批量装机
Cobbler是一个Linux服务器安装的服务,可以通过网络启动(PXE)的方式来快速安装、重装物理服务器和虚拟机,同时还可以管理DHCP,DNS等。
Cobbler可以使用命令行方式管理,也提供了基于Web的界面管理工具(cobbler-web),还提供了API接口,可以方便二次开发使用。
Cobbler是较早前的kickstart的升级版,优点是比较容易配置,还自带web界面比较易于管理。
Cobbler内置了一个轻量级配置管理系统,但它也支持和其它配置管理系统集成,如Puppet,暂时不支持SaltStack。
cobbler集成的服务
- PXE服务支持
- DHCP服务管理
- DNS服务管理(可选bind,dnsmasq)
- 电源管理
- Kickstart服务支持
- YUM仓库管理
- TFTP(PXE启动时需要)
- Apache(提供kickstart的安装源,并提供定制化的kickstart配置)
[root@localhost ~]# systemctl disable --now firewalld
Removed /etc/systemd/system/multi-user.target.wants/firewalld.service.
Removed /etc/systemd/system/dbus-org.fedoraproject.FirewallD1.service.
[root@localhost ~]# setenforce 0
[root@localhost ~]# vim /etc/selinux/config
//下载源
[root@localhost ~]# cat /etc/redhat-release
Red Hat Enterprise Linux release 8.2 (Ootpa)
[root@localhost ~]# wget https://dl.fedoraproject.org/pub/epel/epel-release-latest-8.noarch.rpm
--2021-10-12 22:16:14-- https://dl.fedoraproject.org/pub/epel/epel-release-latest-8.noarch.rpm
正在解析主机 dl.fedoraproject.org (dl.fedoraproject.org)... 38.145.60.23, 38.145.60.24, 38.145.60.22
正在连接 dl.fedoraproject.org (dl.fedoraproject.org)|38.145.60.23|:443... 已连接。
已发出 HTTP 请求,正在等待回应... 200 OK
长度:23644 (23K) [application/x-rpm]
正在保存至: “epel-release-latest-8.noarch.rpm”
epel-release-latest-8.no 100%[=================================>] 23.09K 12.4KB/s 用时 1.9s
2021-10-12 22:16:20 (12.4 KB/s) - 已保存 “epel-release-latest-8.noarch.rpm” [23644/23644])
[root@localhost ~]# rpm -vih epel-release-latest-8.noarch.rpm
警告:epel-release-latest-8.noarch.rpm: 头V4 RSA/SHA256 Signature, 密钥 ID 2f86d6a1: NOKEY
Verifying... ################################# [100%]
准备中... ################################# [100%]
正在升级/安装...
1:epel-release-8-13.el8 ################################# [100%]
[root@localhost ~]#
[root@localhost ~]#
[root@localhost ~]#
[root@localhost ~]# yum -y install epel-release
Updating Subscription Management repositories.
Unable to read consumer identity
This system is not registered to Red Hat Subscription Management. You can use subscription-manager to register.
Extra Packages for Enterprise Linux Modular 8 - x86_64 474 kB/s | 955 kB 00:02
Extra Packages for Enterprise Linux 8 - x86_64 1.6 MB/s | 10 MB 00:06
baseOS 2.7 MB/s | 2.8 kB 00:00
AppStream 3.1 MB/s | 3.2 kB 00:00
软件包 epel-release-8-13.el8.noarch 已安装。
依赖关系解决。
无需任何处理。
完毕!
[root@localhost ~]# yum -y install httpd dhcp-* tftp xinetd pykickstart
[root@localhost ~]# dnf module enable cobbler //把仓库打开
[root@localhost ~]# dnf list all | grep cobbler
[root@localhost ~]# dnf -y install cobbler cobbler-web
//开启httpd cobbler,设置开机自启
[root@localhost ~]# systemctl enable --now httpd
Created symlink /etc/systemd/system/multi-user.target.wants/httpd.service → /usr/lib/systemd/system/httpd.service.
[root@localhost ~]# systemctl enable --now cobblerd
Created symlink /etc/systemd/system/multi-user.target.wants/cobblerd.service → /usr/lib/systemd/system/cobblerd.service.
