利用cobbler实现自动化安装

Posted 2021-05-11 凭栏听枫

1 Cobbler 的相关服务

• 使用Cobbler安装系统需要一台专门提供各种服务的服务器，提供的服务包括(HTTP/FTP/NFS,TFTP,DHCP),也可以将这几个服务分别部署到不同服务器。事实上在实际应用中，总是将不同的服务分别部署到专门的服务器。
• Cobbler是在HTTP、TFTP、DHCP等各种服务的基础上进行相关操作的，实际安装的大体过程类似于基于PXE的网络安装:客户端(裸机)开机使用网卡引导启动，其请求DHCP分配一个地址后从TFTP服务器获取启动文件,加载到客户端本地内存中运行，并显示出可安装的系统列表；在人为的选定安装的操作系统类型后,客服端会到HTTP服务器下载相应的系统安装文件并执行自动安装

2 Cobbler的工作原理

• client裸机配置了从网络启动后，开机后会广播包请求DHCP服务器（cobbler server）发送其分配好的一个IP
• DHCP服务器（cobbler server）收到请求后发送responese，包括其ip地址
• client裸机拿到ip后再向cobbler server发送请求OS引导文件的请求
• cobbler server告诉裸机OS引导文件的名字和TFTP server的ip和port
• client裸机通过上面告知的TFTP server地址通信，下载引导文件
• client裸机执行执行该引导文件，确定加载信息，选择要安装的os，期间会再向cobbler server请求
• kickstart文件和os image
• cobbler server发送请求的kickstart和os iamge
• client裸机加载kickstart文件
• client裸机接收os image，安装该os image

3 安装Cobbler及其相关的服务和组件

Cobbler所依赖的服务包括HTTPD,TFTP,DHCP等，如果有web界面要求，还需要安装相关的组件
CentOS 8 目前还没有提供Cobbler相关包

1 环境准备

两台主机
一台主机：CentOS 7 充当 Cobbler，http，dhcp，tftp 服务器，并关闭防火墙和SELinux
一台主机：充当测试机，用于实现自动化安装Linux系统
网络要求：关闭Vmware软件中的NAT模式中的DHCP服务，两个主机网卡基于NAT模式

2 安装相关包并启动服务

[root@centos7 ~]#yum -y install dhcp cobbler cobbler-web pykickstart
[root@centos7 ~]#systemctl enable --now cobblerd httpd tftp dhcpd

这里启动服务会报错，不用管，直接进行下一步

3 修改cobbler相关的配置

[root@centos7 ~]#cobbler check
The following are potential configuration items that you may want to fix: 1 : The 'server' field in /etc/cobbler/settings must be set to something other than localhost, or kickstarting features will not work. This should be a resolvable hostname or IP for the boot server as reachable by all machines that will use it.
2 : For PXE to be functional, the 'next_server' field in /etc/cobbler/settings must be set to something other than 127.0.0.1, and should match the IP of the boot server on the PXE network.
3 : change 'disable' to 'no' in /etc/xinetd.d/tftp
4 : Some network boot-loaders are missing from /var/lib/cobbler/loaders, you may run 'cobbler get-loaders' to download them, or, if you only want to handle x86/x86_64 netbooting, you may ensure that you have installed a *recent* version of the syslinux package installed and can ignore this message entirely. Files in this directory, should you want to support all architectures, should include pxelinux.0, menu.c32, elilo.efi, and yaboot. The 'cobbler get-loaders' command is the easiest way to resolve these requirements.
5 : enable and start rsyncd.service with systemctl
6 : debmirror package is not installed, it will be required to manage debian deployments and repositories
7 : ksvalidator was not found, install pykickstart
8 : The default password used by the sample templates for newly installed machines (default_password_crypted in /etc/cobbler/settings) is still set to 'cobbler' and should be changed, try: "openssl passwd -1 -salt 'random-phrase- here' 'your-password-here'" to generate new one
9 : fencing tools were not found, and are required to use the (optional) power management features. install cman or fence-agents to use them Restart cobblerd and then run 'cobbler sync' to apply changes.
1.更改/etc/xinetd.d/tftp配置文件
vim /etc/xinetd.d/tftp
disable  =  yes  --> disable  = no
systemctl restart xinetd
2.联网下载boot引导程序文件
cobbler get-loaders
3.没有网络情况下拷贝启动文件到TFTP服务文件夹
cp -a /usr/share/syslinux/{pxelinux.0,menu.c32} /var/lib/tftpboot
4.更改/etc/cobbler/settings配置文件的server项为提供cobblerd服务的主机地址,也就是本机地址
sed -nri 's#server:127.0.0.1#server:192.168.100.100#' /etc/cobbler/settings
更改后的整行内容:server:192.168.100.100
5.更改/etc/cobbler/settings配置文件的next_server项，指明tftp服务器地址，使得客户端能够找
到TFTP服务器 sed -i 's/next_server: 127.0.0.1/next_server: 192.168.100.100/'
/etc/cobbler/settings 更改后的整行内容:next_server:192.168.100.100
6.配置相应的选项来使用cobbler管理dhcp服务和tftp服务
manage_dhcp：1
manage_tftpd：1
7.pxe_just_once选项，该选项置1表示在pxe安装块结束时在cobbler系统中做相应的记录，这样会避免如
果客户机的Bios选项中PXE启动处于第一位导致的循环重启；如果第一个启动硬件不是PXE启动那就置0。
pxe_just_once：1 

