跟高手學習LINUX筆記26--cobbler實踐之從安裝到應用

本教程精華是篇尾的KS配置文件，關於自動化安裝KS應答文件往往是安裝成功與否的關鍵，以下是本人常用網絡安裝KS配置信息，文件仍然在所在公司機房使用，純實戰乾貨：
1.1 cobbler簡介
　　Cobbler－－“補鞋匠”是一個Linux服務器安裝的服務，可以通過網絡啓動(PXE)的方式來快速安裝、重裝物理服務器和虛擬機，同時還可以管理DHCP，DNS等。
Cobbler可以使用命令行方式管理，也提供了基於Web的界面管理工具(cobbler-web)，還提供了API接口，可以方便二次開發使用。
Cobbler是較早前的kickstart的升級版，優點是比較容易配置，還自帶web界面比較易於管理。網間傳說：如果說kickstart要求管理員是大專水平的話則Cobbler則只要求管理員初中水平,以此說明Cobbler的進步。
1.2 安裝cobbler
1.2.1 環境說明
本機IP地址：192.168.101.171
關閉與禁用selinux、firewalld
[root@node ~]# cat /etc/redhat-release
CentOS Linux release 7.6.1810 (Core)
[root@node ~]# uname -r
3.10.0-957.5.1.el7.x86_64
[root@node ~]# getenforce
Disabled
[root@node ~]# systemctl status firewalld.service
● firewalld.service - firewalld - dynamic firewall daemon
Loaded: loaded (/usr/lib/systemd/system/firewalld.service; disabled; vendor preset: enabled)
Active: inactive (dead)
Docs: man:firewalld(1)
[root@node ~]# ip addr
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast s
tate UP group default qlen 1000 link/ether 00:0c:29:1c:53:43 brd ff:ff:ff:ff:ff:ff
inet 192.168.101.171/24 brd 192.168.101.255 scope global eth0
valid_lft forever preferred_lft forever
inet6 fe80::20c:29ff:fe1c:5343/64 scope link
valid_lft forever preferred_lft forever
[root@node ~]#cd /etc/yum.repo.d
rm –rf .repo
curl -o /etc/yum.repos.d/CentOS-Base.repo http://mirrors.aliyun.com/repo/Centos-7.repo
curl -o /etc/yum.repos.d/epel.repo http://mirrors.aliyun.com/repo/epel-7.repo
[root@node yum.repos.d]#rm -rf CentOS-[C-V].repo && ll /etc/yum.repos.d/
total 8
-rw-r--r-- 1 root root 2523 Apr 22 13:30 CentOS-Base.repo
-rw-r--r-- 1 root root 664 Apr 22 13:30 epel.repo
[root@node yum.repos.d]# yum clean all && yum makecache fast
1.2.2 使用yum安裝cobbler
[root@node yum.repos.d]#cd
[root@node ~]# yum -y install cobbler cobbler-web dhcp pykickstart tftp debmirror
   說明：cobbler相關軟件包是依賴epel源，建議把網卡DNS修改爲223.5.5.5 223.6.6.6
1.2.3 cobbler語法檢查前先啓動http與cobbler
[root@node ~]#systemctl start httpd && systemctl enable httpd
[root@node ~]#systemctl start cobblerd && systemctl enable cobblerd
[root@node ~]#systemctl start rsyncd && systemctl enable rsyncd
[root@node ~]#systemctl start tftp && systemctl enable tftp
[root@node~]# systemctl start dhcpd && systemctl enable dhcpd

[root@node ~]#cobbler check
1.2.4 進行語法檢查處理出現的錯誤
[root@node ~]# cobbler check
The following are potential configuration items that you may want to fix:

1 : The 'server' field in /etc/cobbler/settings must be set to something other than localhost, or kickstarting features will not work. This should be a resolvable hostname or IP for the boot server as reachable by all machines that will use it.

2 : For PXE to be functional, the 'next_server' field in /etc/cobbler/settings must be set to something other than 127.0.0.1, and should match the IP of the boot server on the PXE network.

