学习Cobbler（二）

Server端：

1. 第一步，启动Cobbler服务
2. 第二步，进行Cobbler错误检查，执行cobbler check命令
3. 第三步，进行配置同步，执行cobbler sync命令
4. 第四步，复制相关启动文件文件到TFTP目录中
5. 第五步，启动DHCP服务，提供地址分配
6. 第六步，DHCP服务分配IP地址
7. 第七步，TFTP传输启动文件
8. 第八步，Server端接收安装信息
9. 第九步，Server端发送ISO镜像与Kickstart文件

Client端：

1. 第一步，客户端以PXE模式启动
2. 第二步，客户端获取IP地址
3. 第三步，通过TFTP服务器获取启动文件
4. 第四步，进入Cobbler安装选择界面
5. 第五步，客户端确定加载信息
6. 第六步，根据配置信息准备安装系统
7. 第七步，加载Kickstart文件
8. 第八步，传输系统安装的其它文件
9. 第九步，进行安装系统

自动化运维之cobbler安装centos7.3

一、cobbler简介和服务

Cobbler是一款自动化操作系统安装的实现，与PXE安装系统的区别就是可以同时部署多个版本的系统，而PXE只能选择一种系统。而如今的架构动辄就是上千台的服务器。而存在一些操作系统不统一的现象，例如最初的架构采用的是CentOS5系列的系统，而新出现了一些技术后，需要新的操作系统的支持，一方面是需要批量部署装机，而另一方面还需要考虑到如果老版本的服务器出现故障后还需要重新去部署。并且提供Web配置页面，可以只需要一些点击就可以完成一些操作。

二、cobbler实战

安装cobbler 等依赖服务

# yum install cobbler cobbler-web dhcp tftp-server pykickstart httpd -y
启动httpd 和cobbler服务

# /etc/init.d/httpd restart
# /etc/init.d/cobblerd start
使用 cobbler check （5、6、8三步并不需要执行）检查，检查后使用cobbler sync同步操作
# cobbler check

如果执行# cobbler check 报错，执行 # /etc/init.d/cobblerd restart 重启即可

Traceback (most recent call last):
File "/usr/bin/cobbler", line 36, in <module>
sys.exit(app.main())
File "/usr/lib/python2.6/site-packages/cobbler/cli.py", line 657, in main
rc = cli.run(sys.argv)
File "/usr/lib/python2.6/site-packages/cobbler/cli.py", line 270, in run
self.token = self.remote.login("", self.shared_secret)
File "/usr/lib64/python2.6/xmlrpclib.py", line 1199, in __call__
return self.__send(self.__name, args)
File "/usr/lib64/python2.6/xmlrpclib.py", line 1489, in __request
verbose=self.__verbose
File "/usr/lib64/python2.6/xmlrpclib.py", line 1253, in request
return self._parse_response(h.getfile(), sock)
File "/usr/lib64/python2.6/xmlrpclib.py", line 1392, in _parse_response
return u.close()
File "/usr/lib64/python2.6/xmlrpclib.py", line 838, in close
raise Fault(**self._stack[0])
xmlrpclib.Fault: <Fault 1: "<class 'cobbler.cexceptions.CX'>:'login failed'">
[root@mini1 html]# /etc/init.d/cobblerd restart
 
The following are potential configuration items that you may want to fix:
 
1 : The 'server' field in /etc/cobbler/settings must be set to something other than localhost, or kickstarting features will not work. This should be a resolvable hostname or IP for the boot server as reachable by all machines that will use it.
2 : For PXE to be functional, the 'next_server' field in /etc/cobbler/settings must be set to something other than 127.0.0.1, and should match the IP of the boot server on the PXE network.
3 : some network boot-loaders are missing from /var/lib/cobbler/loaders, you may run 'cobbler get-loaders' to download them, or, if you only want to handle x86/x86_64 netbooting, you may ensure that you have installed a *recent* version of the syslinux package installed and can ignore this message entirely. Files in this directory, should you want to support all architectures, should include pxelinux.0, menu.c32, elilo.efi, and yaboot. The 'cobbler get-loaders' command is the easiest way to resolve these requirements.
4 : file /etc/xinetd.d/rsync does not exist
5 : since iptables may be running, ensure 69, 80/443, and 25151 are unblocked
6 : debmirror package is not installed, it will be required to manage debian deployments and repositories
7 : The default password used by the sample templates for newly installed machines (default_password_crypted in /etc/cobbler/settings) is still set to 'cobbler' and should be changed, try: "openssl passwd -1 -salt 'random-phrase-here' 'your-password-here'" to generate new one
8 : fencing tools were not found, and are required to use the (optional) power management features. install cman or fence-agents to use them
 
Restart cobblerd and then run 'cobbler sync' to apply changes.

