自动化安装部署
https://www.cnblogs.com/nulige/p/6796593.html
PXE+Kickstart工作原理
pxe+kickstart工作流程
- 网卡上的pxe芯片有512字节,存放了DHCP和TFTP的客户端
- 启动计算机选择网卡启动,pxe上的DHCP客户端会发出广播包向DHCP服务器申请IP地址
- DHCP服务器分配给它IP地址的同时通过以下字段,告诉pxe,TFTP的地址和它要下载的文件(1.next-server x.x.x.x; 2.filename "pxelinux.0";)
- pxelinux.0告诉pxe要下载的配置文件是pxelinux.cfg目录下的default
- pxe下载并依据配置文件的内容下载启动必须的文件,并通过ks.cfg开始系统安装
Cobbler部署安装
环境 -CentOS7+Cobbler2.8.2
[root@cobbler kickstarts]# cat /etc/redhat-release
CentOS Linux release 7.4.1708 (Core)
[root@cobbler kickstarts]# uname -m
x86_64
[root@cobbler kickstarts]# uname -r
3.10.0-693.el7.x86_64
[root@cobbler ~]# cobbler version
Cobbler 2.8.2
CentOS Linux release 7.4.1708 (Core)
[root@cobbler kickstarts]# uname -m
x86_64
[root@cobbler kickstarts]# uname -r
3.10.0-693.el7.x86_64
[root@cobbler ~]# cobbler version
Cobbler 2.8.2
Cobbler运行流程
dhcp
client: 从dhcp中获取地址,访问next_server的ip地址
next_server : 获取启动内核,initrd等文件
tftp: pxe引导文件,启动cobbler选择界面
kickstart: 确定加载项,根据nfs,http,tfp等共享获取资源
部署过程
1.关闭selinux和防火墙
关闭SELINUX: setenforce 0 sed -i 's#SELINUX=enforcing#SELINUX=disabled#g' /etc/selinux/config 关闭防火墙: systemctl stop firewalld
2.安装epol源
rpm -ivh https://mirrors.aliyun.com/epel/7/x86_64/Packages/e/epel-release-7-11.noarch.rpm
3.安装cobbler
yum install -y httpd dhcp tftp cobbler cobbler-web pykickstart xinetd
4.启动httpd和cobbler服务
启动httpd服务: systemctl start httpd 启动cobblerd服务: systemctl start cobblerd
5.cobber check,完成要求
[root@cobbler ~]# cobbler check
The following are potential configuration items that you may want to fix:
1 : The 'server' field in /etc/cobbler/settings must be set to something other than localhost, or kickstarting features will not work. This should be a resolvable hostname or IP for the boot server as reachable by all machines that will use it.
修改/etc/cobbler/settings中的server字段IP为本机网卡IP
2 : For PXE to be functional, the 'next_server' field in /etc/cobbler/settings must be set to something other than 127.0.0.1, and should match the IP of the boot server on the PXE network.
修改/etc/cobbler/settings中next_server字段IP为本机IP
3 : SELinux is enabled. Please review the following wiki page for details on ensuring cobbler works correctly in your SELinux environment:
https://github.com/cobbler/cobbler/wiki/Selinux
关闭SELinux
4 : change 'disable' to 'no' in /etc/xinetd.d/tftp
修改/etc/xinetd.d/tftp中disable为no
5 : Some network boot-loaders are missing from /var/lib/cobbler/loaders, you may run 'cobbler get-loaders' to download them, or, if you only want to handle x86/x86_64 netbooting, you may ensure that you have installed a *recent* version of the syslinux package installed and can ignore this message entirely. Files in this directory, should you want to support all architectures, should include pxelinux.0, menu.c32, elilo.efi, and yaboot. The 'cobbler get-loaders' command is the easiest way to resolve these requirements.
运行cobbler get-loaders加载引导程序
6 : enable and start rsyncd.service with systemctl
启动rsyncd服务:systemctl start rsyncd
7 : debmirror package is not installed, it will be required to manage debian deployments and repositories
管理debian的部署和仓库,此处不管
8 : The default password used by the sample templates for newly installed machines (default_password_crypted in /etc/cobbler/settings) is still set to 'cobbler' and should be changed, try: "openssl passwd -1 -salt 'random-phrase-here' 'your-password-here'" to generate new one
运行openssl passwd -1 -salt '盐' '密码' 加密密钥字符串并替换掉/etc/cobbler/settings中default_password_crypted字段的值
9 : fencing tools were not found, and are required to use the (optional) power management features. install cman or fence-agents to use them
电源管理,此处不管
Restart cobblerd and then run 'cobbler sync' to apply changes.
