cobber自动化部署
cobber简介
Cobbler 可以用来快速建立 Linux 网络安装环境,它已将Linux网络安装的技术门槛,从大专以上文化水平,成功降低到了初中水平,连补鞋匠都能学会。
网络安装服务器套件Cobbler(补鞋匠)从前,我们一直在装机民工这份很有前途的职业。自打若干年前Red Hat推出了 Kickstart,此后我们顿觉身价增倍。不再需要刻了光盘一台一台的安装Linux,只要搞定PXE、DHCP、TFTP,还有那满屏眼花缭乱不知所云的Kickstart脚本,我们就可以像哈利波特一样,轻点魔棒,瞬间安装上百台服务器。这一堆花里胡哨的东西可不是一般人能够整明白的,没有大专以上的学历,通不过英语四级,根本别想玩转。总而言之,这是一份多么有前途,多么有技术含量的工作啊。很不幸,Red Hat 最新(Cobbler项目最初在2008年左右发布)发布了网络安装服务器套件Cobbler(补鞋匠),它已将Linux网络安装的技术门槛,从大专以上文化水平,成功降低到初中以下水平,连补鞋匠都能学会。
1、Cobbler是一个Linux服务器安装的服务,可以通过网络启动(PXE)的方式来快速安装、重装物理服务器和虚拟机,同时还可以管理DHCP,DNS等。
2、Cobbler可以使用命令行方式管理,也提供了基于Web的界面管理工具(cobbler-web),还提供了API接口,可以方便二次开发使用。
3、Cobbler是较早前的kickstart的升级版,优点是比较容易配置,还自带web界面比较易于管理。
4、Cobbler内置了一个轻量级配置管理系统,但它也支持和其它配置管理系统集成,如Puppet。
#### 官网
https://cobbler.github.io/
Cobber对应关系
Cobbler的配置结构基于一组注册的对象。每个对象表示一个与另一个实体相关联的实体。当一个对象指向另一个对象时,它就继承了被指向对象的数据,并可覆盖或添加更多特定信息
1.)发行版(distros): 表示一个操作系统。它承载了内核和initrd的信息,以及内核参数等其他数据。
2.)配置文件(profiles):包含一个发行版、一个kickstart文件以及可能的存储库,还包括更多特定的内核参数等其他数据。
3.)系统(systems):表示要配给的机器。它包括一个配置文件或一个镜像、IP和MAC地址、电源管理(地址、凭据、类型)以及更为专业的 数据等信息。
4.)镜像(images):可以替换一个保函不屑于此类别的文件的发行版对象(例如,无法分为内核和initrd的对象)。
Cobber集成的服务
PXE服务支持
DHCP服务管理
DNS服务管理
电源管理
Kickstart服务支持
YUM仓库管理
TFTP
Apache
Cobber的工作原理
##### 客户端
客户端以PXE模式启动
客户端获取IP地址
通过TFTP服务器获取启动文件
进入Cobbler安装选择界面
根据配置信息准备安装系统
加载Kickstart文件
传输系统安装的其它文件
进行安装系统
##### 服务端
客户端以PXE模式启动
客户端获取IP地址
通过TFTP服务器获取启动文件
进入Cobbler安装选择界面
根据配置信息准备安装系统
加载Kickstart文件
传输系统安装的其它文件
进行安装系统
Cobber 实战 (安装Centos7.9)
服务端环境准备
说明:
1.) 虚拟机网卡采用NAT模式或者仅主机模式,不要使用桥接模式,因为后面会搭建DHCP服务器,在同一个局域网多个DHCP服务会有冲突。
2.) VMware的NAT模式的dhcp服务也关闭,避免干扰。
关闭防火墙
systemctl stop firewalld
systemctl disable firewalld
selinux
setenforce 0
sed -i 's#SELINUX=enforcing#SELINUX=disabled#g' /etc/sysconfig/selinux
sed -i 's#SELINUX=enforcing#SELINUX=disabled#g' /etc/selinux/config
安装cobber
| 命令 |
说明 |
| cobbler check |
核对当前设置是否有问题 |
| cobbler list |
列出所有的cobbler元素 |
| cobbler report |
列出元素的详细信息 |
| cobbler sync |
同步配置到数据目录,更改配置最好都执行一下 |
| cobbler reposync |
同步yum仓库 |
| cobbler distro |
查看导入的发行版系统信息 |
| cobbler system |
查看添加的系统信息 |
| cobbler profile |
查看配置信息 |
##### 配置号epel源 安装
yum -y install cobbler cobbler-web tftp-server dhcp httpd xinetd
#### 配置开启自启动
[root@cobber yum.repos.d]# systemctl start httpd cobblerd
[root@cobber yum.repos.d]# systemctl enable httpd cobblerd
[root@cobbler ~]# rpm -ql cobbler
/etc/cobbler # 配置文件目录
/etc/cobbler/settings # cobbler主配置文件,这个文件是YAML格式,Cobbler是python写的程序。
/etc/cobbler/dhcp.template # DHCP服务的配置模板
