文章目录
- linux--cobbler自动装机之详解
- 一 :环境设置与安装步骤
- 1.1环境设置
- 1.2安装信息科软件包
- 1.3 安装cobbler环境
- 1.4 安装步骤
- 1.4.1步骤预览
- 1.4.2 cobbler工具配置
- 1.4.3 部署安装
- 二:修改配置文件
- 2.1修改cobbler配置文件
- 2.2 开启dhcpd与cobbler.service 并关闭防火墙
- 2.3 cobbler check 并优化
- 三: 导入系统镜像
- 3.1:步骤
- 3.2挂载并导入镜像文件
- 3.3查看导入情况
- 四;测试装机与cobbler -web认证管理
- 4.1新建一台虚拟机
- 4.2装机
- 4.3 cobbler-web管理
linux–cobbler自动装机之详解
一 :环境设置与安装步骤
1.1环境设置
- 使用VMware软件演示
- 安装CentOS 7操作系统当做服务端
- 新建CentOS 7虚拟机当做客户端,留作安装系统
1.2安装信息科软件包
yum 安装信息库软件包
[root@localhost ~]# yum install -y epel-release
已加载插件:fastestmirror, langpacks
Loading mirror speeds from cached hostfile
base: mirror.bit.edu.cn
extras: mirror.bit.edu.cn
updates: ftp.sjtu.edu.cn
1.3 安装cobbler环境
[root@localhost ~]# mount /dev/sr0 /mnt/
mount: /dev/sr0 写保护,将以只读方式挂载
[root@localhost ~]# df -hT
文件系统 类型 容量 已用 可用 已用% 挂载点
/dev/mapper/centos-root xfs 50G 5.0G 46G 10% /
devtmpfs devtmpfs 1.9G 0 1.9G 0% /dev
tmpfs tmpfs 1.9G 0 1.9G 0% /dev/shm
tmpfs tmpfs 1.9G 13M 1.9G 1% /run
tmpfs tmpfs 1.9G 0 1.9G 0% /sys/fs/cgroup
/dev/sda1 xfs 1014M 179M 836M 18% /boot
/dev/mapper/centos-home xfs 245G 37M 245G 1% /home
tmpfs tmpfs 378M 8.0K 378M 1% /run/user/42
tmpfs tmpfs 378M 0 378M 0% /run/user/0
/dev/sr0 iso9660 4.3G 4.3G 0 100% /mnt
1.4 安装步骤
1.4.1步骤预览
cobbler服务:自动部署装机
dhcp:自动分配IP地址使新机器和服务器在同一个段落互联互通
tftp:压缩内核,引导程序(速度快)
ftp:iso镜像文件
CentOS 7设置
systemctl start network.service
systemctl enable httpd
1.4.2 cobbler工具配置
ifconfig工具
[root@localhost ~]# yum install net-tools -y
已加载插件:fastestmirror, langpacks
Loading mirror speeds from cached hostfile
epel/x86_64/metalink | 9.3 kB 00:00
…………省略
正在更新:
net-tools x86_64 2.0-0.25.20131004git.el7 base 306 k
事务概要
更新完毕:
net-tools.x86_64 0:2.0-0.25.20131004git.el7
完毕!
[root@localhost ~]# nslookup 127.0.0.1 | grep server//查看本机自动获取IP中的DNS地址
mount.cifs工具
[root@localhost ~]# yum install cifs-utils -//挂载宿主机共享文件夹'
已加载插件:fastestmirror, langpacks
Loading mirror speeds from cached hostfile
1.4.3 部署安装
[root@localhost ~]# yum install cobbler cobbler-web dhcp tftp-server pykickstart httpd rsyn
已加载插件:fastestmirror, langpacks
Loading mirror speeds from cached hostfile
* base: mirror.bit.edu.cn
…………省略
安装 3 软件包 (+12 依赖软件包)
升级 1 软件包
总计:10 M
总下载量:9.9 M
Is this ok [y/d/N]: [root@localhost ~]# yum install cobbler cobbler-web dhcp tftp-server pykickstart httpd rsyn
已加载插件:fastestmirror, langpacks
Loading mirror speeds from cached hostfile
* base: mirror.bit.edu.cn
yum install cobbler cobbler-web dhcp tftp-server pykickstart httpd rsync xinetd -y
systemctl restart httpd.service
systemctl start cobblerd.service
cobbler check
修改配置文件
vim /etc/cobbler/settings '//修改配置文件'
next_server:192.168.197.175 '//指定PXE位置'
server:192.168.197.175 '//指定cobbler服务地址'
manage_dhcp:1 '//管理dhcp启动'
systemctl stop firewalld.service '//关闭防火墙'
setenforce 0 '//关闭增强安全性功能'
* cobbler check 检查需要优化的内容
cobbler check 检查的结果进行优化'
wq设置密码
openssl passwd -1 -salt 'abner' 'abner' '//盐值加密'
'//加密结果'
继续回settings文件中
default_password_crypted:“加密结果”
保存退出settings文件
cobbler get-loaders '//下载引导操作系统文件'
systemctl start rsyncd.service '//启动服务'
vim /etc/xinete.d/tftp
disable = no '//启动'
systemctl restart xinetd.service '//重启服务'
vim /etc/cobbler/dhcp.template '//cobbler控制的dhcp服务模板'
subnet 192.168.197.0 netmask 255.255.255.0 {
option routers 192.168.197.1; '//修改网关'
option domain-name-servers 192.168.197.2; '//修改DNS'
option subnet-mask 255.255.255.0;
range dynamic-bootp 192.168.197.100 192.168.197.200; '//修改地址池'
cobbler sync '//帮助同步生成DHCP配置文件'
systemctl restart dhcpd.service '//启动dhcpd服务'
'//以下三条可以忽略不去处理'
导入系统镜像步骤
/var/log/cobbler/cobbler.log '//日志文件所在位置'
cobbler import --path=/mnt/ --name=CentOS-7-x86_64 --arch=x86_64 '//导入iso镜像文件'
/var/www/cobbler/ks_mirror/CentOS-7-x86_64 '//默认导入存放位置'
cobbler list '//查看导入结果'
cobbler distro list '//查看发行版本'
tree /var/lib/tftpboot/images '//查看内核和初始化文件在tftp server 共享目录'
cobbler profile report
