Cobbler 是一个 Linux 服务器安装的服务,可以通过网络启动(PXE)的方式来快速安装、重装物理服务器和虚拟机,同时还可以管理DHCP,DNS等。
Cobbler 可以使用命令行方式管理,也提供了基于Web的界面管理工具(cobbler-web),还提供了API接口,可以方便二次开发使用。
但是如果要想批量部署操作系统,得具备以下条件:
1.客户机支持 pxe 网络引导
2.服务器端和客户端建立网络通信(DHCP)
3.服务器端要有可供客户机开机引导的引导文件
4.服务器端的可引导文件还必须能传递到客户机(TFTP)
5.客户机无人值守安装包括安装定制的软件或服务(KICKSTART)文件
修改主机名
[root@localhost ~]# hostnamectl set-hostname cobbler
环境说明
[root@cobbler ~]# cat /etc/redhat-release
CentOS Linux release 7.7.1908 (Core)
[root@cobbler ~]# uname -r
3.10.0-1062.el7.x86_64
[root@cobbler ~]# getenforce
Disabled
[root@cobbler ~]# systemctl status firewalld
● firewalld.service - firewalld - dynamic firewall daemon
Loaded: loaded (/usr/lib/systemd/system/firewalld.service; disabled; vendor preset: enabled)
Active: inactive (dead)
Docs: man:firewalld(1)
配置yum源
[root@cobbler ~]# curl -o /etc/yum.repos.d/CentOS-Base.repo http://mirrors.aliyun.com/repo/Centos-7.repo
[root@cobbler ~]# curl -o /etc/yum.repos.d/epel.repo http://mirrors.aliyun.com/repo/epel-7.repo
这里配置的是阿里的基础源和epel源,cobbler是依赖epel源下载的
使用yum安装cobbler
[root@cobbler ~]# yum -y install cobbler cobbler-web dhcp tftp-server pykickstart httpd
cobbler检查语法
在检查语法前先启动http和cobbler
[root@cobbler ~]# systemctl enable httpd cobblerd --now #在设置开机自启的时候并启动服务
[root@cobbler ~]# cobbler check
The following are potential configuration items that you may want to fix:
1 : The 'server' field in /etc/cobbler/settings must be set to something other than localhost, or kickstarting features will not work. This should be a resolvable hostname or IP for the boot server as reachable by all machines that will use it. #修改cobbler的/etc/cobbler/settings,把server的地址改为本机IP
2 : For PXE to be functional, the 'next_server' field in /etc/cobbler/settings must be set to something other than 127.0.0.1, and should match the IP of the boot server on the PXE network.
#把cobbler的/etc/cobbler/settings中'next_server'字段中IP改为本机IP
3 : change 'disable' to 'no' in /etc/xinetd.d/tftp
4 : Some network boot-loaders are missing from /var/lib/cobbler/loaders, you may run 'cobbler get-loaders' to download them, or, if you only want to handle x86/x86_64 netbooting, you may ensure that you have installed a *recent* version of the syslinux package installed and can ignore this message entirely. Files in this directory, should you want to support all architectures, should include pxelinux.0, menu.c32, elilo.efi, and yaboot. The 'cobbler get-loaders' command is the easiest way to resolve these requirements.
5 : enable and start rsyncd.service with systemctl
6 : debmirror package is not installed, it will be required to manage debian deployments and repositories
7 : The default password used by the sample templates for newly installed machines (default_password_crypted in /etc/cobbler/settings) is still set to 'cobbler' and should be changed, try: "openssl passwd -1 -salt 'random-phrase-here' 'your-password-here'" to generate new one
8 : fencing tools were not found, and are required to use the (optional) power management features. install cman or fence-agents to use them
Restart cobblerd and then run 'cobbler sync' to apply changes.
