cobbler 实现无人值守网络批量安装操作系统

2016-12-02

这里只是安装文档：不涉及介绍

环境：
     VMware： 12
     cobbler 主机：CentOS 6.7 
     IP： 
          eth0：10.10.111.20/24 管理使用
          eth1： VM dhcp 联网
     
     dhcp地址池：10.10.111.191-10.10.111.200/24
          GATEWAY：10.10.111.1 （物理的vm1网卡地址）                

环境配置：
     关闭selinux：
     sed -i '/^SELINUX=/ s/^SELINUX=.*/SELINUX=disabled/g' /etc/selinux/config
     关闭iptables：
     service iptables stop && chkconfig iptables off
     重启生效

安装配置epel源：
     安装yum优先级插件：
     yum install yum-priorities -y
     安装epel源：
     rpm -Uvh http://mirrors.ustc.edu.cn/fedora/epel/6/x86_64/epel-release-6-8.noarch.rpm
     rpm -Uvh http://rpms.famillecollet.com/enterprise/remi-release-6.rpm
     导入key：
      rpm --import /etc/pki/rpm-gpg/RPM-GPG-KEY-EPEL-6
     重建缓存
     yum makecache

安装Cobbler：
     这里 sync tftpd都是使用Cobbler自带
     yum install cobbler cobbler-web pykickstart debmirror cman fence-agents dhcp bind -y
     
启动服务：
     service httpd start && service cobblerd start

cobbler配置文件路径：/etc/cobbler/
     主配置文件：settings

检查cobbler环境：
     cobbler check
     问题：
    1 : The 'server' field in /etc/cobbler/settings must be set to something other than localhost, or kickstarting features will not work.  This should be a resolvable hostname or IP for the boot server as reachable by all machines that will use it.
    2 : For PXE to be functional, the 'next_server' field in /etc/cobbler/settings must be set to something other than 127.0.0.1, and should match the IP of the boot server on the PXE network.
    3 : change 'disable' to 'no' in /etc/xinetd.d/tftp
    4 : some network boot-loaders are missing from /var/lib/cobbler/loaders, you may run 'cobbler get-loaders' to download them, or, if you only want to handle x86/x86_64 netbooting, you may ensure that you have installed a *recent* version of the syslinux package installed and can ignore this message entirely.  Files in this directory, should you want to support all architectures, should include pxelinux.0, menu.c32, elilo.efi, and yaboot. The 'cobbler get-loaders' command is the easiest way to resolve these requirements.
    5 : change 'disable' to 'no' in /etc/xinetd.d/rsync
    6 : file /etc/xinetd.d/rsync does not exist
    7 : comment out 'dists' on /etc/debmirror.conf for proper debian support
    8 : comment out 'arches' on /etc/debmirror.conf for proper debian support
    9 : The default password used by the sample templates for newly installed machines (default_password_crypted in /etc/cobbler/settings) is still set to 'cobbler' and should be changed, try: "openssl passwd -1 -salt 'random-phrase-here' 'your-password-here'" to generate new one
     问题解决：根据提示解决，个人的如下
          修改配置文件：settings
                   server  IP 为管理地址：10.10.111.20
                   next_server  IP 为管理地址：10.10.111.20 这个需要在配置dhcpd 一样
          修改/etc/xinetd.d/ tftp 和 rsync 文件：
          sed -i '/disable/c disable = no' /etc/xinetd.d/tftp
          sed -i -e 's/= yes/= no/g' /etc/xinetd.d/rsync
          service xinetd restart                 
          执行cobbler get-loaders 加载部分缺失的网络boot-loaders
          注释文件/etc/debmirror.conf 中的 dists 和 arches
          创建系统默认初始密码：cobbler' and should be changed, try: "openssl   passwd -1 -salt 'random-phrase-here' '12345678'  12345678就是系统安装好后root初始密码
               修改settings 文件：default_password_crypted: "$1$222222$D38AxheCTHf/nVAzlN0.z0"
  
