欢迎访问我的博客,你的支持,是我最大的动力!

cobbler_基于PXE的linux系统安装工具(支持BIOS和UEFI)

Linux 马从东 115℃ 评论
目录:
[显示]

cobbler是linux服务器的安装服务,通过pxe方式实现快速部署操作系统
cobbler可管理dhcp、dns等服务,提供命令行和web管理工具,提供api接口,可实现系统安装的自动化实施

koan客户端,可以实现重新安装系统功能(在启动项添加记录,重启会从该方式启动,从而实现重装系统)

cobbler官网:http://cobbler.github.io/  当前最新版本为 2.8.4

cobbler架构

cobbler集成的服务:
pxe支持
dhcp服务管理
dns管理(bind/dnsmasq)
电源管理
kickstart服务支持
yum仓库管理
tftp
apache

系统调整(可忽略)
# 禁用防火墙和邮箱服务
systemctl disable firewalld
systemctl disable postfix
# 禁用SELinux
sed -i 's/SELINUX=enforcing/SELINUX=disabled/' /etc/selinux/config
# 调整limits限制
cat >> /etc/security/limits.conf << EOF
* soft nproc 65536
* hard nproc 65536
* soft nofile 65536
* hard nofile 65536
EOF
# 更新yum源
cp -a /etc/yum.repos.d/CentOS-Base.repo /etc/yum.repos.d/CentOS-Base.repo.bak
curl -o /etc/yum.repos.d/CentOS-Base.repo https://mirrors.huaweicloud.com/repository/conf/CentOS-7-anon.repo
rpm -ivh --force https://mirrors.huaweicloud.com/epel/epel-release-latest-7.noarch.rpm
sed -i "s/#baseurl/baseurl/g" /etc/yum.repos.d/epel.repo
sed -i "s/metalink=/#metalink=/g" /etc/yum.repos.d/epel.repo
sed -i "s@http://download.fedoraproject.org/pub@https://mirrors.huaweicloud.com@g" /etc/yum.repos.d/epel.repo
yum clean all
yum makecache
# 时间服务
yum install chrony
systemctl enable chronyd
部署 cobbler

# setsebool -P httpd_can_network_connect_cobbler 1   若启用了SELinux需要开启

# 安装cobbler 2.8.4
yum install cobbler
## 会依赖安装 httpd rsync tftp-server 等
# 启动服务
# 监听 25151 和 80 端口
systemctl enable cobblerd
systemctl enable httpd
systemctl start cobblerd
systemctl start httpd
# 检查安装
cobbler check
需要依次解决以下问题:
1 : The 'server' field in /etc/cobbler/settings must be set to something other than localhost, or kickstarting features will not work. This should be a resolvable hostname or IP for the boot server as reachable by all machines that will use it.
2 : For PXE to be functional, the 'next_server' field in /etc/cobbler/settings must be set to something other than 127.0.0.1, and should match the IP of the boot server on the PXE network.
3 : change 'disable' to 'no' in /etc/xinetd.d/tftp
4 : Some network boot-loaders are missing from /var/lib/cobbler/loaders, you may run 'cobbler get-loaders' to download them, or, if you only want to handle x86/x86_64 netbooting, you may ensure that you have installed a *recent* version of the syslinux package installed and can ignore this message entirely. Files in this directory, should you want to support all architectures, should include pxelinux.0, menu.c32, elilo.efi, and yaboot. The 'cobbler get-loaders' command is the easiest way to resolve these requirements.
5 : enable and start rsyncd.service with systemctl
6 : debmirror package is not installed, it will be required to manage debian deployments and repositories
7 : ksvalidator was not found, install pykickstart
8 : The default password used by the sample templates for newly installed machines (default_password_crypted in /etc/cobbler/settings) is still set to 'cobbler' and should be changed, try: "openssl passwd -1 -salt 'random-phrase-here' 'your-password-here'" to generate new one
9 : fencing tools were not found, and are required to use the (optional) power management features. install cman or fence-agents to use them
Restart cobblerd and then run 'cobbler sync' to apply changes.
说明:
1、/etc/cobbler/settings 中配置 server 通常配置为本机IP
2、/etc/cobbler/settings 中配置 next_server 即tftp主机 通常配置为本机IP
3、启用tftp 默认为in.tftpd
4、执行 cobbler get-loaders 下载相关pxe文件
5、启动并开机运行 rsyncd 服务
6、适用于debian系统的配置,处理deb包  忽略
7、安装 pykickstart
8、在/etc/cobbler/settings中配置默认密码
9、安装fence-agents用于实现电源管理 忽略
所有配置完成后,重启cobblerd 并执行 cobbler sync应用变更

