cobbler的部署自动化装系统
公司购买了一推二手服务器,得装系统,测试各个硬件的可用性,装系统,要是这一切要用U盘装的话废了
有的服务器是装完系统进不去,反复的网络启动,有的磁盘有问题,有的网卡有问题,有的主板和CPU有问题的,总算装系统测试一周搞出来了,这一切没有cobbler的话真的的废了
cobbler:是自动化装系统的工具,是PXE的升级版,PXE不能一下多台的服务器,不然会卡死,cobbler批量化很好
准备:
导入yum源 curl -O http://mirrors.aliyun.com/repo/Centos-7.repo curl -O http://mirrors.aliyun.com/repo/epel-7.repo yum clean all yum makecache 关闭selinux 关闭firewall
Cobbler:安装
前提:cobbler由epel源提供,故此需要事先配置指向epel的yum源方可进行类似下面的安装过程。
[root@k8s-master1 yum.repos.d]# yum install cobbler cobbler-web pykickstart debmirror[root@k8s-master1 yum.repos.d]# yum install cobbler pykickstart debmirror httpd syslinux dhcp tftp xinetd rsync cobbler-web
TypeScript
[root@localhost ~]# rpm -ql cobbler # 查看安装的文件,下面列出部分。/etc/cobbler # 配置文件目录/etc/cobbler/settings # cobbler主配置文件,这个文件是YAML格式,Cobbler是python写的程序。/etc/cobbler/dhcp.template # DHCP服务的配置模板/etc/cobbler/tftpd.template # tftp服务的配置模板/etc/cobbler/rsync.template # rsync服务的配置模板/etc/cobbler/iso # iso模板配置文件目录/etc/cobbler/pxe # pxe模板文件目录/etc/cobbler/power # 电源的配置文件目录/etc/cobbler/users.conf # Web服务授权配置文件/etc/cobbler/users.digest # 用于web访问的用户名密码配置文件/etc/cobbler/dnsmasq.template # DNS服务的配置模板/etc/cobbler/modules.conf # Cobbler模块配置文件/var/lib/cobbler # Cobbler数据目录/var/lib/cobbler/config # 配置文件/var/lib/cobbler/kickstarts # 默认存放kickstart文件/var/lib/cobbler/loaders # 存放的各种引导程序/var/www/cobbler # 系统安装镜像目录/var/www/cobbler/ks_mirror # 导入的系统镜像列表/var/www/cobbler/images # 导入的系统镜像启动文件/var/www/cobbler/repo_mirror # yum源存储目录/var/log/cobbler # 日志目录/var/log/cobbler/install.log # 客户端系统安装日志/var/log/cobbler/cobbler.log # cobbler日志
启动服务:
[root@k8s-master1 ~]# systemctl start httpd[root@k8s-master1 ~]# systemctl enable httpd.service[root@k8s-master1 ~]# systemctl start cobblerd.service[root@k8s-master1 ~]# systemctl enable cobblerd.service
检查cobbler存在的问题
[root@k8s-master1 ~]# cobbler check执行“cobbler check命令检查存的问题,而后逐一按提示解决之。常见的问题如下所示: 1 : The 'server' field in /etc/cobbler/settings must be set to something other than localhost, or kickstarting features will not work. This should be a resolvable hostname or IP for the boot server as reachable by all machines that will use it. 2 : For PXE to be functional, the 'next_server' field in /etc/cobbler/settings must be set to something other than 127.0.0.1, and should match the IP of the boot server on the PXE network. 3 : some network boot-loaders are missing from /var/lib/cobbler/loaders, you may run 'cobbler get-loaders' to download them, or, if you only want to handle x86/x86_64 netbooting, you may ensure that you have installed a *recent* version of the syslinux package installed and can ignore this message entirely. Files in this directory, should you want to support all architectures, should include pxelinux.0, menu.c32, elilo.efi, and yaboot. The 'cobbler get-loaders' command is the easiest way to resolve these requirements. 4 : change 'disable' to 'no' in /etc/xinetd.d/rsync 5 : comment 'dists' on /etc/debmirror.conf for proper debian support 6 : comment 'arches' on /etc/debmirror.conf for proper debian support 7 : The default password used by the sample templates for newly installed machines (default_password_crypted in /etc/cobbler/settings) is still set to 'cobbler' and should be changed, try: "openssl passwd -1 -salt 'random-phrase-here' 'your-password-here'" to generate new one 8 : fencing tools were not found, and are required to use the (optional) power management features. install cman or fence-agents to use them Restart cobblerd and then run 'cobbler sync' to apply changes.
