• cobbler无人值守安装


    与kickstart相比,cobbler的配置和管理都简单了许多,并且可以很方便对用户名、ip等做定制,还能管理yum仓库。本文记录cobbler自动安装系统的安装、配置、使用流程。

    环境准备

    ##系统信息
    [root@cobbler ~]# uname -r
    3.10.0-862.el7.x86_64
    [root@cobbler ~]# cat /etc/redhat-release 
    CentOS Linux release 7.5.1804 (Core) 
    
    ##网卡信息
    [root@cobbler ~]# ip add show eth0|awk 'NR==3{print $2}' 
    10.0.0.99/24
    [root@cobbler ~]# ip add show eth1|awk 'NR==3{print $2}' 
    172.16.1.99/24
    [root@cobbler ~]# ping baidu.com
    PING baidu.com (220.181.57.216) 56(84) bytes of data.
    64 bytes from 220.181.57.216 (220.181.57.216): icmp_seq=1 ttl=128 time=27.3 ms
    
    ##SELinux状态
    [root@cobbler ~]# getenforce 
    Disabled
    
    ##Firewall 状态
    [root@cobbler ~]# systemctl is-active  firewalld.service 
    unknown
    [root@cobbler ~]# systemctl is-enabled  firewalld.service       
    disabled

    ##配置repo源,我这里用的阿里源,配置方法

    [root@Cobbler yum.repos.d]# wget -O /etc/yum.repos.d/CentOS-Base.repo http://mirrors.aliyun.com/repo/Centos-7.repo

    [root@Cobbler yum.repos.d]# wget -O /etc/yum.repos.d/epel.repo http://mirrors.aliyun.com/repo/epel-7.repo

    安装相关组件

    [root@cobbler ~]# yum -y install cobbler cobbler-web dhcp tftp-server  pykickstart  httpd python-django
    [root@cobbler ~]# rpm -qa cobbler cobbler-web dhcp tftp-server  pykickstart  httpd python-django
    pykickstart-1.99.66.19-2.el7.noarch
    cobbler-web-2.8.4-4.el7.noarch
    dhcp-4.2.5-68.el7.centos.1.x86_64
    cobbler-2.8.4-4.el7.x86_64
    tftp-server-5.2-22.el7.x86_64
    httpd-2.4.6-88.el7.centos.x86_64

    配置cobbler

    cobbler的配置很简单,主要体现在有配置指导,启动cobbler和httpd后,执行cobbler check并根据提示操作即可,具体过程描述如下:

    启动cobbler和httpd

    [root@cobbler ~]# systemctl start cobblerd.service 
    [root@cobbler ~]# systemctl start httpd
    [root@cobbler ~]# netstat -lntup|grep httpd
    tcp6       0      0 :::80                   :::*                    LISTEN      2753/httpd          
    tcp6       0      0 :::443                  :::*                    LISTEN      2753/httpd 

    执行cobbler check

    [root@cobbler ~]# cobbler check
    The following are potential configuration items that you may want to fix:
    
    1 : The 'server' field in /etc/cobbler/settings must be set to something other than localhost, or kickstarting features will not work.  This should be a resolvable hostname or IP for the boot server as reachable by all machines that will use it.
    2 : For PXE to be functional, the 'next_server' field in /etc/cobbler/settings must be set to something other than 127.0.0.1, and should match the IP of the boot server on the PXE network.
    3 : change 'disable' to 'no' in /etc/xinetd.d/tftp
    4 : Some network boot-loaders are missing from /var/lib/cobbler/loaders, you may run 'cobbler get-loaders' to download them, or, if you only want to handle x86/x86_64 netbooting, you may ensure that you have installed a *recent* version of the syslinux package installed and can ignore this message entirely.  Files in this directory, should you want to support all architectures, should include pxelinux.0, menu.c32, elilo.efi, and yaboot. The 'cobbler get-loaders' command is the easiest way to resolve these requirements.
    5 : enable and start rsyncd.service with systemctl
    6 : debmirror package is not installed, it will be required to manage debian deployments and repositories
    7 : The default password used by the sample templates for newly installed machines (default_password_crypted in /etc/cobbler/settings) is still set to 'cobbler' and should be changed, try: "openssl passwd -1 -salt 'random-phrase-here' 'your-password-here'" to generate new one
    8 : fencing tools were not found, and are required to use the (optional) power management features. install cman or fence-agents to use them
    
    Restart cobblerd and then run 'cobbler sync' to apply changes.