检看 /etc/cobbler/settings 配置
cat /etc/cobbler/settings |grep -v "#"
编辑,确认以下配置:

default_password_crypted: "$1$mF86/UHC$WvcIcX2t6crBz2onWxyac." --> $1$random-p$mEnXaAj9MgXdDnNxYHzgL1 <-- admin@2019
## 此处设置的密码 默认为客户机安装完系统后的root密码
manage_dhcp: 0 --> 1
manage_dns: 0 --> 1
manage_tftpd: 1
restart_dns: 1
restart_dhcp: 1
pxe_just_once: 0 --> 防止始终从网络引导,机器会告诉cobbler安装已完成,cobbler会将netboot标志更改为false 强制机器从本地磁盘引导
next_server: 127.0.0.1 --> 192.168.158.139
server: 127.0.0.1 --> 192.168.158.139

编辑 /etc/cobbler/modules.conf 选择模块
确认以下配置:

[dns]
module = manage_bind --> manage_dnsmasq
[dhcp]
module = manage_isc --> manage_dnsmasq
[tftpd]
module = manage_in_tftpd --> manage_tftpd_py

dnsmasq支持DHCP和DNS,其实还内置了TFTP,可代替bind和dhcp
# 安装 dnsmasq
yum install dnsmasq
systemctl start dnsmasq
systemctl enable dnsmasq

编辑 /etc/cobbler/dnsmasq.template
确认以下配置

dhcp-range=192.168.158.100,192.168.158.200,255.255.255.0 <-- dhcp分配ip范围
#dhcp-ignore=tag:!known <-- 阻止未注册的客户端从服务器引导
dhcp-no-override  <-- 没有该参数 使用efi时 grub/grub-x86_64.efi 获取正常 efidefault 获取位置错误 正确应为 grub/efidefault
client-arch 2 6 7 9 用于支持UEFI

dhcp-option=66 参考:https://blog.51cto.com/juispan/2070598

附:/etc/cobbler/dnsmasq.template 完整配置

配置 /etc/cobbler/pxe/efidefault.template 这是EFI方式启动时的选择菜单

# 处理其余项
设置 /etc/xinetd.d/tftp 中disable为no

cobbler get-loaders 下载启动相关文件到 /var/lib/cobbler/loaders 目录
systemctl start rsyncd
systemctl enable rsyncd
yum install pykickstart

# 安装 xinetd 服务
因为tftp是受xinetd管理的,不安装该服务tftp将不能工作
tftp 端口69

yum install xinetd
systemctl start xinetd
systemctl enable xinetd

# 重启 cobblerd 服务

systemctl restart cobblerd
cobbler check
cobbler sync
task started: 2019-04-29_150017_sync
task started (id=Sync, time=Mon Apr 29 15:00:17 2019)
running pre-sync triggers
cleaning trees
removing: /var/lib/tftpboot/grub/images
copying bootloaders
trying hardlink /var/lib/cobbler/loaders/pxelinux.0 -> /var/lib/tftpboot/pxelinux.0
trying hardlink /var/lib/cobbler/loaders/menu.c32 -> /var/lib/tftpboot/menu.c32
trying hardlink /var/lib/cobbler/loaders/yaboot -> /var/lib/tftpboot/yaboot
trying hardlink /usr/share/syslinux/memdisk -> /var/lib/tftpboot/memdisk
trying hardlink /var/lib/cobbler/loaders/grub-x86.efi -> /var/lib/tftpboot/grub/grub-x86.efi
trying hardlink /var/lib/cobbler/loaders/grub-x86_64.efi -> /var/lib/tftpboot/grub/grub-x86_64.efi
copying distros to tftpboot
copying images
generating PXE configuration files
generating PXE menu structure
rendering DHCP files
rendering DNS files
rendering TFTPD files
generating /etc/xinetd.d/tftp
cleaning link caches
running post-sync triggers
running python triggers from /var/lib/cobbler/triggers/sync/post/*
running python trigger cobbler.modules.sync_post_restart_services
running: service dnsmasq restart  自动重启 dnsmasq服务
received on stdout:
received on stderr: Redirecting to /bin/systemctl restart dnsmasq.service

