cobbler實現系統自動化部署
一、Cobbler
1.pex的二次封裝,由Python開發,提供CLI和Web管理,cobbler在epel源中,安裝時需要配置epel源。
2.工作原理:
client裸機配置了從網路啟動後,開機後會廣播包請求DHCP伺服器(cobbler server)傳送其分配 好的一個IP DHCP伺服器(cobbler server)收到請求後傳送responese,包括其ip地址 client裸機拿到ip後再向cobbler server傳送請求OS引導檔案的請求 cobbler server告訴裸機OS引導檔案的名字和TFTP server的ip和port client裸機通過上面告知的TFTP server地址通訊,下載引導檔案 client裸機執行執行該引導檔案,確定載入資訊,選擇要安裝的os,期間會再向cobbler server請求 kickstart檔案和os image cobbler server傳送請求的kickstart和os iamge client裸機載入kickstart檔案 client裸機接收os image,安裝該os image
3.配置檔案:
/etc/cobbler/settings #cobbler 主配置檔案 /etc/cobbler/iso/ #iso模板配置檔案 /etc/cobbler/pxe #pxe模板檔案 /etc/cobbler/power #電源配置檔案 /etc/cobbler/user.conf #web服務授權配置檔案 /etc/cobbler/users.digest #web訪問的使用者名稱密碼配置檔案 /etc/cobbler/dhcp.template #dhcp伺服器的的配置模板 /etc/cobbler/dnsmasq.template #dns伺服器的配置模板 /etc/cobbler/tftpd.template #tftp服務的配置模板 /etc/cobbler/modules.conf #cobbler模組的配置檔案
4.資料目錄:
/var/lib/cobbler/config/ #用於存放distros,system,profiles 等資訊的配置檔案 /var/lib/cobbler/triggers/ #用於存放使用者定義的cobbler命令 /var/lib/cobbler/kickstarts/ # 預設存放kickstart檔案 /var/lib/cobbler/loaders/ #存放各種載入程式
5.映象目錄
/var/log/cobbler/installing #客戶端安裝日誌 /var/log/cobbler/cobbler.log #cobbler日誌
6.cobbler常用命令
cobbler check 核對當前設定是否有問題 cobbler list 列出所有的cobbler元素 cobbler report 列出元素的詳細資訊 cobbler sync 同步配置到資料目錄,更改配置最好都要執行下 cobbler reposync 同步yum倉庫 cobbler distro 檢視匯入的發行版系統資訊 cobbler system 檢視新增的系統資訊 cobbler profile 檢視配置資訊 cobbler profile report --name=xxxx 檢視ks檔案的詳細資訊
範例:centos7基於cobbler實現系統的自動化安裝
安裝cobbler包和dhcp包
[root@centos7 ~]#yum -y install dhcp cobbler
因為cobbler包對httpd和tftp有依賴關係,所以順帶裝了
啟用httpd,tftp,dhcpd,cobblerd服務
[root@centos7 ~]# systemctl enable --now cobblerd dhcpd httpd tftp
dhcp暫時起不來,我們需要進行配置
執行cobbler check命令
[root@centos7 ~]# cobbler check The following are potential configuration items that you may want to fix: 1 : The 'server' field in /etc/cobbler/settings must be set to something other than localhost, or kickstarting features will not work. This should be a resolvable hostname or IP for the boot server as reachable by all machines that will use it. 2 : For PXE to be functional, the 'next_server' field in /etc/cobbler/settings must be set to something other than 127.0.0.1, and should match the IP of the boot server on the PXE network. 3 : SELinux is enabled. Please review the following wiki page for details on ensuring cobbler works correctly in your SELinux environment: https://github.com/cobbler/cobbler/wiki/Selinux 4 : change 'disable' to 'no' in /etc/xinetd.d/tftp 5 : Some network boot-loaders are missing from /var/lib/cobbler/loaders. If you only want to handle x86/x86_64 netbooting, you may ensure that you have installed a *recent* version of the syslinux package installed and can ignore this message entirely. Files in this directory, should you want to support all architectures, should include pxelinux.0, menu.c32, elilo.efi, and yaboot. 6 : enable and start rsyncd.service with systemctl 7 : debmirror package is not installed, it will be required to manage debian deployments and repositories 8 : The default password used by the sample templates for newly installed machines (default_password_crypted in /etc/cobbler/settings) is still set to 'cobbler' and should be changed, try: "openssl passwd -1 -salt 'random-phrase-here' 'your-password-here'" to generate new one 9 : fencing tools were not found, and are required to use the (optional) power management features. install cman or fence-agents to use them Restart cobblerd and then run 'cobbler sync' to apply changes.