解决部分:
如上各问题的解决方法如下所示:1、修改/etc/cobbler/settings文件中的server参数的值为提供cobbler服务的主机相应的IP地址或主机名,如172.16.100.15;2、修改/etc/cobbler/settings文件中的next_server参数的值为提供PXE服务的主机相应的IP地址,如172.16.100.16;3、如果当前节点可以访问互联网,执行“cobbler get-loaders”命令即可;否则,需要安装syslinux程序包,而后复制/usr/share/syslinux/{pxelinux.0,memu.c32}等文件至/var/lib/cobbler/loaders/目录中;4、执行“systemctl start rsyncd.service,systemctl enable rsyncd.service”命令即可;5、注释/etc/debmirror.conf文件中的“@dists="sid";”一行;6、注释/etc/debmirror.conf文件中的“@arches="i386";”一行;7、执行“openssl passwd -1 -salt 'random-phrase-here' '123456'”生成密码,并用其替换/etc/cobbler/settings文件中default_password_crypted参数的值;8、执行“yum install cman fence-agents”命令安装相应的程序包即可;
systemctl restart cobblerd.service 接着重启cobblerd,而后执行“cobbler sync ; cobbler check ”同步新的配置至cobbler。 No configuration problems found. All systems go. #显示这个就成功了
二、配置及启动cobbler所依赖的各服务
cobbler的运行依赖于dhcp、tftp、rsync及dns服务。
其中dhcp可由dhcpd(isc)提供,也可由dnsmasq提供;
tftp可由tftp-server程序包提供,也可由cobbler自带的tftp功能提供;
rsync由rsync程序包提供;
dns可由bind提供,也可由dnsmasq提供。
cobbler可自行管理这些服务中的部分甚至是全部,但需要配置/etc/cobbler/settings文件中的“manage_dhcp”、“manage_tftpd”、“manage_rsync”和“manage_dns”分别进行定义。另外,由于每种服务都有着不同的实现方式,如若需要进行自定义,需要通过修改/etc/cobbler/modules.conf配置文件中各服务的模块参数的值来实现。
通过cobbler来管理dns,tftp,dhcp配置:
vim /etc/cobbler/settings #用cobbler管理时不用去配置dhcp配置文件,是去配置cobbler的模板文件/vim /etc/cobbler/dhcp.template manage_dhcp: 1 vim /etc/xinetd.d/tftp disable = no
vim /etc/cobbler/dhcp.template #配置dhcp模板文件ddns-update-style interim;allow booting;allow bootp;ignore client-updates;set vendorclass = option vendor-class-identifier;option pxe-system-type code 93 = unsigned integer 16;subnet 192.168.100.0 netmask 255.255.255.0 { option routers 192.168.100.2; option domain-name-servers 8.8.8.8; option subnet-mask 255.255.255.0; range dynamic-bootp 192.168.100.100 192.168.100.110; default-lease-time 21600; max-lease-time 43200; next-server $next_server; class "pxeclients" { match if substring (option vendor-class-identifier, 0, 9) = "PXEClient"; if option pxe-system-type = 00:02 { filename "ia64/elilo.efi"; } else if option pxe-system-type = 00:06 { filename "grub/grub-x86.efi"; } else if option pxe-system-type = 00:07 { filename "grub/grub-x86_64.efi"; } else if option pxe-system-type = 00:09 { filename "grub/grub-x86_64.efi"; } else { filename "pxelinux.0"; } }}systemctl restart cobblerd cobbler sync #同步一下
到此为止服务部署好了
cobbler distro #定义cobbler的系统cobbler profile #定义kicstart文件 路径/var/lib/cobbler/kickstarts/
挂载好系统镜像
mount /dev/cdrom /mnt/
cobbler里导入镜像文件
cobbler import --path=/mnt/ --name=CentOS-7.3-X86_64 --arch=x86_64 --path=/mnt/ #镜像路径 --name=CentOS-7.3-X86_64 #镜像名称 --arch=x86_64 #系统平台管理profile(kickstart)
