• Cobbler自动化安装部署系统


    自动化安装部署

    https://www.cnblogs.com/nulige/p/6796593.html

    PXE+Kickstart工作原理

    pxe+kickstart工作流程

    1. 网卡上的pxe芯片有512字节,存放了DHCP和TFTP的客户端
    2. 启动计算机选择网卡启动,pxe上的DHCP客户端会发出广播包向DHCP服务器申请IP地址
    3. DHCP服务器分配给它IP地址的同时通过以下字段,告诉pxe,TFTP的地址和它要下载的文件(1.next-server x.x.x.x; 2.filename "pxelinux.0";)
    4. pxelinux.0告诉pxe要下载的配置文件是pxelinux.cfg目录下的default
    5. pxe下载并依据配置文件的内容下载启动必须的文件,并通过ks.cfg开始系统安装


    Cobbler部署安装

    环境 -CentOS7+Cobbler2.8.2

    官网:http://cobbler.github.io/

    [root@cobbler kickstarts]# cat /etc/redhat-release
    CentOS Linux release 7.4.1708 (Core)
    [root@cobbler kickstarts]# uname -m
    x86_64
    [root@cobbler kickstarts]# uname -r
    3.10.0-693.el7.x86_64
    [root@cobbler ~]# cobbler version
    Cobbler 2.8.2

    Cobbler运行流程

    dhcp
    client: 从dhcp中获取地址,访问next_server的ip地址
    next_server : 获取启动内核,initrd等文件
    tftp: pxe引导文件,启动cobbler选择界面
    kickstart: 确定加载项,根据nfs,http,tfp等共享获取资源
    

    部署过程

    1.关闭selinux和防火墙

    关闭SELINUX:
    setenforce 0
    sed -i 's#SELINUX=enforcing#SELINUX=disabled#g' /etc/selinux/config
    
    关闭防火墙:
    systemctl stop firewalld
    

    2.安装epol源

    rpm -ivh https://mirrors.aliyun.com/epel/7/x86_64/Packages/e/epel-release-7-11.noarch.rpm
    

    3.安装cobbler

    yum install -y httpd dhcp tftp cobbler cobbler-web pykickstart  xinetd
    

    4.启动httpd和cobbler服务

    启动httpd服务:
    systemctl start httpd
    启动cobblerd服务:
    systemctl start cobblerd
    

    5.cobber check,完成要求

    [root@cobbler ~]# cobbler check
    The following are potential configuration items that you may want to fix:
    
    1 : The 'server' field in /etc/cobbler/settings must be set to something other than localhost, or kickstarting features will not work.  This should be a resolvable hostname or IP for the boot server as reachable by all machines that will use it.
    修改/etc/cobbler/settings中的server字段IP为本机网卡IP
    2 : For PXE to be functional, the 'next_server' field in /etc/cobbler/settings must be set to something other than 127.0.0.1, and should match the IP of the boot server on the PXE network.
    修改/etc/cobbler/settings中next_server字段IP为本机IP
    3 : SELinux is enabled. Please review the following wiki page for details on ensuring cobbler works correctly in your SELinux environment:
        https://github.com/cobbler/cobbler/wiki/Selinux
    关闭SELinux
    4 : change 'disable' to 'no' in /etc/xinetd.d/tftp
    修改/etc/xinetd.d/tftp中disable为no
    5 : Some network boot-loaders are missing from /var/lib/cobbler/loaders, you may run 'cobbler get-loaders' to download them, or, if you only want to handle x86/x86_64 netbooting, you may ensure that you have installed a *recent* version of the syslinux package installed and can ignore this message entirely.  Files in this directory, should you want to support all architectures, should include pxelinux.0, menu.c32, elilo.efi, and yaboot. The 'cobbler get-loaders' command is the easiest way to resolve these requirements.
    运行cobbler get-loaders加载引导程序
    6 : enable and start rsyncd.service with systemctl
    启动rsyncd服务:systemctl start rsyncd
    7 : debmirror package is not installed, it will be required to manage debian deployments and repositories
    管理debian的部署和仓库,此处不管
    8 : The default password used by the sample templates for newly installed machines (default_password_crypted in /etc/cobbler/settings) is still set to 'cobbler' and should be changed, try: "openssl passwd -1 -salt 'random-phrase-here' 'your-password-here'" to generate new one
    运行openssl passwd -1 -salt '盐' '密码' 加密密钥字符串并替换掉/etc/cobbler/settings中default_password_crypted字段的值
    9 : fencing tools were not found, and are required to use the (optional) power management features. install cman or fence-agents to use them
    电源管理,此处不管
    
    Restart cobblerd and then run 'cobbler sync' to apply changes.
    

