cobbler cobbler簡介 Cobbler是一個Linux伺服器安裝的服務,可以通過網路啟動(PXE)的方式來快速安裝、重裝物理伺服器和虛擬機,同時還可以管理DHCP,DNS等。 Cobbler可以使用命令行方式管理,也提供了基於Web的界面管理工具(cobbler-web),還提供了API ...
cobbler
目錄
cobbler簡介
Cobbler是一個Linux伺服器安裝的服務,可以通過網路啟動(PXE)的方式來快速安裝、重裝物理伺服器和虛擬機,同時還可以管理DHCP,DNS等。
Cobbler可以使用命令行方式管理,也提供了基於Web的界面管理工具(cobbler-web),還提供了API介面,可以方便二次開發使用。
Cobbler是較早前的kickstart的升級版,優點是比較容易配置,還自帶web界面比較易於管理。
Cobbler內置了一個輕量級配置管理系統,但它也支持和其它配置管理系統集成,如Puppet,暫時不支持SaltStack。
cobbler集成的服務:
PXE服務支持
DHCP服務管理
DNS服務管理(可選bind,dnsmasq)
電源管理
Kickstart服務支持
YUM倉庫管理
TFTP(PXE啟動時需要)
Apache(提供kickstart的安裝源,並提供定製化的kickstart配置)
cobbler配置文件詳解
cobbler配置文件目錄在/etc/cobbler
| 配置文件 | 作用 |
|---|---|
| /etc/cobbler/settings | cobbler 主配置文件 |
| /etc/cobbler/iso/ | iso模板配置文件 |
| /etc/cobbler/pxe | pxe模板配置文件 |
| /etc/cobbler/power | 電源配置文件 |
| /etc/cobbler/user.conf | web服務授權配置文件 |
| /etc/cobbler/users.digest | web訪問的用戶名密碼配置文件 |
| /etc/cobbler/dhcp.template | dhcp伺服器的的配置模板 |
| /etc/cobbler/dnsmasq.template | dns伺服器的配置模板 |
| /etc/cobbler/tftpd.template | tftp服務的配置模板 |
| /etc/cobbler/modules.conf | 模塊的配置文件 |
cobbler數據目錄
目錄 作用
| /var/lib/cobbler/config/ | 用於存放distros,system,profiles等信息配置文件 |
|---|---|
| /var/lib/cobbler/triggers/ | 用於存放用戶定義的cobbler命令 |
| /var/lib/cobbler/kickstart/ | 預設存放kickstart文件 |
| /var/lib/cobbler/loaders/ | 存放各種引導程式以及鏡像目錄 |
| /var/www/cobbler/ks_mirror/ | 導入的發行版系統的所有數據 |
| /var/www/cobbler/images/ | 導入發行版的kernel和initrd鏡像用於遠程網路啟動 |
| /var/www/cobbler/repo_mirror/ | yum倉庫存儲目錄 |
cobbler日誌文件
| 日誌文件路徑 | 說明 |
|---|---|
| /var/log/cobbler/installing | 客戶端安裝日誌 |
| /var/log/cobbler/cobbler.log | cobbler日誌 |
cobbler工作原理
cobbler的作用
伺服器上架後,可以手動選擇需要安裝的系統(如:Centos7 或 Centos 8)
伺服器上架後,能夠根據需求,安裝配置操作系統(如:修改IP地址、主機名、選擇安裝包)
系統安裝後,可以自定義的執行腳本,完成系統基礎軟體初始化(如:Zabbix安裝配置、SaltStack安裝配置)
可以當內部YUM源,併在系統安裝時進行初始化
可以重裝系統
Cobbler支持API,可以無縫融合到自建運維平臺中
Cobbler支持網卡的路由配置、DNS配置、bonding
cobbler命令詳解
cobbler check //核對當前設置是否有問題
cobbler list //列出所有的cobbler元素
cobbler report //列出元素的詳細信息
cobbler sync //同步配置到數據目錄,更改配置最好都要執行下
cobbler reposync //同步yum倉庫
cobbler distro //查看導入的發行版系統信息
cobbler system //查看添加的系統信息
cobbler profile //查看配置信息
cobbler服務端部署
阿裡雲官網
配置源
可以在阿裡雲官網上面進行下載
配置yum源
[root@localhost ~]# dnf -y install wget
[root@localhost ~]# cd /etc/yum.repos.d/
[root@localhost yum.repos.d]# rm -rf *
[root@localhost yum.repos.d]# ls
[root@localhost yum.repos.d]# sed -i -e '/mirrors.cloud.aliyuncs.com/d' -e '/mirrors.aliyuncs.com/d' /etc/yum.repos.d/CentOS-Base.repo
[root@localhost yum.repos.d]# ls
CentOS-Base.repo
配置epel源
[root@localhost yum.repos.d]# yum install -y https://mirrors.aliyun.com/epel/epel-release-latest-8.noarch.rpm