/etc/cobbler/tftpd.template # tftp服务的配置模板
/etc/cobbler/rsync.template # rsync服务的配置模板
/etc/cobbler/iso # iso模板配置文件目录
/etc/cobbler/pxe # pxe模板文件目录
/etc/cobbler/power # 电源的配置文件目录
/etc/cobbler/users.conf # Web服务授权配置文件
/etc/cobbler/users.digest # 用于web访问的用户名密码配置文件
/etc/cobbler/dnsmasq.template # DNS服务的配置模板
/etc/cobbler/modules.conf # Cobbler模块配置文件
/var/lib/cobbler # Cobbler数据目录
/var/lib/cobbler/config # 配置文件
/var/lib/cobbler/kickstarts # 默认存放kickstart文件
/var/lib/cobbler/loaders # 存放的各种引导程序
/var/www/cobbler # 系统安装镜像目录
/var/www/cobbler/ks_mirror # 导入的系统镜像列表
/var/www/cobbler/images # 导入的系统镜像启动文件
/var/www/cobbler/repo_mirror # yum源存储目录
/var/log/cobbler # 日志目录
/var/log/cobbler/install.log # 客户端系统安装日志
/var/log/cobbler/cobbler.log # cobbler日志
####### 进行cobber 检查 #######
[root@cobber yum.repos.d]# cobbler check
The following are potential configuration items that you may want to fix:
1 : The 'server' field in /etc/cobbler/settings must be set to something other than localhost, or kickstarting features will not work. This should be a resolvable hostname or IP for the boot server as reachable by all machines that will use it.
2 : For PXE to be functional, the 'next_server' field in /etc/cobbler/settings must be set to something other than 127.0.0.1, and should match the IP of the boot server on the PXE network.
3 : change 'disable' to 'no' in /etc/xinetd.d/tftp
4 : Some network boot-loaders are missing from /var/lib/cobbler/loaders. If you only want to handle x86/x86_64 netbooting, you may ensure that you have installed a *recent* version of the syslinux package installed and can ignore this message entirely. Files in this directory, should you want to support all architectures, should include pxelinux.0, menu.c32, elilo.efi, and yaboot.
5 : enable and start rsyncd.service with systemctl
6 : debmirror package is not installed, it will be required to manage debian deployments and repositories
7 : ksvalidator was not found, install pykickstart
8 : The default password used by the sample templates for newly installed machines (default_password_crypted in /etc/cobbler/settings) is still set to 'cobbler' and should be changed, try: "openssl passwd -1 -salt 'random-phrase-here' 'your-password-here'" to generate new one
9 : fencing tools were not found, and are required to use the (optional) power management features. install cman or fence-agents to use them
Restart cobblerd and then run 'cobbler sync' to apply changes.