running shell triggers from /var/lib/cobbler/triggers/sync/post/*
running python triggers from /var/lib/cobbler/triggers/change/*
running python trigger cobbler.modules.manage_genders
running python trigger cobbler.modules.scm_track
running shell triggers from /var/lib/cobbler/triggers/change/*
*** TASK COMPLETE ***

cobbler 使用

# 导入CentOS 7 光盘
mount /dev/sr0 /mnt
## mount -o loop /root/CentOS-7-x86_64-Minimal-1810.iso /mnt  镜像文件挂载
cobbler import --arch=x86_64 --path=/mnt --name=CentOS 7.6  #通过rsync复制文件
## 会复制到 /var/www/cobbler/ks_mirror/CentOS-x86_64 目录 并会顺带创建配置文件等
cobbler sync
# 渲染ks配置文件
cobbler profile list
cobbler profile report CentOS-x86_64
## 默认配置文件 /var/lib/cobbler/kickstarts/sample_end.ks
cobbler profile getks --name=CentOS-x86_64

# 向安装源添加自定义rpm包
复制rpm文件到 /var/www/cobbler/ks_mirror/CentOS-x86_64/Packages 目录下
yum install createrepo
cd /var/www/cobbler/ks_mirror/CentOS-x86_64
createrepo -g repodata/83b61f9495b5f728989499479e928e09851199a8846ea37ce008a3eb79ad84a0-c7-minimal-x86_64-comps.xml .
## 选择后缀为xml的文件 注意最后有一个点 .

cobbler web-ui

yum install cobbler-web
## 依赖于django 但yum仓库中的版本为1.11.20 高于需要的版本 1.8.9
systemctl restart httpd
访问:https://192.168.158.139/cobbler_web/
结果返回的是 Internal Server Error 原因在于django版本不匹配

使用pip安装合适的版本
curl -o get-pip.py https://bootstrap.pypa.io/get-pip.py
python get-pip.py
pip install Django==1.8.9  #这会先删除1.11.20再安装1.8.9
systemctl restart httpd  #注意,需要重启httpd

访问:https://192.168.158.139/cobbler_web/
默认帐号:cobbler  密码:cobbler

系统安装

在内核参数中添加net.ifnames=0 biosdevname=0
能够让显示的网卡变为eth0 ,而不是CentOS7中的ens33
cobbler profile edit --name=CentOS-x86_64 --kopts='net.ifnames=0 biosdevname=0'
## 注意 两个参数之间是空格,不是逗号

默认安装的系统会自动引入 cobbler-config.repo 文件
# baseurl=http://192.168.158.139/cobbler/ks_mirror/CentOS-x86_64

自定义启动选择界面
编辑 /etc/cobbler/pxe/pxedefault.template  BIOS方式
编辑 /etc/cobbler/pxe/efidefault.template    UEFI方式

ks文件相关

kickstart模板文件存储于 /var/lib/cobbler/kickstarts 目录下,自己添加的模板文件也应该放在该目录下

网络安装
url --url=$tree  固定写法
$yum_repo_stanza    引入安装时使用的yum仓库
$yum_config_stanza  安装完成后保留yum仓库 %post段

密码
rootpw --iscrypted $default_password_crypted

磁盘分区相关
clearpart --all --initlabel
zerombr
autopart --nohome

# autopart 自动创建分区 50G以上会创建/home分区,--nohome 禁止创建/home分区
## 若使用EFI方式,还会创建/root/efi分区
## 当磁盘大小为 500G 时,分区大小为:
/boot 1G;  /boot/efi 200M;  / 50G; /home 447G; swap 2G

使用预置脚本片段
引用方法为 $SNIPPET('snippet_name')
系统默认提供的 shippet 文件存储于 /var/lib/cobbler/snippets 目录
$SNIPPET('network_config') --> network --bootproto=dhcp --device=eth0 --onboot=on
$SNIPPET('log_ks_pre')  保存 ks-pre.log 文件到 /root目录
$SNIPPET('log_ks_post') 保存 ks-post.log 文件到 /root目录

常用配置
auth --enableshadow --passalgo=sha512
lang en_US.UTF-8 --addsupport=zh_CN.UTF-8
timezone Asia/Shanghai --utc --nontp

问题处理:
出现 /sbin/dmsquash-live-root: line 286: printf: write error: No space left on device
原因,内存不足,需要设置内存至少为2GB

参考:
使用Cobbler自动化和管理系统安装,IBM

转载请注明:轻风博客 » cobbler_基于PXE的linux系统安装工具(支持BIOS和UEFI)

喜欢 (1)or分享 (0)