    6.完成要求后重启cobbler服务并再此cobbler check检查

    systemctl restart cobblerd
    cobbler check
    

    7.编辑修改/etc/cobbler/settings第242行为manage_dhcp: 1
    编辑/etc/cobbler/dhcp.template,修改DHCP发布信息,即只修改

    subnet 10.0.0.0 netmask 255.255.255.0 {
         option routers             10.0.0.2;
         option domain-name-servers 10.0.0.2;
         option subnet-mask         255.255.255.0;
         range dynamic-bootp        10.0.0.190 10.0.0.210;
    

    8.重启cobblerd服务并执行cobbler sync

    [root@cobbler ~]# systemctl restart cobblerd
    [root@cobbler ~]# cobbler sync
    task started: 2018-03-06_171312_sync
    task started (id=Sync, time=Tue Mar  6 17:13:12 2018)
    running pre-sync triggers
    cleaning trees
    removing: /var/lib/tftpboot/grub/images
    copying bootloaders
    copying: /var/lib/cobbler/loaders/pxelinux.0 -> /var/lib/tftpboot/pxelinux.0
    copying: /var/lib/cobbler/loaders/menu.c32 -> /var/lib/tftpboot/menu.c32
    copying: /var/lib/cobbler/loaders/yaboot -> /var/lib/tftpboot/yaboot
    copying: /usr/share/syslinux/memdisk -> /var/lib/tftpboot/memdisk
    copying: /var/lib/cobbler/loaders/grub-x86.efi -> /var/lib/tftpboot/grub/grub-x86.efi
    copying: /var/lib/cobbler/loaders/grub-x86_64.efi -> /var/lib/tftpboot/grub/grub-x86_64.efi
    copying distros to tftpboot
    copying images
    generating PXE configuration files
    generating PXE menu structure
    rendering DHCP files
    generating /etc/dhcp/dhcpd.conf
    rendering TFTPD files
    generating /etc/xinetd.d/tftp
    cleaning link caches
    running post-sync triggers
    running python triggers from /var/lib/cobbler/triggers/sync/post/*
    running python trigger cobbler.modules.sync_post_restart_services
    running: dhcpd -t -q
    received on stdout: 
    received on stderr: 
    running: service dhcpd restart
    received on stdout: 
    received on stderr: Redirecting to /bin/systemctl restart dhcpd.service
    
    running shell triggers from /var/lib/cobbler/triggers/sync/post/*
    running python triggers from /var/lib/cobbler/triggers/change/*
    running python trigger cobbler.modules.scm_track
    running shell triggers from /var/lib/cobbler/triggers/change/*
    *** TASK COMPLETE ***
    [root@cobbler ~]# 
    

    9.挂载系统镜像并将系统镜像导入cobbler

    查看光盘信息:
    [root@cobbler ~]# ll /dev/cdrom 
    lrwxrwxrwx. 1 root root 3 Mar  6 16:08 /dev/cdrom -> sr0
    挂载并导入cobbler:
    [root@cobbler ~]# mount /dev/cdrom /mnt/
    mount: /dev/sr0 is write-protected, mounting read-only
    [root@cobbler ~]# 
    [root@cobbler ~]# cobbler import --path=/mnt/ --name CentOS-7-x86_64 --arch=x86_64
    

    10.自定义kickstarts文件
    /var/lib/cobbler/kickstarts/为系统默认存放kickstarts文件的地方

    cd /var/lib/cobbler/kickstarts/
    rz
    **上传事先准备好的CentOS-7-x86_64.cfg文件**
    
    自定义kickstarts:
    cobbler profile edit --name=CentOS-7-x86_64 --kickstart=/var/lib/cobbler/kickstarts/CentOS-7-x86_64.cfg
    