3 : change 'disable' to 'no' in /etc/xinetd.d/tftp

4 : Some network boot-loaders are missing from /var/lib/cobbler/loaders, you may run 'cobbler get-loaders' to download them, or, if you only want to handle x86/x86_64 netbooting, you may ensure that you have installed a recent version of the syslinux package installed and can ignore this message entirely. Files in this directory, should you want to support all architectures, should include pxelinux.0, menu.c32, elilo.efi, and yaboot. The 'cobbler get-loaders' command is the easiest way to resolve these requirements.

5 : enable and start rsyncd.service with systemctl

6 : debmirror package is not installed, it will be required to manage debian deployments and repositories

7 : The default password used by the sample templates for newly installed machines (default_password_crypted in /etc/cobbler/settings) is still set to 'cobbler' and should be changed, try: "openssl passwd -1 -salt 'random-phrase-here' 'your-password-here'" to generate new one

8 : fencing tools were not found, and are required to use the (optional) power management features. install cman or fence-agents to use them

Restart cobblerd and then run 'cobbler sync' to apply changes.
1.2.5 解決當中的報錯
cp /etc/cobbler/settings{,.bak} --個人習慣，修改前備份文件
使用以下命令集處理：
[root@node ~]#sed -i 's/server: 127.0.0.1/server: 192.168.101.171/' /etc/cobbler/settings
[root@node~]#sed -i 's/next_server: 127.0.0.1/next_server: 192.168.101.171/' /etc/cobbler/settings
[root@node ~]#sed -i 's/manage_dhcp: 0/manage_dhcp: 1/' /etc/cobbler/settings
[root@node ~]#sed -i 's/pxe_just_once: 0/pxe_just_once: 1/' /etc/cobbler/settings
[root@node ~]#sed -ri "/default_password_crypted/s#(.: ).#\1\"openssl passwd -1 -salt 'enkj' '123456'\"#" /etc/cobbler/settings
[root@node ~]#sed -i 's#yes#no#' /etc/xinetd.d/tftp
[root@node ~]#sed -i.ori 's#192.168.1#192.168.101#g;22d;23d' /etc/cobbler/dhcp.template
[root@node ~]# cobbler get-loaders
[root@node ~]# yum -y install cman fence-agents
[root@node ~]# ls /var/lib/cobbler/loaders --查看下載的文件
COPYING.elilo elilo-ia64.efi menu.c32 yaboot
COPYING.syslinux grub-x86_64.efi pxelinux.0
COPYING.yaboot grub-x86.efi README
修改完成後重啓各項服務
[root@node ~]#systemctl restart cobblerd
再用cobbler check檢測無報錯後
[root@node ~]# cobbler sync
錯誤詳解
解決1、2:修改爲正確的IP地址
sed -i 's/server: 127.0.0.1/server: 192.168.101.171/' /etc/cobbler/settings
sed -i 's/next_server: 127.0.0.1/next_server: 192.168.101.171/' /etc/cobbler/settings
問題3：解決tftp開機啓動
sed 's#yes#no#g' /etc/xinetd.d/tftp -i
問題4下載包所需的軟件包
[root@node ~]# cobbler get-loaders
[root@node ~]# ls /var/lib/cobbler/loaders
COPYING.elilo elilo-ia64.efi menu.c32 yaboot
COPYING.syslinux grub-x86_64.efi pxelinux.0
COPYING.yaboot grub-x86.efi README
問題5：啓動rsync服務
[root@node ~]# systemctl start rsyncd.service
[root@node ~]# systemctl enable rsyncd.service
問題6： debian相關無需修改
問題7：用ssl修改安裝完成後的root密碼
openssl passwd -1 -salt 'random-phrase-here' 'your-password-here'
random-phrase-here 隨機字符串
your-password-here 密碼
2、開始安裝操作系統
2.1操作說明--導入鏡像
2.1.1在虛擬機上添加上鏡像

2)掛載上鏡像
[root@node ~]#mkdir /mnt/cdrom
[root@node ~]#mount /dev/cdrom /mnt/cdrom
mount: /dev/sr0 is write-protected, mounting read-only
[root@node ~]# df -h |grep mnt
/dev/sr0 4.3G 4.3G 0 100% /mnt
3)進行導入鏡像,我是用命令行導入
[root@node ~]#cobbler import --path=/mnt/cdrom --name=CentOS-7-x86_64
 日誌位於 Events

