对于需要安装操作系统的任务,反复安装操作系统是否的繁琐,有没有一种方法可以自动化安装操作系统呢?本文介绍如何使用 Cobbler 无值守自动按照操作系统
介绍
- PXE (Preboot eXecution Environment) 技术提供了一种使用网络接口(Network Interface)启动计算机的机制。 这种机制让计算机的启动可以不依赖本地数据存储设备(如硬盘)或本地已安装的操作系统。
- DHCP (Dynamic Host Configuration Protocol) 常用语内部网或网络服务供应商自动分配IP地址给计算机
- TFTP (Trivial File Transfer Protocol) 简单文件传输协议
- Cobbler 是基于 PXE 通过封装 DHCP、TFTP 等技术,实现自动按照操作系统的一个软件,代码开源在 cobbler/cobbler
安装
hostnamectl set-hostname cobbler
yum install -y cobbler cobbler-web xinetd dhcp*
systemctl start cobblerd
systemctl enable cobblerd
systemctl status cobblerd
# tftp 监听在 69 端口
systemctl start tftp
systemctl enable tftp
systemctl status tftp
systemctl start httpd
systemctl enable httpd
systemctl status httpd
systemctl start xinetd
systemctl enable xinetd
systemctl status xinetd
vim /etc/cobbler/dhcp.template
subnet 172.20.0.0 netmask 255.255.255.0 {
option routers 172.20.0.1;
option domain-name-servers 172.20.0.1;
option subnet-mask 255.255.255.0;
range dynamic-bootp 172.20.0.100 172.20.0.254;
...
命令
- cobbler check # 检查cobbler配置
- cobbler sync # 步配置到dhcp pxe和数据目录
- cobbler list # 列出所有的cobbler元素
- cobbler import # 导入安装的系统光盘镜像
- cobbler report # 列出各元素的详细信息
- cobbler distro # 查看导入的发行版系统信息
- cobbler profile # 查看配置信息
- cobbler system # 查看添加的系统信息
- cobbler reposync # 同步yum仓库到本地
错误检查
# 解决好这里输出的需求,就可以使用 cobbler
$ cobbler check
The following are potential configuration items that you may want to fix:
1 : The 'server' field in /etc/cobbler/settings must be set to something other than localhost, or kickstarting features will not work. This should be a resolvable hostname or IP for the boot server as reachable by all machines that will use it.
2 : For PXE to be functional, the 'next_server' field in /etc/cobbler/settings must be set to something other than 127.0.0.1, and should match the IP of the boot server on the PXE network.
3 : change 'disable' to 'no' in /etc/xinetd.d/tftp
4 : Some network boot-loaders are missing from /var/lib/cobbler/loaders, you may run 'cobbler get-loaders' to download them, or, if you only want to handle x86/x86_64 netbooting, you may ensure that you have installed a *recent* version of the syslinux package installed and can ignore this message entirely. Files in this directory, should you want to support all architectures, should include pxelinux.0, menu.c32, elilo.efi, and yaboot. The 'cobbler get-loaders' command is the easiest way to resolve these requirements.
5 : enable and start rsyncd.service with systemctl
6 : debmirror package is not installed, it will be required to manage debian deployments and repositories
7 : ksvalidator was not found, install pykickstart
8 : The default password used by the sample templates for newly installed machines (default_password_crypted in /etc/cobbler/settings) is still set to 'cobbler' and should be changed, try: "openssl passwd -1 -salt 'random-phrase-here' 'your-password-here'" to generate new one
9 : fencing tools were not found, and are required to use the (optional) power management features. install cman or fence-agents to use them
生产随机密码,iamsalt
为随机混淆码:
$ openssl passwd -1 -salt 'iamsalt' '123456'
$1$iamsalt$5BvmyuwLd.7ReNQzw7LLv1
vim /etc/cobbler/settings
default_password_crypted: "$1$iamsalt$5BvmyuwLd.7ReNQzw7LLv1"
manage_dhcp: 1
next_server: 172.20.0.15
server: 172.20.0.15
vim /etc/xinetd.d/tftp
disable no # yes -> no
重启服务
systemctl restart tftp
cobbler get-loaders
会报404错误,该问题后边导入镜像后可以解决
yum install -y rsync
systemctl start rsyncd.service
systemctl enable rsyncd.service
systemctl status rsyncd.service
yum install -y debmirror pykickstart fence-agents
导入 CentOS 镜像
以 CentOS7 为例:
# 本地目录挂载
wget http://mirrors.aliyun.com/centos/7.7.1908/isos/x86_64/CentOS-7-x86_64-DVD-2009.iso
mkdir /mnt/CentOS-7-x86_64-DVD-2009
mount -t iso9660 -o loop,ro CentOS-7-x86_64-DVD-2009.iso /mnt/CentOS-7-x86_64-DVD-2009
cobbler import --name=CentOS-7-x86_64-DVD-2009 --arch=x86_64 --path=/mnt/CentOS-7-x86_64-DVD-2009
# CD/DVE 挂载
mkdir /mnt/CentOS-7-x86_64-DVD-2009
mount -t iso9660 /dev/sr0 /mnt/CentOS-7-x86_64-DVD-2009
cobbler import --name=CentOS-7-x86_64-DVD-2009 --arch=x86_64 --path=/mnt/CentOS-7-x86_64-DVD-2009
...