6.完成要求后重启cobbler服务并再此cobbler check检查
systemctl restart cobblerd cobbler check
7.编辑修改/etc/cobbler/settings第242行为manage_dhcp: 1
编辑/etc/cobbler/dhcp.template,修改DHCP发布信息,即只修改
subnet 10.0.0.0 netmask 255.255.255.0 {
option routers 10.0.0.2;
option domain-name-servers 10.0.0.2;
option subnet-mask 255.255.255.0;
range dynamic-bootp 10.0.0.190 10.0.0.210;
8.重启cobblerd服务并执行cobbler sync
[root@cobbler ~]# systemctl restart cobblerd [root@cobbler ~]# cobbler sync task started: 2018-03-06_171312_sync task started (id=Sync, time=Tue Mar 6 17:13:12 2018) running pre-sync triggers cleaning trees removing: /var/lib/tftpboot/grub/images copying bootloaders copying: /var/lib/cobbler/loaders/pxelinux.0 -> /var/lib/tftpboot/pxelinux.0 copying: /var/lib/cobbler/loaders/menu.c32 -> /var/lib/tftpboot/menu.c32 copying: /var/lib/cobbler/loaders/yaboot -> /var/lib/tftpboot/yaboot copying: /usr/share/syslinux/memdisk -> /var/lib/tftpboot/memdisk copying: /var/lib/cobbler/loaders/grub-x86.efi -> /var/lib/tftpboot/grub/grub-x86.efi copying: /var/lib/cobbler/loaders/grub-x86_64.efi -> /var/lib/tftpboot/grub/grub-x86_64.efi copying distros to tftpboot copying images generating PXE configuration files generating PXE menu structure rendering DHCP files generating /etc/dhcp/dhcpd.conf rendering TFTPD files generating /etc/xinetd.d/tftp cleaning link caches running post-sync triggers running python triggers from /var/lib/cobbler/triggers/sync/post/* running python trigger cobbler.modules.sync_post_restart_services running: dhcpd -t -q received on stdout: received on stderr: running: service dhcpd restart received on stdout: received on stderr: Redirecting to /bin/systemctl restart dhcpd.service running shell triggers from /var/lib/cobbler/triggers/sync/post/* running python triggers from /var/lib/cobbler/triggers/change/* running python trigger cobbler.modules.scm_track running shell triggers from /var/lib/cobbler/triggers/change/* *** TASK COMPLETE *** [root@cobbler ~]#
9.挂载系统镜像并将系统镜像导入cobbler
查看光盘信息: [root@cobbler ~]# ll /dev/cdrom lrwxrwxrwx. 1 root root 3 Mar 6 16:08 /dev/cdrom -> sr0 挂载并导入cobbler: [root@cobbler ~]# mount /dev/cdrom /mnt/ mount: /dev/sr0 is write-protected, mounting read-only [root@cobbler ~]# [root@cobbler ~]# cobbler import --path=/mnt/ --name CentOS-7-x86_64 --arch=x86_64
10.自定义kickstarts文件
/var/lib/cobbler/kickstarts/为系统默认存放kickstarts文件的地方
cd /var/lib/cobbler/kickstarts/ rz **上传事先准备好的CentOS-7-x86_64.cfg文件** 自定义kickstarts: cobbler profile edit --name=CentOS-7-x86_64 --kickstart=/var/lib/cobbler/kickstarts/CentOS-7-x86_64.cfg CentOS 7默认网卡不是eth开头,修改内核参数使其成为eth开头 cobbler profile edit --name=CentOS-7-x86_64 --kopts='net.ifnames=0 biosdevname'
11.重启httpd,xinetd,cobblerd服务
systemctl restart httpd systemctl restart xinetd systemctl restart cobblerd cobbler sync
12.查看DHCP日志,查看自动安装情况
[root@cobbler kickstarts]# tail -f /var/log/messages Mar 6 17:51:57 localhost dhcpd: Copyright 2004-2013 Internet Systems Consortium. Mar 6 17:51:57 localhost dhcpd: All rights reserved. Mar 6 17:51:57 localhost dhcpd: For info, please visit https://www.isc.org/software/dhcp/ Mar 6 17:51:57 localhost dhcpd: Not searching LDAP since ldap-server, ldap-port and ldap-base-dn were not specified in the config file Mar 6 17:51:57 localhost dhcpd: Wrote 0 class decls to leases file. Mar 6 17:51:57 localhost dhcpd: Wrote 0 leases to leases file. Mar 6 17:51:57 localhost dhcpd: Listening on LPF/ens33/00:0c:29:54:bf:8c/10.0.0.0/24 Mar 6 17:51:57 localhost dhcpd: Sending on LPF/ens33/00:0c:29:54:bf:8c/10.0.0.0/24 Mar 6 17:51:57 localhost dhcpd: Sending on Socket/fallback/fallback-net Mar 6 17:51:57 localhost systemd: Started DHCPv4 Server Daemon.
