利用cobbler自动安装系统

在centos7实现基于PXE安装centos6，7

安装dhcp、tftp、http、syslinux等相关服务

[root@node01 ~]#yum -y install dhcp httpd tftp-server syslinux

将光盘挂载到httpd共享目录下，将应答文件也放入其中
如果不知道应答文件如何制作，请移步至制作自动安装光盘和U盘篇了解

[root@node01 ~]#mount /dev/sr0 /app/httpd/htdocs/centos/6/os/x86_64
[root@node01 ~]#mkdir /app/httpd/htdocs/ksdir/{6,7} -p
[root@node01 ~]#cp ks6.cfg /app/httpd/htdocs/ksdir/6/
[root@node01 ~]#cp ks.cfg /app/httpd/htdocs/ksdir/7/

将启动需要的相关引导文件拷贝到tftpd的默认目录下

[root@node01 ~]#mkdir /var/lib/tftpboot/centos{6,7}
[root@node01 ~]#cp /app/httpd/htdocs/centos/7/os/x86_64/isolinux/{vmlinuz,initrd.img} /var/lib/tftpboot/centos7/
[root@node01 ~]#cp /app/httpd/htdocs/centos/6/os/x86_64/isolinux/{vmlinuz,initrd.img} /var/lib/tftpboot/centos6/
[root@node01 ~]#cp /usr/share/syslinux/{pxelinux.0,menu.c32} /var/lib/tftpboot
[root@node01 ~]#mkdir /var/lib/tftpboot/pxelinux.cfg
[root@node01 ~]#cp /app/httpd/htdocs/centos/7/os/x86_64/isolinux/isolinux.cfg /var/lib/tftpboot/pxelinux.cfg/default

最终tftp默认目录下的文件结构如下

[root@node01 ~]#tree /var/lib/tftpboot/
/var/lib/tftpboot/
├── centos6
│   ├── initrd.img
│   └── vmlinuz
├── centos7
│   ├── initrd.img
│   └── vmlinuz
├── menu.c32
├── pxelinux.0
└── pxelinux.cfg
    └── default

其中引导菜单default的内容如下

[root@node01 ~]#cat /var/lib/tftpboot/pxelinux.cfg/default 
default menu.c32
timeout 100

display boot.msg

menu title PXE Install CentOS

label linux
  menu label ^Auto install mini CentOS 7
  menu default
  kernel centos7/vmlinuz
  append initrd=centos7/initrd.img ks=http://192.168.34.108/ksdir/7/ks.cfg

label linux
  menu label ^Auto install mini CentOS 6
  kernel centos6/vmlinuz
  append initrd=centos6/initrd.img ks=http://192.168.34.108/ksdir/7/ks6.cfg

label local
  menu label Boot from ^local drive
  localboot 0xffff

dhcp配置文件中的子网分配如下

[root@node01 ~]#cat /etc/dhcp/dhcpd.conf
subnet 192.168.34.0 netmask 255.255.255.0 {
      range 192.168.34.10 192.168.34.90;
      option routers 192.168.34.1;
      option domain-name-servers 8.8.8.8;
      next-server 192.168.34.108;
      filename "pxelinux.0";
}

开启dhcp服务和tftp服务

[root@node01 ~]#systemctl start dhcp tftpd.socket

此时，在新建助理上就可以实现基于http的自动安装

利用cobbler制作自动安装centos

安装cobbler

[root@node01 ~]#yum -y install cobbler

启动cobbler等相关服务

[root@node01 ~]#systemctl start httpd tftp.socket dhcpd cobblerd

执行cobbler检查

[root@node01 ~]#cobbler check
The following are potential configuration items that you may want to fix:

1 : The 'server' field in /etc/cobbler/settings must be set to something other than localhost, or kickstarting features will not work.  This should be a resolvable hostname or IP for the boot server as reachable by all machines that will use it.
2 : For PXE to be functional, the 'next_server' field in /etc/cobbler/settings must be set to something other than 127.0.0.1, and should match the IP of the boot server on the PXE network.
3 : change 'disable' to 'no' in /etc/xinetd.d/tftp
4 : Some network boot-loaders are missing from /var/lib/cobbler/loaders, you may run 'cobbler get-loaders' to download them, or, if you only want to handle x86/x86_64 netbooting, you may ensure that you have installed a *recent* version of the syslinux package installed and can ignore this message entirely.  Files in this directory, should you want to support all architectures, should include pxelinux.0, menu.c32, elilo.efi, and yaboot. The 'cobbler get-loaders' command is the easiest way to resolve these requirements.
5 : enable and start rsyncd.service with systemctl
6 : debmirror package is not installed, it will be required to manage debian deployments and repositories
7 : The default password used by the sample templates for newly installed machines (default_password_crypted in /etc/cobbler/settings) is still set to 'cobbler' and should be changed, try: "openssl passwd -1 -salt 'random-phrase-here' 'your-password-here'" to generate new one
8 : fencing tools were not found, and are required to use the (optional) power management features. install cman or fence-agents to use them

Restart cobblerd and then run 'cobbler sync' to apply changes.

根据check的提示信息修改cobbler配置文件，并执行相关动作
配置文件需要修改的内容为

		
default_password_crypted: "$1$3BMeiH.s$mtrUL/wNANnV7z1QUduwU0"   #更改默认root密码
server: 192.168.34.17 	#修改cobbler服务器地址，以使客户端能够连接，默认127.0.0.1别的主机无法连接
next_server: 192.168.34.17   	#指定tftp服务器地址
manage_dhcp: 1 	#允许cobbler管理tftp的配置文件，此时要配合修改/etc/cobbler/dhcp.template

修改完之后，执行动作使cobbler从github自动下载启动菜单

[root@node01 ~]#cobbler get-loaders  #如果节点不能访问互联网，需要安装syslinux包，然后复制/usr/share/syslinux/{pxelinux.0,memu.c32}等文件至/var/lib/cobbler/loaders/目录中

导入光盘镜像

[root@node01 ~]#cobbler import --path=/app/httpd/htdocs/centos/7/os/x86_64/ --name=centos-7.5-x86_64 --arch=x86_64

向cobbler导入应答文件

[root@node01 ~]#cp ks.cfg /var/lib/cobbler/kickstarts/
[root@node01 ~]#cobbler profile add --name=centos7.5-x86_64_mini --distro=centos7.5-x86_64 --kickstart=/var/lib/cobbler/kickstarts/ks.cfg

此时查看cobbler的引导文件中的菜单项会多出一项刚才添加的选项

		[root@node01 ~]#cat /var/lib/tftpboot/pxelinux.cfg/default 
DEFAULT menu
PROMPT 0
MENU TITLE Cobbler | http://cobbler.github.io/
TIMEOUT 200
TOTALTIMEOUT 6000
ONTIMEOUT local

LABEL local
        MENU LABEL (local)
        MENU DEFAULT
        LOCALBOOT -1

LABEL centos-6.10-x86_64
        kernel /images/centos-6.10-x86_64/vmlinuz
        MENU LABEL centos-6.10-x86_64
        append initrd=/images/centos-6.10-x86_64/initrd.img ksdevice=bootif lang=  kssendmac text  ks=http://192.168.34.108/cblr/svc/op/ks/profile/centos-6.10-x86_64
        ipappend 2

LABEL centos-7.5-x86_64
        kernel /images/centos-7.5-x86_64/vmlinuz
        MENU LABEL centos-7.5-x86_64
        append initrd=/images/centos-7.5-x86_64/initrd.img ksdevice=bootif lang=  kssendmac text  ks=http://192.168.34.108/cblr/svc/op/ks/profile/centos-7.5-x86_64
        ipappend 2

LABEL centos7.5-x86_64
        kernel /images/centos7.5-x86_64/vmlinuz
        MENU LABEL centos7.5-x86_64
        append initrd=/images/centos7.5-x86_64/initrd.img ksdevice=bootif lang=  kssendmac text  ks=http://192.168.34.108/cblr/svc/op/ks/profile/centos7.5-x86_64
        ipappend 2

