COBBLER无人值守安装及配置

一、Cobbler的介绍 

Cobbler是一个Linux服务器安装的服务,可以通过网络启动(PXE)的方式来快速安装、重装物理服务器,虚拟机,同时还可以管理DHCP和DNS等。                                  

Cobbler可以使用命令行方式管理,也提供了基于Web的界面管理工具(cobbler-web),还提供了API接口,可以方便二次开发使用。

此外,相比kisckstart的安装方式,Cobbler的安装配置更为简便,更提供了web方式便于管理。

1、Cobbler集成的服务

PXE服务支持

DHCP服务管理

DNS服务管理(可选bind,dnsmasq)

电源管理

Kickstart服务支持

YUM仓库管理

TFTP(PXE启动时需要)

Apache(提供kickstart的安装源,并提供定制化的kickstart配置)

2、系统环境准备

[root@flyfish ~]# cat /etc/issue

CentOS release 6.7 (Final)

Kernel \r on an \m

[root@flyfish ~]# ifconfig eth0|awk -F “[ :]+” ‘NR==2 {print $4}’

172.16.10.90

[root@flyfish ~]# service iptables status

iptables: Firewall is not running.

[root@flyfish ~]# getenforce

Disabled

二、Cobbler安装和配置

1、安装Cobbler

由于Cobbler不在CentOS的基本源中,需要导入EPEL源升级软件包

rpm -ivh http://mirrors.163.com/centos/6.7/extras/x86_64/Packages/epel-release-6-8.noarch.rpm

[root@flyfish ~]# yum -y install cobbler cobbler-web dhcp tftp-server pykickstart httpd

[root@flyfish ~]# rpm -ql cobbler # 查看安装的文件,这里列出主要部分

/etc/cobbler # 配置文件目录

/etc/cobbler/settings # cobbler主配置文件,这个文件是YAML格式,Cobbler是python写的程序。

/etc/cobbler/dhcp.template # DHCP服务的配置模板

/etc/cobbler/tftpd.template # tftp服务的配置模板

/etc/cobbler/rsync.template # rsync服务的配置模板

/etc/cobbler/iso # iso模板配置文件目录

/etc/cobbler/pxe # pxe模板文件目录

/etc/cobbler/power # 电源的配置文件目录

/etc/cobbler/users.conf # Web服务授权配置文件

/etc/cobbler/users.digest # 用于web访问的用户名密码配置文件

/etc/cobbler/dnsmasq.template # DNS服务的配置模板

/etc/cobbler/modules.conf # Cobbler模块配置文件

/var/lib/cobbler # Cobbler数据目录

/var/lib/cobbler/config # 配置文件

/var/lib/cobbler/kickstarts # 默认存放kickstart文件

/var/lib/cobbler/loaders # 存放的各种引导程序

/var/www/cobbler # 系统安装镜像目录

/var/www/cobbler/ks_mirror # 导入的系统镜像列表

/var/www/cobbler/images # 导入的系统镜像启动文件

/var/www/cobbler/repo_mirror # yum源存储目录

/var/log/cobbler # 日志目录

/var/log/cobbler/install.log # 客户端系统安装日志

/var/log/cobbler/cobbler.log # cobbler日志

2、Cobbler的配置

启动Apache和Cobbler

[root@flyfish ~]# /etc/init.d/httpd start

Stopping httpd: [ OK ]

[root@flyfish ~]# /etc/init.d/cobblerd start

Starting cobbler daemon: [ OK ]

使用cobbler check命令,会报如下问题,我们依次解决。(如果没显示以下问题请再重启一次cobbler服务)

[root@flyfish ~]# cobbler check

第一个问题:

[root@flyfish ~]# cp /etc/cobbler/settings{,.bak} #备份

#server,修改Cobbler服务器IP

sed -i ‘s/server: 127.0.0.1/server: 172.16.10.90/’ /etc/cobbler/settings

第二个问题:

#next_server,如果用cobbler管理dhcp服务,修改本项

sed -i ‘s/next_server: 127.0.0.1/next_server: 172.16.10.90/’

/etc/cobbler/settings

#使用cobbler管理dhcp服务

sed -i ‘s/manage_dhcp: 0/manage_dhcp: 1/’ /etc/cobbler/settings

#防止循环装系统,适用于服务器第一启动项是PXE启动。

sed -i ‘s/pxe_just_once: 0/pxe_just_once: 1/’ /etc/cobbler/settings

第三个问题:

[root@flyfish ~]# vim /etc/xinetd.d/tftp

disabled = no

[root@flyfish ~]# /etc/init.d/xinetd restart

第四个问题:

[root@flyfish ~]# cobbler get-loaders # 会自动从官网下载

[root@flyfish ~]# cd /var/lib/cobbler/loaders/ #下载的内容

[root@flyfish loaders]# ls

COPYING.elilo COPYING.yaboot grub-x86_64.efi menu.c32 README

COPYING.syslinux elilo-ia64.efi grub-x86.efi pxelinux.0 yaboot

第五个问题:

[root@flyfish ~]# vim /etc/xinetd.d/rsync

disabled = no

[root@flyfish ~]# /etc/init.d/xinetd restart

第六个问题:

注:这里提示rsync配置文件不存在,其实是误报。

第七个问题:

注:和debian系统有关,无需解决。

第八个问题:

#设置新装系统的默认root密码,这里可按提示设置,也可以直接在ks文件中指定

#按提示设置root默认密码为123456,random-phrase-here为干扰码,可以自行设定

[root@flyfish ~]# openssl passwd -1 -salt ‘yufei’ ‘123456’

$1$yufei$Iw.FI6S1IOl3zDc.FISXw.

[root@flyfish ~]# vim /etc/cobbler/settings

default_password_crypted: $1$yufei$Iw.FI6S1IOl3zDc.FISXw.

第九个问题:

注:和系统设备有关,无需解决。

重启Cobbler服务

[root@flyfish ~]# /etc/init.d/cobblerd restart

Stopping cobbler daemon: [ OK ]

Starting cobbler daemon: [ OK ]

3、配置DHCP服务

#直接修改Cobbler的dhcp模板,不需要直接修改dhcp的主配置文件,因为Cobbler同步时会覆盖

[root@flyfish ~]# vim /etc/cobbler/dhcp.template

#仅列出修改部分

………

subnet 172.16.10.0 netmask 255.255.255.0 {

option routers 172.16.10.90;

option domain-name-servers 172.16.10.90;

option subnet-mask 255.255.255.0;

range dynamic-bootp 172.16.10.200 172.16.10.210;

default-lease-time 21600;

max-lease-time 43200;

next-server 172.16.10.90;

}

………

4、同步Cobbler配置

#同步最新Cobbler配置,它会根据配置自动修改DHCP等服务。

[root@flyfish ~]# cobbler sync #同步所有配置,下图可以看出同步的文件和重启的服务

#顺便看下dhcp配置文件,看看是否已同步

[root@flyfish ~]# vim /etc/dhcp/dhcpd.conf

5、设置开机启动服务

#启动相关服务并设置开机启动

chkconfig httpd on

chkconfig xinetd on

chkconfig cobblerd on

chkconfig dhcpd on

/etc/init.d/httpd restart

/etc/init.d/xinetd restart

/etc/init.d/cobblerd restart

/etc/init.d/dhcpd restart

#这里网上还有个现成的集成脚本(供参考)

cat >>/etc/init.d/cobbler<<EOF

#!/bin/bash

# chkconfig: 345 80 90

# description:cobbler

case \$1 in

start)

/etc/init.d/httpd start

/etc/init.d/xinetd start

/etc/init.d/dhcpd start

/etc/init.d/cobblerd start

;;

stop)

/etc/init.d/httpd stop

/etc/init.d/xinetd stop

/etc/init.d/dhcpd stop

/etc/init.d/cobblerd stop

;;

restart)

/etc/init.d/httpd restart

/etc/init.d/xinetd restart

/etc/init.d/dhcpd restart

/etc/init.d/cobblerd restart

;;

status)

/etc/init.d/httpd status

/etc/init.d/xinetd status

/etc/init.d/dhcpd status

/etc/init.d/cobblerd status

;;

sync)

cobbler sync

;;

*)

echo “Input error,please in put ‘start|stop|restart|status|sync’!”