13.开启一个新机器,选择网卡启动(默认就是网卡启动)
进入cobbler界面成功!!!
此时查看cobbler服务器DHCP日志信息:
[root@cobbler kickstarts]# tail -f /var/log/messages Mar 6 17:51:57 localhost dhcpd: Copyright 2004-2013 Internet Systems Consortium. Mar 6 17:51:57 localhost dhcpd: All rights reserved. Mar 6 17:51:57 localhost dhcpd: For info, please visit https://www.isc.org/software/dhcp/ Mar 6 17:51:57 localhost dhcpd: Not searching LDAP since ldap-server, ldap-port and ldap-base-dn were not specified in the config file Mar 6 17:51:57 localhost dhcpd: Wrote 0 class decls to leases file. Mar 6 17:51:57 localhost dhcpd: Wrote 0 leases to leases file. Mar 6 17:51:57 localhost dhcpd: Listening on LPF/ens33/00:0c:29:54:bf:8c/10.0.0.0/24 Mar 6 17:51:57 localhost dhcpd: Sending on LPF/ens33/00:0c:29:54:bf:8c/10.0.0.0/24 Mar 6 17:51:57 localhost dhcpd: Sending on Socket/fallback/fallback-net Mar 6 17:51:57 localhost systemd: Started DHCPv4 Server Daemon. Mar 6 17:55:29 localhost dhcpd: DHCPDISCOVER from 00:0c:29:50:15:83 via ens33 Mar 6 17:55:30 localhost dhcpd: DHCPOFFER on 10.0.0.190 to 00:0c:29:50:15:83 via ens33 Mar 6 17:55:32 localhost dhcpd: DHCPREQUEST for 10.0.0.190 (10.0.0.181) from 00:0c:29:50:15:83 via ens33 Mar 6 17:55:32 localhost dhcpd: DHCPACK on 10.0.0.190 to 00:0c:29:50:15:83 via ens33 Mar 6 17:55:32 localhost xinetd[17293]: START: tftp pid=17333 from=10.0.0.190 Mar 6 17:55:32 localhost in.tftpd[17334]: RRQ from 10.0.0.190 filename pxelinux.0 Mar 6 17:55:32 localhost in.tftpd[17334]: tftp: client does not accept options Mar 6 17:55:32 localhost in.tftpd[17335]: RRQ from 10.0.0.190 filename pxelinux.0 Mar 6 17:55:32 localhost in.tftpd[17335]: Client 10.0.0.190 finished pxelinux.0 Mar 6 17:55:32 localhost in.tftpd[17336]: RRQ from 10.0.0.190 filename pxelinux.cfg/564d2383-4d62-184e-37d8-2d30ad501583 Mar 6 17:55:32 localhost in.tftpd[17336]: Client 10.0.0.190 File not found pxelinux.cfg/564d2383-4d62-184e-37d8-2d30ad501583 Mar 6 17:55:32 localhost in.tftpd[17337]: RRQ from 10.0.0.190 filename pxelinux.cfg/01-00-0c-29-50-15-83 Mar 6 17:55:32 localhost in.tftpd[17337]: Client 10.0.0.190 File not found pxelinux.cfg/01-00-0c-29-50-15-83 Mar 6 17:55:32 localhost in.tftpd[17338]: RRQ from 10.0.0.190 filename pxelinux.cfg/0A0000BE Mar 6 17:55:32 localhost in.tftpd[17338]: Client 10.0.0.190 File not found pxelinux.cfg/0A0000BE Mar 6 17:55:32 localhost in.tftpd[17339]: RRQ from 10.0.0.190 filename pxelinux.cfg/0A0000B Mar 6 17:55:32 localhost in.tftpd[17339]: Client 10.0.0.190 File not found pxelinux.cfg/0A0000B Mar 6 17:55:32 localhost in.tftpd[17340]: RRQ from 10.0.0.190 filename pxelinux.cfg/0A0000 Mar 6 17:55:32 localhost in.tftpd[17340]: Client 10.0.0.190 File not found pxelinux.cfg/0A0000 Mar 6 17:55:32 localhost in.tftpd[17341]: RRQ from 10.0.0.190 filename pxelinux.cfg/0A000 Mar 6 17:55:32 localhost in.tftpd[17341]: Client 10.0.0.190 File not found pxelinux.cfg/0A000 Mar 6 17:55:32 localhost in.tftpd[17342]: RRQ from 10.0.0.190 filename pxelinux.cfg/0A00 Mar 6 17:55:32 localhost in.tftpd[17342]: Client 10.0.0.190 File not found pxelinux.cfg/0A00 Mar 6 17:55:32 localhost in.tftpd[17343]: RRQ from 10.0.0.190 filename pxelinux.cfg/0A0 Mar 6 17:55:32 localhost in.tftpd[17343]: Client 10.0.0.190 File not found pxelinux.cfg/0A0 