centos7 cobbler 自动化部署安装系统
cobbler部署
程序版本及配置文件位置
应用名称 |
版本 |
安装方式 |
配置文件目录 |
Cobbler |
2.8.5 |
YUM |
/etc/cobbler/settings |
DHCP |
4.2.5 |
YUM |
/etc/cobbler/dhcpd.conf.template |
Apache |
2.4.6 |
YUM |
/etc/httpd/conf.d/(cobbler.conf & cobbler_web.conf) |
Xinetd |
2.3.15 |
YUM |
/etc/xinetd.conf |
TFTP |
5.2-22 |
YUM |
/etc/xinetd.d/tftp |
pykickstart |
1.99.66 |
YUM |
- |
关闭防火墙、selinux
禁用selinux
sed -i.bak 's#SELINUX=enforcing#SELINUX=disabled#g' /etc/selinux/configsetenforce 0
关闭防火墙
systemctl stop firewalldsystemctl disable firewalld
YUM源配置
rm -f /etc/yum.repos.d/*cat > /etc/yum.repos.d/my.repo <<eof[base]name=centos7baseurl=https://mirrors.aliyun.com/centos/7/os/x86_64/gpgcheck=0enable=1[epel]name=epel7baseurl=https://mirrors.aliyun.com/epel/7Server/x86_64/enable=1gpgcheck=0eof
安装服务
yum install cobbler cobbler-web dhcp tftp-server pykickstart httpd xinetd rsync debmirror fence-agents -ysystemctl enable --now httpdsystemctl enable --now xinetdsystemctl enable --now rsyncdsystemctl enable --now tftpsystemctl enable --now cobblerd
执行cobbler check
# cobbler checkThe following are potential configuration items that you may want to fix:1 : The 'server' field in /etc/cobbler/settings must be set to something other than localhost, or kickstarting features will not work. This should be a resolvable hostname or IP for the boot server as reachable by all machines that will use it.2 : For PXE to be functional, the 'next_server' field in /etc/cobbler/settings must be set to something other than 127.0.0.1, and should match the IP of the boot server on the PXE network.3 : change 'disable' to 'no' in /etc/xinetd.d/tftp4 : some network boot-loaders are missing from /var/lib/cobbler/loaders, you may run 'cobbler get-loaders' to download them, or, if you only want to handle x86/x86_64 netbooting, you may ensure that you have installed a *recent* version of the syslinux package installed and can ignore this message entirely. Files in this directory, should you want to support all architectures, should include pxelinux.0, menu.c32, elilo.efi, and yaboot. The 'cobbler get-loaders' command is the easiest way to resolve these requirements.5 : enable and start rsyncd.service with systemctl6 : debmirror package is not installed, it will be required to manage debian deployments and repositories7 : The default password used by the sample templates for newly installed machines (default_password_crypted in /etc/cobbler/settings) is still set to 'cobbler' and should be changed, try: "openssl passwd -1 -salt 'random-phrase-here' 'your-password-here'" to generate new one8 : fencing tools were not found, and are required to use the (optional) power management features. install cman or fence-agents to use themRestart cobblerd and then run 'cobbler sync' to apply changes.
先解决问题1、2、7
生成新的默认密码
# openssl passwd -1 -salt 'root' 'xxxxxxxx'$1$root$dYm.Ftddv//.DbM.Kc87J0
修改setting配置文件
sed -i 's%^server: 127.0.0.1%server: 192.168.253.186%g' /etc/cobbler/settingssed -i 's%^next_server: 127.0.0.1%next_server: 192.168.253.186%g' /etc/cobbler/settingssed -i 's%manage_dhcp: 0%manage_dhcp: 1%g' /etc/cobbler/settingssed -i 's%^default_password_crypted.*%default_password_crypted: "$1$root$dYm.Ftddv//.DbM.Kc47J0"%g' /etc/cobbler/settings
配置DHCP(根据需求更改)
dhcp_conf=`grep -n "subnet 192" /etc/cobbler/dhcp.template|awk -F':' '{print $1}'`sed -i '/192.168/d' /etc/cobbler/dhcp.templatesed -i '/255.255.255.0/d' /etc/cobbler/dhcp.templatesed -i "21 i\subnet 192.168.253.0 netmask 255.255.255.0 { " /etc/cobbler/dhcp.templatesed -i "22 i\ option routers 192.168.253.254; " /etc/cobbler/dhcp.templatesed -i "23 i\ option domain-name-servers 114.114.114.114; " /etc/cobbler/dhcp.templatesed -i "24 i\ option subnet-mask 255.255.255.0; " /etc/cobbler/dhcp.templatesed -i "25 i\ range 192.168.253.130 192.168.253.140; " /etc/cobbler/dhcp.template
注释:
option subnet-mask:子网掩码
range dynamic-bootp:为无盘工作站准备的
解决问题3,启动tftp服务
配置TFTP
tftp_disable_conf=`grep -n disable /etc/xinetd.d/tftp|awk -F':' '{print $1}'`sed -i '/disable/d' /etc/xinetd.d/tftpsed -i "$tftp_disable_conf i\ disable = no" /etc/xinetd.d/tftpsystemctl enable --now rsyncd.service
