前言
网络安装服务器套件 Cobbler(补鞋匠)从前,我们一直在做装机民工这份很有前途的职业。自打若干年前 Red Hat 推出了 Kickstart,此后我们顿觉身价倍增。不再需要刻了光盘一台一台地安装 Linux,只要搞定 PXE、DHCP、TFTP,还有那满屏眼花缭乱不知所云的 Kickstart 脚本,我们就可以像哈里波特一样,轻点魔棒,瞬间安装上百台服务器。这一堆花里胡哨的东西可不是一般人都能整明白的,没有大专以上学历,通不过英语四级, 根本别想玩转。总而言之,这是一份多么有前途,多么有技术含量的工作啊。很不幸,Red Hat 最新(Cobbler项目最初在2008年左右发布)发布了网络安装服务器套件 Cobbler(补鞋匠),它已将 Linux 网络安装的技术门槛,从大专以上文化水平,成功降低到初中以下,连补鞋匠都能学会。对于我们这些在装机领域浸淫多年,经验丰富,老骥伏枥,志在千里的民工兄弟们来说,不啻为一个晴天霹雳。
cobbler的核心组件:
DISTROS
PROFILE
SYSTEMS
REPOS
KICKSTARTS
Distribution 每一个distribution就相当于仓库(存放的一个发行版镜像)
Repository:指定用户去那里访问distribution安装时所需要的程序的一个地址。
Profile:指定那一个文件对应的Distribution仓库来定义的(把repositorise和distribution合并起来并附加一个kickstart文件,从而提供了一个自动化安装的过程)porfile可以有多个实现不同的安装环境
System:指定IP、MAC和profile安装时是那个(不是必须的组件 )
安装过程
1.DHCP配置好(能够分配IP)
2.tftp配置好(正常启动,不需要拷贝文件)
3.HTTPD(启动即可)
[root@server cobbler]# yum install epel-*
[root@server cobbler]# yum -y install cobbler cobbler-web
pykickstart debmirror
[root@server cobbler]# systemctl restart cobblerd
[root@server cobbler]# netstat -anplt | grep 25151
tcp 0 0 127.0.0.1:25151 0.0.0.0:* LISTEN 4873/python2
[root@server cobbler]# systemctl restart httpd
[root@server cobbler]# setenforce 0
[root@server cobbler]# cobbler check
The following are potential configuration items that you may want to fix:
1 : The 'server' field in /etc/cobbler/settings must be set to something other than localhost, or kickstarting features will not work. This should be a resolvable hostname or IP for the boot server as reachable by all machines that will use it.
2 : For PXE to be functional, the 'next_server' field in /etc/cobbler/settings must be set to something other than 127.0.0.1, and should match the IP of the boot server on the PXE network.
3 : SELinux is enabled. Please review the following wiki page for details on ensuring cobbler works correctly in your SELinux environment:
https://github.com/cobbler/cobbler/wiki/Selinux
4 : some network boot-loaders are missing from /var/lib/cobbler/loaders, you may run 'cobbler get-loaders' to download them, or, if you only want to handle x86/x86_64 netbooting, you may ensure that you have installed a recent version of the syslinux package installed and can ignore this message entirely. Files in this directory, should you want to support all architectures, should include pxelinux.0, menu.c32, elilo.efi, and yaboot. The 'cobbler get-loaders' command is the easiest way to resolve these requirements.
5 : change 'disable' to 'no' in /etc/xinetd.d/rsync
6 : since iptables may be running, ensure 69, 80/443, and 25151 are unblocked
7 : comment out 'dists' on /etc/debmirror.conf for proper debian support
8 : comment out 'arches' on /etc/debmirror.conf for proper debian support
9 : The default password used by the sample templates for newly installed machines (default_password_crypted in /etc/cobbler/settings) is still set to 'cobbler' and should be changed, try: "openssl passwd -1 -salt 'random-phrase-here' 'your-password-here'" to generate new one
10 : fencing tools were not found, and are required to use the (optional) power management features. install cman or fence-agents to use them
Restart cobblerd and then run 'cobbler sync' to apply changes.