/var/lib/cobbler/kickstarts/sample_end.ks '//ks默认文件存放位置'
客户端安装完成后只具备字符界面 登录账户 root 密码 abc123
两种cobbler web–第一种
/etc/cobbler/modules.conf //authn_configfile 模块认证
htdigest -c /etc/cobbler/users.digest Cobbler cbadmin
输入两次确认密码 例如:abc123
systemctl restart cobblerd.service
systemctl restart httpd.service
web账户为 cbadmin 密码为 abc123
两种cobbler web–第二种 pam认证
vim /etc/cobbler/modules.conf
module = authn_pam '//修改pam认证'
module = authz_ownership '//在users.conf指定访问权限'
useradd webuser
passwd webuser
vim /etc/cobbler/users.conf
[admins]
admin = “”
cobbler = “”
webuser = “” '//添加'
systemctl restart cobblerd.service
systemctl restart httpd.service
二:修改配置文件
2.1修改cobbler配置文件
[root@localhost ~]# cd /etc/cobbler/
[root@localhost cobbler]# ls
auth.conf import_rsync_whitelist pxe users.conf
cheetah_macros iso reporting users.digest
cobbler_bash ldap rsync.exclude version
completions modules.conf rsync.template zone.template
dhcp.template mongodb.conf secondary.template zone_templates
dnsmasq.template named.template settings
genders.template power tftpd.template
[root@localhost cobbler]# vim settings
...省略内容
if using cobbler with manage_dhcp, put the IP address
of the cobbler server here so that PXE booting guests can find it
if you do not set this correctly, this will be manifested in TFTP open timeouts.
next_server: 192.168.197.175 '//此处指向cobbler服务器地址'
...省略内容
server: 192.168.197.175 '//此处指向cobbler服务器地址'
...省略内容
set to 1 to enable Cobbler's DHCP management features.
the choice of DHCP management engine is in /etc/cobbler/modules.conf
manage_dhcp: 1 '//开启dhcp'
…省略内容
2.2 开启dhcpd与cobbler.service 并关闭防火墙
[root@localhost cobbler]# systemctl start httpd.service
[root@localhost cobbler]# systemctl start cobblerd.service
[root@localhost cobbler]# systemctl status cobblerd.service '//检查开启状态 '
[root@localhost cobbler]# systemctl stop firewalld.service
[root@localhost cobbler]# setenforce 0
2.3 cobbler check 并优化
[root@localhost cobbler]# cobbler check
'//此三条可以不做优化'
1:SELinux is enabled. Please review the following wiki page for details on ensuring cobbler works correctly in your SELinux environment: https://github.com/cobbler/cobbler/wiki/Selinux
2 : debmirror package is not installed, it will be required to manage debian deployments and repositories
3 : fencing tools were not found, and are required to use the (optional) power management features. install cman or fence-agents to use them
'//开始优化其他配置'
[root@localhost cobbler]# vim /etc/xinetd.d/tftp
...省略内容
disable = no '//修改成no'
[root@localhost cobbler]# systemctl enable rsyncd.service
[root@localhost cobbler]# systemctl restart cobblerd.service
[root@localhost cobbler]# cobbler check
[root@localhost cobbler]# openssl passwd -1 -salt 'abc123' 'abc123'
$1$abc123$9v8z2./E/PZihXrVcy3II0 '//设置密码,复制秘钥'
[root@localhost cobbler]# vim /etc/cobbler/settings
...省略内容
default_password_crypted: "$1$abc123$9v8z2./E/PZihXrVcy3II0" '//刚刚生成的密码粘贴再此处'
...省略内容
[root@localhost cobbler]# systemctl start rsyncd.service
[root@localhost cobbler]# systemctl restart xinetd.service
[root@localhost cobbler]# ls
[root@localhost cobbler]# vim dhcp.template
...省略内容
subnet 192.168.197.0 netmask 255.255.255.0 {
option routers 192.168.197.1;
option domain-name-servers 192.168.197.2;
option subnet-mask 255.255.255.0;
range dynamic-bootp 192.168.197.100 192.168.197.200;
...省略内容
[root@localhost cobbler]# cobbler sync
[root@localhost cobbler]# cd /etc/dhcp
[root@localhost dhcp]# ls
dhclient.d dhclient-exit-hooks.d dhcpd6.conf dhcpd.conf scripts
[root@localhost dhcp]# vim dhcpd.conf
'//发现已经变成无法修改,被cobbler管理'
# ******************************************************************
Cobbler managed dhcpd.conf file
generated from cobbler dhcp.conf template (Sun Dec 8 06:33:55 2019)
Do NOT make changes to /etc/dhcpd.conf. Instead, make your changes
in /etc/cobbler/dhcp.template, as /etc/dhcpd.conf will be
overwritten.
