cobbler批量自動化安裝系統
阿新 • • 發佈:2018-10-31
搭建說明
- 防火牆、selinux已關閉,並將防火牆設定為禁止開機自動啟動
- 配置檔案/etc/selinux/conf中SELINUX=disabled,並重新啟動伺服器(selinux沒關閉會導致實驗出現問題)
- 伺服器所用的IP地址為:192.168.91.131/24
搭建步驟
- 配置網路源,並安裝epel-release源
[[email protected] ~]# curl -o /etc/yum.repos.d/CentOS-Base.repo http://mirrors.aliyun.com/repo/Centos-7.repo
% Total % Received % Xferd Average Speed Time Time Time Current
Dload Upload Total Spent Left Speed
100 2523 100 2523 0 0 11187 0 --:--:-- --:--:-- --:--:-- 11263
[ - 安裝cobbler所需的依賴包
[[email protected] ~]# yum -y install httpd dhcp tftp python-ctypes cobbler xinetd cobbler-web pykickstart 注:cobbler-web可以選擇不安裝,cobbler可以通過網頁進行配置,不安裝web介面則全手工安裝,本次兩種方法都進行展示
- 啟動服務,並設定開機制動啟動
[[email protected] ~]# systemctl start cobblerd [[email protected] ~]# systemctl enable cobblerd [[email protected] ~]# systemctl start httpd [[email protected] ~]# systemctl enable httpd [[email protected] ~]# ss -ntlp State Recv-Q Send-Q Local Address:Port Peer Address:Port LISTEN 0 5 127.0.0.1:25151 *:* users:(("cobblerd",3293,9)) LISTEN 0 128 :::443 :::* users:(("httpd",3255,6),("httpd",3254,6),("httpd",3253,6),("httpd",3252,6),("httpd",3251,6),("httpd",3249,6)) LISTEN 0 128 :::80 :::* users:(("httpd",3255,4),("httpd",3254,4),("httpd",3253,4),("httpd",3252,4),("httpd",3251,4),("httpd",3249,4))
- 修改/etc/cobbler/settings配置檔案的IP地址為本機IP地址
[[email protected] ~]# sed -ri 's/^(server: ).*/\1192.168.91.131/g' /etc/cobbler/settings
- 修改/etc/cobbler/settings配置檔案,設定tftp為本機的IP地址
[[email protected] ~]# sed -ri 's/^(next_server: ).*/\1192.168.91.131/g' /etc/cobbler/settings
- 修改/etc/xinetd.d/tftp配置檔案,開啟tftp功能
[[email protected] ~]# sed -i '/disable/s/yes/no/g' /etc/xinetd.d/tftp
- 重新啟動cobbler
[[email protected] ~]# systemctl restart cobblerd
- 下載缺失檔案(如遇錯誤請看文件最下面)
[[email protected] ~]# cobbler get-loaders
task started: 2018-10-28_183455_get_loaders
task started (id=Download Bootloader Content, time=Sun Oct 28 18:34:55 2018)
path /var/lib/cobbler/loaders/README already exists, not overwriting existing content, use --force if you wish to update
path /var/lib/cobbler/loaders/COPYING.elilo already exists, not overwriting existing content, use --force if you wish to update
path /var/lib/cobbler/loaders/COPYING.yaboot already exists, not overwriting existing content, use --force if you wish to update
path /var/lib/cobbler/loaders/COPYING.syslinux already exists, not overwriting existing content, use --force if you wish to update
path /var/lib/cobbler/loaders/elilo-ia64.efi already exists, not overwriting existing content, use --force if you wish to update
path /var/lib/cobbler/loaders/yaboot already exists, not overwriting existing content, use --force if you wish to update
path /var/lib/cobbler/loaders/pxelinux.0 already exists, not overwriting existing content, use --force if you wish to update
path /var/lib/cobbler/loaders/menu.c32 already exists, not overwriting existing content, use --force if you wish to update
path /var/lib/cobbler/loaders/grub-x86.efi already exists, not overwriting existing content, use --force if you wish to update
path /var/lib/cobbler/loaders/grub-x86_64.efi already exists, not overwriting existing content, use --force if you wish to update
*** TASK COMPLETE *** ##看到說明成功
- 啟動rsync並設定開機自動啟動
[[email protected] ~]# systemctl start rsyncd
[[email protected] ~]# systemctl enable rsyncd
- 生成加密密碼
[[email protected] ~]# openssl passwd -1 -salt "$RANDOM" '123456'