Mar 6 17:55:32 localhost in.tftpd[17344]: RRQ from 10.0.0.190 filename pxelinux.cfg/0A Mar 6 17:55:32 localhost in.tftpd[17344]: Client 10.0.0.190 File not found pxelinux.cfg/0A Mar 6 17:55:32 localhost in.tftpd[17345]: RRQ from 10.0.0.190 filename pxelinux.cfg/0 Mar 6 17:55:32 localhost in.tftpd[17345]: Client 10.0.0.190 File not found pxelinux.cfg/0 Mar 6 17:55:32 localhost in.tftpd[17346]: RRQ from 10.0.0.190 filename pxelinux.cfg/default Mar 6 17:55:32 localhost in.tftpd[17346]: Client 10.0.0.190 finished pxelinux.cfg/default Mar 6 17:55:32 localhost in.tftpd[17347]: RRQ from 10.0.0.190 filename menu Mar 6 17:55:32 localhost in.tftpd[17347]: Client 10.0.0.190 File not found menu Mar 6 17:55:32 localhost in.tftpd[17348]: RRQ from 10.0.0.190 filename menu.cbt Mar 6 17:55:32 localhost in.tftpd[17348]: Client 10.0.0.190 File not found menu.cbt Mar 6 17:55:32 localhost in.tftpd[17349]: RRQ from 10.0.0.190 filename menu.0 Mar 6 17:55:32 localhost in.tftpd[17349]: Client 10.0.0.190 File not found menu.0 Mar 6 17:55:32 localhost in.tftpd[17350]: RRQ from 10.0.0.190 filename menu.com Mar 6 17:55:32 localhost in.tftpd[17350]: Client 10.0.0.190 File not found menu.com Mar 6 17:55:32 localhost in.tftpd[17351]: RRQ from 10.0.0.190 filename menu.c32 Mar 6 17:55:32 localhost in.tftpd[17351]: Client 10.0.0.190 finished menu.c32 Mar 6 17:55:32 localhost in.tftpd[17352]: RRQ from 10.0.0.190 filename pxelinux.cfg/default Mar 6 17:55:32 localhost in.tftpd[17352]: Client 10.0.0.190 finished pxelinux.cfg/default
CentOS-7-x86_64.cfg文件内容
[root@cobbler kickstarts]# cat CentOS-7-x86_64.cfg
#### cobbler for Kickstart Configurator for CentOS 7.4 by ChenTaicheng
install
url --url=$tree
text
lang en_US.UTF-8
keyboard us
zerombr
bootloader --location=mbr
# Network information
$SNIPPET('network_config')
timezone --utc Asia/Shanghai
authconfig --enableshadow --passalgo=sha512
rootpw --iscrypted $default_password_crypted
clearpart --all --initlabel
part /boot --fstype xfs --size 200
part swap --size 200
part / --fstype xfs --size 9500
firstboot --disable
selinux --disabled
firewall --disabled
logging --level=info
reboot
%pre
$SNIPPET('log_ks_pre')
$SNIPPET('kickstart_start')
$SNIPPET('pre_install_network_config')
#Enable installation monitoring
$SNIPPET('pre_anamon')
%end
%packages
@base
@compat-libraries
@debugging
@development
tree
nmap
sysstat
lrzsz
dos2unix
telnet
iptraf
ncurses-devel
openssl-devel
zlib-devel
OpenIPMI-tools
screen
%end
%post
systemctl disable postfix.service
%end[root@cobbler kickstarts]#
CentOS-6.6-x86_64.cfg文件内容
#platform=x86, AMD64, or Intel EM64T
#System authorization information
auth --useshadow --enablemd5
#System bootloader configuration
bootloader --location=mbr
#Partition clearing information
clearpart --all --initlabel
#Partition information
part /boot --fstype ext4 --size 1024 --ondisk sda
part swap --size=1500
part / --fstype ext4 --size 1 --grow --ondisk sda
#Use text mode install
text
#Firewall configuration
firewall --disable
#Run the Setup Agent on first boot
firstboot --disable
#System keyboard
keyboard us
#System language
lang en_US
#Use network installation
url --url=$tree
#If any cobbler repo definitions were referenced in the kickstart profile, include them here.
