自動化安裝部署
https://www.cnblogs.com/nulige/p/6796593.html
PXE+Kickstart工作原理
pxe+kickstart工作流程
- 網卡上的pxe芯片有512字節,存放了DHCP和TFTP的客戶端
- 啟動計算機選擇網卡啟動,pxe上的DHCP客戶端會發出廣播包向DHCP服務器申請IP地址
- DHCP服務器分配給它IP地址的同時通過以下字段,告訴pxe,TFTP的地址和它要下載的文件(1.next-server x.x.x.x; 2.filename "pxelinux.0";)
- pxelinux.0告訴pxe要下載的配置文件是pxelinux.cfg目錄下的default
- pxe下載並依據配置文件的內容下載啟動必須的文件,並通過ks.cfg開始系統安裝
Cobbler部署安裝
環境 -CentOS7+Cobbler2.8.2
[root@cobbler kickstarts]# cat /etc/redhat-release
CentOS Linux release 7.4.1708 (Core)
[root@cobbler kickstarts]# uname -m
x86_64
[root@cobbler kickstarts]# uname -r
3.10.0-693.el7.x86_64
[root@cobbler ~]# cobbler version
Cobbler 2.8.2
CentOS Linux release 7.4.1708 (Core)
[root@cobbler kickstarts]# uname -m
x86_64
[root@cobbler kickstarts]# uname -r
3.10.0-693.el7.x86_64
[root@cobbler ~]# cobbler version
Cobbler 2.8.2
Cobbler運行流程
dhcp
client: 從dhcp中獲取地址,訪問next_server的ip地址
next_server : 獲取啟動內核,initrd等文件
tftp: pxe引導文件,啟動cobbler選擇界面
kickstart: 確定加載項,根據nfs,http,tfp等共享獲取資源
部署過程
1.關閉selinux和防火牆
關閉SELINUX: setenforce 0 sed -i 's#SELINUX=enforcing#SELINUX=disabled#g' /etc/selinux/config 關閉防火牆: systemctl stop firewalld
2.安裝epol源
rpm -ivh https://mirrors.aliyun.com/epel/7/x86_64/Packages/e/epel-release-7-11.noarch.rpm
3.安裝cobbler
yum install -y httpd dhcp tftp cobbler cobbler-web pykickstart xinetd
4.啟動httpd和cobbler服務
啟動httpd服務: systemctl start httpd 啟動cobblerd服務: systemctl start cobblerd
5.cobber check,完成要求
[root@cobbler ~]# cobbler check
The following are potential configuration items that you may want to fix:
1 : The 'server' field in /etc/cobbler/settings must be set to something other than localhost, or kickstarting features will not work. This should be a resolvable hostname or IP for the boot server as reachable by all machines that will use it.
修改/etc/cobbler/settings中的server字段IP為本機網卡IP
2 : For PXE to be functional, the 'next_server' field in /etc/cobbler/settings must be set to something other than 127.0.0.1, and should match the IP of the boot server on the PXE network.
修改/etc/cobbler/settings中next_server字段IP為本機IP
3 : SELinux is enabled. Please review the following wiki page for details on ensuring cobbler works correctly in your SELinux environment:
https://github.com/cobbler/cobbler/wiki/Selinux
關閉SELinux
4 : change 'disable' to 'no' in /etc/xinetd.d/tftp
修改/etc/xinetd.d/tftp中disable為no
5 : Some network boot-loaders are missing from /var/lib/cobbler/loaders, you may run 'cobbler get-loaders' to download them, or, if you only want to handle x86/x86_64 netbooting, you may ensure that you have installed a *recent* version of the syslinux package installed and can ignore this message entirely. Files in this directory, should you want to support all architectures, should include pxelinux.0, menu.c32, elilo.efi, and yaboot. The 'cobbler get-loaders' command is the easiest way to resolve these requirements.