$1$6043$P1MntIr6t46TrT2g8xVVf/
- 將新密碼加入到/etc/cobbler/settings配置檔案中,並重啟服務
[[email protected] ~]# vim /etc/cobbler/settings
# and put the output between the "" below.
default_password_crypted: "$1$6043$P1MntIr6t46TrT2g8xVVf/"
[[email protected] ~]# systemctl restart cobblerd
- 通過cobbler check命令檢查當前配置是否出現問題(1,2問題忽略)
[[email protected] ~]# cobbler check
The following are potential configuration items that you may want to fix:
1 : debmirror package is not installed, it will be required to manage debian deployments and repositories
2 : fencing tools were not found, and are required to use the (optional) power management features. install cman or fence-agents to use them
Restart cobblerd and then run 'cobbler sync' to apply changes.
- 配置dhcp,修改/etc/cobbler/settings配置檔案來控制dhcp
[[email protected] ~]# sed -i '/^manage_dhcp/s/0/1/g' /etc/cobbler/settings
[[email protected] ~]# sed -n '/^manage_dhcp/p' /etc/cobbler/settings
manage_dhcp: 1
- 配置DHCP,修改/etc/cobbler/dhcp.template
subnet 192.168.91.0 netmask 255.255.255.0 {
option routers 192.168.91.131; ##路由地址
option domain-name-servers 192.168.91.131; ##DNS地址
option subnet-mask 255.255.255.0;
range dynamic-bootp 192.168.91.100 192.168.91.254; ##DHCP地址池
default-lease-time 21600;
max-lease-time 43200;
next-server $next_server;
- 重啟服務並同步配置,改完dhcp必須要sync同步配置
[[email protected] ~]# systemctl restart cobblerd
[[email protected] ~]# cobbler sync
task started: 2018-10-28_191055_sync
task started (id=Sync, time=Sun Oct 28 19:10:55 2018)
running pre-sync triggers
cleaning trees
removing: /var/lib/tftpboot/pxelinux.cfg/default
removing: /var/lib/tftpboot/grub/images
removing: /var/lib/tftpboot/grub/grub-x86.efi
removing: /var/lib/tftpboot/grub/grub-x86_64.efi
removing: /var/lib/tftpboot/grub/efidefault
removing: /var/lib/tftpboot/s390x/profile_list
copying bootloaders
trying hardlink /var/lib/cobbler/loaders/grub-x86.efi -> /var/lib/tftpboot/grub/grub-x86.efi
trying hardlink /var/lib/cobbler/loaders/grub-x86_64.efi -> /var/lib/tftpboot/grub/grub-x86_64.efi
copying distros to tftpboot
copying images
generating PXE configuration files
generating PXE menu structure
rendering DHCP files
generating /etc/dhcp/dhcpd.conf
rendering TFTPD files
generating /etc/xinetd.d/tftp
cleaning link caches
running post-sync triggers
running python triggers from /var/lib/cobbler/triggers/sync/post/*
running python trigger cobbler.modules.sync_post_restart_services
running: dhcpd -t -q
received on stdout:
received on stderr:
running: service dhcpd restart
received on stdout:
received on stderr: Redirecting to /bin/systemctl restart dhcpd.service
running shell triggers from /var/lib/cobbler/triggers/sync/post/*
running python triggers from /var/lib/cobbler/triggers/change/*
running python trigger cobbler.modules.scm_track
running shell triggers from /var/lib/cobbler/triggers/change/*
*** TASK COMPLETE ***
- 啟動dhcp服務
[[email protected] ~]# systemctl start dhcpd
[[email protected] ~]# ps aux | grep dhcp
dhcpd 3040 0.0 0.7 97368 7532 ? Ss 19:10 0:00 /usr/sbin/dhcpd -f -cf /etc/dhcp/dhcpd.conf -user dhcpd -group dhcpd --no-pid
- 檢視監聽埠
[[email protected] ~]# netstat -anulp|grep dhcp
udp 0 0 0.0.0.0:67 0.0.0.0:* 3040/dhcpd
- 匯入redhat映象(將掛在好的光碟或者U盤中的映象匯入進來)
注:此命令需要等待時間
[[email protected] ~]# mount /dev/sr0 /mnt
mount: /dev/sr0 is write-protected, mounting read-only
[[email protected] ~]# cobbler import --path=/mnt --name=rhel-7.4 --arch=x86_64
task started: 2018-10-28_192046_import
task started (id=Media import, time=Sun Oct 28 19:20:46 2018)
Found a candidate signature: breed=redhat, version=rhel6