[root@localhost yum.repos.d]# sed -i 's|^#baseurl=https://download.example/pub|baseurl=https://mirrors.aliyun.com|' /etc/yum.repos.d/epel*
[root@localhost yum.repos.d]# sed -i 's|^metalink|#metalink|' /etc/yum.repos.d/epel*
[root@localhost yum.repos.d]# ls
CentOS-Base.repo epel-modular.repo epel-testing-modular.repo epel-testing.repo epel.repo
安裝cobbler以及相關軟體
[root@localhost ~]# dnf module list | grep cobbler
//過濾系統上面是否有cobbler安裝包,有的話選擇安裝3這個版本的
cobbler 3 default [d] Versatile Linux deployment server
cobbler 3.3 default [d] Versatile Linux deployment server
[root@localhost ~]# dnf -y module enable cobbler:3
[root@localhost ~]# dnf -y install httpd dhcp* tftp tftp-server cobbler cobbler-web pykickstart rsync rsync-daemon
啟動服務並設置開機自啟
[root@localhost ~]# systemctl enable --now httpd
Created symlink /etc/systemd/system/multi-user.target.wants/httpd.service → /usr/lib/systemd/system/httpd.service.
[root@localhost ~]# systemctl enable --now rsyncd
Created symlink /etc/systemd/system/multi-user.target.wants/rsyncd.service → /usr/lib/systemd/system/rsyncd.service.
[root@localhost ~]# systemctl enable --now tftp
Created symlink /etc/systemd/system/sockets.target.wants/tftp.socket → /usr/lib/systemd/system/tftp.socket.
[root@localhost ~]# systemctl enable --now cobblerd.service
Created symlink /etc/systemd/system/multi-user.target.wants/cobblerd.service → /usr/lib/systemd/system/cobblerd.service.
關閉防火牆和selinux並重啟系統
[root@localhost ~]# systemctl stop firewalld.service
[root@localhost ~]# vim /etc/selinux/config
SELINUX=disabled
[root@localhost ~]# setenforce 0
[root@localhost ~]# systemctl disable --now firewalld.service
Removed /etc/systemd/system/multi-user.target.wants/firewalld.service.
Removed /etc/systemd/system/dbus-org.fedoraproject.FirewallD1.service.
[root@localhost ~]# reboot
查看重啟的訪問是否起來
[root@localhost ~]# systemctl status httpd
● httpd.service - The Apache HTTP Server
Loaded: loaded (/usr/lib/systemd/system/httpd.service; enabled; vendor preset: disabled)
Active: active (running) since Sun 2022-09-25 00:52:50 CST; 2min 2s ago
Docs: man:httpd.service(8)
Main PID: 954 (httpd)
Status: "Running, listening on: port 443, port 80"
Tasks: 231 (limit: 12221)
Memory: 63.4M
CGroup: /system.slice/httpd.service
├─954 /usr/sbin/httpd -DFOREGROUND
├─981 /usr/sbin/httpd -DFOREGROUND
├─982 (wsgi:cobbler_w -DFOREGROUND
├─983 /usr/sbin/httpd -DFOREGROUND
├─984 /usr/sbin/httpd -DFOREGROUND
└─985 /usr/sbin/httpd -DFOREGROUND
Sep 25 00:52:49 localhost systemd[1]: Starting The Apache HTTP Server...
Sep 25 00:52:50 localhost httpd[954]: AH00558: httpd: Could not reliably determine the server's full>
Sep 25 00:52:50 localhost systemd[1]: Started The Apache HTTP Server.
