 Cobbler自动化安装Linux系统
 Cobbler介绍
Cobbler称之为 网络安装服务器套件,可以通过网络启动(PXE)的方式来快速安装、重装物理服务器和虚拟机,同时还可以管理DHCP,DNS等。管理方式:可以使用命令行方式管理,也可以基于Web的界面管理工具(cobbler-web)管理,还可以通过API接口二次开发。
另外Cobbler是较早前的kickstart的升级版,优点是比较容易配置,还自带web界面比较易于管理。
Cobbler内置了一个轻量级配置管理系统,但它也支持和其它配置管理系统集成,如Puppet,暂时不支持SaltStack。

通过Cobbler配置模板可以管理 PXE服务、DHCP服务、DNS服务、电源管理、Kickstart服务支持、YUM仓库、TFTP(PXE启动时需要),通过Apache(提供kickstart的安装源,并提供定制化的kickstart配置)进行网络自动化安装系统

 安装cobbler
 安装环境centos-6.8-x86_64
在安装之前先配置epel源,同时yum安装python-simplejson和Django14-1.4.14-1.el6.noarch.rpm(如果centos6不安装Django,会在安装cobbler-web出错)。
具体步骤如下

[root@cobbler01-32 ~]# wget -O /etc/yum.repos.d/epel.repo http://mirrors.aliyun.com/repo/epel-6.repo
--2019-11-16 04:45:36--  http://mirrors.aliyun.com/repo/epel-6.repo
Resolving mirrors.aliyun.com... 183.2.199.238, 183.2.199.237, 183.60.228.240, ...
Connecting to mirrors.aliyun.com|183.2.199.238|:80... connected.
HTTP request sent, awaiting response... 200 OK
Length: 664 [application/octet-stream]
Saving to: “/etc/yum.repos.d/epel.repo”
100%[=======================================================================>] 664         --.-K/s   in 0s      
2019-11-16 04:45:42 (27.5 MB/s) - “/etc/yum.repos.d/epel.repo” saved [664/664]
[root@cobbler01-32 ~]# yum install -y python-simplejson
Loaded plugins: fastestmirror, security
Setting up Install Process
Determining fastest mirrors
……………………
Installed:
  python-simplejson.x86_64 0:2.0.9-3.1.el6                                                                       
Complete!
[root@cobbler01-32 ~]# wget https://kojipkgs.fedoraproject.org//packages/Django14/1.4.14/1.el6/noarch/Django14-1.4.14-1.el6.noarch.rpm   ##下载Django

[root@cobbler01-32 ~]# rpm -ivh Django14-1.4.14-1.el6.noarch.rpm
Preparing...                ########################################### [100%]
   1:Django14               ########################################### [100%]

 Yum安装cobbler cobbler-web dhcp tftp-server pykickstart httpd

[root@cobbler01-32 ~]# yum -y install cobbler cobbler-web dhcp tftp-server pykickstart httpd
Loaded plugins: fastestmirror, security
Setting up Install Process
Loading mirror speeds from cached hostfile
 * base: mirrors.aliyun.com
 * extras: mirrors.aliyun.com
 * updates: mirrors.aliyun.com
Resolving Dependencies
--> Running transaction check
---> Package cobbler.x86_64 0:2.6.11-7.git95749a6.el6 will be installed
……………………
Complete!

 备份cobbler配置文件(很重要)

[root@cobbler01-32 ~]# mkdir /home/jack/etc-backup
[root@cobbler01-32 ~]# cp /etc/cobbler/settings /home/jack/etc-backup/

 修改配置文件

[root@cobbler01-32 ~]# sed -i '/^server/s#127.0.0.1#10.1.1.32#g' /etc/cobbler/settings

server: 10.1.1.32 :#这是cobbler服务器的地址——因为系统在安装过程中使用它,所以它必须是系统的地址或主机名,因为这些系统可以看到服务器。如果您的服务器对不同的子网(双主网等)显示不同,则需要阅读手册页中的–server override部分了解其工作原理。

[root@cobbler01-32 ~]# sed -i '/^next_server/s#127.0.0.1#10.1.1.32#g' /etc/cobbler/settings

next_server: 10.1.1.32 :#如果将cobbler与manage_dhcp一起使用,请将cobbler服务器的IP地址放在此处,以便如果设置不正确,PXE引导来宾可以找到它,这将显示在TFTP打开超时中。

