CentOS-7.3-x86_64
Enable gPXE? : 0
Enable PXE Menu? : 1
Fetchable Files : {}
Kernel Options : {}
Kernel Options (Post Install) : {}
Kickstart : /var/lib/cobbler/kickstarts/sample_end.ks
Kickstart Metadata : {}
Management Classes : []
Management Parameters : <<inherit>>
Name Servers : []
Name Servers Search Path : []
Owners : ['admin']
Parent Profile : 
Internal proxy : 
Red Hat Management Key : <<inherit>>
Red Hat Management Server : <<inherit>>
Repos : []
Server Override : <<inherit>>
Template Files : {}
Virt Auto Boot : 1
Virt Bridge : xenbr0
Virt CPUs : 1
Virt Disk Driver Type : raw
Virt File Size(GB) : 5
Virt Path : 
Virt RAM (MB) : 512
Virt Type : kvm

# cobbler list
distros:
CentOS-7.3-x86_64

profiles:
CentOS-7.3-x86_64

systems:

repos:

images:

mgmtclasses:

packages:

files:

 

使用cobbler profile指定ks文件位置和內核參數（net.ifnames=0和biosdevname=0表明更改網卡爲eth0 --> 運維標準化）

# cobbler profile edit --name=CentOS-7.3-x86_64 --kickstart=/var/lib/cobbler/kickstarts/centos7.3_x86_64.cfg
# cobbler profile edit --name=CentOS-7.3-x86_64 --kopts='net.ifnames=0 biosdevname=0'

根據機器的MAC地址(新建虛擬機的時候直接生成，若是是購買的物理機就能夠向供應商獲取)，自動綁定IP，網關，dns等

cobbler system add --name=chinasoft --mac=00:50:56:3B:DC:7E --profile=CentOS-7.3-x86_64 --ip-address=192.168.3.177 --subnet=255.255.255.0 --gateway=192.168.3.1 --interface=eth0 --static=1 --hostname=node3.chinasoft.com --name-servers="114.114.114.114"

 

使用sync同步配置
# cobbler sync

# cobbler system list
chinasoft

注意：客戶端機器裝系統時，要先使用修改bios啓動而後修改成網卡啓動，把network boot from Intel E1000調整爲最上，F10保存

重啓機器就開始自動安裝操做系統了，安裝完成之後進系統發現ifconfig eth0、hostname、防火牆、selinux、都和咱們預約義的一致

修改cobbler提示

# vim /etc/cobbler/pxe/pxedefault.template 
DEFAULT menu
PROMPT 0
MENU TITLE by jack | http://www.cnclogs.com/reblue520
TIMEOUT 200
TOTALTIMEOUT 6000
ONTIMEOUT $pxe_timeout_profile
LABEL local
MENU LABEL (local)
MENU DEFAULT
LOCALBOOT -1
$pxe_menu_items
MENU end

 

3、web界面管理cobbler

在最開始yum的時候安裝了cobbler-web，固然也就可使用web界面管理cobbler
新版cobbler的web界面使用的是https，登陸https://192.168.3.12/cobbler_web

（默認狀況下username和password都是cobbler，能夠經過用戶名所在文件: /etc/cobbler/users.conf 和 密碼所在文件：/etc/cobbler/users.digest進行管理 管理）

待安裝完後，關閉機器，不然會反覆安裝，所以也要注意生產環境，儘可能不要從網卡啓動，防止機器意外重裝