exit 2

;;

esac

EOF

# chmod +x /etc/init.d/cobbler

# chkconfig cobbler on

6、Cobbler的web界面安装和配置

前面已经安装了cobbler-web软件

访问地址:http://172.16.10.90/cobbler_web或者https://172.16.10.90/cobbler_web

默认用户名:cobbler
默认密码 :cobbler

/etc/cobbler/users.conf # Web服务授权配置文件

/etc/cobbler/users.digest # 用于web访问的用户名密码配置文件

[root@flyfish ~]# cat /etc/cobbler/users.digest

cobbler:Cobbler:a2d6bae81669d707b72c0bd9806e01f3

# 设置Cobbler web用户登陆密码

# 在Cobbler组添加cobbler用户,提示输入2遍密码确认

[root@flyfish ~]# htdigest /etc/cobbler/users.digest “Cobbler” cobbler

Changing password for user cobbler in realm Cobbler

New password: 123456

Re-type new password:123456

# 不管什么情况下配置改动都需要同步文件

[root@flyfish ~]# cobbler sync

[root@flyfish ~]# /etc/init.d/httpd restart

停止 httpd: [OK]

正在启动 httpd: [OK]

[root@flyfish ~]# /etc/init.d/cobblerd restart

Stopping cobbler daemon: [OK]

Starting cobbler daemon: [OK]

# 以后就需要用123456这个密码登录了。

三、Cobbler的命令行管理

1、常用命令介绍

[root@flyfish ~]# cobbler import –help #查看帮助文档

cobbler import 导入镜像

cobbler check 核对当前设置是否有问题

cobbler list 列出所有的cobbler元素

cobbler report 列出元素的详细信息

cobbler sync 同步配置到数据目录,更改配置最好都要执行下

cobbler reposync 同步yum仓库

cobbler distro 查看导入的发行版系统信息

cobbler system 查看添加的系统信息

cobbler profile 查看配置信息

2、导入镜像

# 挂载centos6.7镜像

[root@flyfish ~]# mount -o loop /ISO/CentOS-6.7-x86_64-bin-DVD1.iso /mnt

# 导入系统镜像

[root@flyfish ~]# cobbler import –path=/mnt/ –name=CentOS-6.7-x86_64 –arch=x86_64

# –path 镜像路径

# –name 为安装源定义一个名字

# –arch 指定安装源是32位、64位、ia64, 目前支持的选项有: x86│x86_64│ia64

# 安装源的唯一标示就是根据name参数来定义,本例导入成功后,安装源的唯一标示就是:CentOS-7.1-x86_64,如果重复,系统会提示导入失败。

# 查看镜像列表

[root@flyfish ~]# cobbler distro list

CentOS-6.7-x86_64

CentOS-7.2-x86_64

# 镜像存放目录在/var/www/cobbler/ks_mirror目录下,cobbler会将镜像中的所有安装文件拷贝到这个目录一份

[root@flyfish ks_mirror]# pwd

/var/www/cobbler/ks_mirror

[root@flyfish ks_mirror]# ls

CentOS-6.7-x86_64 CentOS-7.2-x86_64 config

[root@flyfish ks_mirror]# ls CentOS-6.7-x86_64/

CentOS_BuildTag isolinux RPM-GPG-KEY-CentOS-Debug-6

EFI Packages RPM-GPG-KEY-CentOS-Security-6

EULA RELEASE-NOTES-en-US.html RPM-GPG-KEY-CentOS-Testing-6

GPL repodata TRANS.TBL

images RPM-GPG-KEY-CentOS-6

3、指定ks.cfg文件及调整内核参数

# Cobbler的ks.cfg文件存放位置

[root@flyfish cobbler]# cd /var/lib/cobbler/kickstarts/

[root@flyfish kickstarts]# ls #自带的有很多

Centos-7.2.cfg esxi5-ks.cfg pxerescue.ks sample_esx4.ks sample.ks

default.ks install_profiles sample_autoyast.xml sample_esxi4.ks sample_old.seed

esxi4-ks.cfg legacy.ks sample_end.ks sample_esxi5.ks sample.seed

# 上传准备好的ks文件(Centos-6.7.cfg)

[root@flyfish kickstarts]# rz

[root@flyfish kickstarts]# ls

Centos-6.7.cfg default.ks esxi5-ks.cfg legacy.ks sample_autoyast.xml sample_esx4.ks sample_esxi5.ks sample_old.seed

Centos-7.2.cfg esxi4-ks.cfg install_profiles pxerescue.ks sample_end.ks sample_esxi4.ks sample.ks sample.seed

