cobbler+kickstart安裝筆記

 

cobbler+kickstart安裝筆記

本文參考老男孩配置:https://blog.oldboyedu.com/autoinstall-cobbler/

centos7：開機如果不啟動網卡，需要修改/etc/sysconfig/network-scripts/本地的網卡（一般為ens-xxx）將onboot改為yes

1.安裝epel rpm源（這里使用的阿里雲源）

yum clean all

rpm -ivh https://mirrors.aliyun.com/epel/epel-release-latest-7.noarch.rpm

 

2.安裝前置安裝環境

關閉防火牆，和selinux（不願意關的話可以開放相應端口25151 69 22 80）

    systemctl stop firewalld  #停止防火牆

    systemctl disable firewalld  #禁止開機啟動防火牆
    
    vi /etc/sysconfig/selinux  #修改selinux
   
     SELINUX=disabled

    reboot #重啟 

 

下面安裝基礎環境 

yum -y install cobbler cobbler-web pykickstart debmirror httpd dhcp xinetd xftp rsyncd

#這里我們啟動服務，並設置開機啟動

systemctl start httpd

systemctl enable httpd

systemctl start cobblerd

systemctl enable cobblerd

systemctl start xftp

systemctl enable xftp

systemctl start rsyncd

systemctl enable rsyncd

ksvalidator /var/lib/cobbler/kickstarts/CentOS7-7-x86_64.cfg #安裝的pykickstart里面的工具，用來檢查簡單的語法錯誤登，但是有時候會誤判，發現有朋友ks文件出問題，當初寫的時候忘了補充下

配置cobbler：

cobbler check

會有以下提示：

The following are potential configuration items that you may want to fix:

1 : The 'server' field in /etc/cobbler/settings must be set to something other than localhost, or kickstarting features will not work. This should be a resolvable hostname or IP for the boot server as reachable by all machines that will use it.
2 : For PXE to be functional, the 'next_server' field in /etc/cobbler/settings must be set to something other than 127.0.0.1, and should match the IP of the boot server on the PXE network.
3 : change 'disable' to 'no' in /etc/xinetd.d/tftp
4 : Some network boot-loaders are missing from /var/lib/cobbler/loaders, you may run 'cobbler get-loaders' to download them, or, if you only want to handle x86/x86_64 netbooting, you may ensure that you have installed a *recent* version of the syslinux package installed and can ignore this message entirely. Files in this directory, should you want to support all architectures, should include pxelinux.0, menu.c32, elilo.efi, and yaboot. The 'cobbler get-loaders' command is the easiest way to resolve these requirements.
5 : enable and start rsyncd.service with systemctl
6 : debmirror package is not installed, it will be required to manage debian deployments and repositories
7 : The default password used by the sample templates for newly installed machines (default_password_crypted in /etc/cobbler/settings) is still set to 'cobbler' and should be changed, try: "openssl passwd -1 -salt 'random-phrase-here' 'your-password-here'" to generate new one
8 : fencing tools were not found, and are required to use the (optional) power management features. install cman or fence-agents to use them

Restart cobblerd and then run 'cobbler sync' to apply changes.

 

按照步驟設置

修改cobbler配置文件

vim /etc/cobbler/settings

#第一項 server 將server設置為提供cobbler服務的服務器ip（我這里是單虛擬機模擬所以就設置的為本機）

#server = 127.0.0.1
server = 192.168.184.130
#可以使用sed直接修改，第一次推薦還是先手動改改，多看看配置，后面就直接改了就行了
#sed -i 's/server: 127.0.0.1/server: 192.168.184.130/' /etc/cobbler/settings

 #第一項 next_server 將提供pxe服務的ip

#next_server = 127.0.0.1
next_server = 192.168.184.130

#sed -i 's/next_server: 127.0.0.1/next_server:192.168.184.130/' /etc/cobbler/settings 

#第三項 將tftp的disable 值從yes修改為no 

vi /etc/xinetd.d/tftp
disable=no
#sed -i 's/disable=yes/disable=no/' /etc/xinetd.d/tftp

#第四項 下載網絡安裝所需文件

cobbler get-loaders   #注意，在上面步驟中，如果你不小心輸錯了你配置的server的ip地址的話，會報錯，請先檢查自己輸入的ip是否正確。

 

#第五項 啟動rsync（/etc/xinetd.d/rsync有些人分享的步驟中會有這個文件，但是實際上不用xinetd托管rsync也不影響，所以只要啟動了服務就問題不大）

systemct start rsyncd

systemct  enable rsyncd

ps:如果在前面你像我一樣啟動了，這一步可以省略，這里只是為了對照cobbler的提示

#第六項 配置密碼

#（執行下面命令后之后會出現加密后的密碼，現在的版本隨機值最好不要設置為random-phrase）

openssl passwd -1 -salt 'random-phrase-here' 'your-password-here' 

#將密碼添加到/etc/cobbler/settings中的default_password值
#default_password_crypted: "$1$mF86/UHC$WvcIcX2t6crBz2onWxyac."

