2 cobbler无人值守

1 介绍

python编写的管理工具

基于pxe+kickstart技术支持的二次封装，可实现选择不同发行版安装（pxe+kickstart仅能在同一发行版中变化安装）

2 cobbler工作原理

3 server准备环境

1.新建100G硬盘，分两个区

分别挂载到 /iso  /var/www
            /iso            #放镜像的目录
            /var/www        #放apache对外共享的资源（命令导入的镜像、一些参数关系）

2.上传多个镜像，创建目录挂载

    本次实验选择安装C6.8、C7.6
    C7.6可用本地光盘直接挂载，C6.8需要上传

注意：先挂载，在往下进行上传安装

[root@localhost ~]# yum -y install gdisk
[root@localhost ~]# gdisk /dev/sdb                                  #分区
[root@localhost ~]# mkfs.xfs /dev/sdb1                              #格式化
[root@localhost ~]# mkfs.xfs /dev/sdb2
[root@localhost ~]# vim /etc/fstab 
[root@localhost ~]# tail -n 2 /etc/fstab 
/dev/sdb1   /iso        xfs defaults    0 0
/dev/sdb2   /var/www    xfs defaults    0 0
[root@localhost ~]# mkdir /var/www
[root@localhost ~]# mkdir /iso
[root@localhost ~]# mount -a ; mount |grep sdb                      #挂载
/dev/sdb1 on /iso type xfs (rw,relatime,attr2,inode64,noquota)
/dev/sdb2 on /var/www type xfs (rw,relatime,attr2,inode64,noquota)

[root@localhost ~]# cd /iso/
[root@localhost iso]# ls
CentOS-6.8-x86_64-bin-DVD1.iso
[root@localhost iso]# mkdir centos6.8
[root@localhost iso]# mkdir centos7.6
[root@localhost iso]# vim /etc/fstab
[root@localhost iso]# tail -n 2 /etc/fstab 
/dev/sr0                /iso/centos7.6      iso9660 defaults    0 0
/iso/CentOS-6.8-x86_64-bin-DVD1.iso /iso/centos6.8      iso9660 defaults,loop   0 0
[root@localhost iso]# mount -a 
mount: /dev/sr0 写保护，将以只读方式挂载
mount: /dev/loop0 写保护，将以只读方式挂载

4 安装步骤

1）配置联网，网络源，安装扩展源

[root@localhost ~]# vim ifcfg-ens33 
[root@localhost ~]# grep "DNS" ifcfg-ens33 
DNS1=114.114.114.114
DNS2=8.8.8.8
[root@localhost ~]# systemctl restart network
[root@localhost ~]# mv /etc/yum.repos.d/CentOS-Base.repo.bak /etc/yum.repos.d/CentOS-Base.repo
[root@localhost ~]# yum clean all; yum -y install epel-release

2）安装cobbler、相关软件

[root@localhost ~]# yum -y install cobbler cobbler-web tftp-server dhcp httpd xinetd
[root@localhost ~]# systemctl enable cobblerd httpd --now
Created symlink from /etc/systemd/system/multi-user.target.wants/cobblerd.service to /usr/lib/systemd/system/cobblerd.service.
Created symlink from /etc/systemd/system/multi-user.target.wants/httpd.service to /usr/lib/systemd/system/httpd.service.

3）配置cobbler

3.1 cobbler check检查文件并解决

问题1、2：修改 /etc/cobbler/settings 中的 seerver next_server选项

[root@localhost ~]# cobbler check
The following are potential configuration items that you may want to fix:

1 : The 'server' field in /etc/cobbler/settings must be set to something other than localhost, or kickstarting features will not work.  This should be a resolvable hostname or IP for the boot server as reachable by all machines that will use it.
[root@localhost ~]# vim /etc/cobbler/settings 
[root@localhost ~]# egrep "^server|^next_server" /etc/cobbler/settings 
next_server: 192.168.18.201
server: 192.168.18.201
[root@localhost ~]# systemctl restart cobblerd

问题3：tftp配置文件中的disable改为no

3 : change 'disable' to 'no' in /etc/xinetd.d/tftp
[root@localhost ~]# vim /etc/xinetd.d/tftp
[root@localhost ~]# grep "disable" /etc/xinetd.d/tftp
    disable         = no