[root@localhost ~]# ss -antl
State Recv-Q Send-Q Local Address:Port Peer Address:Port
LISTEN 0 5 127.0.0.1:25151 0.0.0.0:*
LISTEN 0 128 0.0.0.0:111 0.0.0.0:*
LISTEN 0 32 192.168.122.1:53 0.0.0.0:*
LISTEN 0 128 0.0.0.0:22 0.0.0.0:*
LISTEN 0 5 127.0.0.1:631 0.0.0.0:*
LISTEN 0 128 [::]:111 [::]:*
LISTEN 0 128 *:80 *:*
LISTEN 0 128 [::]:22 [::]:*
LISTEN 0 5 [::1]:631 [::]:*
LISTEN 0 128 *:443 *:*
[root@localhost cobbler]# vim settings.yaml
# if you do not set this correctly, this will be manifested in TFTP open timeouts.
next_server: 192.168.47.133 //设置本机的ip
# of the manpage for how that works.
server: 192.168.47.133 //本机的IP
[root@localhost ~]# openssl passwd -1 //生成密码
Password:
Verifying - Password:
$1$Gh/cRxme$oU72whoVyG4iM7xaxEAjs1
[root@localhost ~]# cd /etc/cobbler/
[root@localhost cobbler]# ls
auth.conf genders.template mongodb.conf rsync.template users.digest
boot_loader_conf import_rsync_whitelist named.template secondary.template version
cheetah_macros iso ndjbdns.template settings.d zone.template
dhcp.template logging_config.conf reporting settings.yaml zone_templates
dnsmasq.template modules.conf rsync.exclude users.conf
[root@localhost cobbler]# vim settings.yaml
# and put the output between the "" below.
default_password_crypted: "$1$Gh/cRxme$oU72whoVyG4iM7xaxEAjs1" //修改密码
# the choice of DHCP management engine is in /etc/cobbler/modules.conf
manage_dhcp: true //修改为true或者1
[root@localhost cobbler]# vim dhcp.template
subnet 192.168.47.0 netmask 255.255.255.0 { //修改自己的网段
option routers 192.168.47.133; //为自己的ip
option domain-name-servers 192.168.47.1; //
option subnet-mask 255.255.255.0;
range dynamic-bootp 192.168.47.100 192.168.47.254;
default-lease-time 21600;
max-lease-time 43200;
next-server $next_server;
class "pxeclients" {
match if substring (option vendor-class-identifier, 0, 9) = "PXEClient";
[root@localhost cobbler]# systemctl restart cobblerd
[root@localhost cobbler]# systemctl status cobblerd.service
● cobblerd.service - Cobbler Helper Daemon
Loaded: loaded (/usr/lib/systemd/system/cobblerd.service; enabled; vendor preset: disabled)
Active: active (running) since Tue 2021-10-12 22:49:03 CST; 12s ago
Process: 120987 ExecStartPost=/usr/bin/touch /usr/share/cobbler/web/cobbler.wsgi (code=exited, s>
Main PID: 120986 (cobblerd)
Tasks: 1 (limit: 11159)
Memory: 28.7M
CGroup: /system.slice/cobblerd.service
└─120986 /usr/bin/python3.6 -s /usr/bin/cobblerd -F
10月 12 22:49:03 localhost.localdomain systemd[1]: Stopped Cobbler Helper Daemon.
10月 12 22:49:03 localhost.localdomain systemd[1]: Starting Cobbler Helper Daemon...
10月 12 22:49:03 localhost.localdomain systemd[1]: Started Cobbler Helper Daemon.
[root@localhost ~]# cobbler sync
task started: 2021-10-13_134551_sync
task started (id=Sync, time=Wed Oct 13 13:45:51 2021)
running python triggers from /var/lib/cobbler/triggers/task/sync/pre/*
running shell triggers from /var/lib/cobbler/triggers/task/sync/pre/*
shell triggers finished successfully
running pre-sync triggers
cleaning trees
removing: /var/lib/tftpboot/pxelinux.cfg/default
removing: /var/lib/tftpboot/grub/images
removing: /var/lib/tftpboot/grub/system
removing: /var/lib/tftpboot/grub/system_link
removing: /var/lib/tftpboot/grub/grub.cfg
removing: /var/lib/tftpboot/grub/local_efi.cfg
removing: /var/lib/tftpboot/grub/local_legacy.cfg
removing: /var/lib/tftpboot/grub/local_powerpc-ieee1275.cfg
copying bootloaders
running: ['rsync', '-rpt', '--copy-links', '--exclude=.cobbler_postun_cleanup', '/var/lib/cobbler/loaders/', '/var/lib/tftpboot']
received on stdout:
received on stderr:
running: ['rsync', '-rpt', '--copy-links', '--exclude=README.grubconfig', '/var/lib/cobbler/grub_config/', '/var/lib/tftpboot']
received on stdout:
received on stderr:
copying distros to tftpboot
copying images
generating PXE configuration files
generating PXE menu structure
rendering DHCP files
generating /etc/dhcp/dhcpd.conf
cleaning link caches
running post-sync triggers
running python triggers from /var/lib/cobbler/triggers/sync/post/*
running python trigger cobbler.modules.sync_post_restart_services
running: dhcpd -t -q
received on stdout:
received on stderr:
running: service dhcpd restart
received on stdout:
received on stderr: Redirecting to /bin/systemctl restart dhcpd.service
running shell triggers from /var/lib/cobbler/triggers/sync/post/*
shell triggers finished successfully
running python triggers from /var/lib/cobbler/triggers/change/*
running python trigger cobbler.modules.scm_track
running python trigger cobbler.modules.managers.genders
running shell triggers from /var/lib/cobbler/triggers/change/*
shell triggers finished successfully
*** TASK COMPLETE ***
//通过cobbler check 核对当前设置是否有问题
[root@localhost ~]# cobbler check
The following are potential configuration items that you may want to fix:
1: some network boot-loaders are missing from /var/lib/cobbler/loaders, you may run 'cobbler get-loaders' to download them, or, if you only want to handle x86/x86_64 netbooting, you may ensure that you have installed a *recent* version of the syslinux package installed and can ignore this message entirely. Files in this directory, should you want to support all architectures, should include pxelinux.0, menu.c32, and yaboot. The 'cobbler get-loaders' command is the easiest way to resolve these requirements.
