cobbler

Cobbler是一個自動化和簡化系統(tǒng)安裝的工具,通過使用網(wǎng)絡引導來實現(xiàn)系統(tǒng)自動化安裝。Cobbler是較早前的kickstart的升級版,優(yōu)點是比較容易配置,還自帶web界面比較易于管理侵俗。
Cobbler構(gòu)成組件包括：

Distros(發(fā)行版):表示一個操作系統(tǒng),它承載了內(nèi)核和initrd的信息,以及內(nèi)核參數(shù)等其他數(shù)據(jù)
Profile(配置文件):包含一個發(fā)行版崎逃、一個kickstart文件以及可能的存儲庫,還包含更多特定的內(nèi)核參數(shù)等其他數(shù)據(jù)
Systems(系統(tǒng)):表示要配給的額機器台丛。它包含一個配置文件或一個景象,還包含IP和MAC地址善榛、電源管理(地址缚柏、憑據(jù)苹熏、類型)、(網(wǎng)卡綁定币喧、設置valn等)
Repository(鏡像):保存一個yum或rsync存儲庫的鏡像信息
Image(存儲庫):可替換一個包含不屬于此類比的額文件的發(fā)行版對象(例如,無法分為內(nèi)核和initrd的對象)轨域。

本次實例我使用一臺虛擬機來模擬pxe+cobbler，相關(guān)服務都安裝在此服務器上杀餐，系統(tǒng)為centos 7

部署架構(gòu)拓撲圖

配置pxe支持服務

首先需要安裝pxe支持所需要的相關(guān)服務：

[root@cobbler ~]# yum install -y tftp tftp-server dhcp httpd    #pxe可通過http或ftp等方式提供yum repository干发，本次我使用http提供倉庫
[root@cobbler ~]# yum install -y syslinux  #提供pxe安裝所需要的pxelinux.0等文件

接著配置dhcp服務，編輯創(chuàng)建dhcp配置文件：

[root@cobbler ~]# vim /etc/dhcp/dhcpd.conf
option domain-name "magedu.com";
option domain-name-servers 114.114.114.114,8.8.8.8;
default-lease-time 600;
max-lease-time 7200;
log-facility local7;
subnet 10.10.10.0 netmask 255.255.255.0 {
        range 10.10.10.100 10.10.10.200;
        option routers 10.10.10.254;
        filename "pxelinux.0";
        next-server 10.10.10.254;
}

配置完成后啟動dhcp服務：

[root@cobbler ~]# systemctl start dhcpd

服務啟動后可以查看下面的文件來查看dhcp的租借情況：

[root@cobbler ~]# cat /var/lib/dhcpd/dhcpd.leases

接著啟動httpd和tftp服務：

[root@cobbler ~]# systemctl start httpd
[root@cobbler ~]# systemctl start tftp.socket

配置cobbler

首先安裝cobbler：

[root@cobbler ~]# yum install -y epel-release
[root@cobbler ~]# yum install -y cobbler

接著啟動cobbler服務：

[root@cobbler ~]# systemctl start cobblerd

然后執(zhí)行cobbler check：

[root@cobbler ~]# cobbler check
The following are potential configuration items that you may want to fix:

1 : The 'server' field in /etc/cobbler/settings must be set to something other than localhost, or kickstarting features will not work.  This should be a resolvable hostname or IP for the boot server as reachable by all machines that will use it.
2 : For PXE to be functional, the 'next_server' field in /etc/cobbler/settings must be set to something other than 127.0.0.1, and should match the IP of the boot server on the PXE network.
3 : SELinux is enabled. Please review the following wiki page for details on ensuring cobbler works correctly in your SELinux environment:
    https://github.com/cobbler/cobbler/wiki/Selinux
4 : change 'disable' to 'no' in /etc/xinetd.d/tftp
5 : Some network boot-loaders are missing from /var/lib/cobbler/loaders, you may run 'cobbler get-loaders' to download them, or, if you only want to handle x86/x86_64 netbooting, you may ensure that you have installed a *recent* version of the syslinux package installed and can ignore this message entirely.  Files in this directory, should you want to support all architectures, should include pxelinux.0, menu.c32, elilo.efi, and yaboot. The 'cobbler get-loaders' command is the easiest way to resolve these requirements.
6 : enable and start rsyncd.service with systemctl
7 : debmirror package is not installed, it will be required to manage debian deployments and repositories
8 : ksvalidator was not found, install pykickstart
9 : The default password used by the sample templates for newly installed machines (default_password_crypted in /etc/cobbler/settings) is still set to 'cobbler' and should be changed, try: "openssl passwd -1 -salt 'random-phrase-here' 'your-password-here'" to generate new one
10 : fencing tools were not found, and are required to use the (optional) power management features. install cman or fence-agents to use them