问题4：解决cobbler-loader,利用大神准备的cobbler-loader压缩包

4 : Some network boot-loaders are missing from /var/lib/cobbler/loaders.  If you only want to handle x86/x86_64 netbooting, you may ensure that you have installed a *recent* version of the syslinux package installed and can ignore this message entirely.  Files in this directory, should you want to support all architectures, should include pxelinux.0, menu.c32, elilo.efi, and yaboot.
[root@localhost ~]# tar -xf cobbler-loaders.tar.gz 
[root@localhost ~]# ls
anaconda-ks.cfg  cobbler-loaders.tar.gz  ifcfg-ens33  var
[root@localhost ~]# yum -y install grub2-efi-x64-modules grub2-pc-modules
[root@localhost ~]# cp -a /root/var/lib/cobbler/loaders/* /var/lib/cobbler/loaders/

问题5：将rsyncd启动并加入自启动

5 : enable and start rsyncd.service with systemctl
[root@localhost ~]# systemctl enable rsyncd --now
Created symlink from /etc/systemd/system/multi-user.target.wants/rsyncd.service to /usr/lib/systemd/system/rsyncd.service.
[root@localhost ~]# systemctl status rsyncd
● rsyncd.service - fast remote file copy program daemon
   Loaded: loaded (/usr/lib/systemd/system/rsyncd.service; enabled; vendor preset: disabled)
   Active: active (running) since 二 2022-11-29 15:25:39 CST; 10s ago
 Main PID: 41581 (rsync)
   CGroup: /system.slice/rsyncd.service
           └─41581 /usr/bin/rsync --daemon --no-detach

11月 29 15:25:39 localhost.localdomain systemd[1]: Started fast remote file copy program daemon.
11月 29 15:25:39 localhost.localdomain rsyncd[41581]: rsyncd version 3.1.2 starting, listening on port 873

问题6：关于debian系统的问题，可不用解决

6 : debmirror package is not installed, it will be required to manage debian deployments and repositories

#问题7：yum安装pykickstart
7 : ksvalidator was not found, install pykickstart
[root@localhost ~]# yum -y install pykickstart

问题8：cobbler设置密码

8 : The default password used by the sample templates for newly installed machines (default_password_crypted in /etc/cobbler/settings) is still set to 'cobbler' and should be changed, try: "openssl passwd -1 -salt 'random-phrase-here' 'your-password-here'" to generate new one
[root@localhost ~]# openssl passwd -1 -salt 'root' '123456'
$1$root$j0bp.KLPyr.u9kgQ428D10
[root@localhost ~]# vim /etc/cobbler/settings
[root@localhost ~]# grep "^default_password" /etc/cobbler/settings
default_password_crypted: "$1$root$j0bp.KLPyr.u9kgQ428D10"
[root@localhost ~]# systemctl restart cobblerd

问题9：yum安装fence-agents

9 : fencing tools were not found, and are required to use the (optional) power management features. install cman or fence-agents to use them
[root@localhost ~]# yum -y install fence-agents

[root@localhost ~]# cobbler check                                               #解决完之后再次检查，再执行cobbler sync
The following are potential configuration items that you may want to fix:

1 : debmirror package is not installed, it will be required to manage debian deployments and repositories

Restart cobblerd and then run 'cobbler sync' to apply changes.

[root@localhost ~]# cobbler sync

3.2 配置cobbler-dhcp

[root@localhost ~]# vim /etc/cobbler/settings 
[root@localhost ~]# grep "^manage_dhcp" /etc/cobbler/settings
manage_dhcp: 1
[root@localhost ~]# vim /etc/cobbler/dhcp.template 
[root@localhost ~]# grep "^subnet" -A 4 /etc/cobbler/dhcp.template 
subnet 192.168.18.0 netmask 255.255.255.0 {
     option routers             192.168.18.2;
     option domain-name-servers 114.114.114.114;
     option subnet-mask         255.255.255.0;
     range dynamic-bootp        192.168.18.50 192.168.18.99;
[root@localhost ~]# cobbler sync

3.3 重启所有服务，加入自启动

[root@localhost ~]# systemctl restart rsyncd dhcpd xinetd cobblerd tftp.socket tftp
[root@localhost ~]# systemctl enable rsyncd dhcpd xinetd cobblerd tftp.socket tftp