这时候会报8个错误,下面一个一个解决
命令集合
sed -i 's/server: 127.0.0.1/server: 192.168.222.110/' /etc/cobbler/settings
sed -i 's/next_server: 127.0.0.1/next_server: 192.168.222.110/' /etc/cobbler/settings
sed -i 's/manage_dhcp: 0/manage_dhcp: 1/' /etc/cobbler/settings
sed -i 's/pxe_just_once: 0/pxe_just_once: 1/' /etc/cobbler/settings
sed -ri "/default_password_crypted/s#(.*: ).*#\1\"`openssl passwd -1 -salt 'cobbler' '123456'`\"#" /etc/cobbler/settings
sed -i 's#yes#no#' /etc/xinetd.d/tftp
cobbler get-loaders
systemctl start rsyncd
systemctl enable rsyncd
systemctl enable tftp.socket
systemctl start tftp.socket
systemctl restart cobblerd.service
sed -i.ori 's#192.168.1#192.168.222#g;22d;23d' /etc/cobbler/dhcp.template
cobbler sync
具体问题解决方法详解
问题1和2解决方法
[root@cobbler ~]# sed -i 's/server: 127.0.0.1/server: 192.168.222.110/' /etc/cobbler/settings
[root@cobbler ~]# sed -i 's/next_server: 127.0.0.1/next_server: 192.168.222.110/' /etc/cobbler/settings
问题3解决方法
[root@cobbler ~]# sed -i 's#yes#no#g' /etc/xinetd.d/tftp
问题4解决方法
[root@cobbler ~]# cobbler get-loaders
task started: 2020-07-24_163335_get_loaders
task started (id=Download Bootloader Content, time=Fri Jul 24 16:33:35 2020)
downloading https://cobbler.github.io/loaders/README to /var/lib/cobbler/loaders/README
downloading https://cobbler.github.io/loaders/COPYING.elilo to /var/lib/cobbler/loaders/COPYING.elilo
downloading https://cobbler.github.io/loaders/COPYING.yaboot to /var/lib/cobbler/loaders/COPYING.yaboot
downloading https://cobbler.github.io/loaders/COPYING.syslinux to /var/lib/cobbler/loaders/COPYING.syslinux
downloading https://cobbler.github.io/loaders/elilo-3.8-ia64.efi to /var/lib/cobbler/loaders/elilo-ia64.efi
downloading https://cobbler.github.io/loaders/yaboot-1.3.17 to /var/lib/cobbler/loaders/yaboot
downloading https://cobbler.github.io/loaders/pxelinux.0-3.86 to /var/lib/cobbler/loaders/pxelinux.0
downloading https://cobbler.github.io/loaders/menu.c32-3.86 to /var/lib/cobbler/loaders/menu.c32
downloading https://cobbler.github.io/loaders/grub-0.97-x86.efi to /var/lib/cobbler/loaders/grub-x86.efi
downloading https://cobbler.github.io/loaders/grub-0.97-x86_64.efi to /var/lib/cobbler/loaders/grub-x86_64.efi
*** TASK COMPLETE ***
#如果网太差导致下载失败,第二次下载会报python的错误。使用如下方法:
[root@cobbler ~]# yum -y install syslinux
[root@cobbler ~]# cp -r /usr/share/syslinux/pxelinux.0 /var/lib/cobbler/loaders/
[root@cobbler ~]# cp -r /usr/share/syslinux/menu.c32 /var/lib/cobbler/loaders/
[root@cobbler ~]# systemctl restart cobblerd
这时候在下载就可以了
问题5解决方法
#启动rsync
[root@cobbler ~]# systemctl enable rsyncd --now
问题6解决方法
#与debain相关,如果不使用cobbler推送debain系统可以忽略不记
[root@cobbler ~]# yum -y install debmirror
[root@cobbler ~]# sed -i 's|@dists=.*|#@dists=|' /etc/debmirror.conf
[root@cobbler ~]# sed -i 's|@arches=.*|#@arches=|' /etc/debmirror.conf
问题7解决方法