[root@cobbler01-32 ~]# openssl passwd -1 -salt '11111' 'qaz123' #生成密码
$1$11111$YbqEYPNSDxqVczNWAS5XI1
[root@cobbler01-32 ~]# sed -ri '/default_pass/s#^(.*):.*$#\1: "$1$11111$YbqEYPNSDxqVczNWAS5XI1"#g' /etc/cobbler/settings

default_password_crypted:#cobbler在/var/lib/cobbler/kickstarts/中存储了各种kickstart模板示例。这控制为引用此变量的系统设置的安装(根)密码。工厂默认为“cobbler”,如果没有更改,cobbler check将发出警告。更改密码的最简单方法是运行openssl passwd-1并将输出放在下面的“”之间。

[root@cobbler01-32 ~]# sed -i '/^manage_dhcp/s#0#1#g' /etc/cobbler/settings

Manage_dhcp 1:#设置为1以启用Cobbler的DHCP管理功能。DHCP管理引擎的选择在/etc/Cobbler/modules.conf中

[root@cobbler01-32 ~]# sed -i '/^pxe_just/s#0#1#g' /etc/cobbler/settings

pxe_just_once 1:如果将此设置设置为1,则pxe引导的cobbler系统将在安装结束时请求在cobbler系统记录中切换启用了–netboot的记录。如果系统按BIOS顺序设置为PXEfirst,这就消除了PXE启动循环的可能性。如果您的BIOS引导顺序中的第一个是PXE,则启用此选项,否则保持禁用状态。请参阅手册页中的–netboot enabled。
 修改/etc/xinetd.d/rsync和tftp这两个文件如下

[root@cobbler01-32 ~]# sed -i '6s#yes#no#g' /etc/xinetd.d/rsync
[root@cobbler01-32 ~]# cat -n  /etc/xinetd.d/rsync 
     1	# default: off
     2	# description: The rsync server is a good addition to an ftp server, as it \
     3	#	allows crc checksumming etc.
     4	service rsync
     5	{
     6		disable	= no  ##默认是yes,就是不开启的意思,no是开启
     7		flags		= IPv6
     8		socket_type     = stream
     9		wait            = no
    10		user            = root
    11		server          = /usr/bin/rsync
    12		server_args     = --daemon
    13		log_on_failure  += USERID
    14	}
[root@cobbler01-32 ~]# sed -i '14s#yes#no#g' /etc/xinetd.d/tftp 
[root@cobbler01-32 ~]# cat -n  /etc/xinetd.d/tftp 
     1	# default: off
     2	# description: The tftp server serves files using the trivial file transfer \
     3	#	protocol.  The tftp protocol is often used to boot diskless \
     4	#	workstations, download configuration files to network-aware printers, \
     5	#	and to start the installation process for some operating systems.
     6	service tftp
     7	{
     8		socket_type		= dgram
     9		protocol		= udp
    10		wait			= yes
    11		user			= root
    12		server			= /usr/sbin/in.tftpd
    13		server_args		= -s /var/lib/tftpboot
    14		disable			= no  ##默认是yes,就是不开启的意思,no是开启
    15		per_source		= 11
    16		cps			= 100 2
    17		flags			= IPv4
    18	}
	修改cobbler对应dhcp的模板文件/etc/cobbler/dhcp.template
[root@cobbler01-32 ~]# sed -i '21s#192.168.1.0#10.1.1.0#g'  /etc/cobbler/dhcp.template
[root@cobbler01-32 ~]# sed -i '22s#192.168.1.5#10.1.1.2#g'  /etc/cobbler/dhcp.template 
[root@cobbler01-32 ~]# sed -i '22s#192.168.1.1#10.1.1.2#g'  /etc/cobbler/dhcp.template 
[root@cobbler01-32 ~]# sed -i '23s#192.168.1.1#10.1.1.2#g'  /etc/cobbler/dhcp.template 
[root@cobbler01-32 ~]# sed -i '25s#192.168.1.100 192.168.1.254#10.1.1.120 10.1.1.130#g'  /etc/cobbler/dhcp.template
[root@cobbler01-32 ~]# head -30 /etc/cobbler/dhcp.template|tail -10
subnet 10.1.1.0 netmask 255.255.255.0 {
     option routers             10.1.1.2;
     option domain-name-servers 10.1.1.2;
     option subnet-mask         255.255.255.0;
     range dynamic-bootp        10.1.1.120 10.1.1.130;
     default-lease-time         21600;
     max-lease-time             43200;
     next-server                $next_server;
     class "pxeclients" {
          match if substring (option vendor-class-identifier, 0, 9) = "PXEClient";
[root@cobbler01-32 ~]# cobbler sync ##先同步配置
[root@cobbler01-32 ~]# /etc/init.d/dhcpd start ##在启动dhcp服务,否则失败