找到server:/etc/cobbler/settings,並修改配置
[root@centos7 ~]# vim /etc/cobbler/settings
自己生成一個密碼,並修改其檔案將原密碼替換
[root@centos7 ~]# openssl passwd -1 123456 $1$ggsV53Cw$XE2391b9SWl64gT1BNxO5.
重啟cobbler服務
[root@centos7 ~]# systemctl restart cobblerd
執行cobbler get-loaders命令下載相關檔案
[root@centos7 ~]# cobbler get-loaders
如果該命令失效,則需要複製兩個檔案
[root@centos7 ~]# cp /usr/share/syslinux/pxelinux.0 /var/lib/cobbler/loaders/ [root@centos7 ~]# cp /usr/share/syslinux/menu.c32 /var/lib/cobbler/loaders/
再執行cobbler sync
[root@centos7 ~]# cobbler sync
修改/etc/cobbler/settings
修改dhcp模板配置檔案/etc/cobbler/dhcp.template
[root@centos7 ~]# vim /etc/cobbler/dhcp.template
重啟cobbler服務,並同步到真正的dhcp的配置檔案/etc/dhcp/dhcp.conf
[root@centos7 ~]# systemctl restart cobblerd
[root@centos7 ~]# cobbler sync
檢視dhcpd服務
[root@centos7 ~]# systemctl status dhcpd
現在選單已經生成了,但是裡面什麼都沒有
[root@centos7 ~]# tree /var/lib/tftpboot/ [root@centos7 ~]# cat /var/lib/tftpboot/pxelinux.cfg/default
徹底修改選單名
[root@centos7 ~]# vim /etc/cobbler/pxe/pxedefault.template
執行cobbler sync同步
[root@centos7 ~]# cobbler sync
將centos7光碟匯入
[root@centos7 test1]# cobbler import --name=centos-7-x86_64 --path=/mnt/test1 -- arch=x86_64
實際是將centos7安裝檔案拷到/var/www/cobbler中
在這個機器上再增加一個8的光碟,將其掛載,然後也將其匯入
先掃描出新光碟
[root@centos7 test1]# echo '- - -' > /sys/class/scsi_host/host0/scan;echo '- - -' > /sys/class/scsi_host/host1/scan;echo '- - -' > /sys/class/scsi_host/host2/scan
將其掛載
[root@centos7 test1]# mkdir /mnt/test2 [root@centos7 test1]# mount /dev/sr1 /mnt/test2 mount: /dev/sr1 is write-protected, mounting read-only
將centos8光碟匯入
[root@centos7 test1]# cobbler import --name=centos-8-x86_64 --path=/mnt/test2 -- arch=x86_64
我的是8.5的有bug不能直接導,需要修改配置檔案
[root@centos7 ~]#vim /var/lib/cobbler/distro_signatures.json
#修改第70行新增centos-linux
重新啟動cobbler服務並同步
[root@centos7 ~]# systemctl restart cobblerd
[root@centos7 ~]# cobbler sync
再次匯入
[root@centos7 ~]# cobbler import --name=centos-8-x86_64 --path=/mnt/test2 -- arch=x86_64
將centos7、8的應答檔案備好並修改
[root@centos8 ks]# vim centos7.cfg
[root@centos8 ks]# vim centos8.cfg
正常情況下我們現在就有兩個選單了
[root@centos7 ~]# cobbler distro list centos-7-x86_64 centos-8-x86_64
將應答檔案關聯,並加至選單
[root@centos7 ~]# cp centos* /var/lib/cobbler/kickstarts/
[root@centos7 ~]# cobbler profile add --name=CentOS-8_mini --distro=CentOS-8-x86_64 --kickstart=/var/lib/cobbler/kickstarts/centos8.cfg [root@centos7 ~]# cobbler profile add --name=CentOS-7_mini --distro=CentOS-7-x86_64 --kickstart=/var/lib/cobbler/kickstarts/centos7.cfg
現在我們有四個選單
[root@centos7 ~]# cat /var/lib/tftpboot/pxelinux.cfg/default
將系統兩個選單刪掉
[root@centos7 ~]# cobbler profile remove --name=centos-8-x86_64 [root@centos7 ~]# cobbler profile remove --name=centos-7-x86_64 [root@centos7 ~]# cobbler profile list CentOS-7_mini CentOS-8_mini
大功告成!
擴充套件:cobbler實現web功能
安裝cobbler-web包
[root@centos7 ~]# yum -y install cobbler-web
重啟httpd服務
[root@centos7 ~]# systemctl status httpd
修改cobbler使用者名稱和密碼
建立一個給Cobbler服務用的賬號
[root@centos7 ~]# htdigest -c /etc/cobbler/users.digest Cobbler weilan
這裡的-c表示重新建立,如果想加一個賬號就把-c去了
檢視存放賬號密碼的檔案
[root@centos7 ~]# cat /etc/cobbler/users.digest
拿新賬號登入