Found a candidate signature: breed=redhat, version=rhel7
Found a matching signature: breed=redhat, version=rhel7
Adding distros from path /var/www/cobbler/ks_mirror/rhel-7.4-x86_64:
creating new distro: rhel-7.4-x86_64
trying symlink: /var/www/cobbler/ks_mirror/rhel-7.4-x86_64 -> /var/www/cobbler/links/rhel-7.4-x86_64
creating new profile: rhel-7.4-x86_64
associating repos
checking for rsync repo(s)
checking for rhn repo(s)
checking for yum repo(s)
starting descent into /var/www/cobbler/ks_mirror/rhel-7.4-x86_64 for rhel-7.4-x86_64
processing repo at : /var/www/cobbler/ks_mirror/rhel-7.4-x86_64
need to process repo/comps: /var/www/cobbler/ks_mirror/rhel-7.4-x86_64
looking for /var/www/cobbler/ks_mirror/rhel-7.4-x86_64/repodata/*comps*.xml
Keeping repodata as-is :/var/www/cobbler/ks_mirror/rhel-7.4-x86_64/repodata
processing repo at : /var/www/cobbler/ks_mirror/rhel-7.4-x86_64/addons/HighAvailability
need to process repo/comps: /var/www/cobbler/ks_mirror/rhel-7.4-x86_64/addons/HighAvailability
looking for /var/www/cobbler/ks_mirror/rhel-7.4-x86_64/addons/HighAvailability/repodata/*comps*.xml
Keeping repodata as-is :/var/www/cobbler/ks_mirror/rhel-7.4-x86_64/addons/HighAvailability/repodata
processing repo at : /var/www/cobbler/ks_mirror/rhel-7.4-x86_64/addons/ResilientStorage
need to process repo/comps: /var/www/cobbler/ks_mirror/rhel-7.4-x86_64/addons/ResilientStorage
looking for /var/www/cobbler/ks_mirror/rhel-7.4-x86_64/addons/ResilientStorage/repodata/*comps*.xml
Keeping repodata as-is :/var/www/cobbler/ks_mirror/rhel-7.4-x86_64/addons/ResilientStorage/repodata
*** TASK COMPLETE ***
## 注:--path //映象路徑
--name //未匯入的映象定義一個名字
--arch //映象平臺架構
重複匯入相同名字會提示失敗
- 檢視cobbler映象列表
[[email protected] ~]# cobbler list
distros:
rhel-7.4-x86_64
profiles:
rhel-7.4-x86_64
systems:
repos:
images:
mgmtclasses:
packages:
files:
- 建立kickstarts自動安裝指令碼(此指令碼可以參照/root/anaconda-ks.cfg)
[[email protected] ~]# vim /var/lib/cobbler/kickstarts/rhel-7.4-x86_64.ks
auth --enableshadow --passalgo=sha512
bootloader --location=mbr
clearpart --all --initlabel
part /boot --asprimary --fstype="ext4" --size=500
part swap --fstype="swap" --size=4096
part / --fstype="ext4" --grow --size=15000
text
firewall --disabled
firstboot --disable
keyboard us
lang en_US
url --url=http://192.168.91.131/cobbler/ks_mirror/rhel-7.4-x86_64
$yum_repo_stanza
$SNIPPET('network_config')
reboot
rootpw --iscrypted $6$0uSBV759YkIm5gCr\$cGk/GEeaapEAsN/5fwGjJ3.2Q6UzmLW8ctbXNz0xslxu6MhrNdZqCFf0hyN8NhSayyMQiHndruIj/aKsAJwOX/
selinux --disabled
skipx
timezone Asia/Shanghai --isUtc --nontp
install
zerombr
%packages
@^minimal
@core
kexec-tools
%end
%addon com_redhat_kdump --enable --reserve-mb='auto'
%end
%anaconda
pwpolicy root --minlen=6 --minquality=1 --notstrict --nochanges --notempty
pwpolicy user --minlen=6 --minquality=1 --notstrict --nochanges --emptyok
pwpolicy luks --minlen=6 --minquality=1 --notstrict --nochanges --notempty
%end
- 檢查ks檔案語法是否有錯誤
[[email protected] ~]# cobbler validateks
task started: 2018-10-28_200030_validateks
task started (id=Kickstart Validation, time=Sun Oct 28 20:00:30 2018)
----------------------------
osversion: rhel7
checking url: http://192.168.91.131/cblr/svc/op/ks/profile/rhel-7.4-x86_64
running: /usr/bin/ksvalidator -v "rhel7" "http://192.168.91.131/cblr/svc/op/ks/profile/rhel-7.4-x86_64"
received on stdout:
received on stderr:
*** all kickstarts seem to be ok ***
*** TASK COMPLETE ***
- 檢視當前有哪些配置檔案
[[email protected] ~]# cobbler profile list
rhel-7.4-x86_64
- 修改profile,將新建的檔案設為預設的kickstarts安裝檔案