Sep 25 00:52:50 localhost httpd[954]: Server configured, listening on: port 443, port 80
[root@localhost ~]# systemctl status rsyncd
● rsyncd.service - fast remote file copy program daemon
Loaded: loaded (/usr/lib/systemd/system/rsyncd.service; enabled; vendor preset: disabled)
Active: active (running) since Sun 2022-09-25 00:52:51 CST; 2min 22s ago
Main PID: 1251 (rsync)
Tasks: 1 (limit: 12221)
Memory: 968.0K
CGroup: /system.slice/rsyncd.service
└─1251 /usr/bin/rsync --daemon --no-detach
Sep 25 00:52:51 localhost.localdomain systemd[1]: Started fast remote file copy program daemon.
Sep 25 00:52:51 localhost.localdomain rsyncd[1251]: rsyncd version 3.1.3 starting, listening on port>
[root@localhost ~]# systemctl status tftp
● tftp.service - Tftp Server
Loaded: loaded (/usr/lib/systemd/system/tftp.service; indirect; vendor preset: disabled)
Active: inactive (dead)
Docs: man:in.tftpd
[root@localhost ~]# systemctl status cobblerd.service
● cobblerd.service - Cobbler Helper Daemon
Loaded: loaded (/usr/lib/systemd/system/cobblerd.service; enabled; vendor preset: disabled)
Active: active (running) since Sun 2022-09-25 00:52:49 CST; 2min 39s ago
Process: 961 ExecStartPost=/usr/bin/touch /usr/share/cobbler/web/cobbler.wsgi (code=exited, status>
Main PID: 960 (cobblerd)
Tasks: 1 (limit: 12221)
Memory: 43.5M
CGroup: /system.slice/cobblerd.service
└─960 /usr/bin/python3 -s /usr/bin/cobblerd -F
Sep 25 00:52:49 localhost systemd[1]: Starting Cobbler Helper Daemon...
Sep 25 00:52:49 localhost systemd[1]: Started Cobbler Helper Daemon.
生成加密的密碼
[root@localhost ~]# openssl passwd -1 -salt "$RANDOM" "redhat"
$1$27730$h2sYARYp9JNbQ74WwGb3l0
修改配置文件並將生成的密碼寫入其中然後重啟cobbler服務
[root@localhost ~]# vim /etc/cobbler/settings.yaml
# (dual homed, etc), you need to read the --server-override section
# of the manpage for how that works.
server: 192.168.222.250 //修改server的IP地址為本機ip
# of the Cobbler server here so that PXE booting guests can find it
# if you do not set this correctly, this will be manifested in TFTP open timeouts.
next_server: 192.168.222.250 //修改next_server的IP地址為本機ip
# and put the output between the "" below.
default_password_crypted: "$1$27730$h2sYARYp9JNbQ74WwGb3l0" //將生成的密碼寫到這裡
# set to true to enable Cobbler's DHCP management features.
# the choice of DHCP management engine is in /etc/cobbler/modules.conf
manage_dhcp: true 將fslae改為true
[root@localhost ~]# systemctl restart cobblerd.service
通過cobbler check 核對當前設置是否有問題,並解決問題
[root@localhost ~]# cobbler check
The following are potential configuration items that you may want to fix:
1: some network boot-loaders are missing from /var/lib/cobbler/loaders. If you only want to handle x86/x86_64 netbooting, you may ensure that you have installed a *recent* version of the syslinux package installed and can ignore this message entirely. Files in this directory, should you want to support all architectures, should include pxelinux.0, menu.c32, and yaboot.
2: reposync is not installed, install yum-utils or dnf-plugins-core
3: yumdownloader is not installed, install yum-utils or dnf-plugins-core
4: debmirror package is not installed, it will be required to manage debian deployments and repositories
5: fencing tools were not found, and are required to use the (optional) power management features. install cman or fence-agents to use them
Restart cobblerd and then run 'cobbler sync' to apply changes.