解决问题4,可能解析失败,重新执行
cobbler get-loaderscobbler get-loaders 错误解决方法
yum -y install syslinuxcp /usr/share/syslinux/pxelinux.0 /var/lib/cobbler/loaders/cp /usr/share/syslinux/menu.c32 /var/lib/cobbler/loaders/systemctl restart cobblerdcobbler get-loaders #再次执行则成功*
# cobbler get-loaderstask started: 2021-06-13_201509_get_loaderstask started (id=Download Bootloader Content, time=Sun Jun 13 20:15:09 2021)path /var/lib/cobbler/loaders/README already exists, not overwriting existing content, use --force if you wish to updatepath /var/lib/cobbler/loaders/COPYING.elilo already exists, not overwriting existing content, use --force if you wish to updatepath /var/lib/cobbler/loaders/COPYING.yaboot already exists, not overwriting existing content, use --force if you wish to updatepath /var/lib/cobbler/loaders/COPYING.syslinux already exists, not overwriting existing content, use --force if you wish to updatepath /var/lib/cobbler/loaders/elilo-ia64.efi already exists, not overwriting existing content, use --force if you wish to updatepath /var/lib/cobbler/loaders/yaboot already exists, not overwriting existing content, use --force if you wish to updatepath /var/lib/cobbler/loaders/pxelinux.0 already exists, not overwriting existing content, use --force if you wish to updatepath /var/lib/cobbler/loaders/menu.c32 already exists, not overwriting existing content, use --force if you wish to updatepath /var/lib/cobbler/loaders/grub-x86.efi already exists, not overwriting existing content, use --force if you wish to updatepath /var/lib/cobbler/loaders/grub-x86_64.efi already exists, not overwriting existing content, use --force if you wish to update*** TASK COMPLETE ***
问题6为deban包,不需要处理
重启cobbler服务并同步改变
systemctl restart cobblerdcobbler check
任何修改后,重新同步cobbler配置,配置生效
cobbler sync导入安装镜像
挂载光盘
mount -o loop /soft/CentOS-7-x86_64-DVD-1908.iso /mnt/centos7挂载Centos 7光盘镜像到/mnt/centos7目录下,导入
cobbler import --name=Centos7 --path=/mnt/centos7 --arch=x86_64查看distro配置
cobbler distro report定义自动安装的应答文件,文件放到/var/lib/cobbler/kickstarts/目录下
Cobbler通过读取该文件,执行相关安装步骤 请查看 Cobbler 配置文件
创建centos7.ks文件
# vi /var/lib/cobbler/kickstarts/centos7.ksauth --useshadow --enablemd5bootloader --location=mbrclearpart --all --initlabeltextfirewall --disablefirstboot --disablekeyboard uslang en_US.UTF-8 --addsupport=zh_CN.UTF-8url --url=$tree$yum_repo_stanza$SNIPPET('network_config')rebootrootpw --iscrypted $default_password_cryptedselinux --disabledskipxtimezone Asia/Shanghaiinstallzerombr#autopartclearpart --all --initlabelreqpart --add-bootpart biosboot --fstype=biosboot --size=1part /boot/efi --fstype="efi" --ondisk=sda --size=200part swap --asprimary --fstype="swap" --size=2048 --ondisk=sdapart /boot --fstype xfs --size 500 --ondisk=sdapart pv.01 --size=1 --growvolgroup myvg pv.01logvol / --fstype xfs --name=lv01 --vgname=myvg --size=1 --grow%pre$SNIPPET('log_ks_pre')$SNIPPET('kickstart_start')$SNIPPET('pre_install_network_config')# Enable installation monitoring$SNIPPET('pre_anamon')%end%packages#$SNIPPET('func_install_if_enabled')@base@corekexec-toolschronyvim-enhancedtcpdumpautofslrzsztreetelnetbash-completionnet-toolspostfixwgetbzip2lsofscreen%end%post --nochroot$SNIPPET('log_ks_post_nochroot')%end%post$SNIPPET('log_ks_post')$yum_config_stanza$SNIPPET('post_install_kernel_options')$SNIPPET('post_install_network_config')$SNIPPET('func_register_if_enabled')$SNIPPET('download_config_files')$SNIPPET('koan_environment')$SNIPPET('redhat_register')$SNIPPET('cobbler_register')$SNIPPET('post_anamon')$SNIPPET('kickstart_done')%end
为可用镜像配置默认ks文件
cobbler profile edit --name=Centos7-x86_64 --kickstart=/var/lib/cobbler/kickstarts/centos7.ks调整网卡内核参数(标准化,名称统一,关闭IPv6)
cobbler profile edit --name=Centos7-x86_64 --kopts='net.ifnames=0 biosdevname=0 noipv6'查看profile配置
cobbler profile report打开服务器,安装系统
选择Centos7-x86_64自动安装即可
cobbler+koan客户机自动重装centos操作系统
安装koan软件包(centos7 epel源)
yum install koan -y查看cobbler服务器上的系统版本列表
- looking for Cobbler at http://192.168.253.186:80/cobbler_apiCentos7-x86_64Centos8-x86_64
选择需要安装的版本
koan --server=192.168.253.186 --replace-self --profile=Centos7-x86_64重启即可开始安装
reboot