自动化运维之系统篇:cobbler批量安装系统主机搭建

帅比萌擦擦* 提交于 2020-11-24 14:48:30

有没有想过安装系统跳过讨厌的选键盘,选鼠标,分区,配置网路,选择安装包。

大致介绍需要安装的服务有:DHCP,COBBLER.

相关目录:

cobbler使用目录及文件
cobbler相关配置文件/etc/cobbler
cobbler
数据存储目录/var/www/cobbler

cobbler系统设置/var/lib/cobbler/kickstarts/sample.ks
dhcp配置文件
/etc/dhcpd.conf
dhcp
租期缓存文件/var/lib/dhcpd/dhcpd.leases
如果需要修改引导时的启动菜单,可修改以下文件

[root@cobbler ~]# vim/tftpboot/pxelinux.cfg/default


一、安装dhcp服务

#yum -y install dhcp

配置DHCP服务

DHCP配置文件为/etc/dhcp/dhcpd.conf,但该文件默认是没有内容的。

vim /etc/dhcp/dhcpd.conf



ddns-update-style interim;
allow booting;
allow bootp;
ignore client-updates;
set vendorclass = option vendor-class-identifier;

subnet 192.168.11.0 netmask 255.255.255.0 {
#比如你的主机(母鸡)ip为172.18.0.24 设置subnet为172.18.0.0
range 192.168.11.240 192.168.11.253;
#这是你要分配给小鸡的ip范围
option domain-name-servers ns1.internal.example.org;
option domain-name "192.168.11.240";
option broadcast-address 192.168.11.255;
#广播范围,这里是在172.18.0内广播
default-lease-time 600;
max-lease-time 7200;
#在dhcpd.conf末尾添加如下内容:
# for Cobbler setup
host cobbler {
option host-name "cobbler";
ddns-hostname "cobbler";
hardware ethernet 00:0C:29:18:7D:7D;
#MAC address of cobbler server
fixed-address 192.168.11.240;
#母鸡ip
#IP of Cobbler server
allow booting;
allow bootp;
class "PXE" {
match if substring(option vendor-class-identifier, 0, 9) = "PXEClient";
next-server 192.168.11.240; #IP of Cobbler server(母鸡ip)
filename "pxelinux.0";
}
}
}


指定DHCP网卡

#sed -i 's/DHCPDARGS =/DHCPDARGS = eth0/g' /etc/sysconfig/dhcpd

修改成如下内容:

# Command line options here

DHCPDARGS=eth0

启动DHCP服务器

#service dhcpd start

让dhcp服务随系统而启动:

#chkconfig dhcpd on


二、安装配置cobbler

由于Cobbler 不在 CentOS 6.3 的基本源中,需要导入 EPEL 源:

#rpm -Uvh http://dl.fedoraproject.org/pub/epel/6/x86_64/epel-release-6-7.noarch.rpm

#yum update

安装 cobbler:

#yum install cobbler

这里会安装相关的依赖包


三、检查修改cobbler配置

#cobbler check

如果提示安装好后,shell提示无命令,可重新登录一下。

可能出现的问题:

The following are potential configuration items that you may want to fix:

1 : The 'server' field in /etc/cobbler/settings must be set to somethingother than localhost, or kickstarting features will not work. This shouldbe a resolvable hostname or IP for the boot server as reachable by all machinesthat will use it.

#修改 server 选项为主机名或是 IP 地址

112056171.jpg

2 : For PXE to be functional, the 'next_server' field in/etc/cobbler/settings must be set to something other than 127.0.0.1, and shouldmatch the IP of the boot server on the PXE network.

#修改 next-server 对应的 IP 地址

112137203.png


3 : Must enable a selinux boolean to enable vital web services components,run: setsebool -P httpd_can_network_connecttrue

#修改 SELINUX setsebool -Phttpd_can_network_connect true

4 : you need to set some SELinux content rules to ensure cobbler servescontent correctly in your SELinux environment, run the following:/usr/sbin/semanage fcontext -a -t public_content_t "/tftpboot/.*"&& /usr/sbin/semanage fcontext -a -t public_content_t"/var/www/cobbler/images/.*"

#修改 selinux 安全上下文标签

5 : you need toset some SELinux rules if you want to use cobbler-web (an optional package),run the following:

/usr/sbin/semanagefcontext -a -t httpd_sys_content_rw_t "/var/lib/cobbler/webui_sessions/.*"

#修改 cobbler 对应的安全上下文标签

6 : some networkboot-loaders are missing from /var/lib/cobbler/loaders, you may run 'cobblerget-loaders' to download them, or, if you only want to handlex86/x86_64 netbooting, you may ensure that you have installed a *recent*version of the syslinux package installed and can ignore this message entirely. Files in this directory, should you want to support all architectures, shouldinclude pxelinux.0, menu.c32, elilo.efi, and yaboot. The 'cobbler get-loaders'command is the easiest way to resolve these requirements.