問題1:
[root@localhost ~]# cd /var/lib/cobbler/loaders/
[root@localhost loaders]# ls
[root@localhost loaders]# dnf -y install syslinux*
[root@localhost ~]# cp /usr/share/syslinux/pxelinux.0 /var/lib/cobbler/loaders/
[root@localhost ~]# cp /usr/share/syslinux/menu.c32 /var/lib/cobbler/loaders/
[root@localhost ~]# ls /var/lib/cobbler/loaders/
menu.c32 pxelinux.0
問題2,3:
[root@localhost ~]# dnf -y install yum-utils
問題4和問題5可以忽略,
因為如果使用的是debian系統才需要解決,使用的是centos8就可以不用解決
Debian系統解決辦法安裝fence-agents
配置DHCP模板文件,同步cobbler配置
[root@localhost ~]# vim /etc/cobbler/dhcp.template
subnet 192.168.222.0 netmask 255.255.255.0 { //子網的網段
option routers 192.168.222.2; //網關
option domain-name-servers 192.168.222.2; //dns伺服器
option subnet-mask 255.255.255.0; //子網掩碼
range dynamic-bootp 192.168.222.100 192.168.222.110;//分配地址範圍(地址池)
default-lease-time 21600;
max-lease-time 43200;
next-server $next_server;
class "pxeclients" {
[root@localhost ~]# systemctl restart httpd cobblerd.service
[root@localhost ~]# cobbler sync
....
shell triggers finished successfully
running python triggers from /var/lib/cobbler/triggers/change/*
running python trigger cobbler.modules.scm_track
running python trigger cobbler.modules.managers.genders
running shell triggers from /var/lib/cobbler/triggers/change/*
shell triggers finished successfully
*** TASK COMPLETE ***
管理distro掛載鏡像並導入鏡像
[root@localhost ~]# mount /dev/cdrom /mnt
mount: /mnt: WARNING: device write-protected, mounted read-only.
[root@localhost ~]# cobbler import --path=/mnt/ --name=lvnanhai arch=x86_64
...
starting descent into /var/www/cobbler/distro_mirror/lvnanhai for lvnanhai-x86_64
processing repo at : /var/www/cobbler/distro_mirror/lvnanhai/AppStream
need to process repo/comps: /var/www/cobbler/distro_mirror/lvnanhai/AppStream
looking for /var/www/cobbler/distro_mirror/lvnanhai/AppStream/repodata/*comps*.xml
Keeping repodata as-is :/var/www/cobbler/distro_mirror/lvnanhai/AppStream/repodata
processing repo at : /var/www/cobbler/distro_mirror/lvnanhai/BaseOS
need to process repo/comps: /var/www/cobbler/distro_mirror/lvnanhai/BaseOS
looking for /var/www/cobbler/distro_mirror/lvnanhai/BaseOS/repodata/*comps*.xml
Keeping repodata as-is :/var/www/cobbler/distro_mirror/lvnanhai/BaseOS/repodata
*** TASK COMPLETE ***
//安裝源的唯一標示就是根據name參數來定義,本例導入成功後,安裝源的唯一標示就是:CentOS-lvnanhai-x86_64,如果重覆,系統會提示導入失敗
列出cobbler鏡像列表
[root@localhost ~]# cobbler list
distros:
lvnanhai-x86_64
profiles:
lvnanhai-x86_64
systems:
repos:
images:
mgmtclasses:
packages:
files:
查看詳細信息 查看指定的--name 接鏡像名
[root@localhost ~]# cobbler distro report --name lvnanhai-x86_64
Name : lvnanhai-x86_64
Architecture : x86_64
Automatic Installation Template Metadata : {'tree': 'http://@@http_server@@/cblr/links/lvnanhai-x86_64'}
TFTP Boot Files : {}
Boot loader : grub
Breed : redhat
Comment :
Fetchable Files : {}
Initrd : /var/www/cobbler/distro_mirror/lvnanhai/images/pxeboot/initrd.img
Kernel : /var/www/cobbler/distro_mirror/lvnanhai/images/pxeboot/vmlinuz
Kernel Options : {}
Kernel Options (Post Install) : {}
Management Classes : []
OS Version : rhel8
Owners : ['admin']
Redhat Management Key :
Remote Boot Initrd : ~
Remote Boot Kernel : ~
Template Files : {}
創建kickstarts自動安裝腳本
[root@localhost ~]# cobbler profile get-autoinstall --name lvnanhai-x86_64 >/var/lib/cobbler/templates/lvnanhai.ks
//此處>後面不要使用tab鍵,不然會卡住
[root@localhost ~]# vim /var/lib/cobbler/templates/lvnanhai.ks
# Firewall configuration
firewall --disabled //關閉防火牆
%packages
@^minimal-environment //添加最小化安裝
%end
此時使用虛擬機去安裝系統並不會成功 需要做如下操作
[root@localhost ~]# cd /usr/share/cobbler/bin/
[root@localhost bin]# ls
migrate-data-v2-to-v3.py migrate-settings.sh mkgrub.sh settings-migration-v1-to-v2.sh
[root@localhost bin]# bash mkgrub.sh
+ grub2-mkimage -O arm64-efi -o /var/lib/cobbler/loaders/grub/grubaa64.efi --prefix= all_video boot cat configfile echo true font gfxmenu gfxterm gzio halt iso9660 jpeg minicmd normal part_apple part_msdos part_gpt password_pbkdf2 png reboot search search_fs_uuid search_fs_file search_label sleep test video fat loadenv linux btrfs ext2 xfs jfs reiserfs tftp http luks gcry_rijndael gcry_sha1 gcry_sha256 mdraid09 mdraid1x lvm serial regexp tr efinet
grub2-mkimage: error: cannot open `/usr/lib/grub/arm64-efi/moddep.lst': No such file or directory.