#生成新密码，默认安装好的系统root密码为cobbler
[root@centos7 ~]#openssl passwd -1 'magedu'
$1$1spuisnh$j34LNmyTQWs3l6xKxCZY60

#根据以上提示，只需要做1，2，8这三项即可，修改下面四行
[root@centos7 ~]#vim /etc/cobbler/settings
default_password_crypted: "$1$1spuisnh$j34LNmyTQWs3l6xKxCZY60"
next_server：< tftp服务器的 IP 地址>
server：<cobbler服务器的 IP 地址>
manage_dhcp：1  #设置为1，表示通过cobbler生成dhcpd.conf配置文件
pxe_just_once: 1 #设置为1,防止重复安装系统

[root@centos7 ~]#systemctl restart cobblerd

4 实现DHCP服务

#修改dhcp的模版文件下面的行，用来生成dhcp的配置文件，修改网段，网关，dns，IP范围为自己所需要的
[root@centos7 ~]#vim /etc/cobbler/dhcp.template
subnet 192.168.100.0 netmask 255.255.255.0 {
  option routers       192.168.100.1;
  option domain-name-servers 180.76.76.76,223.6.6.6;
  option subnet-mask     255.255.255.0;
  range dynamic-bootp    192.168.100.1 192.168.100.200;
#自动生成dhcp配置文件并启动
[root@centos7 ~]#cobbler sync

5 下载相关的启动文件

[root@centos7 ~]#cobbler get-loaders			#联网下载boot引导程序文件
[root@centos7 ~]#cobbler sync					#进行同步，免去了手动进行复制
#同步前
[root@centos7 ~]#tree /var/lib/tftpboot/
/var/lib/tftpboot/
├── boot
├── etc
├── grub
├── images
├── images2
├── ppc
├── pxelinux.cfg
└── s390x
8 directories, 0 files
#同步后
[root@centos7 ~]#tree /var/lib/tftpboot/
/var/lib/tftpboot/
├── boot
│  └── grub
│    └── menu.lst
├── etc
├── grub
│  ├── efidefault
│  ├── grub-x86_64.efi
│  ├── grub-x86.efi
│  └── images -> ../images
├── images
├── images2
├── memdisk
├── menu.c32
├── ppc
├── pxelinux.0
├── pxelinux.cfg
│  └── default
├── s390x
│  └── profile_list
└── yaboot
10 directories, 10 files

6 修改菜单的标题信息（可选）

[root@centos7 ~]#vim /etc/cobbler/pxe/pxedefault.template
MENU TITLE Cobbler | http://www.zhanglongjie.cn/
[root@centos7 ~]#cobbler sync
[root@centos7 ~]#cat /var/lib/tftpboot/pxelinux.cfg/default
DEFAULT menu
PROMPT 0
MENU TITLE Cobbler | http://www.zhanglongjie.cn/  #默认为：http://cobbler.github.io/
TIMEOUT 200
TOTALTIMEOUT 6000
ONTIMEOUT local
LABEL local
   MENU LABEL (local)
   MENU DEFAULT
   LOCALBOOT -1
MENU end
[root@centos7 ~]#cobbler sync

