RockyLinux8部署cobbler3.2
1. Kickstart命令
2. 参考
https://blog.51cto.com/u_15131458/3183699
https://www.eeboke.com/909.html
https://blog.csdn.net/QWQ45597316/article/details/126305102
windows:
https://zhuanlan.zhihu.com/p/465473984
https://anjia0532.github.io/2019/02/22/cobbler-win10-win-server-2019/
ubuntu
https://blog.csdn.net/xztjhs/article/details/127199176
3. 环境
Cobbler=3.2
Linux=RockyLinux-8.6
#客户端测试环境
Linux=RockyLinux-8.6
Linux=CentOS-7.9
#镜像
官方完整版镜像
4. 关闭防火墙和selinux
setenforce 0
sed -i 's/^SELINUX=.*/SELINUX=disabled/' /etc/selinux/config
systemctl disable --now firewalld
5. 安装依赖包及Cobbler3.2
yum install epel-release -y
yum module list | grep cobbler
dnf module enable cobbler:3 -y
yum install rsync rsync-daemon httpd dhcp-server tftp tftp-server cobbler cobbler-web pykickstart vim grub2-* yum-utils syslinux* -y
systemctl enable --now cobblerd httpd rsyncd tftp
6. 配置Cobbler文件
sed -i.bak 's/^server: 127.0.0.1/server: 192.168.1.10/' /etc/cobbler/settings.yaml
sed -i "s#next_server: 127.0.0.1#next_server: 192.168.1.10#" /etc/cobbler/settings.yaml
sed -i "s#manage_dhcp: false#manage_dhcp: true#" /etc/cobbler/settings.yaml
#生成默认系统root密码
openssl passwd -1 -salt "$RANDOM" 'root'
vim /etc/cobbler/settings.yaml
....
default_password_crypted: "$1$20982$uHkwNZPwK6e4cbNUT8uZR0"
....
#验证修改
egrep '^server:|^next_server|^manage_dhcp|^default_password_' /etc/cobbler/settings.yaml
'''
default_password_crypted: "$1$21717$gDXxvBDSMXl51QWlPtZ9S."
manage_dhcp: true
next_server: 192.168.1.10
server: 192.168.1.10
'''
7. 配置DHCP服务摸版
vim /etc/cobbler/dhcp.template
...
subnet 192.168.1.0 netmask 255.255.255.0 { //修改此处网段
option routers 192.168.1.2; //修改此处网关
option domain-name-servers 114.114.114.114; //修改此处dns
option subnet-mask 255.255.255.0;
range dynamic-bootp 192.168.1.100 192.168.1.100; //地址池
default-lease-time 21600; max-lease-time 43200; next-server $next_server;
....
7.1 配置DNSMASQ服务摸版(如使用dnsmasq服务配置,替代默认dhcp)
vim /etc/cobbler/dnsmasq.template
...
# Cobbler generated configuration file for dnsmasq
# $date
#
# resolve.conf .. ?
#no-poll
#enable-dbus
read-ethers
addn-hosts = /var/lib/cobbler/cobbler_hosts
dhcp-range=10.39.177.10,10.39.177.250,255.255.255.0,12h #内网如果已经有DHCP服务器的地址池,代理DHCP服务器地址池.
dhcp-option=option:router,10.39.177.254 #该网段DHCP服务器IP地址,代理DHCP的IP地址.
#dhcp-range=192.168.1.5,192.168.1.200
#dhcp-option=66,$next_server
dhcp-lease-max=1000
dhcp-authoritative
#dhcp-boot=pxelinux.0
#dhcp-boot=net:normalarch,pxelinux.0
dhcp-boot=grub/grubx64.efi # 修改此处
dhcp-boot=net:x86_64,grub/grubx64.efi #修改此处
tftp-root=/var/lib/tftpboot # 增加该行
$insert_cobbler_system_definitions
...
7.2 启用dnsmasq
vim /etc/cobbler/modules.conf
...
[dhcp]
#module = managers.isc # 注释默认
module = managers.dnsmasq # 启用dnsmasq
...
8. 检查当前cobbler配置
#重启服务
systemctl restart cobblerd httpd rsyncd tftp
#检查
cobbler check
'''
The following are potential configuration items that you may want to fix:
1: some network boot-loaders are missing from /var/lib/cobbler/loaders. If you only want to handle x86/x86_64 netbooting, you may ensure that you have installed a *recent* version of the syslinux package installed and can ignore this message entirely. Files in this directory, should you want to support all architectures, should include pxelinux.0, menu.c32, and yaboot.
2: debmirror package is not installed, it will be required to manage debian deployments and repositories
3: fencing tools were not found, and are required to use the (optional) power management features. install cman or fence-agents to use them
Restart cobblerd and then run 'cobbler sync' to apply changes.