    CentOS 7默认网卡不是eth开头,修改内核参数使其成为eth开头
    cobbler profile edit --name=CentOS-7-x86_64 --kopts='net.ifnames=0 biosdevname'
    

    11.重启httpd,xinetd,cobblerd服务

    systemctl restart httpd
    systemctl restart xinetd
    systemctl restart cobblerd
    cobbler sync
    

    12.查看DHCP日志,查看自动安装情况

    [root@cobbler kickstarts]# tail -f /var/log/messages 
    Mar  6 17:51:57 localhost dhcpd: Copyright 2004-2013 Internet Systems Consortium.
    Mar  6 17:51:57 localhost dhcpd: All rights reserved.
    Mar  6 17:51:57 localhost dhcpd: For info, please visit https://www.isc.org/software/dhcp/
    Mar  6 17:51:57 localhost dhcpd: Not searching LDAP since ldap-server, ldap-port and ldap-base-dn were not specified in the config file
    Mar  6 17:51:57 localhost dhcpd: Wrote 0 class decls to leases file.
    Mar  6 17:51:57 localhost dhcpd: Wrote 0 leases to leases file.
    Mar  6 17:51:57 localhost dhcpd: Listening on LPF/ens33/00:0c:29:54:bf:8c/10.0.0.0/24
    Mar  6 17:51:57 localhost dhcpd: Sending on   LPF/ens33/00:0c:29:54:bf:8c/10.0.0.0/24
    Mar  6 17:51:57 localhost dhcpd: Sending on   Socket/fallback/fallback-net
    Mar  6 17:51:57 localhost systemd: Started DHCPv4 Server Daemon.
    
    

    13.开启一个新机器,选择网卡启动(默认就是网卡启动)

    进入cobbler界面成功!!!
    此时查看cobbler服务器DHCP日志信息:

    [root@cobbler kickstarts]# tail -f /var/log/messages 
    Mar  6 17:51:57 localhost dhcpd: Copyright 2004-2013 Internet Systems Consortium.
    Mar  6 17:51:57 localhost dhcpd: All rights reserved.
    Mar  6 17:51:57 localhost dhcpd: For info, please visit https://www.isc.org/software/dhcp/
    Mar  6 17:51:57 localhost dhcpd: Not searching LDAP since ldap-server, ldap-port and ldap-base-dn were not specified in the config file
    Mar  6 17:51:57 localhost dhcpd: Wrote 0 class decls to leases file.
    Mar  6 17:51:57 localhost dhcpd: Wrote 0 leases to leases file.
    Mar  6 17:51:57 localhost dhcpd: Listening on LPF/ens33/00:0c:29:54:bf:8c/10.0.0.0/24
    Mar  6 17:51:57 localhost dhcpd: Sending on   LPF/ens33/00:0c:29:54:bf:8c/10.0.0.0/24
    Mar  6 17:51:57 localhost dhcpd: Sending on   Socket/fallback/fallback-net
    Mar  6 17:51:57 localhost systemd: Started DHCPv4 Server Daemon.
    Mar  6 17:55:29 localhost dhcpd: DHCPDISCOVER from 00:0c:29:50:15:83 via ens33
    Mar  6 17:55:30 localhost dhcpd: DHCPOFFER on 10.0.0.190 to 00:0c:29:50:15:83 via ens33
    Mar  6 17:55:32 localhost dhcpd: DHCPREQUEST for 10.0.0.190 (10.0.0.181) from 00:0c:29:50:15:83 via ens33
    Mar  6 17:55:32 localhost dhcpd: DHCPACK on 10.0.0.190 to 00:0c:29:50:15:83 via ens33
    Mar  6 17:55:32 localhost xinetd[17293]: START: tftp pid=17333 from=10.0.0.190
    Mar  6 17:55:32 localhost in.tftpd[17334]: RRQ from 10.0.0.190 filename pxelinux.0
    Mar  6 17:55:32 localhost in.tftpd[17334]: tftp: client does not accept options
    Mar  6 17:55:32 localhost in.tftpd[17335]: RRQ from 10.0.0.190 filename pxelinux.0
    Mar  6 17:55:32 localhost in.tftpd[17335]: Client 10.0.0.190 finished pxelinux.0
    Mar  6 17:55:32 localhost in.tftpd[17336]: RRQ from 10.0.0.190 filename pxelinux.cfg/564d2383-4d62-184e-37d8-2d30ad501583
    Mar  6 17:55:32 localhost in.tftpd[17336]: Client 10.0.0.190 File not found pxelinux.cfg/564d2383-4d62-184e-37d8-2d30ad501583
    Mar  6 17:55:32 localhost in.tftpd[17337]: RRQ from 10.0.0.190 filename pxelinux.cfg/01-00-0c-29-50-15-83
    Mar  6 17:55:32 localhost in.tftpd[17337]: Client 10.0.0.190 File not found pxelinux.cfg/01-00-0c-29-50-15-83
    Mar  6 17:55:32 localhost in.tftpd[17338]: RRQ from 10.0.0.190 filename pxelinux.cfg/0A0000BE
    Mar  6 17:55:32 localhost in.tftpd[17338]: Client 10.0.0.190 File not found pxelinux.cfg/0A0000BE
    Mar  6 17:55:32 localhost in.tftpd[17339]: RRQ from 10.0.0.190 filename pxelinux.cfg/0A0000B
    Mar  6 17:55:32 localhost in.tftpd[17339]: Client 10.0.0.190 File not found pxelinux.cfg/0A0000B
    Mar  6 17:55:32 localhost in.tftpd[17340]: RRQ from 10.0.0.190 filename pxelinux.cfg/0A0000
    Mar  6 17:55:32 localhost in.tftpd[17340]: Client 10.0.0.190 File not found pxelinux.cfg/0A0000
    Mar  6 17:55:32 localhost in.tftpd[17341]: RRQ from 10.0.0.190 filename pxelinux.cfg/0A000
    Mar  6 17:55:32 localhost in.tftpd[17341]: Client 10.0.0.190 File not found pxelinux.cfg/0A000
    Mar  6 17:55:32 localhost in.tftpd[17342]: RRQ from 10.0.0.190 filename pxelinux.cfg/0A00
    Mar  6 17:55:32 localhost in.tftpd[17342]: Client 10.0.0.190 File not found pxelinux.cfg/0A00
    Mar  6 17:55:32 localhost in.tftpd[17343]: RRQ from 10.0.0.190 filename pxelinux.cfg/0A0
    Mar  6 17:55:32 localhost in.tftpd[17343]: Client 10.0.0.190 File not found pxelinux.cfg/0A0
    Mar  6 17:55:32 localhost in.tftpd[17344]: RRQ from 10.0.0.190 filename pxelinux.cfg/0A
    Mar  6 17:55:32 localhost in.tftpd[17344]: Client 10.0.0.190 File not found pxelinux.cfg/0A
    Mar  6 17:55:32 localhost in.tftpd[17345]: RRQ from 10.0.0.190 filename pxelinux.cfg/0
    Mar  6 17:55:32 localhost in.tftpd[17345]: Client 10.0.0.190 File not found pxelinux.cfg/0
    Mar  6 17:55:32 localhost in.tftpd[17346]: RRQ from 10.0.0.190 filename pxelinux.cfg/default
    Mar  6 17:55:32 localhost in.tftpd[17346]: Client 10.0.0.190 finished pxelinux.cfg/default
    Mar  6 17:55:32 localhost in.tftpd[17347]: RRQ from 10.0.0.190 filename menu
    Mar  6 17:55:32 localhost in.tftpd[17347]: Client 10.0.0.190 File not found menu
    Mar  6 17:55:32 localhost in.tftpd[17348]: RRQ from 10.0.0.190 filename menu.cbt
    Mar  6 17:55:32 localhost in.tftpd[17348]: Client 10.0.0.190 File not found menu.cbt
    Mar  6 17:55:32 localhost in.tftpd[17349]: RRQ from 10.0.0.190 filename menu.0
    Mar  6 17:55:32 localhost in.tftpd[17349]: Client 10.0.0.190 File not found menu.0
    Mar  6 17:55:32 localhost in.tftpd[17350]: RRQ from 10.0.0.190 filename menu.com
    Mar  6 17:55:32 localhost in.tftpd[17350]: Client 10.0.0.190 File not found menu.com
    Mar  6 17:55:32 localhost in.tftpd[17351]: RRQ from 10.0.0.190 filename menu.c32
    Mar  6 17:55:32 localhost in.tftpd[17351]: Client 10.0.0.190 finished menu.c32
    Mar  6 17:55:32 localhost in.tftpd[17352]: RRQ from 10.0.0.190 filename pxelinux.cfg/default
    Mar  6 17:55:32 localhost in.tftpd[17352]: Client 10.0.0.190 finished pxelinux.cfg/default
    