4）导入镜像、绑定ks文件

1 导入镜像到apache共享目录下

[root@localhost ~]# cobbler import --name="CentOS-7.6" --path=/iso/centos7.6
[root@localhost ~]# cobbler import --name="CentOS-6.8" --path=/iso/centos6.8
[root@localhost ~]# cobbler import --name="CentOS-7.6-graphical" --path=/iso/centos7.6
[root@localhost ~]# cobbler import --name="CentOS-6.8-graphical" --path=/iso/centos6.8
[root@localhost ~]# ll /var/www/cobbler/ks_mirror/                      #镜像导入后的位置
总用量 8
dr-xr-xr-x 7 root root 4096 5月  23 2016 CentOS-6.8
dr-xr-xr-x 7 root root 4096 5月  23 2016 CentOS-6.8-graphical
drwxrwxr-x 8 root root  254 11月 26 2018 CentOS-7.6
drwxrwxr-x 8 root root  254 11月 26 2018 CentOS-7.6-graphical
drwxr-xr-x 2 root root  146 12月  4 19:11 config
[root@localhost ~]# vim /var/lib/tftpboot/pxelinux.cfg/default          #tftp共享的默认菜单

2 生成ks文件

CentOS7-graphical.cfg #C7.6的图形化

[root@localhost ~]# vim /var/lib/cobbler/kickstarts/CentOS7-graphical.cfg
#version=DEVEL
auth --enableshadow --passalgo=sha512
url --url=http://192.168.18.201/cobbler/ks_mirror/CentOS-7.6/
graphical
firstboot --enable
ignoredisk --only-use=sda
keyboard --vckeymap=cn --xlayouts='cn'
lang zh_CN.UTF-8
network  --bootproto=dhcp --device=ens33 --onboot=on --ipv6=auto --no-activate
network  --hostname=localhost.localdomain
rootpw --iscrypted $6$bnwp14GWfWDgVw4y$7sr9QiO7hE90RkE12p3i.YMHmpzCsKMC7lkh5AH43FQB0uPHJjYaIzePu4oLrgqCpmH5yVY6dTOn6aLxEqwT1/
firewall --disabled
selinux --disabled
services --disabled="chronyd"
timezone Asia/Shanghai --isUtc --nontp
bootloader --append=" crashkernel=auto" --location=mbr --boot-drive=sda
clearpart --none --initlabel
part /boot --fstype="xfs" --ondisk=sda --size=1024
part swap --fstype="swap" --ondisk=sda --size=2048
part / --fstype="xfs" --ondisk=sda --grow --size=1

%packages
@^web-server-environment
@base
@core
@web-server
kexec-tools

%end

%post --interpreter=bash 
sed -i "115s/#//;115s/yes/no/" /etc/ssh/sshd_config
systemctl restart sshd
systemctl stop NetworkManager ;systemctl disable NetworkManager
cd /etc/yum.repos.d/
mkdir back
mv C* back/
echo "[centos7]
name=centos7 repo for kickstart
baseurl=http://192.168.18.201/cobbler/ks_mirror/CentOS-7.6/
enable=1
gpgcheck=0" >> CentOS-Media.repo
yum -y groupinstall "X Window System"
yum -y groupinstall "GNOME Desktop"
yum -y install gcc* lrzsz wget unzip
ln -s /etc/sysconfig/network-scripts/ifcfg-ens33 /root/
systemctl set-default graphical.target

%end
reboot

CentOS7.cfg #C7的基础服务环境

[root@localhost ~]# vim /var/lib/cobbler/kickstarts/CentOS7.cfg
#version=DEVEL
auth --enableshadow --passalgo=sha512
url --url=http://192.168.18.201/cobbler/ks_mirror/CentOS-7.6/
graphical
firstboot --enable
ignoredisk --only-use=sda
keyboard --vckeymap=cn --xlayouts='cn'
lang zh_CN.UTF-8
network  --bootproto=dhcp --device=ens33 --onboot=on --ipv6=auto --no-activate
network  --hostname=localhost.localdomain
rootpw --iscrypted $6$bnwp14GWfWDgVw4y$7sr9QiO7hE90RkE12p3i.YMHmpzCsKMC7lkh5AH43FQB0uPHJjYaIzePu4oLrgqCpmH5yVY6dTOn6aLxEqwT1/
firewall --disabled
selinux --disabled
services --disabled="chronyd"
timezone Asia/Shanghai --isUtc --nontp
bootloader --append=" crashkernel=auto" --location=mbr --boot-drive=sda
clearpart --none --initlabel
part /boot --fstype="xfs" --ondisk=sda --size=1024
part swap --fstype="swap" --ondisk=sda --size=2048
part / --fstype="xfs" --ondisk=sda --grow --size=1