cobbler使用profile来为特定的需求类别提供所需要安装配置,即在distro的基础上通过提供kickstart文件来生成一个特定的系统安装配置。distro的profile可以出现在PXE的引导菜单中作为安装的选择之一。
导入kicstart文件写入kicstart文件profile的指定
vim /var/lib/cobbler/kickstarts/CentOS-7.3-X86_64.cfg http://www.90geek.com/post/cobbler%E7%9A%84kickstart%E6%96%87%E4%BB%B6.html 把文件加入到profile里 cobbler profile add --name=CentOS-7.3-X86_64-x86_64 --distro=CentOS-7.3-X86_64-x86_64 --kickstart=/var/lib/cobbler/kickstarts/CentOS-7.3-X86_64.cfg
可使用“cobbler profile list”查看已经创建的profile。
[root@k8s-master1 www]# cobbler distro list #查看镜像 CentOS-7.3-X86_64-x86_64[root@k8s-master1 www]# cobbler profile list #查看kicstart文件 CentOS-7.3-X86_64-x86_64 [root@k8s-master1 www]# cobbler profile report #查看这个profile文件Kickstart : /var/lib/cobbler/kickstarts/sample_end.ks #kicstart文件改成自己的刚才定义的[root@k8s-master1 www]# cobbler profile edit --name=CentOS-7.3-X86_64-x86_64 --kickstart=/var/lib/cobbler/kickstarts/CentOS-7.3-X86_64.cfg[root@k8s-master1 www]# cobbler profile report #再检查
CentOS7 系统网卡名是eno.. 为了统一标准修改为常用的et0管理才执行下一步
[root@k8s-master1 www]# cobbler profile edit --name=CentOS-7.3-X86_64-x86_64 --kopts='net.ifnames=0 biosdevname=0'[root@k8s-master1 www]# cobbler sync #同步
使用cobbler_web
配置cobbler_web的认证功能
cobbler_web支持多种认证方式,如authn_configfile、authn_ldap或authn_pam等,默认为authn_denyall,即拒绝所有用户登录。下面说明两种能认证用户登录cobbler_web的方式。
1.1 使用authn_pam模块认证cobbler_web用户
首先修改modules中[authentication]段的module参数的值为authn_pam。
接着添加系统用户,用户名和密码按需设定即可,例如下面的命令所示。
# useradd cblradmin# echo 'cblrpass' | passwd --stdin cblradmin
而后将cblradmin用户添加至cobbler_web的admin组中。修改/etc/cobbler/users.conf文件,将cblradmin用户名添加为admin参数的值即可,如下所示。
[root@k8s-master1 www]# vim /etc/cobbler/users.conf[admins]admin = "cblradmin"
最后重启cobblerd服务,通过https://192.168.163.130/cobbler_web访问即可。
全部自动化,用cobbler的system功能来指定 (主机名及静态ip地址,dns,网管地址)
不配置这个的话会让你开机就出现个蓝屏的选择的步骤!!!
但是得提前知道该服务器网络启动的网卡的MAC地址!!!
[root@k8s-master1 www]# cobbler system add --name=006 --mac=2C:76:8a:5d:88:08 --profile=CentOS-7.3-X86_64-x86_64 --ip-address=192.168.100.16 --subnet=255.255.255.0 --gateway=192.168.100.2 --interface=eno1 --static=1 --hostname=006 --name-servers="233.5.5.5 233.6.6.6"
# --name 自定义,但不能重复
# 查看定义的列表
[root@k8s-master1 www]# cobbler system list
[root@k8s-master1 www]# cobbler sync
到这里后可以服务器网卡启动了,然后就自动装上了,装完看主机名地址都被配好的
部署一切完成
2。要是到哪台服务器上给他重装个系统的话不用把他重新启动网卡启动,直接是命令行重装即可
yum install koan 查看server上的profile koan --server=192.168.10.12 --list=profiles - looking for Cobbler at http://192.168.10.12:80/cobbler_api CentOS-7.3-X86_64-x86_64 用上面返回的profile来重装 koan --replace-self --server=192.168.10.12 --profile=CentOS-7.3-X86_64-x86_64 就开始给这台服务器重装系统了!!
3.图形界面很好弄,这里不用写了!!!
- 点赞
- 收藏
- 关注作者
评论(0)