修改完成安装后的root密码
[root@cobbler ~]# openssl passwd -1 -salt 'random-phrase-here' 'your-password-here'
# random-phrase-here 随机字符串
# your-password-here 密码
例:[root@cobbler ~]# openssl passwd -1 -salt 'cobbler' '123456'
$1$cobbler$sqDDOBeLKJVmxTCZr52/11 #会得到一串随机字符串,这是加密过后的密码
使用加密的密码,去替换default_password_crypted的默认密码
[root@cobbler ~]# vim /etc/cobbler/settings
default_password_crypted: "$1$cobble$K03Q.A2lkupK0pGFt6f46/"
问题8解决方法
[root@cobbler ~]# yum -y install fence-agents
DHCP问题解决方法
管理dhcp 1为开启,默认为0
[root@cobbler ~]# sed -i 's/manage_dhcp: 0/manage_dhcp: 1/' /etc/cobbler/settings
防止循环装系统,适用于服务器第一启动项是PXE启动。
该选项作用:
- 防止机器循环安装配置始终从网络引导
- 激活此选项,机器回传Cobbler安装完成
- Cobbler将系统对象的netboot标志更改为false,强制要求机器从本地磁盘引导。
[root@cobbler ~]# sed -i 's/pxe_just_once: 0/pxe_just_once: 1/' /etc/cobbler/settings
修改dhcp模板
sed -i.ori 's#192.168.1#192.168.222#g;22d;23d' /etc/cobbler/dhcp.template
或者
[root@cobbler ~]# cp /etc/cobbler/dhcp.template{,.bak}
[root@cobbler ~]# vim /etc/cobbler/dhcp.template
subnet 192.168.222.0 netmask 255.255.255.0 {
option routers 192.168.222.2; # 网关
option domain-name-servers 192.168.222.2; # dns
option subnet-mask 255.255.255.0; # 子网
range dynamic-bootp 192.168.222.100 192.168.222.254; # 可分配的ip范围
default-lease-time 21600;
max-lease-time 43200;
重启并再次检查语法
[root@cobbler ~]# systemctl restart cobblerd
[root@cobbler ~]# cobbler sync //配置同步,使刚刚改的生效,重启和sync缺一不可,不然还会有错误
task started: 2020-07-24_172743_sync
task started (id=Sync, time=Fri Jul 24 17:27:43 2020)
running pre-sync triggers
cleaning trees
removing: /var/lib/tftpboot/grub/images
copying bootloaders
trying hardlink /var/lib/cobbler/loaders/pxelinux.0 -> /var/lib/tftpboot/pxelinux.0
trying hardlink /var/lib/cobbler/loaders/menu.c32 -> /var/lib/tftpboot/menu.c32
trying hardlink /var/lib/cobbler/loaders/yaboot -> /var/lib/tftpboot/yaboot
trying hardlink /usr/share/syslinux/memdisk -> /var/lib/tftpboot/memdisk
trying hardlink /var/lib/cobbler/loaders/grub-x86.efi -> /var/lib/tftpboot/grub/grub-x86.efi
trying hardlink /var/lib/cobbler/loaders/grub-x86_64.efi -> /var/lib/tftpboot/grub/grub-x86_64.efi
copying distros to tftpboot
copying images
generating PXE configuration files
generating PXE menu structure
rendering TFTPD files
generating /etc/xinetd.d/tftp
cleaning link caches
running post-sync triggers
running python triggers from /var/lib/cobbler/triggers/sync/post/*
running python trigger cobbler.modules.sync_post_restart_services
running shell triggers from /var/lib/cobbler/triggers/sync/post/*
running python triggers from /var/lib/cobbler/triggers/change/*
running python trigger cobbler.modules.manage_genders
running python trigger cobbler.modules.scm_track
running shell triggers from /var/lib/cobbler/triggers/change/*
*** TASK COMPLETE ***
[root@cobbler ~]# cobbler check
No configuration problems found. All systems go.