%packages
@^web-server-environment
@base
@core
@web-server
kexec-tools

%end

%post --interpreter=bash 
sed -i "115s/#//;115s/yes/no/" /etc/ssh/sshd_config
systemctl restart sshd
systemctl stop NetworkManager ;systemctl disable NetworkManager
cd /etc/yum.repos.d/
mkdir back
mv C* back/
echo "[centos7]
name=centos7 repo for kickstart
baseurl=http://192.168.18.201/cobbler/ks_mirror/CentOS-7.6/
enable=1
gpgcheck=0" >> CentOS-Media.repo
yum -y install gcc* lrzsz wget unzip
ln -s /etc/sysconfig/network-scripts/ifcfg-ens33 /root/

%end

reboot

CentOS6-graphical.cfg #C6的图形化

[root@localhost ~]# vim /var/lib/cobbler/kickstarts/CentOS6-graphical.cfg 
#centos 6.8 kickstart
firewall --disabled
text
install
url --url="http://192.168.18.201/cobbler/ks_mirror/CentOS-6.8/"
lang en_US.UTF-8
keyboard us
rootpw --iscrypted $6$bnwp14GWfWDgVw4y$7sr9QiO7hE90RkE12p3i.YMHmpzCsKMC7lkh5AH43FQB0uPHJjYaIzePu4oLrgqCpmH5yVY6dTOn6aLxEqwT1/
auth  --useshadow  --passalgo=sha512
firstboot --enable
selinux --disabled
timezone  Asia/Shanghai
network  --bootproto=dhcp --device=eth0 --onboot=on
bootloader --location=mbr
zerombr
clearpart --all --initlabel 
part /boot --fstype="ext4" --ondisk=sda --size=1024
part swap --fstype="swap" --ondisk=sda --size=2048
part / --fstype="ext4" --ondisk=sda --grow --size=1

%packages
@basic-desktop
@desktop-debugging
@desktop-platform
@fonts
@general-desktop
@graphical-admin-tools
@input-methods
@kde-desktop
@legacy-x
@remote-desktop-clients
@x11

%end
reboot

CentOS6.cfg #C6的基础服务环境

[root@localhost ~]# vim /var/lib/cobbler/kickstarts/CentOS6.cfg 
#centos 6.8 kickstart
firewall --disabled
text
install
url --url="http://192.168.18.201/cobbler/ks_mirror/CentOS-6.8/"
lang en_US.UTF-8
keyboard us
rootpw --iscrypted $6$bnwp14GWfWDgVw4y$7sr9QiO7hE90RkE12p3i.YMHmpzCsKMC7lkh5AH43FQB0uPHJjYaIzePu4oLrgqCpmH5yVY6dTOn6aLxEqwT1/
auth  --useshadow  --passalgo=sha512
firstboot --enable
selinux --disabled
timezone  Asia/Shanghai
network  --bootproto=dhcp --device=eth0 --onboot=on
bootloader --location=mbr
zerombr
clearpart --all --initlabel 
part /boot --fstype="ext4" --ondisk=sda --size=1024
part swap --fstype="swap" --ondisk=sda --size=2048
part / --fstype="ext4" --ondisk=sda --grow --size=1

%packages
@chinese-support
@core
@server-policy
@workstation-policy
%end

reboot

3 指定镜像的profile配置文件，将ks文件绑定指定的镜像

[root@localhost ~]# cobbler profile list
   CentOS-6.8-graphical-x86_64
   CentOS-6.8-x86_64
   CentOS-7.6-graphical-x86_64
   CentOS-7.6-x86_64
[root@localhost ~]# cobbler profile report --name=CentOS-7.6-x86_64 |grep kickstart                     #查看默认使用的ks文件
Kickstart                      : /var/lib/cobbler/kickstarts/sample_end.ks
[root@localhost ~]# cobbler profile report --name=CentOS-6.8-x86_64 |grep kickstart
Kickstart                      : /var/lib/cobbler/kickstarts/sample_end.ks
[root@localhost ~]# ls /var/lib/cobbler/kickstarts/CentOS*
/var/lib/cobbler/kickstarts/CentOS6.cfg            /var/lib/cobbler/kickstarts/CentOS7.cfg
/var/lib/cobbler/kickstarts/CentOS6-graphical.cfg  /var/lib/cobbler/kickstarts/CentOS7-graphical.cfg