Restart cobblerd and then run 'cobbler sync' to apply changes.

通常來說cobbler服務在初次檢查時總會有各種各樣的報錯史翘，我們只需要按照對應的報錯尋找解決辦法即可铐然。

首先第1，2恶座、9點都是cobbler 的配置文件搀暑，編輯修改cobbler 的配置文件即可：

[root@cobbler ~]# openssl passwd -1 -salt '123456' 'magedu'    #創(chuàng)建新建系統(tǒng)默認登錄密碼的密鑰串
$1$123456$QMBx42LRqK1ZWPfItmpYG0
[root@cobbler ~]# vim /etc/cobbler/settings    #在cobbler配置文件中修改以下配置
server: 10.10.10.254
next_server: 10.10.10.254
default_password_crypted: "$1$123456$QMBx42LRqK1ZWPfItmpYG0"    #此處是指定自動安裝的系統(tǒng)的登錄密鑰

接著第三點為selinux的狀態(tài)，我們這里直接把selinux關(guān)閉并關(guān)掉firewalld跨琳，以免影響結(jié)果：

[root@cobbler ~]# systemctl stop firewalld
[root@cobbler ~]# systemctl disable firewalld
[root@cobbler ~]# setenforce 0

第四點自点，更改/etc/xinetd.d/tftp的狀態(tài)為啟動：

[root@cobbler ~]# vim /etc/xinetd.d/tftp
        disable                 = no

第五點，如果當前節(jié)點可以訪問互聯(lián)網(wǎng)脉让，執(zhí)行“cobblerget-loader”命令下載pxelinux.0,menu.c32,elilo.efi, 或yaboot文件桂敛，否則，需要安裝syslinux程序包溅潜，而后復制/usr/share/syslinux/中的pxelinux.0,menu.c32等文件至/var/lib/cobbler/loaders目錄中术唬，此處我們先直接復制/usr/share/syslinux目錄中的文件到指定目錄，看看是否能解決：

[root@cobbler ~]# cp -ar /usr/share/syslinux/* /var/lib/cobbler/loaders/

第六點滚澜，啟動rsyncd服務：

[root@cobbler ~]# systemctl start rsyncd
[root@cobbler ~]# systemctl enable rsyncd
Created symlink from /etc/systemd/system/multi-user.target.wants/rsyncd.service to /usr/lib/systemd/system/rsyncd

第七粗仓、八、十點，分別安裝指定的程序包：

[root@cobbler ~]# yum install -y debmirror pykickstart fence-agents

執(zhí)行完后重啟cobblerd服務借浊，再次執(zhí)行cobbler check：

[root@cobbler ~]# systemctl restart cobblerd
[root@cobbler ~]# cobbler check
The following are potential configuration items that you may want to fix:

1 : SELinux is enabled. Please review the following wiki page for details on ensuring cobbler works correctly in your SELinux environment:
    https://github.com/cobbler/cobbler/wiki/Selinux
2 : Some network boot-loaders are missing from /var/lib/cobbler/loaders, you may run 'cobbler get-loaders' to download them, or, if you only want to handle x86/x86_64 netbooting, you may ensure that you have installed a *recent* version of the syslinux package installed and can ignore this message entirely.  Files in this directory, should you want to support all architectures, should include pxelinux.0, menu.c32, elilo.efi, and yaboot. The 'cobbler get-loaders' command is the easiest way to resolve these requirements.
3 : comment out 'dists' on /etc/debmirror.conf for proper debian support
4 : comment out 'arches' on /etc/debmirror.conf for proper debian support