以下是您可能需要修复的配置项:
1: /etc/cobbler/settings中的'server'字段必须设置为localhost以外的东西,否则kickstarting功能将无法工作。这应该是引导服务器的可解析主机名或IP,所有使用它的机器都可以访问它。
2:为了使PXE正常工作,/etc/cobbler/settings中的'next_server'字段必须设置为127.0.0.1以外的东西,并且应该与PXE网络上的引导服务器的IP相匹配。
3:将/etc/xinetd.d/tftp中的“disable”改为“no”
4:在/var/lib/cobbler/loaders中缺少一些网络引导加载程序如果你只想处理x86/x86_64 netbooting,你可以确保你已经安装了*最新*版本的syslinux包,并且可以完全忽略这个消息。如果您希望支持所有体系结构,则该目录下的文件应该包含pxelinux。0,菜单。c32 elilo。艾菲,还有yaboot。
5:启用并启动rsyncd。使用systemctl服务
6:没有安装debmirror包,它将需要管理debian部署和存储库
没有找到ksvalidator,请安装pykickstart
8:新安装机器的样本模板使用的默认密码(/etc/cobbler/settings中的default_password_crypted)仍然设置为'cobbler',应该更改,尝试:"openssl passwd -1 -salt 'random-phrase-here' 'your-password-here'"来生成新的密码
9:围栏工具没有找到,并且需要使用(可选)电源管理功能。安装cman或fence-agents来使用它们
重启cobblerd,然后运行'cobbler sync'来应用更改。
一个一个的进行解决,先进行设置为可以动态配置,也可以直接更改配置文件。
################## 解决问题 ######################
sed -ri '/allow_dynamic_settings:/c\allow_dynamic_settings: 1' /etc/cobbler/settings
grep allow_dynamic_settings /etc/cobbler/settings
allow_dynamic_settings: 1
systemctl restart cobblerd
1. server
[root@cobbler ~]# cobbler setting edit --name=server --value=10.0.0.110
2. next_server
[root@cobbler ~]# cobbler setting edit --name=next_server --value=10.0.0.110
3. tftp_server
[root@cobbler ~]# sed -ri '/disable/c\disable = no' /etc/xinetd.d/tftp
[root@cobbler ~]# systemctl enable xinetd
[root@cobbler ~]# systemctl restart xinetd
4. boot-loaders
[root@cobbler ~]# cobbler get-loaders
5. rsyncd
[root@cobbler ~]# systemctl start rsyncd
[root@cobbler ~]# systemctl enable rsyncd
6. debmirror [optional]
# 这个是可选项的,可以忽略。这里就忽略了
7. pykickstart
[root@cobbler ~]# yum -y install pykickstart
8. default_password_crypted #注意:这里设置的密码,也就是后面安装完系统的初始化登录密码
[root@cobber yum.repos.d]# openssl passwd -1 -salt 'abc123' 'adb123'
$1$abc123$yzE78URoQjI0XqBK4l9Im0
[root@cobber yum.repos.d]# cobbler setting edit --name=default_password_crypted --value='$1$abc123$yzE78URoQjI0XqBK4l9Im0'
9. fencing tools [optional]
[root@cobbler ~]# yum -y install fence-agents
##### 再次检查
cobbler check
The following are potential configuration items that you may want to fix:
1 : debmirror package is not installed, it will be required to manage debian deployments and repositories
Restart cobblerd and then run 'cobbler sync' to apply changes.