#运行 cobbler get-loaders以获取 PXE 启动需要的文件

7 : change 'disable' to 'no' in /etc/xinetd.d/tftp

#开启 tftp

8 : change 'disable' to 'no' in /etc/xinetd.d/rsync

#开启 rsync

9 : since iptables may be running, ensure 69, 80, and 25151 are unblocked

#确保 69,80,25151 这个几个端口没有 iptables 阻止(iptables -L)



10 : debmirror package is not installed, it will be required to managedebian deployments and repositories

# debian的镜像包没有安装,如果不安装 debian ,这条可忽略

11 : The default password used by the sample templates for newly installedmachines (default_password_crypted in /etc/cobbler/settings) is still set to'cobbler' and should be changed, try: "openssl passwd -1 -salt 'random-phrase-here''your-password-here'" to generate new one

# 要求使用以上命令行创建新的密码

12 : fencing tools were not found, and are required to use the (optional)power management features. install cman orfence-agents to use them

# 没有安装 fencing 工具,(yuminstall cman 或者yum install fence-agents)


解决完问题后继续cobbler check



如没有问题后可以继续

四.导入引导系统

挂载 CentOS-6.3-x86_64-bin-DVD1.iso 安装光盘然后导入到cobbler(注意这个 iso 文件有 4GB 多,导入可能需要一段时间),导入成功后 cobbler list查看一下:

挂载ios文件,我可以使用

mkdir /mnt/cdrom

mount �o loop /root/soft/******.ios /mnt/cdrom

或者是从光驱导入:

#mount -t iso9660 /dev/cdrom /mnt/cdrom

完成上述二选一步骤后:

# cobbler import --path=/mnt/cdrom --name=CentOS-6.3-x86_64-bin-DVD --arch=x86_64


# cobbler sync

# cobbler list

显示内容如下:

distros:

CentOS-6.3-bin-DVD1-x86_64

profiles:

CentOS-6.3-bin-DVD1-x86_64

systems:

repos:

images:

.测试

最后创建一台虚拟机测试一下,把虚拟机设置成网络 PXE 启动(和 cobbler 在同一个网络),启动后就可以看到 Cobbler 引导界面,看到界面后选择CentOS-6.3-bin-DVD1-x86_64条目就可以顺利开始无人工干预安装系统,Cobbler 引导界面如下:(注意虚拟机的设置)

112444601.png


六:关于安装系统的设置比如分区、键盘、时区、软件包

112703288.png

默认加载ks文件为 /var/lib/cobbler/kickstarts/default.ks


查看当前各个系统所使用的ks文件

#cobbler report


Kickstart : /var/lib/cobbler/kickstarts/sample.ks



vim /var/lib/cobbler/kickstarts/sample.ks

可以看到各种设置(想研究的同学就要认真看看kickstart相关知识了)



值得注意的是cobbler在%pre和%post中加入了可执行命令或者脚本的功能

有兴趣的同学研究一下下面的这些内容


You have the option of adding commands to run on thesystem once the installation is complete. This section must be at the end ofthe kickstart file and must start with the %post command. This section isuseful for functions such as installing additional software and configuring anadditional nameserver.

Note

If you configured the network with static IP information,including a nameserver, you can access the network and resolve IP addresses inthe %post section. If you configured the network for DHCP, the /etc/resolv.conffile has not been completed when the installation executes the %post section.You can access the network, but you can not resolve IP addresses. Thus, if youare using DHCP, you must specify IP addresses in the %post section.

Note

The post-install script is run in a chroot environment;therefore, performing tasks such as copying scripts or RPMs from theinstallation media do not work.

--nochroot

Allows you to specify commands that you would like to runoutside of the chroot environment.

The following example copies the file /etc/resolv.conf tothe file system that was just installed.


%post --nochroot

cp /etc/resolv.conf /mnt/sysimage/etc/resolv.conf

--interpreter /usr/bin/python

Allows you to specify a different scripting language,such as Python. Replace /usr/bin/python with the scripting language of yourchoice.

--log /path/to/logfile

Logs the output of the post-install script. Note that thepath of the log file must take into account whether or not you use the--nochroot option. For example, without --nochroot:

This command is available in Red Hat Enterprise Linux 5.5and later.