    根据check结果进行配置

    ##1:把/etc/cobbler/settings 中server的值修改为cobbler服务器的地址,我这里使用内网网卡地址:172.16.1.99
    ##2:把/etc/cobbler/settings 中next_server的值修改为cobbler服务器的ip,设置这个参数是因为,在cobbler装机的过程中,我们使用cobbler自动管理dhcp,这里的值就是dhcp服务所在服务器的ip,我这里是172.16.1.99
    ###7:设置新装系统的密码,其中第一个参数是干扰码,可以随意填写,第二个参数是我们的密码,我用的是1234556,没错,就是两个5,这是个性!!!
    ###此外:在这个文件里还有两个参数的值需要修改:manager_dhcp设为1,打开cobbler对dhcp的管理权限;pxe_just_once设为1,避免重复安装
    [root@cobbler ~]# openssl passwd -1 -salt 'timmygo' '1234556' 
    $1$timmygo$xKIwswOD6mut6ylvwsoWN/
    [root@cobbler ~]# egrep "^server|^next|^manage_dhcp|^pxe_just|^default_pass" /etc/cobbler/settings
    default_password_crypted: "$1$timmygo$xKIwswOD6mut6ylvwsoWN/"
    manage_dhcp: 1
    next_server: 172.16.1.99
    pxe_just_once: 1
    server: 172.16.1.99
    
    #3、配置tftp,把文件/etc/xinetd.d/tftp中disable的值设置为no
    [root@cobbler ~]# grep "disable" /etc/xinetd.d/tftp
            disable                 = no
    
    #4、执行提示的命令,从官网下载一些文件
    [root@cobbler ~]# cobbler get-loaders
    
    #5、开启rsync服务,并设置为开机自启动
    [root@cobbler ~]# systemctl enable rsyncd
    [root@cobbler ~]# systemctl start rsyncd.service
    
    #6、与Debian系统相关,不用管
    #8、fence工具相关,这里是虚拟机,不用管

    配置dhcp

    需要注意的是,我们要配置的是cobbler中的dhcp配置模板:/etc/cobbler/dhcp.template ,而不是系统中dhcp的配置文件。

    因为我们使用cobbler管理dhcp,一旦执行cobbler sync同步操作,cobbler就会用自己的模板覆盖系统中的dhcp配置文件。

    修改后的部分如下:

    subnet 172.16.1.0 netmask 255.255.255.0 {
         #option routers             192.168.1.5;
         #option domain-name-servers 192.168.1.1;
         option subnet-mask         255.255.255.0;
         range dynamic-bootp        172.16.1.100 172.16.1.200;
         default-lease-time         21600;
         max-lease-time             43200;
         next-server                $next_server;

    重启cobbler,并执行同步命令

    [root@cobbler ~]# systemctl restart cobblerd.service 
    ##再次执行check,如果只剩下面这两条,之前的配置就妥了
    [root@cobbler ~]# cobbler check
    The following are potential configuration items that you may want to fix:
    
    1 : debmirror package is not installed, it will be required to manage debian deployments and repositories
    2 : fencing tools were not found, and are required to use the (optional) power management features. install cman or fence-agents to use them
    
    Restart cobblerd and then run 'cobbler sync' to apply changes.
    