運行cobbler get-loaders加載引導程序
6 : enable and start rsyncd.service with systemctl
啟動rsyncd服務:systemctl start rsyncd
7 : debmirror package is not installed, it will be required to manage debian deployments and repositories
管理debian的部署和倉庫,此處不管
8 : The default password used by the sample templates for newly installed machines (default_password_crypted in /etc/cobbler/settings) is still set to 'cobbler' and should be changed, try: "openssl passwd -1 -salt 'random-phrase-here' 'your-password-here'" to generate new one
運行openssl passwd -1 -salt '鹽' '密碼' 加密密鑰字符串並替換掉/etc/cobbler/settings中default_password_crypted字段的值
9 : fencing tools were not found, and are required to use the (optional) power management features. install cman or fence-agents to use them
電源管理,此處不管
Restart cobblerd and then run 'cobbler sync' to apply changes.
6.完成要求后重啟cobbler服務並再此cobbler check檢查
systemctl restart cobblerd cobbler check
7.編輯修改/etc/cobbler/settings第242行為manage_dhcp: 1
編輯/etc/cobbler/dhcp.template,修改DHCP發布信息,即只修改
subnet 10.0.0.0 netmask 255.255.255.0 {
option routers 10.0.0.2;
option domain-name-servers 10.0.0.2;
option subnet-mask 255.255.255.0;
range dynamic-bootp 10.0.0.190 10.0.0.210;
8.重啟cobblerd服務並執行cobbler sync
[root@cobbler ~]# systemctl restart cobblerd [root@cobbler ~]# cobbler sync task started: 2018-03-06_171312_sync task started (id=Sync, time=Tue Mar 6 17:13:12 2018) running pre-sync triggers cleaning trees removing: /var/lib/tftpboot/grub/images copying bootloaders copying: /var/lib/cobbler/loaders/pxelinux.0 -> /var/lib/tftpboot/pxelinux.0 copying: /var/lib/cobbler/loaders/menu.c32 -> /var/lib/tftpboot/menu.c32 copying: /var/lib/cobbler/loaders/yaboot -> /var/lib/tftpboot/yaboot copying: /usr/share/syslinux/memdisk -> /var/lib/tftpboot/memdisk copying: /var/lib/cobbler/loaders/grub-x86.efi -> /var/lib/tftpboot/grub/grub-x86.efi copying: /var/lib/cobbler/loaders/grub-x86_64.efi -> /var/lib/tftpboot/grub/grub-x86_64.efi copying distros to tftpboot copying images generating PXE configuration files generating PXE menu structure rendering DHCP files generating /etc/dhcp/dhcpd.conf rendering TFTPD files generating /etc/xinetd.d/tftp cleaning link caches running post-sync triggers running python triggers from /var/lib/cobbler/triggers/sync/post/* running python trigger cobbler.modules.sync_post_restart_services running: dhcpd -t -q received on stdout: received on stderr: running: service dhcpd restart received on stdout: received on stderr: Redirecting to /bin/systemctl restart dhcpd.service running shell triggers from /var/lib/cobbler/triggers/sync/post/* running python triggers from /var/lib/cobbler/triggers/change/* running python trigger cobbler.modules.scm_track running shell triggers from /var/lib/cobbler/triggers/change/* *** TASK COMPLETE *** [root@cobbler ~]#