 同步网络引导加载程序。(/var/lib/cobbler/loaders中缺少一些网络引导加载程序,您可以运行“cobbler get loaders”下载它们,或者,如果您只想处理x86/x86_64上网本,则可以确保安装了最新版本的syslinux包,并且可以完全忽略此消息。如果您想支持所有体系结构,这个目录中的文件应该包括pxelinux.0、menu.c32、elilo.efi和yaboot。“cobbler get loaders”命令是解决这些需求的最简单方法)

[root@cobbler01-32 ~]# cobbler get-loaders
task started: 2019-11-16_062001_get_loaders
task started (id=Download Bootloader Content, time=Sat Nov 16 06:20:01 2019)
downloading http://cobbler.github.io/loaders/README to /var/lib/cobbler/loaders/README
downloading http://cobbler.github.io/loaders/COPYING.elilo to /var/lib/cobbler/loaders/COPYING.elilo
downloading http://cobbler.github.io/loaders/COPYING.yaboot to /var/lib/cobbler/loaders/COPYING.yaboot
downloading http://cobbler.github.io/loaders/COPYING.syslinux to /var/lib/cobbler/loaders/COPYING.syslinux
downloading http://cobbler.github.io/loaders/elilo-3.8-ia64.efi to /var/lib/cobbler/loaders/elilo-ia64.efi
downloading http://cobbler.github.io/loaders/yaboot-1.3.17 to /var/lib/cobbler/loaders/yaboot
downloading http://cobbler.github.io/loaders/pxelinux.0-3.86 to /var/lib/cobbler/loaders/pxelinux.0
downloading http://cobbler.github.io/loaders/menu.c32-3.86 to /var/lib/cobbler/loaders/menu.c32
downloading http://cobbler.github.io/loaders/grub-0.97-x86.efi to /var/lib/cobbler/loaders/grub-x86.efi
downloading http://cobbler.github.io/loaders/grub-0.97-x86_64.efi to /var/lib/cobbler/loaders/grub-x86_64.efi
*** TASK COMPLETE ***

 查看cobbler配置情况(如果剩下下面两个问题可以忽略,也就是说你配置好了配置文件这一块)

[root@cobbler01-32 ~]# cobbler check
The following are potential configuration items that you may want to fix:
1 : debmirror package is not installed, it will be required to manage debian deployments and repositories
2 : fencing tools were not found, and are required to use the (optional) power management features. install cman or fence-agents to use them
Restart cobblerd and then run 'cobbler sync' to apply changes.

 Cobbler命令行介绍
三个模版:distro 发行版 profile:配置 system:系统选项

[root@cobbler01-32 ~]# cobbler 
usage=====
cobbler <distro|profile|system|repo|image|mgmtclass|package|file> ... 
        [add|edit|copy|getks*|list|remove|rename|report] [options|--help]
cobbler <aclsetup|buildiso|import|list|replicate|report|reposync|sync|validateks|version|signature|get-loaders|hardlink> [options|--help]
cobbler check    核对当前设置是否有问题
cobbler list     列出所有的cobbler元素
cobbler report   列出元素的详细信息
cobbler sync     同步配置到数据目录,更改配置最好都要执行下
cobbler reposync 同步yum仓库
cobbler distro   查看导入的发行版系统信息
cobbler system   查看添加的系统信息
cobbler profile  查看配置信息
[root@cobbler01-32 ~]# cobbler distro/profile/system/repo/import
usage=====
cobbler distro add   :添加发行版
cobbler distro copy   :复制发行版
cobbler distro edit    :编辑发行版
cobbler distro find    :查找发行版
cobbler distro list     :查看所有的发行版
cobbler distro remove  :删除
cobbler distro rename  :按名称删除发行版
cobbler distro report    :查看发行版信息
还有好多不一一介绍

 导入centos6.8镜像文件

[root@cobbler01-32 ~]# cobbler import --path=/mnt/ --name=centos-6.8-x86_64 --arch=x86_64
task started: 2019-11-16_064240_import
task started (id=Media import, time=Sat Nov 16 06:42:40 2019)
Found a candidate signature: breed=redhat, version=rhel6
Found a matching signature: breed=redhat, version=rhel6
Adding distros from path /var/www/cobbler/ks_mirror/centos-6.8-x86_64:
creating new distro: centos-6.8-x86_64
trying symlink: /var/www/cobbler/ks_mirror/centos-6.8-x86_64 -> /var/www/cobbler/links/centos-6.8-x86_64
creating new profile: centos-6.8-x86_64
associating repos
checking for rsync repo(s)
checking for rhn repo(s)
checking for yum repo(s)
starting descent into /var/www/cobbler/ks_mirror/centos-6.8-x86_64 for centos-6.8-x86_64
processing repo at : /var/www/cobbler/ks_mirror/centos-6.8-x86_64
need to process repo/comps: /var/www/cobbler/ks_mirror/centos-6.8-x86_64
looking for /var/www/cobbler/ks_mirror/centos-6.8-x86_64/repodata/*comps*.xml
Keeping repodata as-is :/var/www/cobbler/ks_mirror/centos-6.8-x86_64/repodata
*** TASK COMPLETE ***

