Centos6.7部署cobbler完成无人值守化安装部署 Cobbler是一个免费开源系统安装部署软件,用于自动化网络安装操作系统。在生产环境中,经常批量部署几十甚至上百台服务器时,实现自动化安装操作系统尤为重要,按照传统的光盘引导安装工作量是不可预估的;此前我们通过pxe+kickstart简单实现了自动化安装,但只能实现单一版本安装,当需要部署不同版本或不同引导模式(BIOS、EFI)时,此种方式就不够灵活。而Cobbler正是为了解决此问题而设计的。
Cobbler组件架构如下:
![wKiom1i8Qi2DtYsiAAAtnv7UDe0228.png-wh_50]( "untitled.png")
Cobbler服务集成以下:
*1* PXE服务
*2* DHCP服务管理
*3* TFTP服务管理
*4* Rsync服务(系统镜像可导入发行版镜像,也可以从互联网中通过rsync工具导入)
*5* HTTP服务管理
*6* DNS服务管理
*7* Kickstart服务
*8* IPMI电源管理
二、工作流
cobbler为server端,裸机为client端
1:client裸机配置了从网络启动后,开机后会广播包请求DHCP服务器(cobbler server)发送其分配好的一个IP
2:DHCP服务器(cobbler server)收到请求后发送responese,包括其ip地址
3:client裸机拿到ip后再向cobbler server发送请求OS引导文件的请求
4:cobbler server告诉裸机OS引导文件的名字和TFTP server的ip和port
5:client裸机通过上面告知的TFTP server地址和port通信,下载引导文件
6:client裸机执行执行该引导文件,确定加载信息,选择要安装的os,期间会再向cobbler server请求kickstart文件和os p_w_picpath
7:cobbler server发送请求的kickstart和os iamge
8:client裸机加载kickstart文件
9:client裸机接收os p_w_picpath,安装该os p_w_picpath
详细的配置示例如下:
(1)安装EPEL源
# wget http://dl.fedoraproject.org/pub/epel/6/x86_64/epel-release-6-8.noarch.rpm
# wget http://rpms.famillecollet.com/enterprise/remi-release-6.rpm
# rpm -Uvh remi-release-6.rpm epel-release-6-8.noarch.rpm
(2)安装cobbler及相关依赖包
# yum -y install httpd dhcp tftp-server xinetd rsync cman pykickstart debmirror
# yum install -y ed patch perl perl-Compress-Zlib perl-Digest-SHA1 perl-LockFile-Simple perl-libwww-perl
# yum -y groupinstall "Development Tools"
# yum -y install syslinux python-simplejson python-cheetah PyYAML Django openssl-devel genisop_w_picpath createrepo mod_wsgi mod_ssl
# yum -y install libyaml-0.1.3-4.el6_6.x86_64.rpm PyYAML-3.09-5.el6.x86_64.rpm
# yum -y install cobbler cobbler-web
(3)配置启动httpd、cobbler等服务
# chkconfig --level 35 httpd on
# chkconfig --level 35 cobblerd on
# chkconfig --level 35 tftp on
# chkconfig --level 35 rsync on
# chkconfig --level 35 xinetd on
# chkconfig dhcpd on
# service xinetd start
# service httpd start
# service cobblerd start
(4)Cobbler目录使用说明:
配置文件目录:/etc/cobbler
* * /etc/cobbler/settings : cobbler 主配置文件
* * /etc/cobbler/iso/ : iso模板配置文件
* * /etc/cobbler/pxe : pxe模板文件
* * /etc/cobbler/power : 电源配置文件
* * /etc/cobbler/users.conf : Web服务配置文件
* * /etc/cobbler/users.digest : 用于web访问的用户名密码配置文件
* * /etc/cobbler/dhcp.template : DHCP服务配置模板文件
* * /etc/cobbler/dnsmasq.template : DNS服务配置模板文件
* * /etc/cobbler/tftpd.template : tftp服务配置模板文件
* * /etc/cobbler/modules.conf : Cobbler模块配置文件
数据目录:/var/lib/cobbler
* * /var/lib/cobbler/config : 用于存放distros systems profiles等信息配置文件
* * /var/lib/cobbler/triggers : 用于存放用户自定义的cobbler命令
* * /var/lib/cobbler/kickstarts : 默认存放kickstart文件
* * /var/lib/cobbler/loaders : 存放各种引导程序
镜像数据目录: /var/www/cobbler
* * /var/www/cobbler/ks_mirror : 导入的发行版系统的所有数据
* * /var/www/cobbler/p_w_picpaths : 导入发行版的kernel和initrd镜像用于远程网络启动
* * /var/www/cobbler/repo_mirror/ :yum仓库存储目录
日志目录:/var/log/cobbler
* * /var/log/cobbler/install.log : 客户端系统安装日志
* * /var/log/cobbler/cobbler.log : cobbler日志
(5)检查配置Cobbler
#cobbler check
运行cobbler check命令,会有如下提示出现
The following are potential configuration items that you may want to fix:
1 : The
'server'
field
in
/etc/cobbler/settings
must be
set
to something other than localhost, or kickstarting features will not work. This should be a resolvable
hostname
or IP
for
the boot server as reachable by all machines that will use it.
