cobbler无人值守安装

自动化安装系统

前言

作为中小公司的运维,经常会遇到一些机械式的重复工作,例如:有时公司同时上线几十甚至上百台服务器,而且需要我们在短时间内完成系统安装。

 

常规的办法有什么?

 光盘安装系统===>一个服务器DVD内置光驱百千块,百台服务器都配光驱就浪费了,因为一台服务器也就开始装系统能用的上,以后用的机会屈指可数。用USB外置光驱,插来插去也醉了。

 

U盘安装系统===>还是同样的问题,要一台一台服务器插U盘。

 

 网络安装系统(ftp,http,nfs) ===>这个方法不错,只要服务器能联网就可以装系统了,但还是需要一台台服务器去敲键盘点鼠标。时刻想偷懒的我们,有没有更好的方法!

 

高逼格的方法:

 Kickstart

 Cobbler

我们今天,接下来我们就看看是如何实现linux系统批量自动安装

 

 

 

 

 Cobbler介绍

 Cobbler是一个Linux服务器安装的服务,可以通过网络启动(PXE)的方式来快速安装、重装物理服务器和虚拟机,同时还可以管理DHCP,DNS等。

 Cobbler可以使用命令行方式管理,也提供了基于Web的界面管理工具(cobbler-web),还提供了API接口,可以方便二次开发使用。

 Cobbler是较早前的kickstart的升级版,优点是比较容易配置,还自带web界面比较易于管理。

 

 

 Cobbler集成的服务

  • PXE服务支持
  • DHCP服务管理
  • DNS服务管理(可选bind,dnsmasq)
  • 电源管理
  • Kickstart服务支持
  • YUM仓库管理
  • TFTP(PXE启动时需要)
  • Apache(提供kickstart的安装源,并提供定制化的kickstart配置)

 

 

 部署cobbler

 环境准备

[root@m02 ~]# cat /etc/redhat-release 
CentOS Linux release 7.2.1511 (Core) 
[root@m02 ~]# uname -r
3.10.0-327.el7.x86_64
[root@m02 ~]# getenforce 
Disabled
[root@m02 ~]# systemctl status firewalld.service 
● firewalld.service - firewalld - dynamic firewall daemon
   Loaded: loaded (/usr/lib/systemd/system/firewalld.service; disabled; vendor preset: enabled)
   Active: inactive (dead)
[root@m02 ~]# hostname -I
10.0.0.62 172.16.1.62

curl -o /etc/yum.repos.d/CentOS-Base.repo http://mirrors.aliyun.com/repo/Centos-7.repo
wget -O /etc/yum.repos.d/epel.repo http://mirrors.aliyun.com/repo/epel-7.repo
优化yum源

 

 

 安装cobbler

yum -y install cobbler cobbler-web dhcp tftp-server pykickstart httpd python-django
systemctl start cobblerd.service 
systemctl start httpd.service

执行 cobbler check  #照提示一个一个修正。


[root@Cobbler ~]# systemctl start cobblerd.service 
[root@Cobbler ~]# systemctl start httpd.service 
[root@Cobbler ~]# 
[root@Cobbler ~]# cobbler check
The following are potential configuration items that you may want to fix:

1 : The 'server' field in /etc/cobbler/settings must be set to something other than localhost, or kickstarting features will not work.  This should be a resolvable hostname or IP for the boot server as reachable by all machines that will use it.   在/etc/cobbler/settings中的server配置需要修改,将127.0.0.1修改为172.16.1.202


2 : For PXE to be functional, the 'next_server' field in /etc/cobbler/settings must be set to something other than 127.0.0.1, and should match the IP of the boot server on the PXE network.    在/etc/cobbler/settings中的next_server配置需要修改,将127.0.0.1修改为172.16.1.202


3 : change 'disable' to 'no' in /etc/xinetd.d/tftp  将tftp交给xinetd管理,但是在CentOS7不使用


4 : Some network boot-loaders are missing from /var/lib/cobbler/loaders, you may run 'cobbler get-loaders' to download them, or, if you only want to handle x86/x86_64 netbooting, you may ensure that you have installed a *recent* version of the syslinux package installed and can ignore this message entirely.  Files in this directory, should you want to support all architectures, should include pxelinux.0, menu.c32, elilo.efi, and yaboot. The 'cobbler get-loaders' command is the easiest way to resolve these requirements.

