1. 環境描述
- 系統環境: CentOS 7.3
- 網絡環境: 有兩塊網卡,第一塊用來配置正常訪問互聯網,第二塊配另一個網段,這里配置
172.16.1.1,用來提供無人值守安裝系統。 - SELinux: 關閉狀態
- iptables、firewalld: 防火牆關閉狀態
2. 安裝部署
-
安裝前請先配好epel源,然后使用yum進行安裝:
rpm -ivh http://dl.fedoraproject.org/pub/epel/7/x86_64/e/epel-release-7-9.noarch.rpm yum install cobbler cobbler-web pykickstart debmirror dhcp tftp-server httpd syslinux -
安裝好后,把
/var/lib/tftpboot/目標下所有文件移動到另一位置,因為此目錄下的文件全部由cobbler自己來生成。mkdir /root/pxeboot mv /var/lib/tftpboot/* /root/pxeboot/ -
這時再編輯
/etc/dhcp/dhcpd.conf,內容如下:[root@localhost ~]# cat /etc/dhcp/dhcpd.conf # # DHCP Server Configuration file. # see /usr/share/doc/dhcp*/dhcpd.conf.example # see dhcpd.conf(5) man page # option domain-name "localhost.localdomain"; option domain-name-servers 114.114.114.114,223.6.6.6; default-lease-time 3600; max-lease-time 7200; log-facility local7; subnet 172.16.1.0 netmask 255.255.255.0 { range 172.16.1.2 172.16.1.20; option routers 172.16.1.1; filename "pxelinux.0"; } -
確保第二塊網卡網絡配置正確,這里僅作測試臨時配置:
ifconfig enp6s0f1 172.16.1.1/24 -
依次啟動服務:
systemctl start dhcpd.service && systemctl enable dhcpd.service systemctl start cobblerd.service && systemctl enable cobblerd.service systemctl start httpd.service && systemctl enable httpd.service systemctl start rsyncd.service && systemctl enable rsyncd.service -
環境檢查修改:
cobbler check
-
報錯:
1 : The 'server' field in /etc/cobbler/settings must be set to something other than localhost, or kickstarting features will not work. This should be a resolvable hostname or IP for the boot server as reachable by all machines that will use it. 2 : For PXE to be functional, the 'next_server' field in /etc/cobbler/settings must be set to something other than 127.0.0.1, and should match the IP of the boot server on the PXE network. 3 : change 'disable' to 'no' in /etc/xinetd.d/tftp. 4 : some network boot-loaders are missing from /var/lib/cobbler/loaders, you may run 'cobbler get-loaders' to download them, or, if you only want to handle x86/x86_64 netbooting, you may ensure that you have installed a *recent* version of the syslinux package installed and can ignore this message entirely. Files in this directory, should you want to support all architectures, should include pxelinux.0, menu.c32, elilo.efi, and yaboot. The 'cobbler get-loaders' command is the easiest way to resolve these requirements. 5 : comment out 'dists' on /etc/debmirror.conf for proper debian support 6 : comment out 'arches' on /etc/debmirror.conf for proper debian support 7 : The default password used by the sample templates for newly installed machines (default_password_crypted in /etc/cobbler/settings) is still set to 'cobbler' and should be changed, try: "openssl passwd -1 -salt 'random-phrase-here' 'your-password-here'" to generate new one 8 : fencing tools were not found, and are required to use the (optional) power management features. install cman or fence-agents to use them -
解決:
1、2: 修改/etc/cobbler/settings server: 172.16.1.1 next_server: 172.16.1.1 3: 修改/etc/xinetd.d/tftp disable = no 4: 此問題可忽略 5、6:修改/etc/debmirror.conf,注釋掉@dists="sid"和@arches="i386" #@dists="sid"; #@arches="i386"; 7: 修改默認密碼,注意,此密碼是安裝系統默認的管理員root密碼 生成密碼串 openssl passwd -1 -salt `openssl rand -hex 4` Password: $1$0a7998bb$OrhhdGoYj.Ngr2yRzGuKB0 將密碼串粘貼在/etc/cobbler/settings的default_password_crypted 字段 vim /etc/cobbler/settings default_password_crypted: "$1$0a7998bb$OrhhdGoYj.Ngr2yRzGuKB0" 8: 此問題可忽略
接着重啟cobblerd服務,然后再執行cobbler check進行檢查,直到只剩可忽略的問題:
systemctl restart cobblerd.service
cobbler check
The following are potential configuration items that you may want to fix:
1 : some network boot-loaders are missing from /var/lib/cobbler/loaders, you may run 'cobbler get-loaders' to download them, or, if you only want to handle x86/x86_64 netbooting, you may ensure that you have installed a *recent* version of the syslinux package installed and can ignore this message entirely. Files in this directory, should you want to support all architectures, should include pxelinux.0, menu.c32, elilo.efi, and yaboot. The 'cobbler get-loaders' command is the easiest way to resolve these requirements.