'''
#问题1,需要引导文件:
yum install syslinux* -y
cp /usr/share/syslinux/{menu.c32,pxelinux.0,libutil.c32,ldlinux.c32} /var/lib/cobbler/loaders/
ls /var/lib/cobbler/loaders/
'''
ldlinux.c32 libutil.c32 menu.c32 pxelinux.0
'''
#问题2和问题3可以忽略
因为是debian系统才需要解决;
debian系统解决办法安装 fence-agents;
9. 同步Cobbler配置
cobbler sync
#看到这个即为成功同步
'''
....
shell triggers finished successfully
*** TASK COMPLETE ***
'''
10. 导入镜像
需提前上传完整版RockyLinux8.6镜像到服务器.
#创建镜像挂载目录
mkdir -p /Rocky86
#挂载镜像
mount -t iso9660 -o loop,ro /iso/Rocky-8.6-x86_64-dvd1.iso /Rocky86
#导入镜像
cobbler import --path=/Rocky86/ --name=Rocky86 --arch=x86_64
#看到这个结果即为成功
'''
cobbler import --path=/Rocky86/ --name=Rocky86 --arch=x86_64
....
*** TASK COMPLETE ***
'''
#--path: 镜像路径
#--name: 为安装源定义一个名字
#--arch: 指定安装源是 32 位、64 位、ia64, 目前支持的选项有: x86│x86_64│ia64
#安装源的唯一标示就是根据 name 参数来定义,本例导入成功后,安装源的唯一标示就是:Rocky86-x86_64,如果重复,系统会提示导入失败.
#查看导入镜像
cobbler list
'''
distros:
Rocky86-x86_64 #镜像
profiles:
Rocky86-x86_64 #配置文件
...
'''
#查看导入镜像详细信息
cobbler distro report --name Rocky86-x86_64
11. 创建kickstarts自动安装脚本
ks模板脚本默认文件存放在/var/lib/cobbler/templates/
cd /var/lib/cobbler/templates/
#生成模板文件
cobbler profile get-autoinstall --name Rocky86-x86_64 > rocky86.ks
#修改生成的模板文件,如下:
vim rocky86.ks
'''
authselect --useshadow --enablemd5
bootloader --location=mbr --boot-drive=sda
clearpart --all --initlabel --drives=sda
text
firewall --disabled
services --disabled=firewall
firstboot --disable
keyboard us
lang en_US
url --url=$tree
repo --name=source-1 --baseurl=http://192.168.1.10/cobbler/distro_mirror/Rocky86-x86_64/BaseOS
repo --name=source-2 --baseurl=http://192.168.1.10/cobbler/distro_mirror/Rocky86-x86_64/Minimal
network --bootproto=dhcp --device=eth0 --onboot=on
network --hostname=ksInstallLinux
reboot
rootpw --iscrypted $1$32090$Z9bo6zoIURFVMsJydfw.L/
selinux --disabled
skipx
timezone Asia/Shanghai
zerombr
ignoredisk --only-use=sda
reqpart
part /boot --fstype=xfs --size=1024
part / --fstype=ext4 --grow
%packages
@^minimal-environment
%end
'''
#验证目录下的ks文件语法是否有误(/var/lib/cobbler/templates/)
cobbler validate-autoinstalls
'''
running python triggers from /var/lib/cobbler/triggers/task/validate_autoinstall_files/pre/*
running shell triggers from /var/lib/cobbler/triggers/task/validate_autoinstall_files/pre/*
shell triggers finished successfully
*** TASK COMPLETE *** //说明无误
'''
#修改profile,将我们新建的ks文件设为默认的kickstarts安装文件,修改网卡名称.
cobbler profile edit --name Rocky86-x86_64 --kernel-options='net.ifnames=0 biosdevname=0' --autoinstall rocky86.ks
#导入镜像时也可以导入模板
cobbler import --path=/Rocky86/ --name=Rocky86 --arch=x86_64 --kernel-options='net.ifnames=0 biosdevname=0' --autoinstall rocky86.ks
cobbler profile report --name Rocky86-x86_64
'''
Name : Rocky86-x86_64
Automatic Installation Template : rocky86.ks //说明成功
Automatic Installation Metadata : {}
TFTP Boot Files : {}
Comment :
DHCP Tag : default
Distribution : Rocky86-x86_64
Enable gPXE? : False
Enable PXE Menu? : True
Fetchable Files : {}
DHCP Filename Override : <<inherit>>
Kernel Options : {'net.ifnames': '0', 'biosdevname': '0'} //说明成功
Kernel Options (Post Install) : {}
Management Classes : []
....