通过cobbler get-loaders下载所有需要的网络启动文件

5 : enable and start rsyncd.service with systemctl     启动rsync服务
6 : debmirror package is not installed, it will be required to manage debian deployments and repositories
7 : The default password used by the sample templates for newly installed machines (default_password_crypted in /etc/cobbler/settings) is still set to 'cobbler' and should be changed, try: "openssl passwd -1 -salt 'random-phrase-here' 'your-password-here'" to generate new one   安装完系统root密码,默认cobbler,需要修改
8 : fencing tools were not found, and are required to use the (optional) power management features. install cman or fence-agents to use them

Restart cobblerd and then run 'cobbler sync' to apply changes.


sed -i 's/server: 127.0.0.1/server: 172.16.1.202/' /etc/cobbler/settings
sed -i 's/next_server: 127.0.0.1/next_server: 172.16.1.202/' /etc/cobbler/settings
sed -i 's#yes#no#' /etc/xinetd.d/tftp
#防止误重装
sed -i 's/pxe_just_once: 0/pxe_just_once: 1/' /etc/cobbler/settings
#配置Cobbler统一管理DHCP
sed -i 's/manage_dhcp: 0/manage_dhcp: 1/' /etc/cobbler/settings
# 配置DHCP Cobbler模版
sed -i.ori 's#192.168.1#172.16.1#g;22d;23d' /etc/cobbler/dhcp.template
# 设置root密码
sed -ri "/default_password_crypted/s#(.*: ).*#\1\"`openssl passwd -1 -salt 'oldboy' '123456'`\"#" /etc/cobbler/settings

启动服务 同步配置
systemctl start rsyncd                           启动rsync服务
systemctl start tftp.socket                      启动tftp服务
systemctl restart cobblerd                       重新启动cobbler服务
systemctl enable tftp.socket httpd cobblerd   rsyncd   加入开机自启动
cobbler sync  --刷新配置文件

   至此服务器上配置完成,接下来web操作cobbler

https://10.0.0.202/cobbler_web   账号秘密均为cobbler cobbler

 

 

 

 webcobbler

rsync同步系统镜像

 

 

 

 

mount /dev/cdrom /mnt/  挂载镜像

 

 

 

 

 

本质上就是调用rsync /mnt镜像同步到/var/www/cobbler/ks_mirror/CentOS7.2-x86_64目录

[root@Cobbler ~]# cd  /var/www/cobbler/ks_mirror/
 [root@Cobbler ks_mirror]# ls
CentOS7.2-x86_64  config
[root@Cobbler ks_mirror]# du -sh CentOS7.2-x86_64/
4.2G    CentOS7.2-x86_64/

 

 

镜像已经有了

 

 

 

 

 定制ks文件

 

 

 

 

ks文件下载地址

链接:https://pan.baidu.com/s/1yZNYzBIEHo7XePqt1iaRZg
提取码:8o1i

 

 

 

 使用KS文件

 

上面是添加成功,指定一下使用定制KS文件,并修改网卡名称

 

 

 

 

 

 指定IP地址

 

 

 

 

 

 

 

 

 

 

设置完成后左上  Save保存

 

 

 

 

 

 最后刷新配置

 

 

 

完成添加镜像编写KS文件,设置IP地址最后Sync 刷新一下配置,就可以开电源装系统

 

 

 

FAQ:

selinux没有关闭

[root@cobbler ~]# cobbler check
httpd does not appear to be running and proxying cobbler, or SELinux is in the way. Original traceback:
Traceback (most recent call last):
  File "/usr/lib/python2.7/site-packages/cobbler/cli.py", line 251, in check_setup
    s.ping()
  File "/usr/lib64/python2.7/xmlrpclib.py", line 1233, in __call__
    return self.__send(self.__name, args)
  File "/usr/lib64/python2.7/xmlrpclib.py", line 1587, in __request
    verbose=self.__verbose
  File "/usr/lib64/python2.7/xmlrpclib.py", line 1273, in request
    return self.single_request(host, handler, request_body, verbose)
  File "/usr/lib64/python2.7/xmlrpclib.py", line 1321, in single_request
    response.msg,
ProtocolError: <ProtocolError for 127.0.0.1:80/cobbler_api: 503 Service Unavailable>

 

解决:

setenforce  0  && sed '7s#enforcing#disabled#g' /etc/selinux/config -i 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

posted @ 2018-11-08 16:29  LiShiChao  阅读(607)  评论(0编辑  收藏  举报