2 : fencing tools were not found, and are required to use the (optional) power management features. install cman or fence-agents to use them
Restart cobblerd and then run 'cobbler sync' to apply changes.
3. cobbler_web
設置cobbler_web登錄頁面的用戶和密碼:
htdigest /etc/cobbler/users.digest "Cobbler" cobbler
Changing password for user cobbler in realm Cobbler
New password:
Re-type new password:
-
提示:
"Cobbler":Rename提示信息
cobbler : 這個是用戶名
/etc/cobbler/users.digest :帳號文件 -
注意: 在cobbler-web-2.8.0-4.el7.noarch這個版本上,要通過https協議訪問,用http協議訪問提示403報錯。
此時正常來說可以從瀏覽器中通過http(s)😕/YOUR_COBBLERD_IP/cobbler_web訪問。
4. Cobbler 命令
cobbler import導入iso鏡像cobbler distro對iso鏡像鏡像管理,主要包含Initrd、Kernel的絕對路徑cobbler profile對profile文件編輯,profile主要起 iso鏡像與kickstart文件進行關聯,同一個iso鏡像可以有多個kickstart配置文件cobbler system可以對服務器進行定制化安裝,例如根據網卡mac地址設定ip、主機名、電源管理等。
在系統中將CentOS 7.3 鏡像導入,此功能在cobbler_web上也應該可以操作,但沒有研究過:
mkdir /media/cdrom
mount /var/local/iso/CentOS-7-x86_64-DVD-1611.iso /media/cdrom
cobbler import --name="CentOS-7-x86_64-DVD-1611" --path=/media/cdrom
接着以同樣的方式導入CentOS 6.5,此時在命令行可執行cobbler distro list 可查看到已經導入進來的鏡像。默認在導入鏡像的同時,已經有創建好了對應的profile,可以安裝使用了,默認是最小化安裝。profile可執行cobbler profile list查看。
如果要自定義profile,可以用下面命令操作:
cobbler profile add --name="CentOS-7-x86_64-web" --distro=CentOS-7-x86_64-DVD-1611 --kickstart=/var/lib/cobbler/kickstarts/centos7-web.ks
cobbler sync
在有些場景下需要定制化安裝,例如根據網卡的mac地址安裝不同的系統,並設定主機名、網卡bonding等,此時可使用cobbler system,例如:
cobbler system add \
--name=SYSTEM_NAME \
--profile=PROFILE_NAME \
# 主機名配置
--hostname=HOSTNAME.example.com \
--dns-name=HOSTNAME.example.com \
# 網絡及雙網卡bond0 配置
--interface=bond0 \
--interface-type=bond \
--bonding-opts="mode=active-backup miimon=100" \
--ip-address=172.16.1.5 \
--subnet=255.255.255.0 \
--gateway=172.16.1.1 \
--name-servers="114.114.114.114 223.5.5.5" \
--static=1 \
--netboot-enabled=true \
# IPMI電源管理信息配置
--power-type=ipmilan \
--power-user=USER \
--power-pass=PASSWORD \
--power-address=192.168.X.X
# 網卡接口em1配置
cobbler system edit \
--name=SYSTEM_NAME \
--interface=em1 \
--mac=XX:XX:XX:XX:XX:01 \
--interface-type=bond_slave \
--interface-master=bond0
# 網卡接口em2配置
cobbler system edit \
--name=SYSTEM_NAME \
--interface=em2 \
--mac=XX:XX:XX:XX:XX:02 \
--interface-type=bond_slave \
--interface-master=bond0
最后要特別注意,每次操作后都要執行cobbler sync來同步操作生效。
上面要用到的centos7-web.ks文件制作,這里不再介紹,可以通過system-config-kickstart圖形化工具來生成和編輯,可以使用yum來安裝:
yum install system-config-kickstart
# 啟動可執行:
system-config-kickstart
也可以在已經安裝的CentOS系統root家目錄下一般為anaconda-ks.cfg 進行編輯修改。可參考Kickstart Documentation。
關於profile、ks文件制作、cobbler sync同步等,建議在cobbler_web界面上操作,比較方便。
Cobbler源碼獲取獲取。