##import:导入的意思
##–path:指定镜像文件挂载路径
##–name:给导入的镜像文件取个名。Distro中—name和profile中—name指的意思不一样,可以单独存在
##–arch:镜像文件架构模式常见32位和64位
 修改新安装服务器的网卡接口为默认名eth0

[root@cobbler01-32 ~]# cobbler profile edit --name= centos-6.8-x86_64 --kopts='net.ifnames=0 biosdevname=0'
[root@cobbler01-32 ~]# touch /var/lib/cobbler/kickstarts/centos6.8-ks.cfg

 给CentOS-6.8-x86_64镜像指定ks.cfg应答文件

[root@cobbler01-32 ~]# cobbler profile edit --name= centos-6.8-x86_64 --kickstart=/var/lib/cobbler/kickstarts/centos6.8-ks.cfg

cobbler list
 定制化安装

[root@cobbler01-32 ~]# cobbler system add --name=centos6.8-jack --mac=00:50:56:28:32:E0 --profile=centos-6.8-x86_64 --ip-address=10.1.1.101 --subnet=255.255.255.0 --gateway=10.1.1.2 --interface=eth0 --static=1 --hostname=jack-cobbler --name-servers="114.114.114.114 8.8.8.8"
[root@cobbler01-32 ~]# vim /var/lib/cobbler/kickstarts/centos6.8-ks.cfg

 配置完成后记得同步cobbler配置和重启服务

cobbler sync
/etc/init.d/xinetd restart
/etc/init.d/httpd restart
/etc/init.d/dhcpd restart
 /etc/init.d/cobblerd restart

 Centos7的kickstart文件

[root@linux-node1 kickstarts]# cat centos6.8-ks.cfg
#Cobbler for Kickstart Configurator for CentOS 7.1 
install
url --url=$tree  # 这些$开头的变量都是调用配置文件里的值。
text
lang en_US.UTF-8
keyboard us
zerombr
bootloader --location=mbr --driveorder=sda --append="crashkernel=auto rhgb quiet"
#Network information
$SNIPPET('network_config')
timezone --utc Asia/Shanghai
authconfig --enableshadow --passalgo=sha512
rootpw  --iscrypted $default_password_crypted
clearpart --all --initlabel
part /boot --fstype xfs --size 1024  # CentOS7系统磁盘默认格式xfs
part swap --size 1024
part / --fstype xfs --size 1 --grow
firstboot --disable
selinux --disabled
firewall --disabled
logging --level=info
reboot
%pre
$SNIPPET('log_ks_pre')
$SNIPPET('kickstart_start')
$SNIPPET('pre_install_network_config')
#Enable installation monitoring
$SNIPPET('pre_anamon')
%end
%packages
@base
@compat-libraries
@debugging
@development
tree
nmap
sysstat
lrzsz
dos2unix
telnet
iptraf
ncurses-devel
openssl-devel
zlib-devel
OpenIPMI-tools
screen
%end
%post
systemctl disable postfix.service
%end

 Centos7的kickstart文件

[root@linux-node1 ~]# vim /var/www/html/ks_config/CentOS-7.1-ks.cfg
#Kickstart Configurator for CentOS 6.7 
install
url --url=$tree
text
lang en_US.UTF-8
keyboard us
zerombr
bootloader --location=mbr --driveorder=sda --append="crashkernel=auto rhgb quiet"
$SNIPPET('network_config')
timezone --utc Asia/Shanghai
authconfig --enableshadow --passalgo=sha512
rootpw  --iscrypted  $default_password_crypted
clearpart --all --initlabel
part /boot --fstype=ext4 --asprimary --size=200
part swap --size=1024
part / --fstype=ext4 --grow --asprimary --size=200
firstboot --disable
selinux --disabled
firewall --disabled
logging --level=info
reboot
%pre
$SNIPPET('log_ks_pre')
$SNIPPET('kickstart_start')
$SNIPPET('pre_install_network_config')
$SNIPPET('pre_anamon')
%end
%packages
@base
@compat-libraries
@debugging
@development
tree
nmap
sysstat
lrzsz
dos2unix
telnet
iptraf
ncurses-devel
openssl-devel
zlib-devel
OpenIPMI-tools
screen
%end