##### 配置DHCP
cobbler setting edit --name=manage_dhcp --value=1
vim /etc/cobbler/dhcp.template
subnet 10.0.0.0 netmask 255.255.255.0 {
option routers 10.0.0.254;
option domain-name-servers 223.5.5.5;
option subnet-mask 255.255.255.0;
range dynamic-bootp 10.0.0.1 10.0.0.254;
default-lease-time 21600;
max-lease-time 43200;
next-server $next_server;
#### 同步设置
cobbler sync
# 这个时候创建一个虚拟机就可以查看导信息了
内存要给大 最低2G
配置center7
#### 创建挂载点,并进行挂载
mkdir /centos7
mount -o loop /dev/cdrom /centos7
[root@cobber yum.repos.d]# mkdir /centos7
[root@cobber yum.repos.d]# mount -o loop /dev/cdrom /centos7
[root@cobber yum.repos.d]# ll /centos7/
total 696
-rw-r--r-- 3 root root 14 Oct 30 2020 CentOS_BuildTag
drwxr-xr-x 3 root root 2048 Oct 27 2020 EFI
-rw-rw-r-- 21 root root 227 Aug 30 2017 EULA
-rw-rw-r-- 21 root root 18009 Dec 10 2015 GPL
drwxr-xr-x 3 root root 2048 Oct 27 2020 images
drwxr-xr-x 2 root root 2048 Nov 3 2020 isolinux
drwxr-xr-x 2 root root 2048 Oct 27 2020 LiveOS
drwxr-xr-x 2 root root 673792 Nov 4 2020 Packages
drwxr-xr-x 2 root root 4096 Nov 4 2020 repodata
-rw-rw-r-- 21 root root 1690 Dec 10 2015 RPM-GPG-KEY-CentOS-7
-rw-rw-r-- 21 root root 1690 Dec 10 2015 RPM-GPG-KEY-CentOS-Testing-7
-r--r--r-- 1 root root 2883 Nov 4 2020 TRANS.TBL
#### 导入镜像 (需要时间)
# --path 镜像路径
# --name 为安装源定义一个名字
# --arch 指定安装源是32位、64位、ia64, 目前支持的选项有: x86│x86_64│ia64
# 安装源的唯一标示就是根据name参数来定义,本例导入成功后,安装源的唯一标示就是:centos7.9,如果重复,系统会提示导入失
[root@cobber yum.repos.d]# cobbler import --path=/centos7 --name=centos7.9 --arch=x86_64
task started: 2024-09-03_152032_import
task started (id=Media import, time=Tue Sep 3 15:20:32 2024)
rt
taskFound a candidate signature: breed=suse, version=opensuse15.0
Found a candidate signature: breed=suse, version=opensuse15.1
Found a candidate signature: breed=redhat, version=rhel6
Found a candidate signature: breed=redhat, version=rhel7
Found a matching signature: breed=redhat, version=rhel7
Adding distros from path /var/www/cobbler/ks_mirror/centos7.9-x86_64:
creating new distro: centos7.9-x86_64
trying symlink: /var/www/cobbler/ks_mirror/centos7.9-x86_64 -> /var/www/cobbler/links/centos7.9-x86_64
creating new profile: centos7.9-x86_64
associating repos
checking for rsync repo(s)
checking for rhn repo(s)
checking for yum repo(s)
starting descent into /var/www/cobbler/ks_mirror/centos7.9-x86_64 for centos7.9-x86_64
processing repo at : /var/www/cobbler/ks_mirror/centos7.9-x86_64
need to process repo/comps: /var/www/cobbler/ks_mirror/centos7.9-x86_64
looking for /var/www/cobbler/ks_mirror/centos7.9-x86_64/repodata/*comps*.xml
Keeping repodata as-is :/var/www/cobbler/ks_mirror/centos7.9-x86_64/repodata
*** TASK COMPLETE ***
#### 查看镜像
[root@cobber yum.repos.d]# cobbler distro report --name=centos7.9-x86_64
Name : centos7.9-x86_64
Architecture : x86_64
TFTP Boot Files : {}
Breed : redhat
Comment :
Fetchable Files : {}
Initrd : /var/www/cobbler/ks_mirror/centos7.9-x86_64/images/pxeboot/initrd.img
Kernel : /var/www/cobbler/ks_mirror/centos7.9-x86_64/images/pxeboot/vmlinuz
Kernel Options : {}
Kernel Options (Post Install) : {}
Kickstart Metadata : {'tree': 'http://@@http_server@@/cblr/links/centos7.9-x86_64'}
Management Classes : []
OS Version : rhel7
Owners : ['admin']
Red Hat Management Key : <<inherit>>
Red Hat Management Server : <<inherit>>
Template Files : {}
#### 查看profile信息
[root@cobber yum.repos.d]# cobbler profile report --name=centos7.9-x86_64
Name : centos7.9-x86_64
TFTP Boot Files : {}
Comment :
DHCP Tag : default
Distribution : centos7.9-x86_64
Enable gPXE? : 0
Enable PXE Menu? : 1
Fetchable Files : {}
Kernel Options : {}
Kernel Options (Post Install) : {}
Kickstart : /var/lib/cobbler/kickstarts/sample_end.ks
Kickstart Metadata : {}
Management Classes : []
Management Parameters : <<inherit>>
Name Servers : []
Name Servers Search Path : []
Owners : ['admin']
Parent Profile :
Internal proxy :
Red Hat Management Key : <<inherit>>
Red Hat Management Server : <<inherit>>
Repos : []
Server Override : <<inherit>>
Template Files : {}
Virt Auto Boot : 1
Virt Bridge : xenbr0
Virt CPUs : 1
Virt Disk Driver Type : raw
Virt File Size(GB) : 5
Virt Path :