$yum_repo_stanza
#Network information
$SNIPPET('network_config')
#network --bootproto=dhcp --device=em1
#Reboot after installation
reboot
#Root password
rootpw --iscrypted $default_password_crypted
#SELinux configuration
selinux --disabled
#Do not configure the X Window System
skipx
#System timezone
timezone Asia/Shanghai
#Install OS instead of upgrade
install
#Clear the Master Boot Record
zerombr
%packages
@base
@compat-libraries
@debugging
@development
tree
nmap
sysstat
lrzsz
dos2unix
telnet
%pre
$SNIPPET('log_ks_pre')
$SNIPPET('kickstart_start')
$SNIPPET('pre_install_network_config')
#Enable installation monitoring
$SNIPPET('pre_anamon')
%post
%end
###定制开始显示网站
[root@cobbler ~]# cd /etc/cobbler/pxe
[root@cobbler pxe]# cat pxedefault.template
DEFAULT menu
PROMPT 0
MENU TITLE Cobbler | http://cobbler.github.io
TIMEOUT 200
TOTALTIMEOUT 6000
ONTIMEOUT $pxe_timeout_profile
LABEL local
MENU LABEL (local)
MENU DEFAULT
LOCALBOOT -1
$pxe_menu_items
MENU end
扩展
客户机自动重新安装
客户端执行:
yum install -y koan koan --server=10.0.0.181 --list=profiles koan --replace-self --server=10.0.0.181 --profile=CentOS-7-x86_64
搭建yum源
服务端配置
1.添加repo cobbler repo add --name=openstack-queens --mirror=https://mirrors.aliyun.com/centos/7.4.1708/cloud/x86_64/openstack-queens/ --arch=x86_64 --breed=yum 2.同步repo cobbler reposync 3.添加repo到对应的profile cobbler profile edit --name=CentOS-7-x86_64 --repos="openstack-queens" 4.修改kickstart文件,添加下面内容到%post %end中间 systemctl disable postfix.service %yum_config_stanza
根据MAC定制化装机
cobbler system add --name=linux-node2.oldboyedu.com --mac=00:50:56:21:AF:72 --profile=CentOS-7-x86_64 --ip-address=10.0.0.199 --subnet=255.255.255.0 --gateway=10.0.0.2 --interface=eth0 --static=1 --hostname=linux-node2.oldboyedu.com --name-servers="10.0.0.2" --kickstart=/var/lib/cobbler/kickstarts/CentOS-7-x86_64.cfg
相关命令及文件
cobbler #cobbler程序包 cobbler-web #cobbler的web服务包 pykickstart #cobbler检查kickstart语法错误 httpd #Apache web服务 /etc/cobbler # 配置文件目录 /etc/cobbler/settings # cobbler主配置文件 /etc/cobbler/dhcp.template # DHCP服务的配置模板 /etc/cobbler/tftpd.template # tftp服务的配置模板 /etc/cobbler/rsync.template # rsync服务的配置模板 /etc/cobbler/iso # iso模板配置文件目录 /etc/cobbler/pxe # pxe模板文件目录 /etc/cobbler/power # 电源的配置文件目录 /etc/cobbler/users.conf # Web服务授权配置文件 /etc/cobbler/users.digest # web访问的用户名密码配置文件 /etc/cobbler/dnsmasq.template # DNS服务的配置模板 /etc/cobbler/modules.conf # Cobbler模块配置文件 /var/lib/cobbler # Cobbler数据目录 /var/lib/cobbler/config # 配置文件 /var/lib/cobbler/kickstarts # 默认存放kickstart文件 /var/lib/cobbler/loaders # 存放的各种引导程序 /var/www/cobbler # 系统安装镜像目录 /var/www/cobbler/ks_mirror # 导入的系统镜像列表 /var/www/cobbler/images # 导入的系统镜像启动文件 /var/www/cobbler/repo_mirror # yum源存储目录 /var/log/cobbler # 日志目录 /var/log/cobbler/install.log # 客户端系统安装日志 /var/log/cobbler/cobbler.log # cobbler日志 导入镜像命令 cobbler import --path=/mnt/ --name Centos-6.6-x86_64 --arch=x86_64 ####--path 镜像路径 ####--name 为安装源定义一个名称 ####--arch 指定安装源是32位、64位、ia64, 目前支持的选项有: x86│x86_64│ia64 查看导入信息 cobbler profile report