導入完成後生成的文件夾
[root@node ks_mirror]# pwd
/var/www/cobbler/ks_mirror
[root@node ks_mirror]# ls
CentOS-7-x86_64 config
[root@node ~]#cobbler distro list #系統列表
CentOS-7-x86_64
[root@node ~]#cobbler profile list #應答文件列表
CentOS-7-x86_64
把應答文件刪除後，再添加新的應答文件
[root@node ~]# cobbler profile remove --name=CentOS-7-x86_64
[root@node ~]# cobbler profile list
[root@node~]# cp centos7-mini-lvm.cfg centos7-mini-nolvm.cfg /var/lib/cobbler/kickstarts/
[root@node-1 ~]# cobbler distro list
CentOS-7-x86_64
[root@node~]# cobbler profile add --name=CentOS-7-x86_64-lvm --distro=CentOS-7-x86_64 --kickstart=/var/lib/cobbler/kickstarts/centos7-mini-lvm.cfg
[root@node~]# cobbler profile add --name=CentOS-7-x86_64-nolvm --distro=CentOS-7-x86_64 --kickstart=/var/lib/cobbler/kickstarts/centos7-mini-nolvm.cfg
[root@node-1 ~]# cobbler distro list
CentOS-7-x86_64
[root@node-1 ~]# cobbler profile list
CentOS-7-x86_64-lvm
CentOS-7-x86_64-nolvm
3、應答文件生產實例
3.1 centos7-mini-nolvm.cfg文件（無邏輯卷分區模式）內容如下：
#Cobbler for Kickstart Configurator for CentOS 7 by wangtao
#platform=x86, AMD64, or Intel EM64T
#System language
lang en_US
#System keyboard
keyboard us
#Sytem timezone
timezone Asia/Shanghai
#Root password
rootpw --iscrypted $default_password_crypted
#Use text mode install
text
#Install OS instead of upgrade
install
#Use NFS installation Media
url --url=$tree
#System bootloader configuration
bootloader --location=mbr
#Clear the Master Boot Record
zerombr
#Partition clearing information
clearpart --all --initlabel
#Disk partitioning information
part /boot --fstype xfs --size 1024 --ondisk sda
part swap --size 4096 --ondisk sda
part / --fstype xfs --size 1 --grow --ondisk sda
#System authorization infomation
auth --useshadow --enablemd5
#Network information
$SNIPPET('network_config')
#network --bootproto=dhcp --device=eth0 --onboot=on

Reboot after installation

reboot
#Firewall configuration
firewall --disabled
#SELinux configuration
selinux --disabled
#Do not configure XWindows
skipx

%pre
$SNIPPET('log_ks_pre')
$SNIPPET('kickstart_start')
$SNIPPET('pre_install_network_config')

Enable installation monitoring

$SNIPPET('pre_anamon')
%end

#Package install informationbr/>%packages
@^minimal
@compat-librariesbr/>@core
@debuggingbr/>@development
bash-completion
chrony
screen
dos2unix
kexec-tools
lrzsz
sysstat
tree
vim
wget
net-tools
%end

%post
systemctl disable postfix NetworkManager
systemctl disable abrt-ccpp abrtd abrt-oops abrt-vmcore auditd irqbalance
systemctl disable kdump remote-fs tuned abrt-xorg
reboot
%end
3.2 centos7-mini-lvm.cfg文件（有邏輯卷分區模式）與上面的內容差不多，區別在分區上。#Disk partitioning information中不同的部分寫在下面：
#Disk partitioning information
part /boot --fstype="xfs" --ondisk=sda --size=1024
part pv.154 --fstype="lvmpv" --ondisk=sda --grow
volgroup centos --pesize=4096 pv.154
logvol swap --fstype="swap" --size=2048 --name=swap --vgname=centos
logvol / --fstype="xfs" --grow --size=10240 --name=root --vgname=centos