跟高手学习LINUX笔记26--cobbler实践之从安装到应用

本教程精华是篇尾的KS配置文件,关于自动化安装KS应答文件往往是安装成功与否的关键,以下是本人常用网络安装KS配置信息,文件仍然在所在公司机房使用,纯实战干货:
1.1 cobbler简介
  Cobbler--“补鞋匠”是一个Linux服务器安装的服务,可以通过网络启动(PXE)的方式来快速安装、重装物理服务器和虚拟机,同时还可以管理DHCP,DNS等。
Cobbler可以使用命令行方式管理,也提供了基于Web的界面管理工具(cobbler-web),还提供了API接口,可以方便二次开发使用。
Cobbler是较早前的kickstart的升级版,优点是比较容易配置,还自带web界面比较易于管理。网间传说:如果说kickstart要求管理员是大专水平的话则Cobbler则只要求管理员初中水平,以此说明Cobbler的进步。
1.2 安装cobbler
1.2.1 环境说明
本机IP地址:192.168.101.171
关闭与禁用selinux、firewalld
[root@node ~]# cat /etc/redhat-release
CentOS Linux release 7.6.1810 (Core)
[root@node ~]# uname -r
3.10.0-957.5.1.el7.x86_64
[root@node ~]# getenforce
Disabled
[root@node ~]# systemctl status firewalld.service
● firewalld.service - firewalld - dynamic firewall daemon
Loaded: loaded (/usr/lib/systemd/system/firewalld.service; disabled; vendor preset: enabled)
Active: inactive (dead)
Docs: man:firewalld(1)
[root@node ~]# ip addr
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast s
tate UP group default qlen 1000 link/ether 00:0c:29:1c:53:43 brd ff:ff:ff:ff:ff:ff
inet 192.168.101.171/24 brd 192.168.101.255 scope global eth0
valid_lft forever preferred_lft forever
inet6 fe80::20c:29ff:fe1c:5343/64 scope link
valid_lft forever preferred_lft forever
[root@node ~]#cd /etc/yum.repo.d
rm –rf .repo
curl -o /etc/yum.repos.d/CentOS-Base.repo http://mirrors.aliyun.com/repo/Centos-7.repo
curl -o /etc/yum.repos.d/epel.repo http://mirrors.aliyun.com/repo/epel-7.repo
[root@node yum.repos.d]#rm -rf CentOS-[C-V]
.repo && ll /etc/yum.repos.d/
total 8
-rw-r--r-- 1 root root 2523 Apr 22 13:30 CentOS-Base.repo
-rw-r--r-- 1 root root 664 Apr 22 13:30 epel.repo
[root@node yum.repos.d]# yum clean all && yum makecache fast
1.2.2 使用yum安装cobbler
[root@node yum.repos.d]#cd
[root@node ~]# yum -y install cobbler cobbler-web dhcp pykickstart tftp debmirror
?? 说明:cobbler相关软件包是依赖epel源,建议把网卡DNS修改为223.5.5.5 223.6.6.6
1.2.3 cobbler语法检查前先启动http与cobbler
[root@node ~]#systemctl start httpd && systemctl enable httpd
[root@node ~]#systemctl start cobblerd && systemctl enable cobblerd
[root@node ~]#systemctl start rsyncd && systemctl enable rsyncd
[root@node ~]#systemctl start tftp && systemctl enable tftp
[root@node~]# systemctl start dhcpd && systemctl enable dhcpd

[root@node ~]#cobbler check
1.2.4 进行语法检查处理出现的错误
[root@node ~]# cobbler check
The following are potential configuration items that you may want to fix:

1 : The ‘server‘ field in /etc/cobbler/settings must be set to something other than localhost, or kickstarting features will not work. This should be a resolvable hostname or IP for the boot server as reachable by all machines that will use it.

2 : For PXE to be functional, the ‘next_server‘ field in /etc/cobbler/settings must be set to something other than 127.0.0.1, and should match the IP of the boot server on the PXE network.

