好久没写过博客了,上来撸一篇。。。。 最近在看K8s,刚好机房环境里需要加个cobbler 装机系统,便有了下面的折腾
环境:原有cobbler几台(因有多个机房,故有多个cobbler) 需求:新机房需要cobbler 自动装机系统
先做个cobbler2.8的镜像(为什么用2.8版本?2.6版本安装exsi会报错)
docker file 参照https://github.com/jasonlix5/docker-cobbler 修改
FROM bd2fd3afdba2
ADD cobbler-* /
ADD entrypoint.sh /entrypoint.sh
ADD supervisord.d/conf.ini /etc/supervisord.d/conf.ini
RUN yum localinstall cobbler-2.8.0-4.el7.x86_64.rpm cobbler-web-2.8.0-4.el7.noarch.rpm -y && yum install tftp-server dhcp supervisor -y && yum clean a
ll && rm -rf /var/cache/yum/* /tmp/*
CMD /entrypoint.sh
其中bd2fd3afdba2是我自己的centos7镜像,需要更改为自己环境的镜像 ,比如官方的镜像
cat entrypoint.sh
#!/bin/sh
set -ex
if [ ! $SERVER_IP ]
then
echo "Please use $SERVER_IP set the IP address of the need to monitor."
exit 1
elif [ ! $DHCP_RANGE ]
then
echo "Please use $DHCP_RANGE set up DHCP network segment."
exit 1
elif [ ! $NEXT_SERVER ]
then
echo "Please use $NEXT_SERVER set TFTP PXE booting ."
exit 1
elif [ ! $ROOT_PASSWORD ]
then
echo "Please use $ROOT_PASSWORD set the root password."
exit 1
elif [ ! $DHCP_SUBNET ]
then
echo "Please use $DHCP_SUBNET set the dhcp subnet."
exit 1
elif [ ! $DHCP_ROUTER ]
then
echo "Please use $DHCP_ROUTER set the dhcp router."
exit 1
elif [ ! $DHCP_DNS ]
then
echo "Please use $DHCP_DNS set the dhcp dns."
exit 1
elif [ ! $COBBLER_MASTER ]
then
echo "Please use $COBBLER_MASTER set the cobbler master to rsync."
exit 1
else
PASSWORD=`openssl passwd -1 -salt hLGoLIZR $ROOT_PASSWORD`
sed -i "s/^server: 127.0.0.1/server: $SERVER_IP/g" /etc/cobbler/settings
sed -i "s/^next_server: 127.0.0.1/next_server: $NEXT_SERVER/g" /etc/cobbler/settings
sed -i 's/pxe_just_once: 0/pxe_just_once: 1/g' /etc/cobbler/settings
sed -i 's/manage_dhcp: 0/manage_dhcp: 1/g' /etc/cobbler/settings
sed -i "s#^default_password.*#default_password_crypted: \"$PASSWORD\"#g" /etc/cobbler/settings
sed -i 's/$pxe_menu_items//' /etc/cobbler/pxe/pxedefault.template
sed -i "s/192.168.1.0/$DHCP_SUBNET/" /etc/cobbler/dhcp.template
sed -i "s/192.168.1.5/$DHCP_ROUTER/" /etc/cobbler/dhcp.template
sed -i "s/192.168.1.1;/$DHCP_DNS;/" /etc/cobbler/dhcp.template
sed -i "s/192.168.1.100 192.168.1.254/$DHCP_RANGE/" /etc/cobbler/dhcp.template
sed -i "s/^#ServerName www.example.com:80/ServerName localhost:80/" /etc/httpd/conf/httpd.conf
sed -i "s/service %s restart/supervisorctl restart %s/g" /usr/lib/python2.7/site-packages/cobbler/modules/sync_post_restart_services.py
rm -rf /run/httpd/*
apachectl
cobblerd
cobbler sync
cobbler replicate --master=$COBBLER_MASTER --distros=* --profiles=*
pkill cobblerd
pkill httpd
rm -rf /run/httpd/*
exec supervisord -n -c /etc/supervisord.conf
fi
supervisord 管理进程
supervisord.d/conf.ini
参照 https://github.com/jasonlix5/docker-cobbler/blob/master/supervisord.d/conf.ini
docker build -t cobbler:2.8 .