******************************************************************
...省略内容
[root@localhost dhcp]# cobbler get-loaders
[root@localhost dhcp]# systemctl restart dhcpd.service
[root@localhost dhcp]# systemctl restart cobblerd.service
[root@localhost dhcp]# cobbler check
'//发现只剩下前面提到的三个可以忽略,不用优化的内容。此时,cobbler已经优化完毕'
三: 导入系统镜像
3.1:步骤
/var/log/cobbler/cobbler.log ‘//日志文件所在位置’
cobbler import --path=/mnt/ --name=CentOS-7-x86_64 --arch=x86_64 ‘//导入iso镜像文件’
/var/www/cobbler/ks_mirror/CentOS-7-x86_64 ‘//默认导入存放位置’
cobbler list ‘//查看导入结果’
cobbler distro list ‘//查看发行版本’
tree /var/lib/tftpboot/images ‘//查看内核和初始化文件在tftp server 共享目录’
cobbler profile report
/var/lib/cobbler/kickstarts/sample_end.ks ‘//ks默认文件存放位置’
客户端安装完成后只具备字符界面 登录账户 root 密码 abc123
3.2挂载并导入镜像文件
[root@localhost dhcp]# mount /dev/sr0 /mnt
mount: /dev/sr0 is write-protected, mounting read-only
[root@localhost dhcp]# df -h
Filesystem Size Used Avail Use% Mounted on
/dev/sda2 20G 3.6G 17G 18% /
...省略内容
/dev/sr0 4.3G 4.3G 0 100% /mnt
[root@localhost dhcp]# cobbler import --path=/mnt/ --name=CentOS-7-x86_64 --arch=x86_64
task started: 2019-12-08_144856_import
task started (id=Media import, time=Sun Dec 8 14:48:56 2019)
'//省略内容'
Keeping repodata as-is :/var/www/cobbler/ks_mirror/CentOS-7-x86_64/repodata
*** TASK COMPLETE ***
3.3查看导入情况
[root@localhost dhcp]# cd /var/www/cobbler/ks_mirror/
[root@localhost ks_mirror]# ls
CentOS-7-x86_64 config
[root@localhost ks_mirror]# cobbler list
distros:
CentOS-7-x86_64
profiles:
CentOS-7-x86_64
'//省略内容'
[root@localhost ks_mirror]# yum install tree -y
[root@localhost ks_mirror]# tree /var/lib/tftpboot/images
/var/lib/tftpboot/images
└── CentOS-7-x86_64
├── initrd.img
└── vmlinuz
1 directory, 2 files
[root@localhost ks_mirror]# systemctl restart cobblerd.service
[root@localhost ks_mirror]# systemctl restart dhcpd.service
[root@localhost ks_mirror]# systemctl restart xinetd.service
[root@localhost ks_mirror]# systemctl restart httpd.service
四;测试装机与cobbler -web认证管理
4.1新建一台虚拟机
4.2装机
点击开始选择CentOS-7-86_64–回车–自动装机
4.3 cobbler-web管理
第一种cobbler-web认证
/etc/cobbler/modules.conf //authn_configfile 模块认证
htdigest -c /etc/cobbler/users.digest Cobbler cbadmin
输入两次确认密码 例如:abc123
systemctl restart cobblerd.service
systemctl restart httpd.service
web账户为 cbadmin 密码为 abc123
第二种cobbler-web认证 pam认证
vim /etc/cobbler/modules.conf
module = authn_pam '//修改pam认证'
module = authz_ownership '//在users.conf指定访问权限'
useradd webuser
passwd webuser
vim /etc/cobbler/users.conf
[admins]
admin = “”
cobbler = “”
webuser = “” '//添加'
systemctl restart cobblerd.service
systemctl restart httpd.service
cobblerd.service
systemctl restart httpd.service
web账户为 cbadmin 密码为 abc123第二种cobbler-web认证 pam认证vim /etc/cobbler/modules.conf
module = authn_pam ‘//修改pam认证’
module = authz_ownership ‘//在users.conf指定访问权限’
useradd webuser
passwd webuser
vim /etc/cobbler/users.conf
[admins]
admin = “”
cobbler = “”
webuser = “” ‘//添加’
systemctl restart cobblerd.service
systemctl restart httpd.service