3 : change ‘disable‘ to ‘no‘ in /etc/xinetd.d/tftp

4 : Some network boot-loaders are missing from /var/lib/cobbler/loaders, you may run ‘cobbler get-loaders‘ to download them, or, if you only want to handle x86/x86_64 netbooting, you may ensure that you have installed a recent version of the syslinux package installed and can ignore this message entirely. Files in this directory, should you want to support all architectures, should include pxelinux.0, menu.c32, elilo.efi, and yaboot. The ‘cobbler get-loaders‘ command is the easiest way to resolve these requirements.

5 : enable and start rsyncd.service with systemctl

6 : debmirror package is not installed, it will be required to manage debian deployments and repositories

7 : The default password used by the sample templates for newly installed machines (default_password_crypted in /etc/cobbler/settings) is still set to ‘cobbler‘ and should be changed, try: "openssl passwd -1 -salt ‘random-phrase-here‘ ‘your-password-here‘" to generate new one

8 : fencing tools were not found, and are required to use the (optional) power management features. install cman or fence-agents to use them

Restart cobblerd and then run ‘cobbler sync‘ to apply changes.
1.2.5 解决当中的报错
cp /etc/cobbler/settings{,.bak} --个人习惯,修改前备份文件
使用以下命令集处理:
[root@node ~]#sed -i ‘s/server: 127.0.0.1/server: 192.168.101.171/‘ /etc/cobbler/settings
[root@node~]#sed -i ‘s/next_server: 127.0.0.1/next_server: 192.168.101.171/‘ /etc/cobbler/settings
[root@node ~]#sed -i ‘s/manage_dhcp: 0/manage_dhcp: 1/‘ /etc/cobbler/settings
[root@node ~]#sed -i ‘s/pxe_just_once: 0/pxe_just_once: 1/‘ /etc/cobbler/settings
[root@node ~]#sed -ri "/default_password_crypted/s#(.: ).#\1\"openssl passwd -1 -salt ‘enkj‘ ‘123456‘\"#" /etc/cobbler/settings
[root@node ~]#sed -i ‘s#yes#no#‘ /etc/xinetd.d/tftp
[root@node ~]#sed -i.ori ‘s#192.168.1#192.168.101#g;22d;23d‘ /etc/cobbler/dhcp.template
[root@node ~]# cobbler get-loaders
[root@node ~]# yum -y install cman fence-agents
[root@node ~]# ls /var/lib/cobbler/loaders --查看下载的文件
COPYING.elilo elilo-ia64.efi menu.c32 yaboot
COPYING.syslinux grub-x86_64.efi pxelinux.0
COPYING.yaboot grub-x86.efi README
修改完成后重启各项服务
[root@node ~]#systemctl restart cobblerd
再用cobbler check检测无报错后
[root@node ~]# cobbler sync
错误详解
解决1、2:修改为正确的IP地址
sed -i ‘s/server: 127.0.0.1/server: 192.168.101.171/‘ /etc/cobbler/settings
sed -i ‘s/next_server: 127.0.0.1/next_server: 192.168.101.171/‘ /etc/cobbler/settings
问题3:解决tftp开机启动
sed ‘s#yes#no#g‘ /etc/xinetd.d/tftp -i
问题4下载包所需的软件包
[root@node ~]# cobbler get-loaders
[root@node ~]# ls /var/lib/cobbler/loaders
COPYING.elilo elilo-ia64.efi menu.c32 yaboot
COPYING.syslinux grub-x86_64.efi pxelinux.0
COPYING.yaboot grub-x86.efi README
问题5:启动rsync服务
[root@node ~]# systemctl start rsyncd.service
[root@node ~]# systemctl enable rsyncd.service
问题6: debian相关无需修改
问题7:用ssl修改安装完成后的root密码
openssl passwd -1 -salt ‘random-phrase-here‘ ‘your-password-here‘
random-phrase-here 随机字符串
your-password-here 密码
2、开始安装操作系统
2.1操作说明--导入镜像
2.1.1在虚拟机上添加上镜像

2)挂载上镜像
[root@node ~]#mkdir /mnt/cdrom
[root@node ~]#mount /dev/cdrom /mnt/cdrom
mount: /dev/sr0 is write-protected, mounting read-only
[root@node ~]# df -h |grep mnt
/dev/sr0 4.3G 4.3G 0 100% /mnt
3)进行导入镜像,我是用命令行导入
[root@node ~]#cobbler import --path=/mnt/cdrom --name=CentOS-7-x86_64
?日志位于 Events