第一點報錯已經(jīng)停用了塘淑，所以無關(guān)要緊；第二點依舊有報錯蚂斤，可根據(jù)提示執(zhí)行cobbler get-loaders即可解決存捺，但是前提是服務器能上網(wǎng)。
最后兩點在的指定的文件中注釋掉相應的配置段即可：

[root@cobbler ~]# vim /etc/debmirror.conf
#@arches="i386";
#@dists="sid";

最后重啟cobblerd服務曙蒸，并執(zhí)行cobbler sync：

[root@cobbler ~]# systemctl restart cobblerd
[root@cobbler ~]# cobbler sync

接著掛載系統(tǒng)光驅(qū)（這里我們掛載的是centos7的系統(tǒng)光盤）捌治，然后使用cobbler命令導入系統(tǒng)鏡像：

[root@cobbler ~]# mount /dev/cdrom /mnt
mount: /dev/sr0 寫保護，將以只讀方式掛載
[root@cobbler ~]# cobbler import --name=centos-7.2-x86_64 --path=/mnt     #此過程耗時較長纽窟，需耐心等待
[root@cobbler ~]# cobbler distro list    #導入完成后肖油，即可查看到相應的distro名字
   centos-7.2-x86_64

鏡像會被自動導入到此路徑下/var/www/cobbler/ks_mirror，方便后續(xù)通過http的方式獲取安裝源师倔。
另外默認情況下，cobbler會生成一個最小化安裝的kickstart文件周蹭，如果想要自定義其對應的kickstart profile趋艘，可通過下面操作進行：

[root@cobbler ~]# cp centos7.cfg /var/lib/cobbler/kickstarts/    #復制自定義的kickstart文件到指定的目錄下
[root@cobbler ~]# cobbler profile add --name=centos-7.2-x86_64-custom --distro=centos-7.2-x86_64 --kickstart=/var/lib/cobbler/kickstarts/centos7.cfg    #創(chuàng)建自定義的kickstart profile
[root@cobbler ~]# cobbler profile list
   centos-7.2-x86_64
   centos-7.2-x86_64-custom

最后檢查httpd和tftp服務的相關(guān)目錄下是否已經(jīng)創(chuàng)建了相應的文件：

[root@cobbler ~]# ll /var/www/cobbler/
總用量 0
drwxr-xr-x. 4 root root 54 1月   5 01:56 images
drwxr-xr-x. 5 root root 67 1月   5 01:54 ks_mirror
drwxr-xr-x. 2 root root 54 1月   5 01:56 links
drwxr-xr-x. 2 root root  6 9月  18 23:16 localmirror
drwxr-xr-x. 2 root root 37 1月   5 00:28 misc
drwxr-xr-x. 2 root root  6 9月  18 23:16 pub
drwxr-xr-x. 2 root root  6 9月  18 23:16 rendered
drwxr-xr-x. 2 root root  6 9月  18 23:16 repo_mirror
drwxr-xr-x. 2 root root 62 1月   5 00:28 svc
[root@cobbler ~]# ll /var/lib/tftpboot/
總用量 308
drwxr-xr-x. 3 root root     17 1月   5 01:00 boot
drwxr-xr-x. 2 root root      6 9月  18 23:16 etc
drwxr-xr-x. 2 root root     77 1月   5 01:00 grub
drwxr-xr-x. 4 root root     54 1月   5 01:56 images
drwxr-xr-x. 2 root root      6 9月  18 23:16 images2
-rw-r--r--. 1 root root  26140 1月   5 01:00 memdisk
-rw-r--r--. 1 root root  55012 1月   5 01:00 menu.c32
drwxr-xr-x. 2 root root      6 9月  18 23:16 ppc
-rw-r--r--. 1 root root  26764 1月   5 01:00 pxelinux.0
drwxr-xr-x. 2 root root     20 1月   5 02:18 pxelinux.cfg
drwxr-xr-x. 2 root root     25 1月   5 01:00 s390x
-rw-r--r--. 1 root root 198236 1月   5 01:00 yaboot