    CentOS-7-x86_64.cfg文件内容

    [root@cobbler kickstarts]# cat CentOS-7-x86_64.cfg 
    #### cobbler for Kickstart Configurator for CentOS 7.4 by ChenTaicheng
    install
    url --url=$tree  
    text
    lang en_US.UTF-8
    keyboard us
    zerombr
    bootloader --location=mbr 
    # Network information
    $SNIPPET('network_config')
    timezone --utc Asia/Shanghai
    authconfig --enableshadow --passalgo=sha512
    rootpw  --iscrypted $default_password_crypted
    clearpart --all --initlabel
    part /boot --fstype xfs --size 200  
    part swap --size 200
    part / --fstype xfs --size 9500
    firstboot --disable
    selinux --disabled
    firewall --disabled
    logging --level=info
    reboot
    %pre
    $SNIPPET('log_ks_pre')
    $SNIPPET('kickstart_start')
    $SNIPPET('pre_install_network_config')
    #Enable installation monitoring
    $SNIPPET('pre_anamon')
    %end
    %packages
    @base
    @compat-libraries
    @debugging
    @development
    tree
    nmap
    sysstat
    lrzsz
    dos2unix
    telnet
    iptraf
    ncurses-devel
    openssl-devel
    zlib-devel
    OpenIPMI-tools
    screen
    %end
    %post
    systemctl disable postfix.service
    %end[root@cobbler kickstarts]#
    

    CentOS-6.6-x86_64.cfg文件内容

    #platform=x86, AMD64, or Intel EM64T
    #System authorization information
    auth  --useshadow  --enablemd5
    #System bootloader configuration
    bootloader --location=mbr
    #Partition clearing information
    clearpart --all --initlabel
    #Partition information
    part /boot --fstype ext4 --size 1024 --ondisk sda
    part swap --size=1500
    part / --fstype ext4 --size 1 --grow --ondisk sda
      
    #Use text mode install
    text
    #Firewall configuration
    firewall --disable
    #Run the Setup Agent on first boot
    firstboot --disable
    #System keyboard
    keyboard us
    #System language
    lang en_US
    #Use network installation
    url --url=$tree
    #If any cobbler repo definitions were referenced in the kickstart profile, include them here.
    $yum_repo_stanza
    #Network information
    $SNIPPET('network_config')
    #network --bootproto=dhcp   --device=em1
    #Reboot after installation
    reboot
     
    #Root password
    rootpw --iscrypted $default_password_crypted
    #SELinux configuration
    selinux --disabled
    #Do not configure the X Window System
    skipx
    #System timezone
    timezone   Asia/Shanghai
    #Install OS instead of upgrade
    install
    #Clear the Master Boot Record
    zerombr
      
    %packages
    @base
    @compat-libraries
    @debugging
    @development
    tree
    nmap
    sysstat
    lrzsz
    dos2unix
    telnet
    
    %pre
    $SNIPPET('log_ks_pre')
    $SNIPPET('kickstart_start')
    $SNIPPET('pre_install_network_config')
    #Enable installation monitoring
    $SNIPPET('pre_anamon')
      
    %post
    
    %end
    
    ###定制开始显示网站
    [root@cobbler ~]# cd /etc/cobbler/pxe
    [root@cobbler pxe]# cat pxedefault.template 
    DEFAULT menu
    PROMPT 0
    MENU TITLE Cobbler | http://cobbler.github.io
    TIMEOUT 200
    TOTALTIMEOUT 6000
    ONTIMEOUT $pxe_timeout_profile
    