7 导入centos系统的安装文件，生成相应的YUM源

#挂载光盘
[root@centos7 ~]# mount /dev/sr0 /mnt/centos7
[root@centos7 ~]# mount /dev/sr1 /mnt/centos8
[root@centos7 ~]# mount /dev/sr2 /mnt/centos6
#导入yum源时，会自动生成菜单并自动关联最小化安装系统的文件kickstart文件，默认密码为cobbler
[root@centos7 ~]# cobbler import --name=centos-7.9-x84_64 --path=/mnt/centos7 --arch=x86_64

#默认直接导入CentOS8.3会出现下面错误
[root@centos7 ~]#cobbler import --name=centos-8.3-x86_64 --path=/mnt --
arch=x86_64
task started: 2021-01-18_162855_import
task started (id=Media import, time=Mon Jan 18 16:28:55 2021)
Found a candidate signature: breed=redhat, version=rhel8
No signature matched in /var/www/cobbler/ks_mirror/centos-8.3-x86_64
!!! TASK FAILED !!!
#解决方法
[root@centos7 ~]#vim /var/lib/cobbler/distro_signatures.json
#修改第70行添加centos-linux
68   "rhel8": {
69   "signatures":["BaseOS"],
70   "version_file":"(redhat|sl|slf|centos-linux|centos|oraclelinux|vzlinux)-
release-(?!notes)([\\\\w]*-)*8(Server)*[\\\\.-]+(.*)\\\\.rpm",
[root@centos7 ~]#systemctl restart cobblerd
[root@centos7 ~]#cobbler sync
[root@centos7 ~]# cobbler import --name=centos-8.3-x84_64 --path=/mnt/centos8 --arch=x86_64

[root@centos7 ~]# cobbler import --name=centos-6.10-x84_64 --path=/mnt/centos6 --arch=x86_64

8 准备kickstart文件，并关联至指定的YUM源

#编辑kickstart文件，将url行修改为 url --url=$tree
[root@centos7 ~]#vim /var/lib/cobbler/kickstarts/centos8.cfg
url --url=$tree  #注意此行必须指定
[root@centos7 ~]#vim /var/lib/cobbler/kickstarts/centos7.cfg
url --url=$tree  #注意此行必须指定
[root@centos7 ~]#vim /var/lib/cobbler/kickstarts/centos6.cfg
url --url=$tree  #注意此行必须指定

#将kickstart文件，关联指定的YUM源和生成菜单列表
[root@centos7 ~]#cobbler profile add --name=Centos-8.3_mini --distro=centos-8.3-x84_64-x86_64 --kickstart=/var/lib/cobbler/kickstarts/centos8.cfg

[root@centos7 ~]#cobbler profile add --name=Centos-7.9_mini --distro=centos-7.9-x84_64-x86_64 --kickstart=/var/lib/cobbler/kickstarts/centos7.cfg

[root@centos7 ~]#cobbler profile add --name=Centos-6.10_mini --distro=centos-6.10-x84_64-x86_64 --kickstart=/var/lib/cobbler/kickstarts/centos6.cfg

#删除默认生成的菜单
[root@centos7 ~]# cobbler profile remove --name=centos-6.10-x84_64-x86_64
[root@centos7 ~]# cobbler profile remove --name=centos-7.9-x84_64-x86_64
[root@centos7 ~]# cobbler profile remove --name=centos-8.3-x84_64-x86_64

#设置默认的安装菜单，这样未装载系统的设备会自动从PXE引导启动你需要安装的系统，不需要再手动接显示器选了

9 测试客户端基于cobbler实现自动安装

10 实现cobbler的web管理

[root@centos7 ~]#yum -y install cobbler-web
[root@centos7 ~]#systemctl restart httpd

通过浏览器访问下面地址： https://cobblerserver/cobbler_web 将cobblerserver替换成服务器的IP地址

用户名：cobbler，默认密码：cobbler