上述结果直接告诉了安装cobbler需要哪些步骤，一步步按照提示进行操作即可
部署第一步+第二步+第七步

vim /etc/cobbler/settings
server: 192.168.3.12
next_server: 192.168.3.12 #指定tftp所在的服务器
manage_dhcp: 1 #使用cobbler管理dhcp

使用openssl对密码加密（前面的cadmin是加盐随机值，后面的admin是密码）

# openssl passwd -1 -salt 'admin' 'admin'
$1$admin$1kgWpnZpUx.vTroWPXPIB0

修改password
vim /etc/cobbler/settings

default_password_crypted: "$1$admin$1kgWpnZpUx.vTroWPXPIB0"
保存文件再次使用# cobbler check重新检查

部署第三步:

# cobbler get-loaders

部署第四步：把disable选项改为no，并重新启动xinetd

# vim /etc/xinetd.d/rsync
service rsync
{
disable = no # 将disable 改为 no
flags = IPv6
socket_type = stream
wait = no
user = root
server = /usr/bin/rsync
server_args = --daemon
log_on_failure += USERID
}

# /etc/init.d/xinetd restart

重启cobbler，并重新cobbler check
修改/etc/cobbler/dhcp.template 文件，该文件通过cobbler sync可以管理/etc/dhcp/dhcpd.conf文件，所以在此不需要更改/etc/dhcp/dhcpd.conf文件，因为改了也没用，每次cobbler sync就会按照预定义重新初始化dhcp配置文件

# vim /etc/cobbler/dhcp.template
subnet 192.168.3.0 netmask 255.255.255.0 {
option routers 192.168.3.1;
option domain-name-servers 192.168.1.13;
option subnet-mask 255.255.255.0;
range dynamic-bootp 192.168.3.100 192.168.3.200;
default-lease-time 21600;
max-lease-time 43200;
next-server $next_server;

执行# cobbler sync

使用vmvare虚拟机的iso镜像挂载到/mnt 路径（如下图），并导入镜像

cobbler –name:倒进后的名字 –arch:镜像架构 –path:挂载路径

# mount /dev/cdrom /mnt
# cobbler import --path=/mnt/ --name=CentOS-7.3-x86_64 --arch=x86_64
task started: 2017-04-20_174857_import
task started (id=Media import, time=Thu Apr 20 17:48:57 2017)
Found a candidate signature: breed=redhat, version=rhel6
Found a candidate signature: breed=redhat, version=rhel7
Found a matching signature: breed=redhat, version=rhel7
Adding distros from path /var/www/cobbler/ks_mirror/CentOS-7.3-x86_64:
creating new distro: CentOS-7.3-x86_64
trying symlink: /var/www/cobbler/ks_mirror/CentOS-7.3-x86_64 -> /var/www/cobbler/links/CentOS-7.3-x86_64
creating new profile: CentOS-7.3-x86_64
associating repos
checking for rsync repo(s)
checking for rhn repo(s)
checking for yum repo(s)
starting descent into /var/www/cobbler/ks_mirror/CentOS-7.3-x86_64 for CentOS-7.3-x86_64
processing repo at : /var/www/cobbler/ks_mirror/CentOS-7.3-x86_64
need to process repo/comps: /var/www/cobbler/ks_mirror/CentOS-7.3-x86_64
looking for /var/www/cobbler/ks_mirror/CentOS-7.3-x86_64/repodata/*comps*.xml
Keeping repodata as-is :/var/www/cobbler/ks_mirror/CentOS-7.3-x86_64/repodata
*** TASK COMPLETE ***

导入后镜像所在位置：/var/www/cobbler/ks_mirror/

# ls /var/www/cobbler/ks_mirror/
CentOS-7.3-x86_64 config

给kickstart定义ks文件目录/var/lib/cobbler/kickstarts/为cobbler默认存放kickstart配置文件的位置

# cd /var/lib/cobbler/kickstarts/

vim /var/lib/cobbler/kickstarts/centos7.3_x86_64.cfg

#version=DEVEL
# System authorization information
auth --enableshadow --passalgo=sha512
# Use network installation
url --url="http://192.168.3.12/cobbler/ks_mirror/CentOS-7.3-x86_64/"
# Use text mode install
text
ignoredisk --only-use=sda
# Keyboard layouts
keyboard --vckeymap=us --xlayouts='us'
# System language
lang en_US.UTF-8
# Firewall configuration
firewall --disabled
selinux --disabled
# Reboot after installation
reboot
 
# Network information
network --bootproto=dhcp --device=ens33 --onboot=on --ipv6=auto
network --hostname=localhost.localdomain
 
