好久没写过博客了,上来撸一篇。。。。 最近在看K8s,刚好机房环境里需要加个cobbler 装机系统,便有了下面的折腾

环境:原有cobbler几台(因有多个机房,故有多个cobbler) 需求:新机房需要cobbler 自动装机系统

先做个cobbler2.8的镜像(为什么用2.8版本?2.6版本安装exsi会报错)

docker file 参照https://github.com/jasonlix5/docker-cobbler 修改

FROM bd2fd3afdba2
ADD cobbler-*  /
ADD entrypoint.sh  /entrypoint.sh
ADD supervisord.d/conf.ini /etc/supervisord.d/conf.ini
RUN yum localinstall cobbler-2.8.0-4.el7.x86_64.rpm cobbler-web-2.8.0-4.el7.noarch.rpm -y  && yum install  tftp-server dhcp supervisor -y && yum clean a
ll &&  rm -rf /var/cache/yum/* /tmp/*

CMD /entrypoint.sh

其中bd2fd3afdba2是我自己的centos7镜像,需要更改为自己环境的镜像 ,比如官方的镜像

cat entrypoint.sh
#!/bin/sh

set -ex

if [ ! $SERVER_IP ]
then
        echo "Please use $SERVER_IP set the IP address of the need to monitor."
        exit 1
elif [ ! $DHCP_RANGE ]
then
        echo "Please use $DHCP_RANGE set up DHCP network segment."
        exit 1
elif [ ! $NEXT_SERVER ]
then
        echo "Please use $NEXT_SERVER set TFTP PXE booting ."
        exit 1
elif [ ! $ROOT_PASSWORD ]
then
        echo "Please use $ROOT_PASSWORD set the root password."
        exit 1
elif [ ! $DHCP_SUBNET ]
then
        echo "Please use $DHCP_SUBNET set the dhcp subnet."
        exit 1
elif [ ! $DHCP_ROUTER ]
then
        echo "Please use $DHCP_ROUTER set the dhcp router."
        exit 1
elif [ ! $DHCP_DNS ]
then
        echo "Please use $DHCP_DNS set the dhcp dns."
        exit 1
elif [ ! $COBBLER_MASTER ]
then
        echo "Please use $COBBLER_MASTER set the cobbler master to rsync."
        exit 1
else
        PASSWORD=`openssl passwd -1 -salt hLGoLIZR $ROOT_PASSWORD`
        sed -i "s/^server: 127.0.0.1/server: $SERVER_IP/g" /etc/cobbler/settings
        sed -i "s/^next_server: 127.0.0.1/next_server: $NEXT_SERVER/g" /etc/cobbler/settings
        sed -i 's/pxe_just_once: 0/pxe_just_once: 1/g' /etc/cobbler/settings
        sed -i 's/manage_dhcp: 0/manage_dhcp: 1/g' /etc/cobbler/settings
        sed -i "s#^default_password.*#default_password_crypted: \"$PASSWORD\"#g" /etc/cobbler/settings
        sed -i 's/$pxe_menu_items//' /etc/cobbler/pxe/pxedefault.template
        sed -i "s/192.168.1.0/$DHCP_SUBNET/" /etc/cobbler/dhcp.template
        sed -i "s/192.168.1.5/$DHCP_ROUTER/" /etc/cobbler/dhcp.template
        sed -i "s/192.168.1.1;/$DHCP_DNS;/" /etc/cobbler/dhcp.template
        sed -i "s/192.168.1.100 192.168.1.254/$DHCP_RANGE/" /etc/cobbler/dhcp.template
        sed -i "s/^#ServerName www.example.com:80/ServerName localhost:80/" /etc/httpd/conf/httpd.conf
        sed -i "s/service %s restart/supervisorctl restart %s/g" /usr/lib/python2.7/site-packages/cobbler/modules/sync_post_restart_services.py

        rm -rf /run/httpd/*
        apachectl
        cobblerd

        cobbler sync
        cobbler replicate --master=$COBBLER_MASTER --distros=* --profiles=*
        pkill cobblerd
        pkill httpd
        rm -rf /run/httpd/*
        
        exec supervisord -n -c /etc/supervisord.conf
fi

supervisord 管理进程

supervisord.d/conf.ini     
参照       https://github.com/jasonlix5/docker-cobbler/blob/master/supervisord.d/conf.ini                                                                                                   

docker build -t cobbler:2.8 .