9.掛載系統鏡像並將系統鏡像導入cobbler
查看光盤信息: [root@cobbler ~]# ll /dev/cdrom lrwxrwxrwx. 1 root root 3 Mar 6 16:08 /dev/cdrom -> sr0 掛載並導入cobbler: [root@cobbler ~]# mount /dev/cdrom /mnt/ mount: /dev/sr0 is write-protected, mounting read-only [root@cobbler ~]# [root@cobbler ~]# cobbler import --path=/mnt/ --name CentOS-7-x86_64 --arch=x86_64
10.自定義kickstarts文件
/var/lib/cobbler/kickstarts/為系統默認存放kickstarts文件的地方
cd /var/lib/cobbler/kickstarts/ rz **上傳事先准備好的CentOS-7-x86_64.cfg文件** 自定義kickstarts: cobbler profile edit --name=CentOS-7-x86_64 --kickstart=/var/lib/cobbler/kickstarts/CentOS-7-x86_64.cfg CentOS 7默認網卡不是eth開頭,修改內核參數使其成為eth開頭 cobbler profile edit --name=CentOS-7-x86_64 --kopts='net.ifnames=0 biosdevname'
11.重啟httpd,xinetd,cobblerd服務
systemctl restart httpd systemctl restart xinetd systemctl restart cobblerd cobbler sync
12.查看DHCP日志,查看自動安裝情況
[root@cobbler kickstarts]# tail -f /var/log/messages Mar 6 17:51:57 localhost dhcpd: Copyright 2004-2013 Internet Systems Consortium. Mar 6 17:51:57 localhost dhcpd: All rights reserved. Mar 6 17:51:57 localhost dhcpd: For info, please visit https://www.isc.org/software/dhcp/ Mar 6 17:51:57 localhost dhcpd: Not searching LDAP since ldap-server, ldap-port and ldap-base-dn were not specified in the config file Mar 6 17:51:57 localhost dhcpd: Wrote 0 class decls to leases file. Mar 6 17:51:57 localhost dhcpd: Wrote 0 leases to leases file. Mar 6 17:51:57 localhost dhcpd: Listening on LPF/ens33/00:0c:29:54:bf:8c/10.0.0.0/24 Mar 6 17:51:57 localhost dhcpd: Sending on LPF/ens33/00:0c:29:54:bf:8c/10.0.0.0/24 Mar 6 17:51:57 localhost dhcpd: Sending on Socket/fallback/fallback-net Mar 6 17:51:57 localhost systemd: Started DHCPv4 Server Daemon.
13.開啟一個新機器,選擇網卡啟動(默認就是網卡啟動)
進入cobbler界面成功!!!
此時查看cobbler服務器DHCP日志信息:
[root@cobbler kickstarts]# tail -f /var/log/messages Mar 6 17:51:57 localhost dhcpd: Copyright 2004-2013 Internet Systems Consortium. Mar 6 17:51:57 localhost dhcpd: All rights reserved. Mar 6 17:51:57 localhost dhcpd: For info, please visit https://www.isc.org/software/dhcp/ Mar 6 17:51:57 localhost dhcpd: Not searching LDAP since ldap-server, ldap-port and ldap-base-dn were not specified in the config file Mar 6 17:51:57 localhost dhcpd: Wrote 0 class decls to leases file. Mar 6 17:51:57 localhost dhcpd: Wrote 0 leases to leases file. Mar 6 17:51:57 localhost dhcpd: Listening on LPF/ens33/00:0c:29:54:bf:8c/10.0.0.0/24 Mar 6 17:51:57 localhost dhcpd: Sending on LPF/ens33/00:0c:29:54:bf:8c/10.0.0.0/24 Mar 6 17:51:57 localhost dhcpd: Sending on Socket/fallback/fallback-net Mar 6 17:51:57 localhost systemd: Started DHCPv4 Server Daemon. Mar 6 17:55:29 localhost dhcpd: DHCPDISCOVER from 00:0c:29:50:15:83 via ens33 Mar 6 