#修改不同菜单选项的ks文件
[root@localhost ~]# cobbler profile edit --name=CentOS-7.6-x86_64 --kickstart=/var/lib/cobbler/kickstarts/CentOS7.cfg
[root@localhost ~]# cobbler profile edit --name=CentOS-7.6-graphical-x86_64 --kickstart=/var/lib/cobbler/kickstarts/CentOS7-graphical.cfg
[root@localhost ~]# cobbler profile edit --name=CentOS-6.8-x86_64 --kickstart=/var/lib/cobbler/kickstarts/CentOS6.cfg
[root@localhost ~]# cobbler profile edit --name=CentOS-6.8-graphical-x86_64 --kickstart=/var/lib/cobbler/kickstarts/CentOS6-graphical.cfg
[root@localhost ~]# cobbler profile report --name=CentOS-7.6-x86_64 |grep kickstart                     #再次查看并确认ks文件
Kickstart                      : /var/lib/cobbler/kickstarts/CentOS7.cfg
[root@localhost ~]# cobbler profile report --name=CentOS-6.8-x86_64 |grep kickstart
Kickstart                      : /var/lib/cobbler/kickstarts/CentOS6.cfg
[root@localhost ~]# cobbler profile report --name=CentOS-6.8-graphical-x86_64 |grep kickstart
Kickstart                      : /var/lib/cobbler/kickstarts/CentOS6-graphical.cfg
[root@localhost ~]# cobbler profile report --name=CentOS-7.6-graphical-x86_64 |grep kickstart
Kickstart                      : /var/lib/cobbler/kickstarts/CentOS7-graphical.cfg

4 两台测试机测试安装

分别安装6版本、7版本

注意： /var/lib/tftpboot/pxelinux.cfg/default

menu default        #默认选中的项
ontimeout           #超时后启动的项（若删除后，以默认选中项为准，进行安装）

拓展：

iostat              #查看硬盘数据传输状态
iptables    -L      #查看生效的防火墙

安装完成后检查ks文件中的配置是否生效

注意：ks模板中的脚本部分不要有变量定义

纯字符安装用英文安装，中文纯字符安装会失败

5 设置web管理终端

[root@localhost ~]# cat /etc/cobbler/modules.conf |grep -A 1 "\[authentication"             #确认配置文件中能使用密码登录
[authentication]
module = authn_configfile

[root@localhost ~]# htdigest -c /etc/cobbler/users.digest Cobbler admin             #设置登录的用户：admin、密码123456
                                                                                    #Cobbler,首字母大写

浏览器访问： https://192.168.18.201/cobbler_web

注意：一定要用https

6 相关目录和命令帮助

配置文件目录：

/etc/cobbler
/etc/cobbler/settings : cobbler 主配置文件
/etc/cobbler/iso/: iso模板配置文件
/etc/cobbler/pxe: pxe模板文件
/etc/cobbler/power: 电源配置文件
/etc/cobbler/user.conf: web服务授权配置文件
/etc/cobbler/users.digest: web访问的用户名密码配置文件
/etc/cobbler/dhcp.template : dhcp服务器的的配置末班
/etc/cobbler/dnsmasq.template : dns服务器的配置模板
/etc/cobbler/tftpd.template : tftp服务的配置模板
/etc/cobbler/modules.conf : 模块的配置文件

数据目录：

/var/lib/cobbler/config/: 用于存放distros，system，profiles 等信 息配置文件
/var/lib/cobbler/triggers/: 用于存放用户定义的cobbler命令
/var/lib/cobbler/kickstart/: 默认存放kickstart文件
/var/lib/cobbler/loaders/: 存放各种引导程序 ，镜像目录
/var/www/cobbler/ks_mirror/: 导入的发行版系统的所有数据
/var/www/cobbler/images/ : 导入发行版的kernel和initrd镜像用于 远程网络启动
/var/www/cobbler/repo_mirror/: yum 仓库存储目录

日志目录：

/var/log/cobbler/installing: 客户端安装日志
/var/log/cobbler/cobbler.log : cobbler日志

cobbler commands 介绍：

cobbler check 核对当前设置是否有问题
cobbler list 列出所有的cobbler元素
cobbler report 列出元素的详细信息
cobbler sync 同步配置到数据目录,更改配置最好都要执行下
cobbler reposync 同步yum仓库
cobbler distro 查看导入的发行版系统信息
cobbler system 查看添加的系统信息
cobbler profile 查看配置信息