'''
#重新同步cobbler
cobbler sync
'''
...
shell triggers finished successfully
*** TASK COMPLETE *** //说明成功
'''
# 重启所有相关服务
systemctl restart httpd cobblerd rsyncd dhcpd
12. 配置UEFI引导自动安装
#执行时会有报错 但不影响
bash /usr/share/cobbler/bin/mkgrub.sh
'''
+ grub2-mkimage -O arm64-efi -o /var/lib/cobbler/loaders/grub/grubaa64.efi --prefix= all_video boot cat configfile echo true font gfxmenu gfxterm gzio halt iso9660 jpeg minicmd normal part_apple part_msdos part_gpt password_pbkdf2 png reboot search search_fs_uuid search_fs_file search_label sleep test video fat loadenv linux btrfs ext2 xfs jfs reiserfs tftp http luks gcry_rijndael gcry_sha1 gcry_sha256 mdraid09 mdraid1x lvm serial regexp tr efinet
+ set +x
+ grub2-mkimage -O i386-pc-pxe -o /var/lib/cobbler/loaders/grub/grub.0 --prefix= all_video boot cat configfile echo true font gfxmenu gfxterm gzio halt iso9660 jpeg minicmd normal part_apple part_msdos part_gpt password_pbkdf2 png reboot search search_fs_uuid search_fs_file search_label sleep test video fat loadenv linux btrfs ext2 xfs jfs reiserfs tftp http luks gcry_rijndael gcry_sha1 gcry_sha256 mdraid09 mdraid1x lvm serial regexp tr chain pxe biosdisk
+ set +x
+ grub2-mkimage -O powerpc-ieee1275 -o /var/lib/cobbler/loaders/grub/grub.ppc64le --prefix= all_video boot cat configfile echo true font gfxmenu gfxterm gzio halt iso9660 jpeg minicmd normal part_apple part_msdos part_gpt password_pbkdf2 png reboot search search_fs_uuid search_fs_file search_label sleep test video fat loadenv linux btrfs ext2 xfs jfs reiserfs tftp http luks gcry_rijndael gcry_sha1 gcry_sha256 mdraid09 mdraid1x lvm serial regexp tr net ofnet
grub2-mkimage: error: cannot open `/usr/lib/grub/powerpc-ieee1275/moddep.lst': No such file or directory.
+ set +x
+ grub2-mkimage -O x86_64-efi -o /var/lib/cobbler/loaders/grub/grubx64.efi --prefix= all_video boot cat configfile echo true font gfxmenu gfxterm gzio halt iso9660 jpeg minicmd normal part_apple part_msdos part_gpt password_pbkdf2 png reboot search search_fs_uuid search_fs_file search_label sleep test video fat loadenv linux btrfs ext2 xfs jfs reiserfs tftp http luks gcry_rijndael gcry_sha1 gcry_sha256 mdraid09 mdraid1x lvm serial regexp tr chain efinet
+ set +x
'''
#配置因为文件做出改变,所以需要同步
cobbler sync
13. 修改PXE grub菜单
vim /var/lib/tftpboot/grub/grub.cfg
cat /var/lib/tftpboot/grub/grub.cfg
'''
#-------------------------------------------------------------------------------
# Set defaults (is re-set by machine specific configuration file)
#-------------------------------------------------------------------------------
set arch='x86_64'
set hostname='dummy'
set system='dummy'
set lang=en
set serial_console=false
set serial_baud=115200
set serial_line=0
set k_console=""
set local_boot_file=""
set kernel_options=""
#调整超时时间10秒
set timeout=10
#调整默认安装系统
set default='Rocky86-x86_64'
set gfxpayload=text
....
'''
#!!!执行cobbler sync都会覆盖此文件!!!
14. 虚拟机客户端安装注意
#测试UEFI需要将虚拟机设置成UEFI启动方式;
#虚拟机大小为2核4G;
15. Cobbler配置文件说明
部分
/etc/cobbler #配置文件目录
/etc/cobbler/boot_loader_conf #pxe模板配置文件
/etc/cobbler/dhcp.template #dhcp目录
# 数据文件目录
/var/lib/cobbler/loaders #各种引导文件
/var/lib/cobbler/scripts #脚本文件
/var/lib/cobbler/templates #存放kickstart文件目录
# 日志目录
/var/log/cobbler
其他
#ubuntu18.04参考
#引导文件
https://cdimage.ubuntu.com/netboot/
#出现CD-ROM错误,解决.从ISO里拷贝出来覆盖.
