cobbler_自動(dòng)化部署
cobbler可以用來(lái)快速建立Linux網(wǎng)絡(luò)環(huán)境安裝胁镐。
- 網(wǎng)絡(luò)安裝套件cobbler服務(wù)偎血;DHCP、TFTP盯漂、PXE颇玷、等。
1就缆、cobbler是Linux中的安裝服務(wù)帖渠,可以通過(guò)網(wǎng)絡(luò)啟動(dòng)(pxe)的方式快速安裝虛擬機(jī)和物理服務(wù)器,同時(shí)還可以管理DHCP竭宰、DNS等空郊。
2份招、Cobbler是較早的kickstart升級(jí)版,優(yōu)點(diǎn)是比較容易配置渣淳。還自帶web界面比較易于管理脾还。
3、cobbler可以使用命令行方式入愧、web界面工具(cobbler-web),還提供了API接口嗤谚,可以方便二次開發(fā)使用棺蛛。
4、cobbler內(nèi)置了一個(gè)輕量級(jí)配置管理系統(tǒng)巩步,支持和其他配置管理系統(tǒng)集成旁赊。如:puppet
cobbler 流程
![]()
cobbler流程.jpg
cobbler流程.jpg
Cobbler 對(duì)象關(guān)系.png
核心組件
- Distros:發(fā)行版;表示一個(gè)操作系統(tǒng)椅野,包含內(nèi)核和initrd的信息以及內(nèi)核參數(shù)等其他數(shù)據(jù)终畅。
- Profile:配置文件;包含發(fā)行版竟闪、一個(gè)kickstart文件及可能的存儲(chǔ)庫(kù)离福,還包含更多特定的內(nèi)核參數(shù)等。
- images:鏡像炼蛤;可以替換一個(gè)包含及此類別的文件發(fā)行版本對(duì)象(無(wú)法分為內(nèi)核和initrd的對(duì)象)
- system:系統(tǒng)妖爷;要配給的機(jī)器,包括一個(gè)配置文件或一個(gè)鏡像理朋、IP和MAC地址絮识、電源管理(地址、憑據(jù)嗽上、類型)以及更為專業(yè)的數(shù)據(jù)信息次舌。
cobbler集成服務(wù)
- TFTP
- DHCP服務(wù)管理
- PXE服務(wù)支持
- DNS服務(wù)管理
- kickstart服務(wù)支持
- YUM倉(cāng)庫(kù)管理
- 電源管理
- httpd頁(yè)面
Server服務(wù)端
- 1、啟動(dòng)cobbler服務(wù)
- 2兽愤、進(jìn)行cobbler錯(cuò)誤檢查彼念,執(zhí)行cobbler check
- 3、進(jìn)行配置同步烹看,執(zhí)行cobbler sync
- 4国拇、復(fù)制相關(guān)啟動(dòng)文件到TFTP目錄中
- 5、啟動(dòng)DHCP服務(wù)惯殊,提供地址分配
- 6酱吝、DHCP服務(wù)分配IP地址
- 7、TFTP傳輸啟動(dòng)文件
- 8土思、Server接受安裝信息
- 9务热、Server端發(fā)送ISO鏡像及kickstart文件
Client端
1忆嗜、客戶端已PXE模式啟動(dòng)
2、客戶端獲取IP地址
3崎岂、通過(guò)TFTP服務(wù)器獲取啟動(dòng)文件
4捆毫、進(jìn)入cobbler安裝選擇界面
5、根據(jù)配置信息準(zhǔn)備安裝系統(tǒng)
6冲甘、加載kickstart文件
7绩卤、傳輸系統(tǒng)安裝的其他文件
8、進(jìn)行安裝系統(tǒng)
一江醇、安裝服務(wù)器前準(zhǔn)備
提示:系統(tǒng)在公司環(huán)境下濒憋,盡量做好VLAN的隔離,避免同一個(gè)局域網(wǎng)中多個(gè)DHCP服務(wù)沖突陶夜。
VMware 使用NAT或者僅主機(jī)模式凛驮,不使用橋接。
/ 關(guān)閉防火墻条辟、SELinux等
systemctl stop firewalld.service
systemctl disable firewalld.service
setenforce 0
getenforce
sed -i "s/SELINUX=enforcing/SELINUX=disabled/g" /etc/selinux/config
/ 查看自己的IP地址配置正常否
nl /etc/sysconfig/network-scripts/ifcfg-ens192 /etc/sysconfig/network-scripts/ifcfg-ens224
/ 更新阿里云的epel源
wget -O /etc/yum.repos.d/epel.repo http://mirrors.aliyun.com/repo/epel-7.repo
yum clean all
yum makecache
二黔夭、安裝cobbler
/ 安裝cobbler httpd xinetd cobbler-web
yum install -y cobbler cobbler-web tftp-server dhcp httpd xinetd
/ 啟動(dòng)httpd及cobbler服務(wù),并加入開機(jī)啟動(dòng)
systemctl start httpd cobblerd.service
systemctl enable httpd.service cobblerd.service
三羽嫡、
/ 修改配置文件
cobbler check
The following are potential configuration items that you may want to fix:
1 : The 'server' field in /etc/cobbler/settings must be set to something other than localhost, or kickstarting features will not work. This should be a resolvable hostname or IP for the boot server as reachable by all machines that will use it.
2 : For PXE to be functional, the 'next_server' field in /etc/cobbler/settings must be set to something other than 127.0.0.1, and should match the IP of the boot server on the PXE network.
3 : SELinux is enabled. Please review the following wiki page for details on ensuring cobbler works correctly in your SELinux environment:
https://github.com/cobbler/cobbler/wiki/Selinux
4 : change 'disable' to 'no' in /etc/xinetd.d/tftp
5 : Some network boot-loaders are missing from /var/lib/cobbler/loaders, you may run 'cobbler get-loaders' to download them, or, if you only want to handle x86/x86_64 netbooting, you may ensure that you have installed a *recent* version of the syslinux package installed and can ignore this message entirely. Files in this directory, should you want to support all architectures, should include pxelinux.0, menu.c32, elilo.efi, and yaboot. The 'cobbler get-loaders' command is the easiest way to resolve these requirements.
6 : enable and start rsyncd.service with systemctl
7 : debmirror package is not installed, it will be required to manage debian deployments and repositories
8 : ksvalidator was not found, install pykickstart
9 : The default password used by the sample templates for newly installed machines (default_password_crypted in /etc/cobbler/settings) is still set to 'cobbler' and should be changed, try: "openssl passwd -1 -salt 'random-phrase-here' 'your-password-here'" to generate new one
10 : fencing tools were not found, and are required to use the (optional) power management features. install cman or fence-agents to use them
Restart cobblerd and then run 'cobbler sync' to apply changes.
/ server & next_server
sed -ri '/allow_dynamic_settings:/c\allow_dynamic_settings: 1' /etc/cobbler/settings //針對(duì)server需要先將動(dòng)態(tài)設(shè)為1
systemctl restart cobblerd.service
cobbler setting edit --name=server --value=192.168.10.2 //修改配置文件
cobbler setting edit --name=next_server --value=192.168.10.2
sed -ri '/disable/c\disable = no' /etc/xinetd.d/tftp
/ tftp_server
systemctl start xinetd.service
systemctl enable xinetd.service
systemctl status xinetd.service
cobbler get-loaders
systemctl start rsyncd.service
systemctl enable rsyncd.service
yum install -y pykickstart
/ 設(shè)置密碼本姥,初始化登錄密碼
openssl passwd -1 -salt `openssl rand -hex 4` 'xxxxxx'
$1$43b37a04$w/ff8CWiDsvU2np4mwin.
nl /etc/cobbler/settings | grep "default_pa"
default_password_crypted: $1$43b37a04$w/ff8CWiDsvU2np4mwin.