2 : For PXE to be functional, the
'next_server'
field
in
/etc/cobbler/settings
must be
set
to something other than 127.0.0.1, and should match the IP of the boot server on the PXE network.
3 : some network boot-loaders are missing from
/var/lib/cobbler/loaders
, you may run
'cobbler get-loaders'
to download them, or,
if
you only want to handle x86
/x86_64
netbooting, you may ensure that you have installed a *recent* version of the syslinux package installed and can ignore this message entirely. Files
in
this directory, should you want to support all architectures, should include pxelinux.0, menu.c32, elilo.efi, and yaboot. The
'cobbler get-loaders'
command
is the easiest way to resolve these requirements.
4 : change
'disable'
to
'no'
in
/etc/xinetd
.d
/rsync
5 : comment out
'dists'
on
/etc/debmirror
.conf
for
proper debian support
6 : comment out
'arches'
on
/etc/debmirror
.conf
for
proper debian support
7 : The default password used by the sample templates
for
newly installed machines (default_password_crypted
in
/etc/cobbler/settings
) is still
set
to
'cobbler'
and should be changed, try:
"openssl passwd -1 -salt 'random-phrase-here' 'your-password-here'"
to generate new one
Restart cobblerd and
then
run
'cobbler sync'
to apply changes.
下面根据cobbler配置信息的检查结果,逐个修复相关问题项。
从Cobbler 2.4开始,有一个重要的功能,就是让你不需要手工编辑配置setting配置文件,直接使用命令修改相关配置,默认这个功能是不启用,启用需要进行一下配置:
**建议采用修改/etc/cobbler/settings配置文件的方式修改配置选项。
**在采用命令方式动态更新配置时,Cobbler会将配置文件中带"#"注释的行全部删除
# cd /etc/cobbler/
# cp -af settings{,.default}
# sed -i '/^allow_dynamic_settings:/ s/0/1/' settings
# service cobblerd restart
(1).错误1,修改/etc/cobbler/settings 里面的 server 为Cobbler Server的IP地址 ;
# vim /etc/cobbler/settings
server;192.168.18.202
or
# cobbler setting edit --name=server --value=192.168.18.202
(2).错误2,修改/etc/cobbler/settings 里面的 next_serverw 为next_server选项是DHCP/PXE网络引导文件被下载的TFTP服务器的IP,它将和server设置为同一个IP;
# vim /etc/cobbler/settings
next_server=192.168.18.202
or
# cobbler setting edit --name=next_server --value=192.168.18.202
(3).错误3,下载启动引导文件
# cobbler get-loaders
(4).错误4,修改/etc/xinetd.d/tftp 把'disable' 修改为'no';修改/etc/xinetd.d/rsync 把'disable' 修改为'no';
# sed -i 's/disable.*$/disable = no/g' /etc/xinetd.d/tftp
# sed -i 's/disable.*$/disable = no/g' /etc/xinetd.d/rsync
# service xinetd start
(5).错误5和6,debmirror有错误
# yum -y install debmirror
# sed -i '/^@dists="sid";/ s/^/#/' /etc/debmirror.conf # sed -i '/^@arches="i386";/ s/^/#/' /etc/debmirror.conf
# vim /etc/debmirror.conf
#注释掉@dists="sid"与@arches="i386即可
#@dists="sid";
#@arches="i386";
# yum -y install pykickstart
(6).错误7,设置客户端默认root密码;生成你想要的密码的加密字符串,然后复制运行命令之后的加密代码;
# openssl passwd -1 -salt 'cobbler' '123456'
$1$hahaha$hSxFjZSHRoiEn4DYrrGUI.
然后替换/etc/cobbler/settings 中选项双引号中的加密代码; # vim /etc/cobbler/settings
default_password_crypted: "$1$hahaha$hSxFjZSHRoiEn4DYrrGUI."
or # cobbler setting edit --name=default_password_crypted --value=$1$hahaha$hSxFjZSHRoiEn4DYrrGUI |
|
(7),错误8,如果需要电源管理特性的话,则需要安装cman及fence-agents包
# yum -y install cman fence-agents
如果cobbler服务器启用防火墙功能,需要开启以下端口:
# iptables -A INPUT -m state --state NEW -m tcp -p tcp -m multiport --dports 80,443,25151 -j ACCEPT
# iptables -A INPUT -m state --state NEW -m udp -p udp -m multiport --dports 53,67:69,25151 -j ACCEPT
新启动Cobbler并运行检查命令
# service cobblerd restart
Stopping cobbler daemon: [确定]
Starting cobbler daemon: [确定]
# cobbler check
No configuration problems found. All systems go.