配置dhcpd服务：
     cd /etc/dhcp   &&   cp /usr/share/doc/dhcp-4.1.1/dhcpd.conf.sample ./dhcpd.conf
          #############vim dhcpd.conf
          # option definitions common to all supported networks...
          option domain-name "flinux.org";
          option domain-name-servers 10.10.111.20, 192.168.131.2;
          default-lease-time 43200;
          max-lease-time 86400;
          # Use this to enble / disable dynamic dns updates globally.
          #ddns-update-style none;
          # If this DHCP server is the official DHCP server for the local
          # network, the authoritative directive should be uncommented.
          #authoritative;
          # Use this to send dhcp log messages to a different log file (you also
          # have to hack syslog.conf to complete the redirection).
          log-facility local7;
          # No service will be given on this subnet, but declaring it helps the
          subnet 10.10.111.0 netmask 255.255.255.0 {
                option routers             10.10.111.1;
                range dynamic-bootp        10.10.111.191 10.10.111.200;
          }
          next-server 10.10.111.20;
          filename="pxelinux.0";

配置服务：
     service httpd start 
     service cobblerd restart
     service dhcpd restart
     chkconfig httpd on
     chkconfig cobblerd on
     chkconfig dhcpd on

同步数据：
     cobbler  sync  基本修改操作之后都要运行

添加镜像：
这里使用光盘挂载添加：
     cobbler import --path=/media/ --name=CentOS-6.7-x86_64       
     --arch=x86_64
     --path：镜像路径
     --name：生成镜像名称：
     --arch：32位或者64位

     其实到这里，就可以使用上面导入的镜像profile进行无人值守网络安装了：
     查看distro和profile
     cobbler distro list
     cobbler profile list    

/var/lib/tftpboot/pxelinux.cfg/default
小小的排错思路：
1、一个是dhcp不能配置好，dhcpd next-server 10.10.111.20; ====》本地管理地址，也是cobbler的 next_server 地址
2、一个小小的坑：vm默认开启dhcp。所以这会对实验有影响。在安装系统的时候：影响就是找不到http://10.10.111.20/cblr/svc/op/ks/profile/CentOS-6.5-x86_64  这是自己的镜像 。关闭vm的dhcp

自己定制镜像模板profile：
先写一个xxx.cfg
     

创建profile：
cobbler profile add --name=centos-6.7-x86_64-basic 
     --distro=centos-6.7-x86_64    
     --kickstart=/var/lib/cobbler/kickstarts/CentOS-6.7-x86_64.cfg
     --name：定义profile名称
     --distro：指定distro
     --kickstart： 指定kickstart文件 xxx.cfg

     
安装系统的时候，可以使用原导入的镜像profile。也可以使用新建的profile
        

 .cfg文件附上：

#Kickstart Configurator by Jason Zhao
#platform=x86, AMD64, or Intel EM64T
#System language
lang en_US
#System keyboard
keyboard us
#Sytem timezone
timezone Asia/Shanghai
#Root password
rootpw --iscrypted$default_password_crypted
#rootpw --iscrypted$1$ops-node$7hqdpgEmIE7Z0RbtQkxW20
#Use text mode install
text
#Install OS instead of upgrade
install
#Use NFS installation Media
url --url=$tree
#url--url=http://172.16.1.199/CentOS-6.7-x86_64
#System bootloader configuration
bootloader --location=mbr
#Clear the Master Boot Record
zerombr
#Partition clearing information
clearpart --all --initlabel 
#Disk partitioning information
part /boot --fstype ext4 --size 1024--ondisk sda
part swap --size 16384 --ondisk sda
part / --fstype ext4 --size 1 --grow--ondisk sda
#System authorization infomation
auth --useshadow  --enablemd5 
#Network information
$SNIPPET('network_config')
#network --bootproto=dhcp --device=eth0--onboot=on
# Reboot after installation
reboot
#Firewall configuration
firewall --disabled 
#SELinux configuration
selinux --disabled
#Do not configure XWindows
skipx
 
%pre
$SNIPPET('log_ks_pre')
$SNIPPET('kickstart_start')
$SNIPPET('pre_install_network_config')
# Enable installation monitoring
$SNIPPET('pre_anamon')
%end
 
#Package install information
%packages
@ base
@ core
@debugging
@development
sysstat
tree
telnet
dos2unix
ntp
lrzsz
nfs-utils
rpcbind
openssl-devel
zlib-devel
nmap
screen
%end
 
%post
%end