导入完成后生成的文件夹
[root@node ks_mirror]# pwd
/var/www/cobbler/ks_mirror
[root@node ks_mirror]# ls
CentOS-7-x86_64 config
[root@node ~]#cobbler distro list #系统列表
CentOS-7-x86_64
[root@node ~]#cobbler profile list #应答文件列表
CentOS-7-x86_64
把应答文件删除后,再添加新的应答文件
[root@node ~]# cobbler profile remove --name=CentOS-7-x86_64
[root@node ~]# cobbler profile list
[root@node~]# cp centos7-mini-lvm.cfg centos7-mini-nolvm.cfg /var/lib/cobbler/kickstarts/
[root@node-1 ~]# cobbler distro list
CentOS-7-x86_64
[root@node~]# cobbler profile add --name=CentOS-7-x86_64-lvm --distro=CentOS-7-x86_64 --kickstart=/var/lib/cobbler/kickstarts/centos7-mini-lvm.cfg
[root@node~]# cobbler profile add --name=CentOS-7-x86_64-nolvm --distro=CentOS-7-x86_64 --kickstart=/var/lib/cobbler/kickstarts/centos7-mini-nolvm.cfg
[root@node-1 ~]# cobbler distro list
CentOS-7-x86_64
[root@node-1 ~]# cobbler profile list
CentOS-7-x86_64-lvm
CentOS-7-x86_64-nolvm
3、应答文件生产实例
3.1 centos7-mini-nolvm.cfg文件(无逻辑卷分区模式)内容如下:
#Cobbler for Kickstart Configurator for CentOS 7 by wangtao
#platform=x86, AMD64, or Intel EM64T
#System language
lang en_US
#System keyboard
keyboard us
#Sytem timezone
timezone Asia/Shanghai
#Root password
rootpw --iscrypted $default_password_crypted
#Use text mode install
text
#Install OS instead of upgrade
install
#Use NFS installation Media
url --url=$tree
#System bootloader configuration
bootloader --location=mbr
#Clear the Master Boot Record
zerombr
#Partition clearing information
clearpart --all --initlabel
#Disk partitioning information
part /boot --fstype xfs --size 1024 --ondisk sda
part swap --size 4096 --ondisk sda
part / --fstype xfs --size 1 --grow --ondisk sda
#System authorization infomation
auth --useshadow --enablemd5
#Network information
$SNIPPET(‘network_config‘)
#network --bootproto=dhcp --device=eth0 --onboot=on

Reboot after installation

reboot
#Firewall configuration
firewall --disabled
#SELinux configuration
selinux --disabled
#Do not configure XWindows
skipx

%pre
$SNIPPET(‘log_ks_pre‘)
$SNIPPET(‘kickstart_start‘)
$SNIPPET(‘pre_install_network_config‘)

Enable installation monitoring

$SNIPPET(‘pre_anamon‘)
%end

#Package install informationbr/>%packages
@^minimal
@compat-libraries
br/>@core
@debugging
br/>@development
bash-completion
chrony
screen
dos2unix
kexec-tools
lrzsz
sysstat
tree
vim
wget
net-tools
%end

%post
systemctl disable postfix NetworkManager
systemctl disable abrt-ccpp abrtd abrt-oops abrt-vmcore auditd irqbalance
systemctl disable kdump remote-fs tuned abrt-xorg
reboot
%end
3.2 centos7-mini-lvm.cfg文件(有逻辑卷分区模式)与上面的内容差不多,区别在分区上。#Disk partitioning information中不同的部分写在下面:
#Disk partitioning information
part /boot --fstype="xfs" --ondisk=sda --size=1024
part pv.154 --fstype="lvmpv" --ondisk=sda --grow
volgroup centos --pesize=4096 pv.154
logvol swap --fstype="swap" --size=2048 --name=swap --vgname=centos
logvol / --fstype="xfs" --grow --size=10240 --name=root --vgname=centos

跟高手学习LINUX笔记26--cobbler实践之从安装到应用

上一篇:《Ubuntu — export和source命令》


下一篇:鳥哥的 Linux 私房菜——第五章、Linux 的檔案權限與目錄配置(待续)