如上各问题的解决办法为:
1.修改/etc/cobbler/settings文件的server参数的值为提供cobbler服务的主机对应的ip地址
2.修改/etc/cobbler/settings文件的next_server参数的值为提供PXE服务的主机的对应IP地址
3.设置selinux
4.如果当前节点可以访问互联网,执行“cobbler get-loaders”命令下载pxelinux.0,menu.c32,elilo.efi, 或yaboot文件,否则,需要安装syslinux程序包,而后复制/usr/share/syslinux/中的
pxelinux.0,menu.c32等文件至/var/lib/cobbler/loaders目录中
由于版本问题: 暂时没有解决方案: cobbler get-loaders 命令不存在
[root@localhost ks]# yum install syslinux 可以通过这个软件包解决但是问题提示依旧存在
5.将/etc/xinetd.d/rsync中的disable改为no,或者执行“chkconfig rsync on”
6.设置iptables
7.注释/etc/debmirror.conf文件中的“@dists="sid";”一行
8.注释/etc/debmirror.conf文件中的“@arches="i386";”一行
9.执行“openssl passwd -1 -salt $(openssl rand -hex 4)”生成密码,并用其替换/etc/cobbler/settings文件中default_password_crypted参数
10.安装cam和fance-agents来实现电源管理
1.2.[root@server cobbler]# vim settings
next_server: 192.168.10.102
server: 192.168.10.102
4.联网解决
[root@server cobbler]# cobbler get-loaders (注意: 有问题,下载不成功)
cp /usr/share/syslinux/pxelinux.0 /var/lib/cobbler/loaders/
cp /yum/isolinux/vesamenu.c32 /var/lib/cobbler/loaders/menu.c32
[root@192 syslinux]# cp pxelinux.0 menu.c32 /var/lib/cobbler/loaders 当前版本
或者
本地解决,没有互联网(但是依然有错误提示)
[root@server cobbler]# yum install syslinux
[root@server cobbler]# cp /usr/share/syslinux/pxelinux.0 /var/lib/cobbler/loaders/
[root@server cobbler]# cp /usr/share/syslinux/menu.c32 /var/lib/cobbler/loaders/
5.[root@server cobbler]# yum install rsync
[root@server cobbler]# systemctl restart rsyncd
[root@server cobbler]# systemctl enable rsyncd
7.8.[root@server cobbler]# vim /etc/debmirror.conf
#@dists="sid";
#@arches="i386";
9.[root@server cobbler]# openssl passwd -1 -salt `openssl rand -hex 4` "redhat"
152f588d1D54aRU20YQQHgAQfE1poG/
[root@server cobbler]# vim settings
default_password_crypted: "152f588d1D54aRU20YQQHgAQfE1poG/"
-
yum install fence-agents
[root@server cobbler]# systemctl enable httpd
[root@server cobbler]# systemctl enable rsyncd
[root@server cobbler]# systemctl enable cobblerd
[root@server cobbler]# cobbler sync 同步配置文件
[root@server cobbler]# ls /var/lib/tftpboot/
boot grub memdisk ppc pxelinux.cfg
etc images menu.c32 pxelinux.0 s390x
安装dhcp 配置dhcp
[root@server cobbler]# rpm -ivh /yum/Packages/dhcp-4.1.1-34.P1.el6.x86_64.rpm
[root@server cobbler]# cp /usr/share/doc/dhcp-4.1.1/dhcpd.conf.sample /etc/dhcp/dhcpd.conf
[root@server cobbler]# vim /etc/dhcp/dhcpd.conf
subnet 172.16.110.0 netmask 255.255.255.0 {
range 172.16.110.2 172.16.110.200;
option domain-name-servers ns1.internal.example.org;
option domain-name "internal.example.org";
option routers 172.16.110.254;
default-lease-time 3600;
max-lease-time 7200;
nest-server 172.16.110.1;
finename "pxelinux.0";
}
导入安装树
[root@server ~]# mount /dev/cdrom /mnt
[root@server ~]# cobbler import --name="centos7.7" --path=/mnt
可以通过网页查询
[root@server ~]# cobbler distro list
rhel6.4-x86_64
生成kickstart文件(自己创建)
[root@server ~]# cp /var/www/html/ks/ks.cfg /root/
[root@server ~]# cp /var/www/html/ks/ks.cfg /var/lib/cobbler/kickstarts/
[root@server ~]# vim /var/www/html/ks/ks.cfg /var/lib/cobbler/kickstarts/ks.cfg
url --url="http://172.17.10.222/cobbler/ks_mirror/centos7.7/"
定义profile
[root@server ~]# cobbler profile add --name=centos7.7-basic --distro=centos7.7-x86_64 --kickstart=/var/lib/cobbler/kickstarts/ks.cfg
[root@server ~]# cobbler profile list
centos7.7-basic
centos7.7-x86_64
[root@server ~]# cobbler profile remove --name=centos7.7-x86_64
[root@server ~]# cobbler profile list
centos7.7-basic
[root@server cobbler]# cobbler list 查看所有设定组件
修改对应的kickstart文件
[root@server cobbler]# cobbler profile edit --name=centos7.7-basic --distro=centos7.7-x86_64 --kickstart=/var/lib/cobbler/kickstarts/ks.cfg
写完 ks 文件之后,先通过 validateks 测试一下有没有语法错误
cobbler validateks
ks文件中不能有中文
CobblerWeb界面
设置验证方式
[root@server cobbler]# vim /etc/cobbler/modules.conf
[authentication]
module = authn_pam
[root@server cobbler]# useradd cobuser
[root@server cobbler]# passwd cobuser
[root@server cobbler]# vim /etc/cobbler/users.conf
[admins]
admin = "cobuser"
[root@server cobbler]# service cobblerd restart
登录测试
https://192.168.100.201/cobbler_web