Virt RAM (MB) : 512
Virt Type : kvm
#### 编辑文件
vim /var/lib/cobbler/kickstarts/centos7.ks
# This kickstart file should only be used with EL > 5 and/or Fedora > 7.
# For older versions please use the sample.ks kickstart file.
# Install OS instead of upgrade
install
# Use text mode install
text
# System keyboard
keyboard us
# System language
lang en_US
# System timezone
timezone Asia/ShangHai
#Root password
rootpw --iscrypted $default_password_crypted
# System authorization information
auth --useshadow --enablemd5
# Firewall configuration
firewall --disabled
# SELinux configuration
selinux --disabled
# Use network installation
url --url=$tree
# Clear the Master Boot Record
zerombr
# System bootloader configuration
bootloader --location=mbr
# Partition clearing information
clearpart --all --initlabel
part /boot --fstype=xfs --size=500
part swap --fstype=swap --size=2048
part / --fstype=xfs --grow --size=200
# If any cobbler repo definitions were referenced in the kickstart profile, include them here.
$yum_repo_stanza
# Network information
$SNIPPET('network_config')
# Do not configure the X Window System
skipx
# Run the Setup Agent on first boot
firstboot --disable
# Reboot after installation
reboot
%pre
$SNIPPET('log_ks_pre')
$SNIPPET('kickstart_start')
$SNIPPET('pre_install_network_config')
# Enable installation monitoring
$SNIPPET('pre_anamon')
%end
%packages
$SNIPPET('func_install_if_enabled')
@core
@base
tree
nmap
vim
wget
lftp
lrzsz
telnet
%end
%post --nochroot
$SNIPPET('log_ks_post_nochroot')
%end
%post
$SNIPPET('log_ks_post')
# Start yum configuration
$yum_config_stanza
# End yum configuration
$SNIPPET('post_install_kernel_options')
$SNIPPET('post_install_network_config')
$SNIPPET('func_register_if_enabled')
$SNIPPET('download_config_files')
$SNIPPET('koan_environment')
$SNIPPET('redhat_register')
$SNIPPET('cobbler_register')
# Enable post-install boot notification
$SNIPPET('post_anamon')
# Start final steps
$SNIPPET('kickstart_done')
# End final steps
sed -ri "/^#UseDNS/c\UseDNS no" /etc/ssh/sshd_config
sed -ri "/^GSSAPIAuthentication/c\GSSAPIAuthentication no" /etc/ssh/sshd_config
%end
#### 编辑centos7镜像所使用的kickstart文件
[root@cobber yum.repos.d]# cobbler profile edit --name=centos7.9-x86_64 --kickstart=/var/lib/cobbler/kickstarts/centos7.ks
[root@cobber yum.repos.d]# cobbler profile report --name=centos7.9-x86_64 |grep Kickstart
Kickstart : /var/lib/cobbler/kickstarts/centos7.ks
Kickstart Metadata : {}
[root@cobber yum.repos.d]# cobbler sync
###### 现在就可以安装了
说明:在client端系统安装时,可以在cobbler服务端上查看日志/var/log/messages,观察安装的每一个流程
