運維自動化之批量部署工具cobbler的安裝
環境
centos7.3
[root@localhost ~]# curl -o /etc/yum.repos.d/CentOS-Base.repo http://mirrors.aliyun.com/repo/Centos-7.repo
[root@localhost ~]# curl -o /etc/yum.repos.d/epel.repo http://mirrors.aliyun.com/repo/epel-7.repo
[root@localhost ~]# yum make cache
[root@localhost ~]# yum install -y xinetd tftp-server rsync dhcp httpd cobbler pykickstart cobbler-web
[root@localhost ~]# systemctl enable httpd
[root@localhost ~]# systemctl start httpd
[root@localhost ~]# systemctl enable cobblerd
[root@localhost ~]# systemctl start cobblerd
配置cobbler
運行cobbler check
[root@localhost ~]# cobbler check The following are potential configuration items that you may want to fix: 1 : The 'server' field in /etc/cobbler/settings must be set to something other than localhost, or kickstarting features will not work. This should be a resolvable hostname or IP for the boot server as reachable by all machines that will use it. 2 : For PXE to be functional, the 'next_server' field in /etc/cobbler/settings must be set to something other than 127.0.0.1, and should match the IP of the boot server on the PXE network. 3 : change 'disable' to 'no' in /etc/xinetd.d/tftp 4 : Some network boot-loaders are missing from /var/lib/cobbler/loaders, you may run 'cobbler get-loaders' to download them, or, if you only want to handle x86/x86_64 netbooting, you may ensure that you have installed a *recent* version of the syslinux package installed and can ignore this message entirely. Files in this directory, should you want to support all architectures, should include pxelinux.0, menu.c32, elilo.efi, and yaboot. The 'cobbler get-loaders' command is the easiest way to resolve these requirements. 5 : enable and start rsyncd.service with systemctl 6 : debmirror package is not installed, it will be required to manage debian deployments and repositories 7 : The default password used by the sample templates for newly installed machines (default_password_crypted in /etc/cobbler/settings) is still set to 'cobbler' and should be changed, try: "openssl passwd -1 -salt 'random-phrase-here' 'your-password-here'" to generate new one 8 : fencing tools were not found, and are required to use the (optional) power management features. install cman or fence-agents to use them Restart cobblerd and then run 'cobbler sync' to apply changes.
第6步要求是debian系統,第8步是電源管理,這兩步可忽略。我們按順序配置其他步驟。
1. 替換cobbler server 地址 [root@localhost ~]# vi /etc/cobbler/settings server: 192.168.214.107 2. 修改PXE network 地址 [root@localhost ~]# vi /etc/cobbler/settings next_server: 192.168.214.107 3. 激活tftp服務 [root@localhost ~]# vi /etc/xinetd.d/tftp disable = no 4.下載network boot-loaders [root@localhost ~]# cobbler get-loaders 4. 啟動rsyncd服務 [root@localhost ~]# systemctl enable rsyncd.service [root@localhost ~]# systemctl start rsyncd.service 5. 修改kickstart templates 密碼 [root@localhost ~]# openssl passwd -1 -salt 'root' 'cobbler' $1$root$8Er34Nz73T4s3x9lQOhPE/ [root@localhost ~]# vi /etc/cobbler/settings default_password_crypted: "$1$root$8Er34Nz73T4s3x9lQOhPE/"
配置完之後重啟服務並檢查
[root@localhost ~]# systemctl restart cobblerd [root@localhost ~]# cobbler check The following are potential configuration items that you may want to fix: 1 : debmirror package is not installed, it will be required to manage debian deployments and repositories 2 : fencing tools were not found, and are required to use the (optional) power management features. install cman or fence-agents to use them Restart cobblerd and then run 'cobbler sync' to apply changes.