[[email protected] ~]# cobbler profile edit --name rhel-7.4-x86_64 --kickstart=/var/lib/cobbler/kickstarts/rhel-7.4-x86_64.ks
- 配置網絡卡名稱,將網絡卡名稱改為傳統的網絡卡名稱eth0
[[email protected] ~]# cobbler profile edit --name rhel-7.4-x86_64 --kopts='net.ifnames=0 biosdevname=0'
- 檢查當前系統cobbler配置檔案資訊
[[email protected] ~]# cobbler profile report
Name : rhel-7.4-x86_64
TFTP Boot Files : {}
Comment :
DHCP Tag : default
Distribution : rhel-7.4-x86_64
Enable gPXE? : 0
Enable PXE Menu? : 1
Fetchable Files : {}
Kernel Options : {'biosdevname': '0', 'net.ifnames': '0'}
Kernel Options (Post Install) : {}
Kickstart : /var/lib/cobbler/kickstarts/rhel-7.4-x86_64.ks
Kickstart Metadata : {}
Management Classes : []
Management Parameters : <<inherit>>
Name Servers : []
Name Servers Search Path : []
Owners : ['admin']
Parent Profile :
Internal proxy :
Red Hat Management Key : <<inherit>>
Red Hat Management Server : <<inherit>>
Repos : []
Server Override : <<inherit>>
Template Files : {}
Virt Auto Boot : 1
Virt Bridge : xenbr0
Virt CPUs : 1
Virt Disk Driver Type : raw
Virt File Size(GB) : 5
Virt Path :
Virt RAM (MB) : 512
Virt Type : kvm
- 同步cobbler
[[email protected] ~]# cobbler sync
task started: 2018-10-28_200920_sync
task started (id=Sync, time=Sun Oct 28 20:09:20 2018)
running pre-sync triggers
cleaning trees
removing: /var/www/cobbler/images/rhel-7.4-x86_64
removing: /var/lib/tftpboot/pxelinux.cfg/default
removing: /var/lib/tftpboot/grub/images
removing: /var/lib/tftpboot/grub/grub-x86.efi
removing: /var/lib/tftpboot/grub/grub-x86_64.efi
removing: /var/lib/tftpboot/grub/efidefault
removing: /var/lib/tftpboot/images/rhel-7.4-x86_64
removing: /var/lib/tftpboot/s390x/profile_list
copying bootloaders
trying hardlink /var/lib/cobbler/loaders/grub-x86.efi -> /var/lib/tftpboot/grub/grub-x86.efi
trying hardlink /var/lib/cobbler/loaders/grub-x86_64.efi -> /var/lib/tftpboot/grub/grub-x86_64.efi
copying distros to tftpboot
copying files for distro: rhel-7.4-x86_64
trying hardlink /var/www/cobbler/ks_mirror/rhel-7.4-x86_64/images/pxeboot/vmlinuz -> /var/lib/tftpboot/images/rhel-7.4-x86_64/vmlinuz
trying hardlink /var/www/cobbler/ks_mirror/rhel-7.4-x86_64/images/pxeboot/initrd.img -> /var/lib/tftpboot/images/rhel-7.4-x86_64/initrd.img
copying images
generating PXE configuration files
generating PXE menu structure
copying files for distro: rhel-7.4-x86_64
trying hardlink /var/www/cobbler/ks_mirror/rhel-7.4-x86_64/images/pxeboot/vmlinuz -> /var/www/cobbler/images/rhel-7.4-x86_64/vmlinuz
trying hardlink /var/www/cobbler/ks_mirror/rhel-7.4-x86_64/images/pxeboot/initrd.img -> /var/www/cobbler/images/rhel-7.4-x86_64/initrd.img
Writing template files for rhel-7.4-x86_64
rendering DHCP files
generating /etc/dhcp/dhcpd.conf
rendering TFTPD files
generating /etc/xinetd.d/tftp
processing boot_files for distro: rhel-7.4-x86_64
cleaning link caches
running post-sync triggers
running python triggers from /var/lib/cobbler/triggers/sync/post/*
running python trigger cobbler.modules.sync_post_restart_services
running: dhcpd -t -q
received on stdout:
received on stderr:
running: service dhcpd restart
received on stdout:
received on stderr: Redirecting to /bin/systemctl restart dhcpd.service
running shell triggers from /var/lib/cobbler/triggers/sync/post/*
running python triggers from /var/lib/cobbler/triggers/change/*
running python trigger cobbler.modules.scm_track
running shell triggers from /var/lib/cobbler/triggers/change/*
*** TASK COMPLETE ***
- 為避免發生問題,重啟服務端所有的服務
[[email protected] ~]# systemctl restart cobblerd
[[email protected] ~]# systemctl restart httpd
