centos 7.6 ——部署cobbler
cobbler
网络安装服务器套件 Cobbler(补鞋匠)从前,我们一直在做装机民工这份很有前途的职业。自打若干年前 Red Hat 推出了 Kickstart,此后我们顿觉身价倍增。不再需要刻了光盘一台一台地安装 Linux,只要搞定 PXE、DHCP、TFTP,还有那满屏眼花缭乱不知所云的 Kickstart 脚本,我们就可以像哈里波特一样,轻点魔棒,瞬间安装上百台服务器。
实验环境
-
一台 centos 7.6 作为cobbler服务器
-
一台 centos 7.6 作为客户机验证安装系统
cobbler 服务软件开启
systemctl start cobblerd.service
systemctl start xinetd.service
systemctl start dhcpd.service
systemctl start rsyncd.service
systemctl restart httpd.service
cobbler sync //同步cobbler配置修改
cobbler check //cobbler检查
cobbler get-loaders #下载镜像文件
实验步骤
1. 安装epel源并修改配置文件
- 首先准备好epel源并且安装,之后才能安装cobbler。因为cobbler相关的软件包由epel源提供的。
安装cobbler 服务软件包
[root@localhost opt]# rpm -ivh epel-release-latest-7.noarch.rpm
准备中... ################################# [100%]
软件包 epel-release-7-11.noarch 已经安装
[root@localhost opt]# rpm -ql epel-release
/etc/pki/rpm-gpg/RPM-GPG-KEY-EPEL-7
/etc/yum.repos.d/epel-testing.repo
/etc/yum.repos.d/epel.repo
/usr/lib/systemd/system-preset/90-epel.preset
/usr/share/doc/epel-release-7
/usr/share/doc/epel-release-7/GPL
[root@localhost opt]# mount /dev/sr0 /mnt
mount: /dev/sr0 写保护,将以只读方式挂载
[root@localhost opt]# df -Th //挂载光盘用于yum源安装
文件系统 类型 容量 已用 可用 已用% 挂载点
/dev/sda3 xfs 182G 5.6G 177G 4% /
devtmpfs devtmpfs 2.0G 0 2.0G 0% /dev
tmpfs tmpfs 2.0G 0 2.0G 0% /dev/shm
tmpfs tmpfs 2.0G 11M 2.0G 1% /run
tmpfs tmpfs 2.0G 0 2.0G 0% /sys/fs/cgroup
/dev/sda1 xfs 1014M 174M 841M 18% /boot
tmpfs tmpfs 406M 8.0K 406M 1% /run/user/42
tmpfs tmpfs 406M 36K 406M 1% /run/user/0
/dev/sr0 iso9660 4.3G 4.3G 0 100% /mnt
[root@localhost opt]#yum -y install cobbler //安装cobbler
[root@localhost opt]# cd /etc/yum.repos.d/
[root@localhost yum.repos.d]# ll
总用量 16
-rw-r--r--. 1 root root 2523 6月 16 2018 aliyun.repo
drwxr-xr-x. 2 root root 187 6月 23 13:12 backup
-rw-r--r--. 1 root root 2523 6月 16 2018 bak
-rw-r--r--. 1 root root 951 10月 3 2017 epel.repo
-rw-r--r--. 1 root root 1050 10月 3 2017 epel-testing.repo
*****************安装cobbler以及相关的服务软件包*********************
[root@localhost ~]# yum install cobbler debmirror dhcp httpd rsync tftp-server xinetd pykickstart -y
[root@localhost ~]# yum -y install cobbler-web.noarch
[root@localhost ~]#vim /etc/cobbler/settings //修改cobbler配置文件
[root@localhost cobbler]# systemctl start httpd.service
[root@localhost cobbler]# systemctl start cobblerd.service
[root@localhost cobbler]# systemctl stop firewalld
[root@localhost cobbler]# systemctl disable firewalld
[root@localhost cobbler]# setenforce 0
[root@localhost cobbler]# systemctl restart httpd
[root@localhost cobbler]# cobbler check //检查cobbler配置文件
[root@localhost cobbler]# vim /etc/xinetd.d/tftp
disable = no //将disable改为no,开启tftp 服务
[root@localhost cobbler]# openssl passwd -1 -salt 'abc123' 'abc123'
$1$abc123$9v8z2./E/PZihXrVcy3II0
复制产生的密钥
[root@localhost cobbler]# vim settings
default_password_crypted: "$1$abc123$9v8z2./E/PZihXrVcy3II0" //将这里密钥内容替换为自己设置生产的密钥并且保存退出
[root@localhost cobbler]# systemctl restart cobblerd.service
[root@localhost cobbler]# systemctl start rsyncd.service
[root@localhost cobbler]# systemctl restart xinetd.service
[root@localhost cobbler]# cd /etc/cobbler/
[root@localhost cobbler]# vim dhcp.template //修改DHCP网段为cobbler服务器的网段信息
subnet 192.168.75.0 netmask 255.255.255.0 {
option routers 192.168.75.1;
option domain-name-servers 192.168.75.2;
option subnet-mask 255.255.255.0;
range dynamic-bootp 192.168.75.100 192.168.75.254;
default-lease-time 21600;
max-lease-time 43200;
next-server $next_server;
[root@localhost cobbler]# cobbler sync //同步一下cobbler,修改cobbler配置文件之后需要重启cobbler并且同步一下