重啟cobbler

systemctl restart httpd
systemctl restart cobbler

再次檢查配置，若沒有問題則提交同步

cobbler check

cobbler rsync 

#通過cobbler管理dhcp

#修改/etc/cobbler/settings值manage_dhcp: 1
#sed -i 's/manage_dhcp: 0/manage_dhcp: 1/' /etc/cobbler/settings

#查看cobbler的配置例子

vim /etc/cobbler/dhcp.template

subnet 192.168.184.0 netmask 255.255.255.0 {
option routers 192.168.184.2;
option domain-name-servers 192.168.184.2;
option subnet-mask 255.255.255.0;
range dynamic-bootp 192.168.184.100 192.168.184.254;

#導入鏡像 先將鏡像掛在，再通過import導入 --path為掛在鏡像的路徑 --name為名字 --arch為架構

mount /dev/cdrom /mnt
#mount: /dev/sr0 寫保護，將以只讀方式掛載

如果是虛擬機的朋友，導入掛載沒發先cdrom，在虛擬機里將cdrom啟動再掛載即可，path為鏡像掛載的目錄，name為你這個鏡像的名稱，arch為系統架構

cobbler import --path=/mnt/ --name=CentOS7 --arch=x86_64

#文件鏡像位置為/var/www/cobbler/ks_mirror 

#kickstart

#將寫好的啟動配置文件文件上傳至/var/lib/cobbler/kickstarts/CentOS7-7-x86_64.cfg目錄下，下面是我使用的配置文件，可以根據自身需求修改配置文件（這個中文注釋只是方便理解，在使用中的時候配置文件中不能有中文，需要全部刪除）

#System

#設置字符集格式
lang en_US.UTF-8 
#設置鍵盤類型
keyboard us 
#設置時區
timezone --utc Asia/Shanghai 
#Root密碼
rootpw --iscrypted $default_password_crypted
#text模式安裝
text
#告知安裝程序，這是一次全新安裝，而不是升級
install 
#通過cobbler安裝鏡像
url --url=$tree 
#bootloader安裝在mbr扇區（磁盤的0磁道0柱面1扇區前512字節，后64字節為分區信息，每個分區占16個字節）
bootloader --location=mbr
#清除mbr引導（清空引導扇區）
zerombr
#清空分區
clearpart --all --initlabel
#/boot分區
part /boot --fstype xfs --size 1024  --ondisk sda
#swap分區
part /swap --size 1024 --ondisk sda
#根分區
part / --fstype xfs --size 1 --grow --ondisk sda
#設置密碼格式
authconfig --enableshadow --passalgo=sha512
#網絡信息
$SNIPPET('network_config')
#重啟
reboot
#關閉防火牆
firewall --disabled
#關閉selinux
selinux --disabled
#不配置Xwindows
skipx
#安裝包信息
%pre
$SNIPPET('log_ks_pre')
$SNIPPET('kickstart_start')
$SNIPPET('pre_install_network_config')
$SNIPPET('pre_anamon')
%end

%packages
@ base
@ core
sysstat
iptraf
ntp
lrzsz
ncurses-devel
openssl=devel
zilb-devel
OpenIPMI-tools
mysql
nmap
screen
%end


%post
systemctl disabled postfix.service
%end

上傳了之后我們可以更新一下cobbler的默認配置文件(配置文件里面不能有中文，注釋也不能有中文，否則會配置文件讀取會出問題)

可以通過cobbler list命令查看

cobbler profile edit --name=CentOS7-x86_64 --kickstart=/var/lib/cobbler/kickstarts/CentOS7-7-x86_64.cfg

設置網卡名，因為在CentOS7之后網卡名會被命名為ens-XXXX的格式

cobbler profile edit --name=CentOS7-x86_64 --kopts='net.ifnames=0 biosdevname=0'

確認更新情況

cobbler profile report CentOS7-x86_64

cobbler sync 再次提交更新

可以查看下CentOS的啟動文件

 cat /var/lib/tftpboot/pxelinux.cfg/default 

 

 

 

 

 

 

cobbler(報錯)：

1.tftp TimeOut ：端口未開放
解決方法：systemctl stop firewalld systemctl disable firewalld

2./dev/root does not exist ：在安裝CentOS7的過程中會遇見這個問題，經過我查資料是（除了注釋里有中文或者配置文件中有中文）找不到鏡像目錄，指定目錄即可安裝

distro:主要用來定義某個發行版特有的或者特用的ramdisk和kernel的，該命令主要用於對distro進行增加，編輯，拷貝，查找，移除，重命名操作。

https://anaconda-installer.readthedocs.io/en/latest/boot-options.html?highlight=ksdevice我們在anaconda的官方文檔中看到的選項使用inst.repo=[http,https,ftp]://<host>/<path>指定鏡像目錄

cobbler distro edit --name=CentOS7-x86_64 --kopts="ksdevice= inst.repo=http://192.168.184.131/cblr/ks_mirror/CentOS7-x86_64/" --ksmeta="tree=http