    ##然后执行同步命令,提示“*** TASK COMPLETE ***”就说明同步成功了
    [root@cobbler ~]# cobbler sync

    查看各服务状态

    ##之前没有启动tftp,这里需要启动一下,总之保证各种服务能正常运行就行
    [root@cobbler ~]# systemctl is-enabled tftp.socket rsyncd.service httpd.service enabled enabled enabled [root@cobbler ~]# systemctl is-active tftp.socket rsyncd.service dhcpd.service httpd.service active active active active

    挂载光盘,我用的是/mnt

    [root@cobbler ~]# mount /dev/cdrom /mnt
    [root@cobbler ~]# df -h|grep mnt
    /dev/sr0                 4.2G  4.2G     0 100% /mnt

    web端操作

    这是就可以使用https://${ip}/cobbler_web登录,然后在web端完成剩余的操作,但是要注意,pc端的360、卡巴啦什么的,最好都关掉。

    另外,我遇到一个问题,不知是不是个例,记录一下,以备翻查。

    web端登录遇到的bug

    登录时,显示如下页面

    然后查看httpd的log日志,如下:

    [root@cobbler ~]# less /var/log/httpd/ssl_error_log 
    [Fri Feb 01 10:14:10.974188 2019] [:error] [pid 2754] [remote 10.0.0.1:0] Traceback (most recent call last):
    [Fri Feb 01 10:14:10.974210 2019] [:error] [pid 2754] [remote 10.0.0.1:0]   File "/usr/share/cobbler/web/cobbler.wsgi", line 26, in application
    [Fri Feb 01 10:14:10.974274 2019] [:error] [pid 2754] [remote 10.0.0.1:0]     _application = get_wsgi_application()
    [Fri Feb 01 10:14:10.974286 2019] [:error] [pid 2754] [remote 10.0.0.1:0]   File "/usr/lib/python2.7/site-packages/django/core/wsgi.py", line 13, in get_wsgi_application
    [Fri Feb 01 10:14:10.974326 2019] [:error] [pid 2754] [remote 10.0.0.1:0]     django.setup(set_prefix=False)
    [Fri Feb 01 10:14:10.974337 2019] [:error] [pid 2754] [remote 10.0.0.1:0]   File "/usr/lib/python2.7/site-packages/django/__init__.py", line 22, in setup
    [Fri Feb 01 10:14:10.974376 2019] [:error] [pid 2754] [remote 10.0.0.1:0]     configure_logging(settings.LOGGING_CONFIG, settings.LOGGING)
    [Fri Feb 01 10:14:10.974386 2019] [:error] [pid 2754] [remote 10.0.0.1:0]   File "/usr/lib/python2.7/site-packages/django/conf/__init__.py", line 56, in __getattr__
    [Fri Feb 01 10:14:10.974456 2019] [:error] [pid 2754] [remote 10.0.0.1:0]     self._setup(name)
    [Fri Feb 01 10:14:10.974465 2019] [:error] [pid 2754] [remote 10.0.0.1:0]   File "/usr/lib/python2.7/site-packages/django/conf/__init__.py", line 41, in _setup
    [Fri Feb 01 10:14:10.974478 2019] [:error] [pid 2754] [remote 10.0.0.1:0]     self._wrapped = Settings(settings_module)
    [Fri Feb 01 10:14:10.974485 2019] [:error] [pid 2754] [remote 10.0.0.1:0]   File "/usr/lib/python2.7/site-packages/django/conf/__init__.py", line 110, in __init__
    [Fri Feb 01 10:14:10.974495 2019] [:error] [pid 2754] [remote 10.0.0.1:0]     mod = importlib.import_module(self.SETTINGS_MODULE)
    [Fri Feb 01 10:14:10.974501 2019] [:error] [pid 2754] [remote 10.0.0.1:0]   File "/usr/lib64/python2.7/importlib/__init__.py", line 37, in import_module
    [Fri Feb 01 10:14:10.974896 2019] [:error] [pid 2754] [remote 10.0.0.1:0]     __import__(name)
    [Fri Feb 01 10:14:10.974912 2019] [:error] [pid 2754] [remote 10.0.0.1:0]   File "/usr/share/cobbler/web/settings.py", line 89, in <module>
    [Fri Feb 01 10:14:10.974959 2019] [:error] [pid 2754] [remote 10.0.0.1:0]     from django.conf.global_settings import TEMPLATE_CONTEXT_PROCESSORS
    [Fri Feb 01 10:14:10.974975 2019] [:error] [pid 2754] [remote 10.0.0.1:0] ImportError: cannot import name TEMPLATE_CONTEXT_PROCESSORS