配置cobbler依赖服务由cobbler进行管理:
默认情况下,若开机未将相关的服务设置成开启启动,即使cobblerd服务启动时,相关服务也是未启动状态。因此,需要确认dhcp、tftp、rsync等服务是否设置为开启自启动。tftp、rsync服务由xinetd管理,需要保证xinetd服务为开机自启动状态.
# sed -i '/disable/c disable = no' /etc/xinetd.d/tftp
# sed -i -e 's/= yes/= no/g' /etc/xinetd.d/rsync
# service xinetd restart
Cobbler管理rsync
默认为0,不对rsync进行管理,可以修改为1 进行管理
# sed -i 's/manage_rsync: 0/manage_rsync: 1/g' /etc/cobbler/settings
防止误重装系统,选项:pxe_just_once
# cobbler setting edit --name=pxe_just_once --value=1
1.让Cobbler来管理DHCP服务器
# vim /etc/cobbler/settings
manage_dhcp: 1
2.修改DHCP模板
# vim /etc/cobbler/dhcp.template
subnet 192.168.18.0 netmask 255.255.255.0 { 需要修改192.168.18.0为自己网段
option routers 192.168.18.1; 修改自己的路由
option domain-name-servers 8.8.8.8;
option subnet-mask 255.255.255.0;
range dynamic-bootp 192.168.18.100 192.168.18.200;
filename "/pxelinux.0";
default-lease-time 21600;
max-lease-time 43200;
next-server $next_server;
}
#vi /etc/sysconfig/dhcpd
修改内容如下:
#Command line options here DHCPDARGS=eth0
DHCPDARGS=eth0
# service cobblerd restart
Stopping cobbler daemon: [确定]
Starting cobbler daemon: [确定]
完成后一定要运行cobbler sync 命令让配置生效,使dhcp、http被cobbler接管
设置http服务
# vi /etc/httpd/conf/httpd.conf
ServerName 127.0.0.1:80
# yum -y install mod_wsgi
# sed -i 's*#LoadModule*LoadModule*g' /etc/httpd/conf.d/wsgi.conf
导入系统镜像到Cobbler
# mkdir -p /mnt/CentOS/6.5# mount -o loop /root/CentOS-6.5-x86_64-bin-DVD1.iso /mnt/CentOS/6.5/
# cobbler import --name=CentOS-6.5-x86_64 --path=/mnt/CentOS/6.5
正常导完之后会给出如下提示:
……(省略)
associating kickstarts
*** TASK COMPLETE ***
cobbler list来查看导入的结果
准备kisckstart文件
kickstart自动安装文件可以用工具生成(需要用到图形界面操作)
# yum install system-config-kickstart #安装
# yum groupinstall "X Window System" #安装X Window图形界面
# system-config-kickstart #运行kickstart配置
# service cobbler sync #与cobbler sync作用相同
# service cobbler restart #重启cobbler
系统镜像文件和kickstart自动安装文件关联起来
# cobbler profile add --name=CentOS-6.5-basic --distro=CentOS-6.5-x86_64 --kickstart=/var/lib/cobbler/kickstarts/cetos6.x86_64.cfg
# cobbler profile list
为Cobbler添加RPM仓库
# cobbler repo add
--name=EPEL
--mirror=http://download.fedoraproject.org/pub/epel/6/x86_64/
# cobbler repo add
--name=Local
--mirror=http://mirrors.163.com/centos/6.7/extras/x86_64/
#添加repo到profile会自动添加到节点上的repo上,指向内网,非常方便。
# cobbler profile edit --name==CentOS-6.5-basic --repos="epel local"
# cobbler reposync
也可以通过设置–mirror-locally=0不下载到本地,而通过kickstart server去仓库下载rpm包。
# cobbler sync
客户端安装测试:
![wKioL1i8evmCnE-2AABe705WP08279.jpg-wh_50]( "10.jpg")
参考http://www.3mu.me/centos6-5%E5%AE%89%E8%A3%85%E5%92%8C%E9%85%8D%E7%BD%AEcobbler-2-6%E5%AE%9E%E7%8E%B0%E8%87%AA%E5%8A%A8%E5%8C%96%E6%97%A0%E4%BA%BA%E5%80%A4%E5%AE%88%E7%BD%91%E7%BB%9C%E6%89%B9%E9%87%8F%E5%AE%89%E8%A3%85/