# Root password
rootpw --iscrypted $6$23hVX55axEtxScyM$jowXwPr8f2xqipe0Xnaj8XHtwNBlufsvCqqDQDrokM1M0kzxwzPlvzHJmJzusubb6zAU/hKpW5oIDCpa.n7zs0
# System services
services --disabled="chronyd"
# System timezone
timezone Asia/Shanghai --isUtc --nontp
# System bootloader configuration
bootloader --append=" crashkernel=auto" --location=mbr --boot-drive=sda
# Clear the Master Boot Record
zerombr
# Partition clearing information
clearpart --all --initlabel
firstboot --disable
# Disk partitioning information
part pv.194 --fstype="lvmpv" --ondisk=sda --size=75779
part /boot --fstype="xfs" --ondisk=sda --size=300
volgroup centos --pesize=4096 pv.194
logvol /data --fstype="xfs" --size=40956 --name=data --vgname=centos
logvol swap --fstype="swap" --size=4096 --name=swap --vgname=centos
logvol / --fstype="xfs" --size=30720 --name=root --vgname=centos
 
%packages
@^minimal
@core
kexec-tools
 
%end
 
# cobbler profile report
Name : CentOS-7.3-x86_64
TFTP Boot Files : {}
Comment :
DHCP Tag : default
Distribution : CentOS-7.3-x86_64
Enable gPXE? : 0
Enable PXE Menu? : 1
Fetchable Files : {}
Kernel Options : {}
Kernel Options (Post Install) : {}
Kickstart : /var/lib/cobbler/kickstarts/sample_end.ks
Kickstart Metadata : {}
Management Classes : []
Management Parameters : <<inherit>>
Name Servers : []
Name Servers Search Path : []
Owners : ['admin']
Parent Profile :
Internal proxy :
Red Hat Management Key : <<inherit>>
Red Hat Management Server : <<inherit>>
Repos : []
Server Override : <<inherit>>
Template Files : {}
Virt Auto Boot : 1
Virt Bridge : xenbr0
Virt CPUs : 1
Virt Disk Driver Type : raw
Virt File Size(GB) : 5
Virt Path :
Virt RAM (MB) : 512
Virt Type : kvm
 
# cobbler list
distros:
CentOS-7.3-x86_64
 
profiles:
CentOS-7.3-x86_64
 
systems:
 
repos:
 
images:
 
mgmtclasses:
 
packages:
 
files:

使用cobbler profile指定ks文件位置和内核参数（net.ifnames=0和biosdevname=0代表更改网卡为eth0 --> 运维标准化）

# cobbler profile edit --name=CentOS-7.3-x86_64 --kickstart=/var/lib/cobbler/kickstarts/centos7.3_x86_64.cfg
# cobbler profile edit --name=CentOS-7.3-x86_64 --kopts='net.ifnames=0 biosdevname=0'

根据机器的MAC地址(新建虚拟机的时候直接生成，如果是购买的物理机就可以向供应商获取)，自动绑定IP，网关，dns等

cobbler system add --name=chinasoft --mac=00:50:56:3B:DC:7E --profile=CentOS-7.3-x86_64 --ip-address=192.168.3.177 --subnet=255.255.255.0 --gateway=192.168.3.1 --interface=eth0 --static=1 --hostname=node3.chinasoft.com --name-servers="114.114.114.114"

使用sync同步配置
# cobbler sync

# cobbler system list
chinasoft

注意：客户端机器装系统时，要先使用修改bios启动然后修改为网卡启动，把network boot from Intel E1000调整为最上，F10保存

重启机器就开始自动安装操作系统了，安装完成以后进系统发现ifconfig eth0、hostname、防火墙、selinux、都和我们预定义的一致

修改cobbler提示

# vim /etc/cobbler/pxe/pxedefault.template
DEFAULT menu
PROMPT 0
MENU TITLE by jack | http://www.cnclogs.com/reblue520
TIMEOUT 200
TOTALTIMEOUT 6000
ONTIMEOUT $pxe_timeout_profile
LABEL local
MENU LABEL (local)
MENU DEFAULT
LOCALBOOT -1
$pxe_menu_items
MENU end

三、web界面管理cobbler

在最开始yum的时候安装了cobbler-web，当然也就可以使用web界面管理cobbler
新版cobbler的web界面使用的是https，登录https://192.168.3.12/cobbler_web

（默认情况下username和password都是cobbler，可以通过用户名所在文件: /etc/cobbler/users.conf 和 密码所在文件：/etc/cobbler/users.digest进行管理 管理）

待安装完后，关闭机器，否则会反复安装，因此也要注意生产环境，尽量不要从网卡启动，防止机器意外重装