[[email protected] ~]# systemctl restart xinetd
[[email protected] ~]# systemctl restart dhcpd
- 在客戶端上,開啟電源,出現如下畫面則成功
出現的問題
- 問題一:(下載缺失檔案錯誤)
[[email protected] ~]# cobbler get-loaders
task started: 2018-10-28_182135_get_loaders
task started (id=Download Bootloader Content, time=Sun Oct 28 18:21:35 2018)
path /var/lib/cobbler/loaders/README already exists, not overwriting existing content, use --force if you wish to update
path /var/lib/cobbler/loaders/COPYING.elilo already exists, not overwriting existing content, use --force if you wish to update
downloading https://cobbler.github.io/loaders/COPYING.yaboot to /var/lib/cobbler/loaders/COPYING.yaboot
Exception occured: <class 'urlgrabber.grabber.URLGrabError'>
Exception value: [Errno 14] curl#35 - "Peer reports incompatible or unsupported protocol version."
Exception Info:
File "/usr/lib/python2.7/site-packages/cobbler/remote.py", line 82, in run
rc = self._run(self)
File "/usr/lib/python2.7/site-packages/cobbler/remote.py", line 176, in runner
return self.remote.api.dlcontent(self.options.get("force",False), self.logger)
File "/usr/lib/python2.7/site-packages/cobbler/api.py", line 735, in dlcontent
return grabber.run(force)
File "/usr/lib/python2.7/site-packages/cobbler/action_dlcontent.py", line 73, in run
urlgrabber.grabber.urlgrab(src, filename=dst, proxies=proxies)
File "/usr/lib/python2.7/site-packages/urlgrabber/grabber.py", line 755, in urlgrab
return default_grabber.urlgrab(url, filename, **kwargs)
File "/usr/lib/python2.7/site-packages/urlgrabber/grabber.py", line 1201, in urlgrab
return _run_callback(opts.failfunc, opts)
File "/usr/lib/python2.7/site-packages/urlgrabber/grabber.py", line 1052, in _run_callback
return cb(obj)
File "/usr/lib/python2.7/site-packages/urlgrabber/grabber.py", line 1046, in _do_raise
raise obj.exception
!!! TASK FAILED !!!
通過cobbler check命令後發現如下問題:
[[email protected] ~]# cobbler check
The following are potential configuration items that you may want to fix:
1 : Some network boot-loaders are missing from /var/lib/cobbler/loaders, you may run 'cobbler get-loaders' to download them, or, if you only want to handle x86/x86_64 netbooting, you may ensure that you have installed a *recent* version of the syslinux package installed and can ignore this message entirely. Files in this directory, should you want to support all architectures, should include pxelinux.0, menu.c32, elilo.efi, and yaboot. The 'cobbler get-loaders' command is the easiest way to resolve these requirements.
2 : enable and start rsyncd.service with systemctl
## 注:3,5不管,第四個問題之後會進行解決 ##
3 : debmirror package is not installed, it will be required to manage debian deployments and repositories
4 : The default password used by the sample templates for newly installed machines (default_password_crypted in /etc/cobbler/settings) is still set to 'cobbler' and should be changed, try: "openssl passwd -1 -salt 'random-phrase-here' 'your-password-here'" to generate new one
5 : fencing tools were not found, and are required to use the (optional) power management features. install cman or fence-agents to use them
Restart cobblerd and then run 'cobbler sync' to apply changes.
解決辦法:
[[email protected] ~]# cp /usr/share/syslinux/pxelinux.0 /var/lib/cobbler/loaders/
[[email protected] ~]# cp /usr/share/syslinux/menu.c32 /var/lib/cobbler/loaders/
[[email protected] ~]# systemctl restart cobblerd
[[email protected] ~]# systemctl restart httpd
[[email protected] ~]# systemctl start rsyncd
[[email protected] ~]# systemctl enable rsyncd