    LABEL local
            MENU LABEL (local)
            MENU DEFAULT
            LOCALBOOT -1
    
    $pxe_menu_items
    
    MENU end
    


    扩展

    客户机自动重新安装

    客户端执行:

    yum install -y koan
    koan --server=10.0.0.181 --list=profiles
    koan --replace-self --server=10.0.0.181 --profile=CentOS-7-x86_64
    

    搭建yum源

    服务端配置

    1.添加repo
    cobbler repo add --name=openstack-queens --mirror=https://mirrors.aliyun.com/centos/7.4.1708/cloud/x86_64/openstack-queens/ --arch=x86_64 --breed=yum
    2.同步repo
    cobbler reposync
    3.添加repo到对应的profile
    cobbler profile edit --name=CentOS-7-x86_64 --repos="openstack-queens"
    4.修改kickstart文件,添加下面内容到%post %end中间
    systemctl disable postfix.service
    %yum_config_stanza
    

    根据MAC定制化装机

    cobbler system add --name=linux-node2.oldboyedu.com --mac=00:50:56:21:AF:72 --profile=CentOS-7-x86_64 
    --ip-address=10.0.0.199 --subnet=255.255.255.0 --gateway=10.0.0.2 --interface=eth0 
    --static=1 --hostname=linux-node2.oldboyedu.com --name-servers="10.0.0.2" 
    --kickstart=/var/lib/cobbler/kickstarts/CentOS-7-x86_64.cfg
    

    相关命令及文件

    cobbler    #cobbler程序包
    cobbler-web  #cobbler的web服务包
    pykickstart  #cobbler检查kickstart语法错误
    httpd       #Apache web服务
     
    /etc/cobbler                   # 配置文件目录
    /etc/cobbler/settings         # cobbler主配置文件
    /etc/cobbler/dhcp.template    # DHCP服务的配置模板
    /etc/cobbler/tftpd.template   # tftp服务的配置模板
    /etc/cobbler/rsync.template   # rsync服务的配置模板
    /etc/cobbler/iso              # iso模板配置文件目录
    /etc/cobbler/pxe              # pxe模板文件目录
    /etc/cobbler/power            # 电源的配置文件目录
    /etc/cobbler/users.conf       # Web服务授权配置文件
    /etc/cobbler/users.digest     # web访问的用户名密码配置文件
    /etc/cobbler/dnsmasq.template # DNS服务的配置模板
    /etc/cobbler/modules.conf     # Cobbler模块配置文件
    /var/lib/cobbler               # Cobbler数据目录
    /var/lib/cobbler/config       # 配置文件
    /var/lib/cobbler/kickstarts   # 默认存放kickstart文件
    /var/lib/cobbler/loaders      # 存放的各种引导程序
    /var/www/cobbler               # 系统安装镜像目录
    /var/www/cobbler/ks_mirror    # 导入的系统镜像列表
    /var/www/cobbler/images       # 导入的系统镜像启动文件
    /var/www/cobbler/repo_mirror  # yum源存储目录
    /var/log/cobbler               # 日志目录
    /var/log/cobbler/install.log  # 客户端系统安装日志
    /var/log/cobbler/cobbler.log  # cobbler日志
    
    导入镜像命令
    cobbler import --path=/mnt/ --name Centos-6.6-x86_64 --arch=x86_64
    ####--path 镜像路径
    ####--name 为安装源定义一个名称
    ####--arch 指定安装源是32位、64位、ia64, 目前支持的选项有: x86│x86_64│ia64
    
    查看导入信息
    cobbler profile report
    
  • 相关阅读:
    限定类型后undefined变null
    学习进度条(第一周)
    记账本开发小计(三)
    记账本开发小计(四)
    记账本开发小计(五)
    个人作业1数组
    记账本开发小计(二)
    记账本开发小计(七)
    记账本开发小计(六)
    软件工程概论第一次课堂测试(实发项目的开发)总结
  • 原文地址:https://www.cnblogs.com/tcheng/p/8516853.html
Copyright © 2020-2023  润新知