把创建的镜像上传到自己的私有仓库

为了使用原cobbler资源,避免大量的文件同步 新的cobbler 挂载旧cobbler的几个文件和目录 挂载文件(web_api 用户名密码)

/etc/cobbler/users.digest


NFS共享文件夹,只读

/var/www/cobbler/repo_mirror/



/var/www/cobbler/ks_mirror/
/var/lib/cobbler/loaders

在原有的cobbler 安装nfs服务,用于新的cobbler挂载 NFS 服务器

yum install rpcbind nfs-utils -y

vim /etc/exports
/opt/data/cobbler/ks_mirror  10.0.0.0/8(ro,sync) 
/opt/data/cobbler/repo_mirror  10.0.0.0/8(ro,sync) 
/var/lib/cobbler/loaders      10.0.0.0/8(ro,sync)

启动NFS服务

在新的cobbler主机上安装docker-ce

启动docker

copy kubelet 二进制文件到/bin/kubelet

创建kubelet监视目录

mkdir /etc/kubernetes/manifests/ 

启动kubelet

nohup kubelet --allow-privileged=true --pod-manifest-path=/etc/kubernetes/manifests/   --fail-swap-on=false --pod-infra-container-image=10.8.15.127:5000/rhel7/pod-infrastructure:latest --v=2 --runtime-cgroups=/systemd/system.slice --kubelet-cgroups=/systemd/system.slice &

最好放supervisord 管理

把老的web api密码文件 放到主机 /etc/cobbler/users.digest ,我这样做是保持用户名密码一致,看官需要根据自己的环境更改 新建cobbler配置文件

vim /etc/kubernetes/manifests/cobbler.yaml

apiVersion: v1
kind: Pod
metadata:
  name: cobbler28
  labels:
    app: cobbler28
spec:
  hostNetwork: true
  containers:
  - image: 10.8.15.127:5000/cobbler:2.8
    name: cobbler28
    volumeMounts:
    - mountPath: /etc/cobbler/users.digest
      name: webaccess
    - mountPath: /var/www/cobbler/repo_mirror
      name: repo
    - mountPath: /var/www/cobbler/ks_mirror
      name: ksmirror
    - mountPath: /var/lib/cobbler/loaders
      name: loaders
    env:
        - name: SERVER_IP
          value: "10.8.14.234"
        - name: NEXT_SERVER
          value: "20.8.14.234"
        - name: ROOT_PASSWORD
          value: "xxx"
        - name: DHCP_RANGE
          value: "20.8.14.230 20.8.14.235"
        - name: DHCP_SUBNET
          value: "20.8.14.0"
        - name: DHCP_ROUTER
          value: "20.8.14.234"
        - name: DHCP_DNS
          value: "20.8.14.234"
        - name: COBBLER_MASTER
          value: "10.8.15.234"

  volumes:
  - name: webaccess
    hostPath:
      path: /etc/cobbler/users.digest
      type: File
      readOnly: true
  - name: ksmirror
    nfs:
      server: 10.20.10.61
      path: "/var/www/cobbler/ks_mirror"
      readOnly: true
  - name: repo
    nfs:
      server: 10.20.10.61
      path: "/var/www/cobbler/repo_mirror"
      readOnly: true
  - name: loaders
    nfs:
      server: 10.20.10.61
      path: "/var/lib/cobbler/loaders"
      readOnly: true

注意上面的 DHCP_RANGE 等部分,我这里是cobbler配置了第二个20网段的ip,是为了避免分配Ip地址冲突

COBBLER_MASTER 是需要同步的旧cobbler

查看cobbler容器是否启动 docker ps

docker logs cobbler-contain 查看同步是否完成

同步完成后 使用登录cobbler_web查看Distros和Profiles 是否同步过来了

添加api配置到自己的装机系统中

done