重启所有服务,并设置开机自启
[root@cobbler ~]# systemctl restart httpd
[root@cobbler ~]# systemctl restart cobblerd
[root@cobbler ~]# systemctl restart dhcpd
[root@cobbler ~]# systemctl restart rsyncd
[root@cobbler ~]# systemctl restart tftp.socket
这里为了省事,选择先停止所有服务,然后设置开机自启并启动
[root@cobbler ~]# systemctl stop httpd cobblerd dhcpd rsyncd tftp.socket
[root@cobbler ~]# systemctl enable httpd cobblerd dhcpd rsyncd tftp.socket --now
[root@cobbler ~]# systemctl status httpd cobblerd dhcpd rsyncd tftp.socket
这里查看状态,如果有没有启动的服务,就手动启动一下
cobbler命令简介
cobbler check 核对当前设置是否有问题
cobbler list 列出所有的cobbler元素
cobbler report 列出元素的详细信息
cobbler sync 同步配置到数据目录,更改配置最好都要执行下
cobbler reposync 同步yum仓库
cobbler distro 查看导入的发行版系统信息
cobbler system 查看添加的系统信息
cobbler profile 查看配置信息
导入镜像
先自行下载一个centos7镜像,然后挂载到本地,之后导入到cobbler,这里选择的是最小化镜像,可自行选择
[root@cobbler ~]# mkdir /mnt/centos7.7
[root@cobbler ~]# mount -t iso9660 -o loop CentOS-7-x86_64-Minimal-1908.iso /mnt/centos7.7
mount: /dev/loop0 is write-protected, mounting read-only
[root@cobbler ~]# cobbler import --path=/mnt/centos7.7 --name=CentOS-7.7-1908 --arch=x86_64
- –path 镜像路径
- –name 指定安装源的名字
- –arch 指定导入镜像的体系结构
查看镜像列表
[root@cobbler ~]# cobbler distro list
CentOS-7.7-1908-x86_64
镜像目录保存在http的目录内
[root@cobbler ~]# ls /var/www/cobbler/ks_mirror/
CentOS-7.7-1908-x86_64 config
使用cobbler查看,此处的一些变量我们在写 kickstarts 配置的时候可能会用到,例如tree
[root@cobbler ~]# cobbler distro report
Name : CentOS-7.7-1908-x86_64
Architecture : x86_64
TFTP Boot Files : {
}
Breed : redhat
Comment :
Fetchable Files : {
}
Initrd : /var/www/cobbler/ks_mirror/CentOS-7.7-1908-x86_64/images/pxeboot/initrd.img
Kernel : /var/www/cobbler/ks_mirror/CentOS-7.7-1908-x86_64/images/pxeboot/vmlinuz
Kernel Options : {
}
Kernel Options (Post Install) : {
}
Kickstart Metadata : {
'tree': 'http://@@http_server@@/cblr/links/CentOS-7.7-1908-x86_64'}
Management Classes : []
OS Version : rhel7
Owners : ['admin']
Red Hat Management Key : <<inherit>>
Red Hat Management Server : <<inherit>>
Template Files : {
}
ks文件配置
默认的kickstarts文件放在/var/lib/cobbler/kickstarts/目录下,默认有一些示例
[root@cobbler ~]# ls /var/lib/cobbler/kickstarts/
default.ks legacy.ks sample_esx4.ks sample.ks
esxi4-ks.cfg pxerescue.ks sample_esxi4.ks sample_old.seed
esxi5-ks.cfg sample_autoyast.xml sample_esxi5.ks sample.seed
install_profiles sample_end.ks sample_esxi6.ks sample.seed.28
1.自定义ks文件
[root@cobbler kickstarts]# vim centos7u7-minix64.ks
#Kickstart Configurator for cobbler by Jason Zhao
#platform=x86, AMD64, or Intel EM64T
#System language
lang en_US
#System keyboard
keyboard us
#Sytem timezone
timezone Asia/Shanghai
#Root password
rootpw --iscrypted $default_password_crypted
#Use text mode install
text
#Install OS instead of upgrade
install
#Use NFS installation Media
url --url=$tree
#System bootloader configuration
bootloader --location=mbr
#Clear the Master Boot Record
zerombr
#Partition clearing information
clearpart --all --initlabel
#Disk partitioning information
part /boot --fstype xfs --size 1024