[root@localhost cobbler]# cobbler check //查看一下,还有哪些需要配置
[root@localhost cobbler]#cobbler get-loaders //下载镜像文件
[root@localhost dhcp]# systemctl restart dhcpd.service
[root@localhost dhcp]# systemctl start cobblerd.service
[root@localhost dhcp]# systemctl start xinetd.service
2. 导入镜像文件
导入ISO镜像文件时间会有很多长
[root@localhost ks_mirror]# cobbler import --path=/mnt --name=Centos-7-x86 --arch=x86_64
/var/log/cobbler/cobbler.log '//日志文件所在位置'
/var/www/cobbler/ks_mirror/CentOS-7-x86_64 '//默认导入存放位置'
[root@localhost ks_mirror]# cobbler list '//查看导入结果'
[root@localhost ks_mirror]# cobbler distro list '//查看发行版本'
[root@localhost ks_mirror]#tree /var/lib/tftpboot/images '//查看内核和初始化文件在tftp server 共享目录'
[root@localhost ks_mirror]#tree /var/lib/tftpboot/
/var/lib/tftpboot/
├── boot
│ └── grub
│ └── menu.lst
├── etc
├── grub
│ ├── efidefault
│ └── images -> ../images
├── images
│ └── Centos-7-x86_64
│ ├── initrd.img
│ └── vmlinuz
├── images2
├── initrd.img
├── memdisk
├── menu.c32
├── ppc
├── pxelinux.0
├── pxelinux.cfg
│ └── default
├── s390x
│ └── profile_list
└── vmlinuz
[root@localhost kickstarts]# tree /var/lib/tftpboot/images
/var/lib/tftpboot/images
└── Centos-7-x86_64 //导入的镜像文件
├── initrd.img
└── vmlinuz
1 directory, 2 files
[root@localhost kickstarts]#
cobbler profile report
/var/lib/cobbler/kickstarts/sample_end.ks '//ks默认文件存放位置'
[root@localhost ks_mirror]# cd /var/lib/cobbler/kickstarts
[root@localhost kickstarts]# ll
总用量 64
-rw-r--r--. 1 root root 115 8月 30 2019 default.ks
-rw-r--r--. 1 root root 22 8月 30 2019 esxi4-ks.cfg
-rw-r--r--. 1 root root 22 8月 30 2019 esxi5-ks.cfg
drwxr-xr-x. 2 root root 56 7月 26 11:36 install_profiles
-rw-r--r--. 1 root root 1424 8月 30 2019 legacy.ks
-rw-r--r--. 1 root root 292 8月 30 2019 pxerescue.ks
-rw-r--r--. 1 root root 2825 8月 30 2019 sample_autoyast.xml
-rw-r--r--. 1 root root 1856 8月 30 2019 sample_end.ks
-rw-r--r--. 1 root root 0 8月 30 2019 sample_esx4.ks
-rw-r--r--. 1 root root 324 8月 30 2019 sample_esxi4.ks
-rw-r--r--. 1 root root 386 8月 30 2019 sample_esxi5.ks
-rw-r--r--. 1 root root 386 8月 30 2019 sample_esxi6.ks
-rw-r--r--. 1 root root 1913 8月 30 2019 sample.ks
-rw-r--r--. 1 root root 3419 8月 30 2019 sample_old.seed
-rw-r--r--. 1 root root 6694 8月 30 2019 sample.seed
-rw-r--r--. 1 root root 6706 6月 18 2019 sample.seed.28
[root@localhost kickstarts]#
[root@localhost kickstarts]# systemctl restart dhcpd.service
[root@localhost kickstarts]# systemctl restart xinetd.service
[root@localhost kickstarts]# systemctl restart cobblerd.service
[root@localhost kickstarts]# systemctl restart httpd.service
[root@localhost kickstarts]#
3. 验证cobbler自动装机
新建一个虚拟机
自行安装之后是字符界面,需要手动安装图像界面
4.设置cobbler-web认证
第一种cobbler-web认证
[root@localhost kickstarts]#vim /etc/cobbler/modules.conf //authn_configfile 模块认证
[root@localhost kickstarts]# htdigest -c /etc/cobbler/users.digest Cobbler cbadmin
Adding password for cbadmin in realm Cobbler.
New password:
Re-type new password:
[root@localhost kickstarts]# systemctl restart cobblerd.service
[root@localhost kickstarts]# systemctl restart httpd.service
[root@localhost kickstarts]#
第二种cobbler-web认证
[root@localhost kickstarts]#vim /etc/cobbler/modules.conf
module = authn_pam '//修改pam认证'
module = authz_ownership '//在users.conf指定访问权限'
useradd webuser
passwd webuser
[root@localhost kickstarts]#vim /etc/cobbler/users.conf
[admins]
admin = “”
cobbler = “”
webuser = “” '//添加'
systemctl restart cobblerd.service
systemctl restart httpd.service
在宿主机上访问
https://192.168.75.134/cobbler_web