%post --log=/root/ks-post.log

with --nochroot:

%post --nochroot --log=/mnt/sysimage/root/ks-post.log

31.7.1. Examples

Register the system to a Red Hat Network Satellite, usinga subshell to log the result in Red Hat Enterprise Linux 5.4 and earlier:

%post

( # Note that in this example we run the entire %post section as asubshell for logging.

wget -O- http://proxy-or-sat.example.com/pub/bootstrap_script | /bin/bash

/usr/sbin/rhnreg_ks --activationkey=<activationkey>

# End the subshell and capture any output to a post-install log file.

) 1>/root/post_install.log 2>&1


Register the system to a Red Hat Network Satellite, usingthe --log option to log the result in Red Hat Enterprise Linux 5.5 and later:

%post --log=/root/ks-post.log

wget -O- http://proxy-or-sat.example.com/pub/bootstrap_script | /bin/bash

/usr/sbin/rhnreg_ks --activationkey=<activationkey>

Run a script named runme from an NFS share:

mkdir /mnt/temp

mount -o nolock 10.10.0.2:/usr/new-machines /mnt/temp open -s -w --

/mnt/temp/runme

umount /mnt/temp




七:/var/lib/cobbler/kickstarts/sample.ks

这是cobbler的另一个配置文件,设置分区,安装系统前后的脚本,安装包的选择

前面的设置为一些基本设置,分区,ip设置服务启动,比较有用的是%pre,%package和%post这里贴一个我的设置:

%pre

$SNIPPET('log_ks_pre')

$SNIPPET('kickstart_start')

$SNIPPET('pre_install_network_config')

# Enable installation monitoring

$SNIPPET('pre_anamon')


%packages

$SNIPPET('cobbler_package')


%post

$SNIPPET('cobbler_test_rm')

$SNIPPET('cobbler_test')

$SNIPPET('cobbler_test_bash')

$SNIPPET('log_ks_post')

$SNIPPET('post_install_kernel_options')

$SNIPPET('post_install_network_config')

$SNIPPET('func_register_if_enabled')

$SNIPPET('puppet_register_if_enabled')

$SNIPPET('download_config_files')

$SNIPPET('koan_environment')

$SNIPPET('redhat_register')

$SNIPPET('cobbler_register')

# End final steps


配置文件采用了载入文件的方式,可载入得模块在/var/lib/cobbler/snippets/目录下,载入方式为$SNIPPET(‘文件名’) ,可以在/var/lib/cobbler/snippets/下建立文件,并在相应的模块(%pre %package %post)载入,即可完成。其中

%packages指令支持下面的选项:

--nobase,不要安装@Base 组.如果想创建一个很小的系统,可以使用这个选项.

--resolvedeps,选项已经被取消了.目前依赖关系可以自动地被解析.

--ignoredeps,选项已经被取消了.目前依赖关系可以自动地被解析.

--ignoremissing,忽略缺少的软件包或软件包组,而不是暂停安装来向用户询问是中止还是继续安装.





%pre(kickstart预安装脚本)开头.可以在%pre部分访问网络;然而,此时命名服务还未被配置,所以只能使用IP地址.

注:预安装脚本不在改换了的根环境(chroot)中运行.

--interpreter /usr/bin/python,允许指定不同的脚本语言,如Python.把/usr/bin/python替换成想使用的脚本语言.


%post(kickstart安装后脚本)常用,即在系统安装完成后执行一些脚本,即载入的$SINIPPET,(有兴趣的同学可以查看,/var/lib/cobbler/sinppets/下的各个文件,还有一些相应的参数.

也可以加入在系统安装完毕后运行的命令.这部分内容必须在kickstart的最后而且用%post命令开头.它被用于实现某些功能,如安装其他的软件和配置其他的命名服务器.

注:如果用静态IP信息和命名服务器配置网络,可以在%post部分访问和解析IP地址.如果使用DHCP配置网络,当安装程序执行到%post部分时,/etc/resolv.conf文件还没有准备好.此时,可以访问网络,但是不能解析IP地址.因此,如果使用DHCP,必须在%post部分指定IP地址.

注:post-install 脚本是在 chroot 环境里运行的.因此,某些任务如从安装介质复制脚本或RPM将无法执行.

--nochroot,允许指定想在chroot环境之外运行的命令

下例把/etc/resolv.conf文件复制到刚安装的文件系统里.

%post--nochroot cp /etc/resolv.conf /mnt/sysimage/etc/resolv.conf

--interpreter /usr/bin/python

允许指定不同的脚本语言,如Python.把/usr/bin/python替换成想使用的脚本语言.

--log /path/to/logfile

%post --log=/root/ks-post.log


易学教程内所有资源均来自网络或用户发布的内容,如有违反法律规定的内容欢迎反馈
该文章没有解决你所遇到的问题?点击提问,说说你的问题,让更多的人一起探讨吧!