配置dhcp
啟用本機管理dhcp
[root@localhost ~]# vi /etc/cobbler/settings manage_dhcp: 1 manage_rsync: 1 manage_tftpd: 1 pxe_just_once: 1 #PXE的安裝只有一次,防止不停從網絡安裝
配置dhcp文件模板
[root@localhost ~]# vi /etc/cobbler/dhcp.template
subnet 192.168.214.0 netmask 255.255.255.0 { #需要分配IP的子網
option routers 192.168.214.254; #分配給客戶機的網關
option domain-name-servers 202.96.209.133; #客戶機DNS服務器
option subnet-mask 255.255.255.0; #客戶機子網掩碼
range dynamic-bootp 192.168.214.200 192.168.214.220; #分配的IP地址範圍
default-lease-time 900; #默認租約時間
max-lease-time 43200; #最大租約時間
next-server $next_server; #PXE地址[root@localhost ~]# cobbler sync
這個步驟運行成功之後,/etc/dhcp/dhcpd.conf文件會自動匹配/etc/cobbler/dhcp.template,如果之後dhcp的配置有誤,必須要更改這兩個文件。
[root@localhost ~]# systemctl enable xinetd
[root@localhost ~]# systemctl enable dhcpd
掛載鏡像並導入到cobbler中
[root@localhost ~]# mount -t auto -o loop /tmp/CentOS-7.3-x86_64-DVD.iso /mnt/
[root@localhost ~]# cobbler import --path=/mnt/ --name=Centos7.3 —arch=x86_64
等待一段時間出現 TASK COMPLETE 表示成功
查看cobbler導入的鏡像路徑
[root@localhost ~]# ll /var/www/cobbler/ks_mirror/Centos7.3-x86_64/ total 324 -rw-r--r-- 1 root root 14 Dec 5 2016 CentOS_BuildTag drwxr-xr-x 3 root root 4096 Dec 5 2016 EFI -rw-r--r-- 1 root root 215 Dec 10 2015 EULA -rw-r--r-- 1 root root 18009 Dec 10 2015 GPL drwxr-xr-x 3 root root 4096 Dec 5 2016 images drwxr-xr-x 2 root root 4096 Dec 5 2016 isolinux drwxr-xr-x 2 root root 4096 Dec 5 2016 LiveOS drwxrwxr-x 2 root root 270336 Dec 5 2016 Packages drwxrwxr-x 2 root root 4096 Dec 5 2016 repodata -rw-r--r-- 1 root root 1690 Dec 10 2015 RPM-GPG-KEY-CentOS-7 -rw-r--r-- 1 root root 1690 Dec 10 2015 RPM-GPG-KEY-CentOS-Testing-7 -r--r--r-- 1 root root 2883 Dec 5 2016 TRANS.TBL
配置kickstart文件,這裏是centos7的配置,與centos6的有一些命令上的差異
[root@localhost ~]# vi /var/lib/cobbler/kickstarts/centos7.3 #version=DEVEL # System authorization information auth --enableshadow --passalgo=sha512 # Use network installation url --url="http://192.168.214.107/cobbler/ks_mirror/Centos7.3-x86_64" # Use text install text # Run the Setup Agent on first boot firstboot --disable # Keyboard layouts keyboard --vckeymap=us --xlayouts='us' # System language lang en_US.UTF-8 # Network information network --bootproto=dhcp --device=ens32 --onboot=on # Root password rootpw --iscrypted $6$2c4aqwGfZ3KeYtEi$ArRbx5G.KmI8UaY9OBY/q4EEghidahBwQ7JGx1f/As5obJNESxH1CVRBol.6tPJxiU80cWXg1WB6laftxQEUR. # System services services --disable chronyd,postfix,NetworkManager # System timezone timezone Asia/Shanghai --isUtc --nontp # System bootloader configuration bootloader --append=" crashkernel=auto" --location=mbr --driveorder=sda vda # Partition clearing information clearpart --all --initlabel # Install OS instead of upgrade install # Clear the Master Boot Record zerombr # Allow anaconda to partition the system as needed part /boot --fstype ext4 --size=200 part swap --size=1024 part / --fstype ext4 --size=2000 --grow # Firewall configuration firewall --disabled # selinux configuration selinux --disabled # Reboot after installation reboot %packages @^minimal @compat-libraries @core @development kexec-tools %end %addon com_redhat_kdump --enable --reserve-mb='auto' %end %post rm -fr /etc/yum.repos.d/CentOS-* curl -o /etc/yum.repos.d/CentOS-Base.repo http://mirrors.aliyun.com/repo/Centos-7.repo curl -o /etc/yum.repos.d/epel.repo http://mirrors.aliyun.com/repo/epel-7.repo %end
rootpw加參數--iscrypted用密文顯示root登錄密碼,密文生成命令python -c ‘import crypt,getpass;pw=getpass.getpass();print(crypt.crypt(pw) if (pw==getpass.getpass(“Confirm: “)) else exit())’
%開頭的命令必須以%end結尾,否則會報錯。例如最後的%post是安裝系統之後運行的一些命令,末尾要以%end結尾,當然前面的%packages也是這樣。
檢查語法是否有誤
[root@localhost ~]# cobbler validateks
查看profile
[root@localhost ~]# cobbler profile list
Centos7.3-x86_64
鏡像與kickstart文件關聯
[root@localhost ~]# cobbler profile edit --name Centos7.3-x86_64 --kickstart=/var/lib/cobbler/kickstarts/centos7.3
完成配置後生成的報告
[root@localhost ~]# cobbler profile report
再次重啟服務
[root@localhost ~]# systemctl restart cobblerd
[root@localhost ~]# systemctl restart dhcpd
[root@localhost ~]# systemctl start tftp
開啟一臺空的機器從PXE啟動,之後出現下面的圖像,選擇要安裝的系統,當然你也可以多臺同時安裝:
從WEB登錄cobbler進行管理,如下圖:用戶名和密碼初始值都是cobbler
centos7訪問只支持https
之後會有文章對cobbler做一個進階講解。
如果想了解更多,請關註我們的公眾號
公眾號ID:opdevos
掃碼關註
運維自動化之批量部署工具cobbler的安裝