# --ondisk sda
part swap --fstype="swap" --size 2048
# --ondisk sda
part / --fstype xfs --size 1 --grow
# --ondisk sda
#System authorization infomation
auth --useshadow --enablemd5
#Network information
$SNIPPET('network_config')
# network --bootproto=dhcp --device=em1 --onboot=on
# Reboot after installation
reboot
#Firewall configuration
firewall --disabled
#SELinux configuration
selinux --disabled
#Do not configure XWindows
skipx
#Package install information
%pre
$SNIPPET('log_ks_pre')
$SNIPPET('kickstart_start')
$SNIPPET('pre_install_network_config')
# Enable installation monitoring
$SNIPPET('pre_anamon')
%end
#这里是一些默认的安装包,由于这里我选择的是最小化镜像,所以注释掉了,如果是普通镜像直接使用即可
#%packages
#@ base
#@ core
#sysstat
#iptraf
#ntp
#lrzsz
#ncurses-devel
#openssl-devel
#zlib-devel
#OpenIPMI-tools
#mysql
#nmap
#screen
#%end
%post
systemctl disable postfix.service
%end
还有图形化的ks文件配置
#platform=x86, AMD64, or Intel EM64T
#version=DEVEL
# Install OS instead of upgrade
install
# Keyboard layouts
keyboard 'us'
# Root password
rootpw --iscrypted $1$m1pE0DG6$vALBphGGynqvUzfJaWZ6U1
# Use network installation
url --url="$tree"
# System language
lang en_US
# Firewall configuration
firewall --disabled
# System authorization information
auth --useshadow --passalgo=sha512
# Use graphical install
graphical
firstboot --disable
# SELinux configuration
selinux --disabled
# Network information
network --bootproto=dhcp --device=eth0
network --bootproto=dhcp --device=eth1
# Reboot after installation
reboot
# System timezone
timezone Asia/Shanghai
# System bootloader configuration
bootloader --location=mbr
# Clear the Master Boot Record
zerombr
# Partition clearing information
clearpart --all --initlabel
# Disk partitioning information
part /boot --asprimary --fstype="xfs" --size=1024
part swap --fstype="swap" --size=2048
part / --fstype="xfs" --grow --size=1
%packages
@base
@core
@compat-libraries
@debugging
@development
@gnome-desktop
@X Window System
%end
2.查看kuckstart配置
[root@cobbler kickstarts]# cobbler profile report --name=CentOS-7.7-1908-x86_64
Name : CentOS-7.7-1908-x86_64
TFTP Boot Files : {
}
Comment :
DHCP Tag : default
Distribution : CentOS-7.7-1908-x86_64
Enable gPXE? : 0
Enable PXE Menu? : 1
Fetchable Files : {
}
Kernel Options : {
}
Kernel Options (Post Install) : {
}
Kickstart : /var/lib/cobbler/kickstarts/sample_end.ks
Kickstart Metadata : {
}
Management Classes : []
Management Parameters : <<inherit>>
Name Servers : []
Name Servers Search Path : []
Owners : ['admin']
Parent Profile :
Internal proxy :
Red Hat Management Key : <<inherit>>
Red Hat Management Server : <<inherit>>
Repos : []
Server Override : <<inherit>>
Template Files : {
}
Virt Auto Boot : 1
Virt Bridge : xenbr0
Virt CPUs : 1
Virt Disk Driver Type : raw
Virt File Size(GB) : 5
Virt Path :
Virt RAM (MB) : 512
Virt Type : kvm
3.修改指定的kickstart文件
[root@cobbler kickstarts]# cobbler profile list
CentOS-7.7-1908-x86_64