yum -y install fence-agents
cobbler check
cobbler setting edit --name=manage_dhcp --value=1
vim /etc/cobbler/dhcpd.template
subnet 192.168.10.0 netmask 255.255.255.0 {
17 option routers 192.168.10.1;
18 option domain-name-servers 192.168.10.1;
19 option subnet-mask 255.255.255.0;
20 range dynamic-bootp 192.168.10.100 192.168.10.254;
21 default-lease-time 21600;
22 max-lease-time 43200;
23 next-server $next_server;
24 class "pxeclients" {
25 match if substring (option vendor-class-identifier, 0, 9) = "PXEClient";
26 if option pxe-system-type = 00:02 {
27 filename "ia64/elilo.efi";
28 } else if option pxe-system-type = 00:06 {
29 filename "grub/grub-x86.efi";
30 } else if option pxe-system-type = 00:07 {
31 filename "grub/grub-x86_64.efi";
32 } else if option pxe-system-type = 00:09 {
33 filename "grub/grub-x86_64.efi";
34 } else {
35 filename "pxelinux.0";
36 }
37 }
[root@localhost ~]# cobbler rsync
No such command: rsync
[root@localhost ~]#
[root@localhost ~]# cobbler sync
task started: 2020-03-05_010425_sync
task started (id=Sync, time=Thu Mar 5 01:04:25 2020)
running pre-sync triggers
cleaning trees
removing: /var/lib/tftpboot/pxelinux.cfg/default
removing: /var/lib/tftpboot/grub/images
removing: /var/lib/tftpboot/grub/grub-x86.efi
removing: /var/lib/tftpboot/grub/grub-x86_64.efi
removing: /var/lib/tftpboot/grub/efidefault
removing: /var/lib/tftpboot/s390x/profile_list
copying bootloaders
trying hardlink /var/lib/cobbler/loaders/pxelinux.0 -> /var/lib/tftpboot/pxelinux.0
copying: /var/lib/cobbler/loaders/pxelinux.0 -> /var/lib/tftpboot/pxelinux.0
trying hardlink /var/lib/cobbler/loaders/menu.c32 -> /var/lib/tftpboot/menu.c32
copying: /var/lib/cobbler/loaders/menu.c32 -> /var/lib/tftpboot/menu.c32
trying hardlink /var/lib/cobbler/loaders/yaboot -> /var/lib/tftpboot/yaboot
copying: /var/lib/cobbler/loaders/yaboot -> /var/lib/tftpboot/yaboot
trying hardlink /usr/share/syslinux/memdisk -> /var/lib/tftpboot/memdisk
copying: /usr/share/syslinux/memdisk -> /var/lib/tftpboot/memdisk
trying hardlink /var/lib/cobbler/loaders/grub-x86.efi -> /var/lib/tftpboot/grub/grub-x86.efi
trying hardlink /var/lib/cobbler/loaders/grub-x86_64.efi -> /var/lib/tftpboot/grub/grub-x86_64.efi
copying distros to tftpboot
copying images
generating PXE configuration files
generating PXE menu structure
rendering DHCP files
generating /etc/dhcp/dhcpd.conf
rendering TFTPD files
generating /etc/xinetd.d/tftp
cleaning link caches
running post-sync triggers
running python triggers from /var/lib/cobbler/triggers/sync/post/*
running python trigger cobbler.modules.sync_post_restart_services
running: dhcpd -t -q
received on stdout:
received on stderr:
running: service dhcpd restart
received on stdout:
received on stderr: Redirecting to /bin/systemctl restart dhcpd.service
running shell triggers from /var/lib/cobbler/triggers/sync/post/*
running python triggers from /var/lib/cobbler/triggers/change/*
running python trigger cobbler.modules.manage_genders
running python trigger cobbler.modules.scm_track
running shell triggers from /var/lib/cobbler/triggers/change/*
*** TASK COMPLETE ***
/ 導(dǎo)入鏡像文件
cobbler import --path=/mnt --name=centos-7-x86_64 --arch=x86_64
四、客戶端狀態(tài)顯示
image.png
image.png
image.png
image.png