+ set +x
+ grub2-mkimage -O i386-pc-pxe -o /var/lib/cobbler/loaders/grub/grub.0 --prefix= all_video boot cat configfile echo true font gfxmenu gfxterm gzio halt iso9660 jpeg minicmd normal part_apple part_msdos part_gpt password_pbkdf2 png reboot search search_fs_uuid search_fs_file search_label sleep test video fat loadenv linux btrfs ext2 xfs jfs reiserfs tftp http luks gcry_rijndael gcry_sha1 gcry_sha256 mdraid09 mdraid1x lvm serial regexp tr chain pxe biosdisk
+ set +x
+ grub2-mkimage -O powerpc-ieee1275 -o /var/lib/cobbler/loaders/grub/grub.ppc64le --prefix= all_video boot cat configfile echo true font gfxmenu gfxterm gzio halt iso9660 jpeg minicmd normal part_apple part_msdos part_gpt password_pbkdf2 png reboot search search_fs_uuid search_fs_file search_label sleep test video fat loadenv linux btrfs ext2 xfs jfs reiserfs tftp http luks gcry_rijndael gcry_sha1 gcry_sha256 mdraid09 mdraid1x lvm serial regexp tr net ofnet
grub2-mkimage: error: cannot open `/usr/lib/grub/powerpc-ieee1275/moddep.lst': No such file or directory.
+ set +x
+ grub2-mkimage -O x86_64-efi -o /var/lib/cobbler/loaders/grub/grubx64.efi --prefix= all_video boot cat configfile echo true font gfxmenu gfxterm gzio halt iso9660 jpeg minicmd normal part_apple part_msdos part_gpt password_pbkdf2 png reboot search search_fs_uuid search_fs_file search_label sleep test video fat loadenv linux btrfs ext2 xfs jfs reiserfs tftp http luks gcry_rijndael gcry_sha1 gcry_sha256 mdraid09 mdraid1x lvm serial regexp tr chain efinet
grub2-mkimage: error: cannot open `/usr/lib/grub/x86_64-efi/moddep.lst': No such file or directory.
+ set +x
+ ln -s /usr/share/syslinux/ldlinux.c32 /var/lib/cobbler/loaders/ldlinux.c32
+ set +x
[root@localhost bin]# ls /var/lib/cobbler/loaders/
grub ldlinux.c32 menu.c32 pxelinux.0
[root@localhost bin]# cobbler sync
....
running python trigger cobbler.modules.scm_track
running python trigger cobbler.modules.managers.genders
running shell triggers from /var/lib/cobbler/triggers/change/*
shell triggers finished successfully
*** TASK COMPLETE ***
[root@localhost bin]# systemctl restart httpd cobblerd.service
//重啟服務
此時我們可以創建一個虛擬機來測試
手動創建
用戶是root,密碼是前面openssl指定redhat
自動安裝,使用瀏覽器訪問https://192.168.222.250/cobbler_web
預設登錄的用戶名和密碼都為cobbler
不用自己選擇,系統自動給你安裝