[root@cobbler kickstarts]# cobbler profile getks --name "CentOS-7.7-1908-x86_64"
[root@cobbler kickstarts]# cobbler profile edit --name=CentOS-7.7-1908-x86_64 --kickstart=/var/lib/cobbler/kickstarts/centos7u7-minix64.ks
[root@cobbler kickstarts]# cobbler profile edit --name=CentOS-7.7-1908-x86_64 --kopts='net.ifnames=0 biosdevname=0' #修改centos配置文件中的kickstart值
[root@cobbler kickstarts]# cobbler sync #执行同步
4.查看kickstart关联
[root@cobbler kickstarts]# cobbler profile report --name=CentOS-7.7-1908-x86_64 | grep -i kickstart
Kickstart : /var/lib/cobbler/kickstarts/centos7u7-minix64.ks
Kickstart Metadata : {
}
5.检查服务是否启动
[root@cobbler kickstarts]# systemctl restart dhcpd rsyncd cobblerd tftp
6.修改启动菜单
启动菜单,local是默认选项,之后才是我们自己定义的启动项,在下面的模板中可以看出ONTIMEOUT 超时后会以$pxe_timeout_profile这个变量的值来启动
[root@cobbler kickstarts]# cat /etc/cobbler/pxe/pxedefault.template
DEFAULT menu
PROMPT 0
MENU TITLE Cobbler | http://cobbler.github.io/
TIMEOUT 200
TOTALTIMEOUT 6000
ONTIMEOUT $pxe_timeout_profile
LABEL local
MENU LABEL (local)
MENU DEFAULT
LOCALBOOT -1
$pxe_menu_items
MENU end
查看源代码,pxe_timeout_profile是从system中取的,如果没有设置话默认会设置为local
def make_pxe_menu(self):
"""
Generates both pxe and grub boot menus.
"""
only do this if there is NOT a system named default.
default = self.systems.find(name="default")
if default is None:
timeout_action = "local"
else:
timeout_action = default.profile
menu_items = self.get_menu_items()
# Write the PXE menu:
metadata = {
"pxe_menu_items": menu_items['pxe'], "pxe_timeout_profile": timeout_action}
outfile = os.path.join(self.bootloc, "pxelinux.cfg", "default")
template_src = open(os.path.join(self.settings.boot_loader_conf_template_dir, "pxedefault.template"))
template_data = template_src.read()
self.templar.render(template_data, metadata, outfile, None)
template_src.close()
# Write the grub menu:
outfile = os.path.join(self.bootloc, "grub", "menu_items.cfg")
fd = open(outfile, "w+")
fd.write(menu_items['grub'])
fd.close()
这里在捊一下distro,profile,system三者间的关系
- distro 可以理解为“操作系统”,我们之前导入iso时会生成distro
- profile 我理解的是这里定义的是操作系统安装时的一些参数?(理解可能有误,欢迎指正)
- system 这里就是定义启动时的菜单选项了
根据上面的代码我们需要加一个system的配置
[root@cobbler kickstarts]# cobbler system add --name=default --profile=CentOS-7.7-1908-x86_64
[root@cobbler kickstarts]# cobbler system list
default
[root@cobbler kickstarts]# cobbler sync
[root@cobbler kickstarts]# cat /var/lib/tftpboot/pxelinux.cfg/default
DEFAULT menu
PROMPT 0
MENU TITLE Cobbler | http://cobbler.github.io/
TIMEOUT 200
TOTALTIMEOUT 6000
ONTIMEOUT CentOS-7.7-1908-x86_64
LABEL local
MENU LABEL (local)
MENU DEFAULT
LOCALBOOT -1
LABEL CentOS-7.7-1908-x86_64
kernel /images/CentOS-7.7-1908-x86_64/vmlinuz
MENU LABEL CentOS-7.7-1908-x86_64
append initrd=/images/CentOS-7.7-1908-x86_64/initrd.img ksdevice=bootif lang= text net.ifnames=0 biosdevname=0 kssendmac ks=http://192.168.222.110/cblr/svc/op/ks/profile/CentOS-7.7-1908-x86_64
ipappend 2
MENU end
至此cobbler算是配置完成了,现在可以愉快的安装操作系统了,新建一台虚拟机,虚拟机指定用pxe 网络启动即可,保证在同网段下,设置网启 就可以看到cobbler的推送界面