17:55:30 localhost dhcpd: DHCPOFFER on 10.0.0.190 to 00:0c:29:50:15:83 via ens33 Mar 6 17:55:32 localhost dhcpd: DHCPREQUEST for 10.0.0.190 (10.0.0.181) from 00:0c:29:50:15:83 via ens33 Mar 6 17:55:32 localhost dhcpd: DHCPACK on 10.0.0.190 to 00:0c:29:50:15:83 via ens33 Mar 6 17:55:32 localhost xinetd[17293]: START: tftp pid=17333 from=10.0.0.190 Mar 6 17:55:32 localhost in.tftpd[17334]: RRQ from 10.0.0.190 filename pxelinux.0 Mar 6 17:55:32 localhost in.tftpd[17334]: tftp: client does not accept options Mar 6 17:55:32 localhost in.tftpd[17335]: RRQ from 10.0.0.190 filename pxelinux.0 Mar 6 17:55:32 localhost in.tftpd[17335]: Client 10.0.0.190 finished pxelinux.0 Mar 6 17:55:32 localhost in.tftpd[17336]: RRQ from 10.0.0.190 filename pxelinux.cfg/564d2383-4d62-184e-37d8-2d30ad501583 Mar 6 17:55:32 localhost in.tftpd[17336]: Client 10.0.0.190 File not found pxelinux.cfg/564d2383-4d62-184e-37d8-2d30ad501583 Mar 6 17:55:32 localhost in.tftpd[17337]: RRQ from 10.0.0.190 filename pxelinux.cfg/01-00-0c-29-50-15-83 Mar 6 17:55:32 localhost in.tftpd[17337]: Client 10.0.0.190 File not found pxelinux.cfg/01-00-0c-29-50-15-83 Mar 6 17:55:32 localhost in.tftpd[17338]: RRQ from 10.0.0.190 filename pxelinux.cfg/0A0000BE Mar 6 17:55:32 localhost in.tftpd[17338]: Client 10.0.0.190 File not found pxelinux.cfg/0A0000BE Mar 6 17:55:32 localhost in.tftpd[17339]: RRQ from 10.0.0.190 filename pxelinux.cfg/0A0000B Mar 6 17:55:32 localhost in.tftpd[17339]: Client 10.0.0.190 File not found pxelinux.cfg/0A0000B Mar 6 17:55:32 localhost in.tftpd[17340]: RRQ from 10.0.0.190 filename pxelinux.cfg/0A0000 Mar 6 17:55:32 localhost in.tftpd[17340]: Client 10.0.0.190 File not found pxelinux.cfg/0A0000 Mar 6 17:55:32 localhost in.tftpd[17341]: RRQ from 10.0.0.190 filename pxelinux.cfg/0A000 Mar 6 17:55:32 localhost in.tftpd[17341]: Client 10.0.0.190 File not found pxelinux.cfg/0A000 Mar 6 17:55:32 localhost in.tftpd[17342]: RRQ from 10.0.0.190 filename pxelinux.cfg/0A00 Mar 6 17:55:32 localhost in.tftpd[17342]: Client 10.0.0.190 File not found pxelinux.cfg/0A00 Mar 6 17:55:32 localhost in.tftpd[17343]: RRQ from 10.0.0.190 filename pxelinux.cfg/0A0 Mar 6 17:55:32 localhost in.tftpd[17343]: Client 10.0.0.190 File not found pxelinux.cfg/0A0 Mar 6 17:55:32 localhost in.tftpd[17344]: RRQ from 10.0.0.190 filename pxelinux.cfg/0A Mar 6 17:55:32 localhost in.tftpd[17344]: Client 10.0.0.190 File not found pxelinux.cfg/0A Mar 6 17:55:32 localhost in.tftpd[17345]: RRQ from 10.0.0.190 filename pxelinux.cfg/0 Mar 6 17:55:32 localhost in.tftpd[17345]: Client 10.0.0.190 File not found pxelinux.cfg/0 Mar 6 17:55:32 localhost in.tftpd[17346]: RRQ from 10.0.0.190 filename pxelinux.cfg/default Mar 6 17:55:32 localhost in.tftpd[17346]: Client 10.0.0.190 