cp /Ubuntu1804/install/netboot/ubuntu-installer/amd64/initrd.gz /var/lib/tftpboot/images/Ubuntu1804-x86_64/
'''
d-i auto-install/enable boolean true
d-i debconf/priority string critical
# 语言
d-i debian-installer/locale string en_US
d-i localechooser/supported-locales multiselect en_US.UTF-8
# 键盘
d-i console-setup/ask_detect boolean false
d-i keyboard-configuration/xkb-keymap select us
d-i keyboard-configuration/toggle select No toggling
d-i keyboard-configuration/layoutcode string us
d-i keyboard-configuration/variantcode string
# 网络设置
d-i netcfg/choose_interface select auto
#d-i netcfg/get_hostname string ksIinstallLinux
d-i netcfg/hostname string ksIinstallLinux
d-i netcfg/enable boolean true
d-i netcfg/disable_dhcp boolean false
d-i netcfg/dhcp_timeout string 5
d-i netcfg/disable_autoconfig boolean false
d-i netcfg/dhcp_failed note
# 时间同步
d-i time/zone string Asia/Shanghai
d-i clock-setup/utc boolean false
d-i clock-setup/ntp boolean false
d-i clock-setup/ntp-server string ntp.ubuntu.com
# 国家
d-i mirror/country string manual
# 安装源
d-i mirror/http/hostname string $http_server
d-i mirror/http/directory string $install_source_directory
d-i mirror/http/proxy string
d-i live-installer/net-image string http://$http_server/cobbler/links/$distro_name/install/filesystem.squashfs
# 分区
d-i partman/choose_partition select finish
d-i partman/confirm boolean true
d-i partman/confirm_nooverwrite boolean true
d-i partman-auto/disk string /dev/sda
d-i partman-auto/method string regular
d-i partman-auto/choose_recipe select fsm
d-i partman-md/device_remove_md boolean true
d-i partman-auto/expert_recipe string \
fsm :: \
1024 1024 1024 ext4 method{ format } \
mountpoint{ /boot } \
format{ } use_filesystem{ } filesystem{ ext4 } \
options/relatime{ relatime } \
. \
500 500 500 vfat method{ efi } \
mountpoint{ /boot/efi } format{ } \
. \
10240 100000 -1 ext4 method{ format } \
mountpoint{ / } \
format{ } use_filesystem{ } filesystem{ ext4 } \
options/relatime{ relatime } \
.
d-i partman-partitioning/confirm_write_new_label boolean true
### GPT (大于2T硬盘,强制使用GPT)
d-i partman-basicfilesystems/choose_label string gpt
d-i partman-basicfilesystems/default_label string gpt
d-i partman-partitioning/choose_label string gpt
d-i partman-partitioning/default_label string gpt
d-i partman/choose_label string gpt
d-i partman/default_label string gpt
### EFI (使用UEFI引导)
d-i partman-efi/non_efi_system boolean true
### Grub (安装grub)
d-i grub-installer/only_debian boolean true
d-i grub-installer/with_other_os boolean true
d-i grub-installer/bootdev string /dev/nvme0n1
### Base system installation (安装linux-generic基础内核)
d-i base-installer/install-recommends boolean true
d-i base-installer/kernel/image string linux-generic
# 账号
d-i passwd/root-login boolean true
d-i passwd/root-password-crypted password $1$16151$b36Qe4tdnIqVnaWU/6ZxF.
d-i passwd/make-user boolean false
# 安装软件
tasksel tasksel/first multiselect none
d-i pkgsel/include string ssh wget
#d-i debian-installer/add-kernel-opts string $kernel_options_post
d-i debian-installer/add-kernel-opts string net.ifnames=0 biosdevname=0
d-i finish-install/reboot_in_progress note
# 安装前
#d-i preseed/early_command string wget -O- http://$http_server/cblr/svc/op/script/$what/$name/?script=preseed_early_default | /bin/sh -s
# 安装后
#d-i preseed/late_command string wget -O- http://$http_server/cblr/svc/op/script/$what/$name/?script=preseed_late_default | chroot /target /bin/sh -s
'''
# PXE(grub efi)部署Ubuntu18.04问题总结
1、HP默认只配置了第1个网卡和第1个光纤 PXE启动
解决:可在BIOS手动开启
2、Ubuntu ISO要使用非live版(官网默认为live版,live多了试用功能,PXE要使用非live版)
3、使用的grub EFI技术
4、Ubuntu PXE netcfg/choose_interface=auto不起作用,是个bug(只认第1个网卡,换网卡或光纤就不认),多年了一直没修复
解决:可通过写死网卡名或手动选择网卡
5、PXE安装比挂载ISO安装少了很多默认库,需要手动补上
6、windows的DHCP没有option routers 网关ip项,Linux版有,当写死网卡名从windows dhcp获取ip会没有网关,需要这个的话可以使用linux版
7、DHCP Server跨网段时需要网络在网关上配置中继(同网段不用)
8、Ubuntu ISO里的dists、pool目录在可PXE时充当软件源(比如服务器网络不联网时)
9、PXE preseed文件只能设置系统分区,当多个分区时(sdb、sdc等)只能通过脚本初始化、格式化、mount
10、HP默认有开启SD slot,会占掉sda分区,就是装出的系统没有sda,当1个阵列时是sdb、sdc的顺序,当有多个阵列卡时是sdc、sdd(1个阵列)、sdb(另1个阵列)顺序