把创建的镜像上传到自己的私有仓库
为了使用原cobbler资源,避免大量的文件同步 新的cobbler 挂载旧cobbler的几个文件和目录 挂载文件(web_api 用户名密码)
/etc/cobbler/users.digest
NFS共享文件夹,只读
/var/www/cobbler/repo_mirror/
/var/www/cobbler/ks_mirror/
/var/lib/cobbler/loaders
在原有的cobbler 安装nfs服务,用于新的cobbler挂载 NFS 服务器
yum install rpcbind nfs-utils -y
vim /etc/exports
/opt/data/cobbler/ks_mirror 10.0.0.0/8(ro,sync)
/opt/data/cobbler/repo_mirror 10.0.0.0/8(ro,sync)
/var/lib/cobbler/loaders 10.0.0.0/8(ro,sync)
启动NFS服务
在新的cobbler主机上安装docker-ce
启动docker
copy kubelet 二进制文件到/bin/kubelet
创建kubelet监视目录
mkdir /etc/kubernetes/manifests/
启动kubelet
nohup kubelet --allow-privileged=true --pod-manifest-path=/etc/kubernetes/manifests/ --fail-swap-on=false --pod-infra-container-image=10.8.15.127:5000/rhel7/pod-infrastructure:latest --v=2 --runtime-cgroups=/systemd/system.slice --kubelet-cgroups=/systemd/system.slice &
最好放supervisord 管理
把老的web api密码文件 放到主机 /etc/cobbler/users.digest ,我这样做是保持用户名密码一致,看官需要根据自己的环境更改 新建cobbler配置文件
vim /etc/kubernetes/manifests/cobbler.yaml
apiVersion: v1
kind: Pod
metadata:
name: cobbler28
labels:
app: cobbler28
spec:
hostNetwork: true
containers:
- image: 10.8.15.127:5000/cobbler:2.8
name: cobbler28
volumeMounts:
- mountPath: /etc/cobbler/users.digest
name: webaccess
- mountPath: /var/www/cobbler/repo_mirror
name: repo
- mountPath: /var/www/cobbler/ks_mirror
name: ksmirror
- mountPath: /var/lib/cobbler/loaders
name: loaders
env:
- name: SERVER_IP
value: "10.8.14.234"
- name: NEXT_SERVER
value: "20.8.14.234"
- name: ROOT_PASSWORD
value: "xxx"
- name: DHCP_RANGE
value: "20.8.14.230 20.8.14.235"
- name: DHCP_SUBNET
value: "20.8.14.0"
- name: DHCP_ROUTER
value: "20.8.14.234"
- name: DHCP_DNS
value: "20.8.14.234"
- name: COBBLER_MASTER
value: "10.8.15.234"
volumes:
- name: webaccess
hostPath:
path: /etc/cobbler/users.digest
type: File
readOnly: true
- name: ksmirror
nfs:
server: 10.20.10.61
path: "/var/www/cobbler/ks_mirror"
readOnly: true
- name: repo
nfs:
server: 10.20.10.61
path: "/var/www/cobbler/repo_mirror"
readOnly: true
- name: loaders
nfs:
server: 10.20.10.61
path: "/var/lib/cobbler/loaders"
readOnly: true
注意上面的 DHCP_RANGE 等部分,我这里是cobbler配置了第二个20网段的ip,是为了避免分配Ip地址冲突
COBBLER_MASTER 是需要同步的旧cobbler
查看cobbler容器是否启动 docker ps
docker logs cobbler-contain 查看同步是否完成
同步完成后 使用登录cobbler_web查看Distros和Profiles 是否同步过来了
添加api配置到自己的装机系统中
done