finished pxelinux.cfg/default Mar 6 17:55:32 localhost in.tftpd[17347]: RRQ from 10.0.0.190 filename menu Mar 6 17:55:32 localhost in.tftpd[17347]: Client 10.0.0.190 File not found menu Mar 6 17:55:32 localhost in.tftpd[17348]: RRQ from 10.0.0.190 filename menu.cbt Mar 6 17:55:32 localhost in.tftpd[17348]: Client 10.0.0.190 File not found menu.cbt Mar 6 17:55:32 localhost in.tftpd[17349]: RRQ from 10.0.0.190 filename menu.0 Mar 6 17:55:32 localhost in.tftpd[17349]: Client 10.0.0.190 File not found menu.0 Mar 6 17:55:32 localhost in.tftpd[17350]: RRQ from 10.0.0.190 filename menu.com Mar 6 17:55:32 localhost in.tftpd[17350]: Client 10.0.0.190 File not found menu.com Mar 6 17:55:32 localhost in.tftpd[17351]: RRQ from 10.0.0.190 filename menu.c32 Mar 6 17:55:32 localhost in.tftpd[17351]: Client 10.0.0.190 finished menu.c32 Mar 6 17:55:32 localhost in.tftpd[17352]: RRQ from 10.0.0.190 filename pxelinux.cfg/default Mar 6 17:55:32 localhost in.tftpd[17352]: Client 10.0.0.190 finished pxelinux.cfg/default
CentOS-7-x86_64.cfg文件內容
[root@cobbler kickstarts]# cat CentOS-7-x86_64.cfg
#### cobbler for Kickstart Configurator for CentOS 7.4 by ChenTaicheng
install
url --url=$tree
text
lang en_US.UTF-8
keyboard us
zerombr
bootloader --location=mbr
\# Network information
$SNIPPET('network_config')
timezone --utc Asia/Shanghai
authconfig --enableshadow --passalgo=sha512
rootpw --iscrypted $default_password_crypted
clearpart --all --initlabel
part /boot --fstype xfs --size 200
part swap --size 200
part / --fstype xfs --size 9500
firstboot --disable
selinux --disabled
firewall --disabled
logging --level=info
reboot
%pre
$SNIPPET('log_ks_pre')
$SNIPPET('kickstart_start')
$SNIPPET('pre_install_network_config')
\#Enable installation monitoring
$SNIPPET('pre_anamon')
%end
%packages
@base
@compat-libraries
@debugging
@development
tree
nmap
sysstat
lrzsz
dos2unix
telnet
iptraf
ncurses-devel
openssl-devel
zlib-devel
OpenIPMI-tools
screen
%end
%post
systemctl disable postfix.service
%end[root@cobbler kickstarts]#
CentOS-6.6-x86_64.cfg文件內容
\#platform=x86, AMD64, or Intel EM64T
\#System authorization information
auth --useshadow --enablemd5
\#System bootloader configuration
bootloader --location=mbr
\#Partition clearing information
clearpart --all --initlabel
\#Partition information
part /boot --fstype ext4 --size 1024 --ondisk sda
part swap --size=1500
part / --fstype ext4 --size 1 --grow --ondisk sda
\#Use text mode install
text
\#Firewall configuration
firewall --disable
\#Run the Setup Agent on first boot
firstboot --disable
\#System keyboard
keyboard us
\#System language
lang en_US
\#Use network installation
url --url=$tree
\#If any cobbler repo definitions were referenced in the kickstart profile, include them here.