2: fencing tools were not found, and are required to use the (optional) power management features. install cman or fence-agents to use them
Restart cobblerd and then run 'cobbler sync' to apply changes.
//检查dhcp是否正常
[root@localhost ~]# ss -anulp|grep dhcp
UNCONN 0 0 0.0.0.0:41665 0.0.0.0:* users:(("dhcpd",pid=3536,fd=20))
UNCONN 0 0 0.0.0.0:67 0.0.0.0:* users:(("dhcpd",pid=3536,fd=10))
UNCONN 0 0 [::]:55550 [::]:* users:(("dhcpd",pid=3536,fd=21))
[root@localhost ~]# reboot
[root@localhost ~]# mount /dev/cdrom /mnt
mount: /mnt: WARNING: device write-protected, mounted read-only.
[root@localhost ~]# cobbler import --path=/mnt --name=rhel-8 --arch=x86_64
task started: 2021-10-13_135525_import
task started (id=Media import, time=Wed Oct 13 13:55:25 2021)
running python triggers from /var/lib/cobbler/triggers/task/import/pre/*
running shell triggers from /var/lib/cobbler/triggers/task/import/pre/*
shell triggers finished successfully
Found a candidate signature: breed=redhat, version=rhel8
Found a matching signature: breed=redhat, version=rhel8
Adding distros from path /var/www/cobbler/distro_mirror/rhel-8-x86_64:
creating new distro: rhel-8-x86_64
trying symlink: /var/www/cobbler/distro_mirror/rhel-8-x86_64 -> /var/www/cobbler/links/rhel-8-x86_64
creating new profile: rhel-8-x86_64
associating repos
checking for rsync repo(s)
checking for rhn repo(s)
checking for yum repo(s)
starting descent into /var/www/cobbler/distro_mirror/rhel-8-x86_64 for rhel-8-x86_64
processing repo at : /var/www/cobbler/distro_mirror/rhel-8-x86_64/AppStream
need to process repo/comps: /var/www/cobbler/distro_mirror/rhel-8-x86_64/AppStream
looking for /var/www/cobbler/distro_mirror/rhel-8-x86_64/AppStream/repodata/*comps*.xml
Keeping repodata as-is :/var/www/cobbler/distro_mirror/rhel-8-x86_64/AppStream/repodata
processing repo at : /var/www/cobbler/distro_mirror/rhel-8-x86_64/baseOS
need to process repo/comps: /var/www/cobbler/distro_mirror/rhel-8-x86_64/baseOS
looking for /var/www/cobbler/distro_mirror/rhel-8-x86_64/baseOS/repodata/*comps*.xml
Keeping repodata as-is :/var/www/cobbler/distro_mirror/rhel-8-x86_64/baseOS/repodata
*** TASK COMPLETE ***
[root@localhost ~]# cobbler list
distros:
rhel-8-x86_64
profiles:
rhel-8-x86_64
systems:
repos:
images:
mgmtclasses:
packages:
files:
//创建kickstarts自动安装脚本
[root@localhost ~]# cd /var/lib/cobbler/
[root@localhost cobbler]# mkdir kickstarts
[root@localhost cobbler]# cd kickstarts/
[root@localhost kickstarts]# cat > /var/lib/cobbler/kickstarts/rhel-8-x86_64.ks <<'EOF'
auth --enableshadow --passalgo=sha512
bootloader --location=mbr
clearpart --all --initlabel
part /boot --asprimary --fstype="ext4" --size=500
part swap --fstype="swap" --size=4096
part / --fstype="ext4" --grow --size=15000
text
firewall --disabled
firstboot --disable
keyboard us
lang en_US
url --url=http://192.168.47.133/cobbler/ks_mirror/rhel-8-x86_64
$yum_repo_stanza
reboot
rootpw --iscrypted $6$2WTFvfNvAMgCUPuC$MJgWGzhakgxrRObcEbAwSe8vkz0s//xyiTllGwxRsHHruQhcskO69u2LVTU9u0eemHXH2pzcGawyAJ54R2E/x0
selinux --disabled
skipx
timezone Asia/Shanghai --isUtc --nontp
install
zerombr
%packages
@^minimal
@core
kexec-tools
%end
%addon com_redhat_kdump --enable --reserve-mb='auto'
%end
%anaconda
pwpolicy root --minlen=6 --minquality=1 --notstrict --nochanges --notempty
pwpolicy user --minlen=6 --minquality=1 --notstrict --nochanges --emptyok
pwpolicy luks --minlen=6 --minquality=1 --notstrict --nochanges --notempty
%end
EOF