如果確認文件都創(chuàng)建無誤，即可進行cobbler的自動化安裝測試凶朗。

測試安裝

我們新建一個虛擬機瓷胧，連接接到到10.10.10.0/24網(wǎng)段，啟動時應該能看到如下界面：

image

image

此時選擇censtos-7.2-x86_64或者censtos-7.2-x86_64-custom都應該能自動完成指定的系統(tǒng)安裝棚愤。cobbler會在/var/lib/tftpboot/pxelinux.cfg/default文件中自動添加相應的系統(tǒng)menu搓萧，另外如果需要修改默認啟動的menu，需要在此文件中修改宛畦，但需注意的是此文件每次cobbler sync都會恢復默認local啟動瘸洛。

另外，cobbler據(jù)說能夠同時提供不同版本的系統(tǒng)的自動化安裝次和，此前我們已經(jīng)嘗試添加了centos 7 的光盤鏡像反肋，接著我們來嘗試下提供一個centos 6的光盤鏡像，看看能否完成自動化安裝踏施。

[root@cobbler ~]# mount /dev/cdrom /mnt
mount: /dev/sr0 寫保護石蔗，將以只讀方式掛載
[root@cobbler ~]# ll /mnt/  #重新掛載centos 6的系統(tǒng)光盤
總用量 564
-r--r--r--. 2 root root     14 3月  29 2017 CentOS_BuildTag
dr-xr-xr-x. 3 root root   2048 3月  29 2017 EFI
-r--r--r--. 2 root root    212 11月 27 2013 EULA
-r--r--r--. 2 root root  18009 11月 27 2013 GPL
dr-xr-xr-x. 3 root root   2048 3月  29 2017 images
dr-xr-xr-x. 2 root root   2048 3月  29 2017 isolinux
dr-xr-xr-x. 2 root root 534528 3月  29 2017 Packages
-r--r--r--. 2 root root   1359 3月  28 2017 RELEASE-NOTES-en-US.html
dr-xr-xr-x. 2 root root   4096 3月  29 2017 repodata
-r--r--r--. 2 root root   1706 11月 27 2013 RPM-GPG-KEY-CentOS-6
-r--r--r--. 2 root root   1730 11月 27 2013 RPM-GPG-KEY-CentOS-Debug-6
-r--r--r--. 2 root root   1730 11月 27 2013 RPM-GPG-KEY-CentOS-Security-6
-r--r--r--. 2 root root   1734 11月 27 2013 RPM-GPG-KEY-CentOS-Testing-6
-r--r--r--. 1 root root   3380 3月  29 2017 TRANS.TBL

[root@cobbler ~]# cobbler import --name=centos-6.9-x86_64 --path=/mnt    #將鏡像導入到cobbler中
[root@cobbler ~]# cobbler profile list
   centos-6.9-x86_64
   centos-7.2-x86_64
   centos-7.2-x86_64-custom

接著在客戶端上測試自動化安裝：

image

image

cobbler 的web管理

cobbler支持web管理，使用前需要安裝相關(guān)程序包：

[root@cobbler ~]# yum install -y cobbler-web

接著需要更改cobbler的認證模塊為auth.pam:

[root@cobbler ~]# vim /etc/cobbler/modules.conf
[authentication]
module = authn_pam

然后創(chuàng)建cobbler賬號：

[root@cobbler ~]# useradd cbadmin
[root@cobbler ~]# echo "magedu" | passwd --stdin cbadmin
更改用戶 cbadmin 的密碼 畅形。
passwd：所有的身份驗證令牌已經(jīng)成功更新养距。

在/etc/cobbler/users.conf文件中指定cbadmin賬號為cobbler-web的管理賬號：

[root@cobbler ~]# vim /etc/cobbler/users.conf
[admins]
admin = "cbadmin"

配置完成后，重啟cobblerd服務和httpd服務：

[root@cobbler ~]# systemctl restart cobblerd
[root@cobbler ~]# systemctl restart httpd

cobbler的web登錄界面

cobbler的管理界面

參考博客：http://www.reibang.com/p/4976d693470d