$yum_repo_stanza
\#Network information
$SNIPPET('network_config')
\#network --bootproto=dhcp --device=em1
\#Reboot after installation
reboot
\#Root password
rootpw --iscrypted $default_password_crypted
\#SELinux configuration
selinux --disabled
\#Do not configure the X Window System
skipx
\#System timezone
timezone Asia/Shanghai
\#Install OS instead of upgrade
install
\#Clear the Master Boot Record
zerombr
%packages
@base
@compat-libraries
@debugging
@development
tree
nmap
sysstat
lrzsz
dos2unix
telnet
%pre
$SNIPPET('log_ks_pre')
$SNIPPET('kickstart_start')
$SNIPPET('pre_install_network_config')
\#Enable installation monitoring
$SNIPPET('pre_anamon')
%post
%end
###定制開始顯示網站
[root@cobbler ~]# cd /etc/cobbler/pxe
[root@cobbler pxe]# cat pxedefault.template
DEFAULT menu
PROMPT 0
MENU TITLE Cobbler | http://cobbler.github.io
TIMEOUT 200
TOTALTIMEOUT 6000
ONTIMEOUT $pxe_timeout_profile
LABEL local
MENU LABEL (local)
MENU DEFAULT
LOCALBOOT -1
$pxe_menu_items
MENU end
擴展
客戶機自動重新安裝
客戶端執行:
yum install -y koan koan --server=10.0.0.181 --list=profiles koan --replace-self --server=10.0.0.181 --profile=CentOS-7-x86_64
搭建yum源
服務端配置
1.添加repo cobbler repo add --name=openstack-queens --mirror=https://mirrors.aliyun.com/centos/7.4.1708/cloud/x86_64/openstack-queens/ --arch=x86_64 --breed=yum 2.同步repo cobbler reposync 3.添加repo到對應的profile cobbler profile edit --name=CentOS-7-x86_64 --repos="openstack-queens" 4.修改kickstart文件,添加下面內容到%post %end中間 systemctl disable postfix.service %yum_config_stanza
根據MAC定制化裝機
cobbler system add --name=linux-node2.oldboyedu.com --mac=00:50:56:21:AF:72 --profile=CentOS-7-x86_64 \ --ip-address=10.0.0.199 --subnet=255.255.255.0 --gateway=10.0.0.2 --interface=eth0 \ --static=1 --hostname=linux-node2.oldboyedu.com --name-servers="10.0.0.2" \ --kickstart=/var/lib/cobbler/kickstarts/CentOS-7-x86_64.cfg
相關命令及文件
cobbler \#cobbler程序包 cobbler-web \#cobbler的web服務包 pykickstart \#cobbler檢查kickstart語法錯誤 httpd \#Apache web服務 /etc/cobbler \# 配置文件目錄 /etc/cobbler/settings \# cobbler主配置文件 /etc/cobbler/dhcp.template \# DHCP服務的配置模板 /etc/cobbler/tftpd.template \# tftp服務的配置模板 /etc/cobbler/rsync.template \# rsync服務的配置模板 /etc/cobbler/iso \# iso模板配置文件目錄 /etc/cobbler/pxe \# pxe模板文件目錄 /etc/cobbler/power \# 電源的配置文件目錄 /etc/cobbler/users.conf \# Web服務授權配置文件 /etc/cobbler/users.digest \# web訪問的用戶名密碼配置文件 /etc/cobbler/dnsmasq.template \# DNS服務的配置模板 /etc/cobbler/modules.conf \# Cobbler模塊配置文件 /var/lib/cobbler \# Cobbler數據目錄 /var/lib/cobbler/config \# 配置文件 /var/lib/cobbler/kickstarts \# 默認存放kickstart文件 /var/lib/cobbler/loaders \# 存放的各種引導程序 /var/www/cobbler \# 系統安裝鏡像目錄 /var/www/cobbler/ks_mirror \# 導入的系統鏡像列表 /var/www/cobbler/images \# 導入的系統鏡像啟動文件 /var/www/cobbler/repo_mirror \# yum源存儲目錄 /var/log/cobbler \# 日志目錄 /var/log/cobbler/install.log \# 客戶端系統安裝日志 /var/log/cobbler/cobbler.log \# cobbler日志 導入鏡像命令 cobbler import --path=/mnt/ --name Centos-6.6-x86_64 --arch=x86_64 ####--path 鏡像路徑 ####--name 為安裝源定義一個名稱 ####--arch 指定安裝源是32位、64位、ia64, 目前支持的選項有: x86│x86_64│ia64 查看導入信息 cobbler profile report