    都是关于python的,考虑到关于python的包就装了两个,猜测是Django的问题,后来在网上查了一下,最终解决办法如下:

    [root@cobbler ~]# python -c "import django; print(django.get_version())"
    1.11.18
    [root@cobbler ~]# wget https://bootstrap.pypa.io/get-pip.py
    [root@cobbler ~]# python get-pip.py
    [root@cobbler ~]# pip install Django==1.8.9
    [root@cobbler ~]#  python -c "import django; print(django.get_version())"
    1.8.9
    [root@cobbler ~]# systemctl restart cobblerd.service 

    登录web

    重新登录,得到如图页面,默认的用户名密码都是cobbler

    导入镜像

    可以查看导入的进度

    如果想知道镜像被同步到哪里去了,可以在同步未完成的时候,到命令行中查看,找到目标目录,同步完成后可以随时查看

    [root@cobbler ~]# ps -ef|grep rsync
    root       2925      1  0 10:03 ?        00:00:00 /usr/bin/rsync --daemon --no-detach
    root       3232   3091 26 10:33 ?        00:00:09 rsync -a /mnt/ /var/www/cobbler/ks_mirror/CentOS7.5-x86_64 --progress
    root       3233   3232  0 10:33 ?        00:00:00 rsync -a /mnt/ /var/www/cobbler/ks_mirror/CentOS7.5-x86_64 --progress
    root       3234   3233 24 10:33 ?        00:00:09 rsync -a /mnt/ /var/www/cobbler/ks_mirror/CentOS7.5-x86_64 --progress
    root       3257   2506  0 10:34 pts/1    00:00:00 grep --color=auto rsync

    配置发行版本

    配置kickstart文件

    配置profile

     

    配置目标system

    配置完毕,同步配置

    配置完毕,开启装机

    打开目标服务器

    然后就可以喝茶聊天等结果了。

    千万不要说,目标机和服务端不在一个局域网内,或者配置中的server 和 netx_server的IP地址不对哈,我已经遇到好多朋友给自己刨过这样的坑了!

    装机后验证

    [root@kvm1 ~]# hostname
    kvm1
    [root@kvm1 ~]# ip addr show eth0|awk 'NR==3{print $2}' 
    10.0.0.101/24
    [root@kvm1 ~]# ip addr show eth1|awk 'NR==3{print $2}' 
    172.16.1.101/24
    [root@kvm1 ~]# ping www.baidu.com
    PING www.a.shifen.com (111.13.100.92) 56(84) bytes of data.
    64 bytes from 111.13.100.92 (111.13.100.92): icmp_seq=1 ttl=128 time=14.4 ms
    64 bytes from 111.13.100.92 (111.13.100.92): icmp_seq=2 ttl=128 time=13.7 ms
  • 相关阅读:
    利用burpsuite实现重放攻击
    木马分析(隐藏分析)实验
    使用wireshark分析TLS
    ECharts折线图循环展示数据、自定义色值(渐变)
    Sumblime Text3格式化代码
    ECharts柱状图彩色柱状图(渐变),自定义鼠标移入小圈颜色、鼠标移入后提示框显示不全问题、渲染到页面中
    C#多线程学习(五) 多线程的自动管理(定时器)
    SQL取出 所有周六 周日的日期
    C#多线程学习(二) 如何操纵一个线程
    简单读写XML文件
  • 原文地址:https://www.cnblogs.com/Go-Spurs-Go/p/10345238.html
Copyright © 2020-2023  润新知