# 查看安装镜像文件信息

[root@flyfish kickstarts]# cobbler distro report –name=CentOS-6.7-x86_64

# 查看所有的profile设置

[root@flyfish kickstarts]# cobbler profile report

# 查看指定的profile设置

[root@flyfish kickstarts]# cobbler profile report –name=CentOS-6.7-x86_64

# 编辑profile,修改关联的ks文件

[root@flyfish kickstarts]# cobbler profile edit –name=CentOS-6.7-x86_64 –kickstart=/var/lib/cobbler/kickstarts/Centos-6.7.cfg

# 每次修改完都要同步一次

[root@flyfish ~]# cobbler sync

注:这里有个需要注意的地方在修改安装系统的内核参数,在CentOS7系统有一个地方变了,就是网卡名变成eno16777736这种形式,但是为了运维标准化,我们需要将它变成我们常用的eth0,因此使用下面的参数。但要注意是CentOS7才需要下面的步骤,CentOS6不需要。

[root@flyfish ~]# cobbler profile edit –name=CentOS-7.1-x86_64 –kopts=’net.ifnames=0 biosdevname=0′

四、系统安装测试

1、新建虚拟机

在安装有KVM虚拟化的物理机上新建一台KVM虚拟机

# 创建硬盘

# qemu-img create -f qcow2 /srv/lvtmp/yufei-centos6u7.img 20G

# 创建安装脚本

[root@hzdr-test-10d131 ~]# cat vm.sh

virt-install -n centos6u7 -r 2048 –vcpus=2 –pxe –accelerate –virt-type=kvm –disk path=/srv/lvtmp/yufei-centos6u7.img,bus=virtio -w bridge=tbridge,model=virtio –vnc –vncport=5991 –vnclisten=0.0.0.0 –connect qemu:///system

注:KVM虚拟机使用pxe安装方式时,在终端命令行下需要在宿主机上安装vnc服务,并在客户端上安装vnc客户端。

# 在终端下运行安装脚本,并开启vnc客户端输入IP和端口号

[root@hzdr-test-10d131 ~]# sh vm.sh

WARNING Graphics requested but DISPLAY is not set. Not running virt-viewer.

WARNING No console to launch for the guest, defaulting to –wait -1

Starting install…

Creating domain… | 0 B 00:00:00

Domain installation still in progress. Waiting for installation to complete.

# 当出现以下画面时,证明已经可以安装操作系统了

# 这里的提示是可以修改的,具体的看下面

# 修改Cobbler提示

[root@flyfish ~]# vim /etc/cobbler/pxe/pxedefault.template

MENU TITLE Cobbler | http://www.19lou.com

[root@flyfish ~]# cobbler sync # 修改配置都要同步

2、附:ks.cfg文件

[root@flyfish kickstarts]# cat Centos-6.7.cfg

# Kickstart file automatically generated by anaconda.

install

url –url=$tree # 这些$开头的变量都是调用配置文件里的值。

lang en_US.UTF-8

network –device eth0 –bootproto static –ip 172.16.10.240 –netmask 255.255.255.0 –gateway 172.16.10.254 –hostname 19lou

rootpw –iscrypted $default_password_crypted #这里也是

firewall –disabled

authconfig –enableshadow –enablemd5

selinux –disabled

firstboot –disable

timezone Asia/Shanghai

bootloader –location=mbr –driveorder=vda –append=”console=vc0″

reboot

# The following is the partition information you requested

# Note that any partitions you deleted are not expressed

# here so unless you clear all partitions first, this is

# not guaranteed to work

clearpart –linux

part / –fstype ext3 –size=1 –grow –ondisk=vda –asprimary

part swap –size=4096 –ondisk=vda –asprimary

%packages

httpd

perl

php

@chinese-support

sysstat

iptraf

%post

#!/bin/bash

echo “start…..post-shell……..”> /dev/tty2

#########################Server-conf#####################################

for srv in chkconfig --list |grep 3:on|awk '{print $1}';

do

echo $srv off

chkconfig $srv off

done

for srv in acpid anacron apmd atd auditd cpuspeed crond haldaemon iptables irqbalance messagebus network readahead_early smartd sshd syslog xinetd sysstat httpd;

do

echo $srv on

chkconfig $srv on

done

%end