LABEL centos7.5-x86_64_mini
        kernel /images/centos7.5-x86_64/vmlinuz
        MENU LABEL centos7.5-x86_64_mini
        append initrd=/images/centos7.5-x86_64/initrd.img ksdevice=bootif lang=  kssendmac text  ks=http://192.168.34.108/cblr/svc/op/ks/profile/centos7.5-x86_64_mini
        ipappend 2



MENU end

查看cobbler distro列表

[root@node01 ~]#cobbler distro list

查看cobbler profile列表

[root@node01 ~]#cobbler profile list

同步cobbler配置

[root@node01 ~]#cobbler sync

此时，就可以在一个干净机器上基于http安装系统。

cobbler目录介绍

配置文件目录 /etc/cobbler

/etc/cobbler/settings : cobbler 主配置文件
/etc/cobbler/iso/: iso模板配置文件
/etc/cobbler/pxe: pxe模板文件
/etc/cobbler/power: 电源配置文件
/etc/cobbler/user.conf: web服务授权配置文件
/etc/cobbler/users.digest: web访问的用户名密码配置文件
/etc/cobbler/dhcp.template : dhcp服务器的的配置末班
/etc/cobbler/dnsmasq.template : dns服务器的配置模板
/etc/cobbler/tftpd.template : tftp服务的配置模板
/etc/cobbler/modules.conf : 模块的配置文件

数据目录

/var/lib/cobbler/config/: 用于存放distros，system，profiles 等信息配置文件
/var/lib/cobbler/triggers/: 用于存放用户定义的cobbler命令
/var/lib/cobbler/kickstart/: 默认存放kickstart文件
/var/lib/cobbler/loaders/: 存放各种引导程序

镜像目录

/var/www/cobbler/ks_mirror/: 导入的发行版系统的所有数据
/var/www/cobbler/images/ : 导入发行版kernel和initrd镜像用于远程网络启动
/var/www/cobbler/repo_mirror/: yum 仓库存储目录

日志目录

/var/log/cobbler/installing: 客户端安装日志
/var/log/cobbler/cobbler.log : cobbler日志

cobbler命令介绍

cobbler check 核对当前设置是否有问题
cobbler list 列出所有的cobbler元素
cobbler report 列出元素的详细信息
cobbler sync 同步配置到数据目录,更改配置最好都要执行下
cobbler reposync 同步yum仓库
cobbler distro 查看导入的发行版系统信息
cobbler system 查看添加的系统信息
cobbler profile 查看配置信息

cobbler重要参数

/etc/cobbler/settings中重要的参数设置

default_password_crypted: "$1$gEc7ilpP$pg5iSOj/mlxTxEslhRvyp/"
manage_dhcp：1
manage_tftpd：1
pxe_just_once：1
next_server：< tftp服务器的 IP 地址>
server：<cobbler服务器的 IP 地址>

cobbler的web管理实现

安装cobbler-web

[root@node01 ~]#yum -y install cobbler-web

重启httpd服务

[root@node01 ~]#systemctl reload httpd

此时在浏览器就可以以可视化方式配置cobbler，并实现自动安装系统

用浏览器配置cobbler需要用户和口令，安装cobbler-web会自带一个用户cobbler，密码也是cobbler。也可以自己添加用户。

[root@node01 ~]#htdigest /etc/cobbler/users.digest Cobbler username

也可以更改cobbler用户验证方式，使用系统账户管理cobbler-web
验证方式在/etc/cobbler/modules.conf中修改

[authentication]
module = authn_pam

在系统中新建用户用户登录cobbler

[root@node01 ~]#useradd -s /sbin/nologin cobbleradmin
[root@node01 ~]#echo "centos"|passwd --stdin cobbleradmin

将用户信息添加到/etc/cobbler/users.conf中

[root@node01 ~]#sed -n '/^[^#]/p' /etc/cobbler/users.conf 
[admins]
admin = "cobbleradmin"
cobbler = ""

此时，就可以使用此系统用户登录管理cobbler