Found a matching signature: breed=redhat, version=rhel7
Adding distros from path /var/www/cobbler/ks_mirror/CentOS-7-x86_64-DVD-2009-x86_64:
creating new distro: CentOS-7-DVD-2009-x86_64
trying symlink: /var/www/cobbler/ks_mirror/CentOS-7-x86_64-DVD-2009-x86_64 -> /var/www/cobbler/links/CentOS-7-DVD-2009-x86_64
creating new profile: CentOS-7-DVD-2009-x86_64
associating repos
checking for rsync repo(s)
checking for rhn repo(s)
checking for yum repo(s)
starting descent into /var/www/cobbler/ks_mirror/CentOS-7-x86_64-DVD-2009-x86_64 for CentOS-7-DVD-2009-x86_64
processing repo at : /var/www/cobbler/ks_mirror/CentOS-7-x86_64-DVD-2009-x86_64
need to process repo/comps: /var/www/cobbler/ks_mirror/CentOS-7-x86_64-DVD-2009-x86_64
looking for /var/www/cobbler/ks_mirror/CentOS-7-x86_64-DVD-2009-x86_64/repodata/*comps*.xml
Keeping repodata as-is :/var/www/cobbler/ks_mirror/CentOS-7-x86_64-DVD-2009-x86_64/repodata
*** TASK COMPLETE ***
$ cobbler distro list
CentOS-7-DVD-2009-x86_64
$ cobbler profile list
CentOS-7-DVD-2009-x86_64
配置同步
$ cobbler sync
...
running pre-sync triggers
cleaning trees
removing: /var/www/cobbler/images/CentOS-7-DVD-2009-x86_64
removing: /var/lib/tftpboot/pxelinux.cfg/default
removing: /var/lib/tftpboot/grub/images
removing: /var/lib/tftpboot/grub/efidefault
removing: /var/lib/tftpboot/images/CentOS-7-DVD-2009-x86_64
removing: /var/lib/tftpboot/s390x/profile_list
copying bootloaders
copying distros to tftpboot
copying files for distro: CentOS-7-DVD-2009-x86_64
trying hardlink /var/www/cobbler/ks_mirror/CentOS-7-x86_64-DVD-2009-x86_64/images/pxeboot/vmlinuz -> /var/lib/tftpboot/images/CentOS-7-DVD-2009-x86_64/vmlinuz
trying hardlink /var/www/cobbler/ks_mirror/CentOS-7-x86_64-DVD-2009-x86_64/images/pxeboot/initrd.img -> /var/lib/tftpboot/images/CentOS-7-DVD-2009-x86_64/initrd.img
copying images
generating PXE configuration files
generating PXE menu structure
copying files for distro: CentOS-7-DVD-2009-x86_64
trying hardlink /var/www/cobbler/ks_mirror/CentOS-7-x86_64-DVD-2009-x86_64/images/pxeboot/vmlinuz -> /var/www/cobbler/images/CentOS-7-DVD-2009-x86_64/vmlinuz
trying hardlink /var/www/cobbler/ks_mirror/CentOS-7-x86_64-DVD-2009-x86_64/images/pxeboot/initrd.img -> /var/www/cobbler/images/CentOS-7-DVD-2009-x86_64/initrd.img
Writing template files for CentOS-7-DVD-2009-x86_64
rendering DHCP files
generating /etc/dhcp/dhcpd.conf
rendering TFTPD files
generating /etc/xinetd.d/tftp
processing boot_files for distro: CentOS-7-DVD-2009-x86_64
cleaning link caches
running post-sync triggers
running python triggers from /var/lib/cobbler/triggers/sync/post/*
running python trigger cobbler.modules.sync_post_restart_services
running: dhcpd -t -q
received on stdout:
received on stderr:
running: service dhcpd restart
received on stdout:
received on stderr: Redirecting to /bin/systemctl restart dhcpd.service
running shell triggers from /var/lib/cobbler/triggers/sync/post/*
running python triggers from /var/lib/cobbler/triggers/change/*
running python trigger cobbler.modules.manage_genders
running python trigger cobbler.modules.scm_track
running shell triggers from /var/lib/cobbler/triggers/change/*
*** TASK COMPLETE ***
验证
新建另一个虚机,选择网络启动(PXE)
cobber web
FAQ
No signature matched 问题
cobbler import --name=CentOS-8.4.2105-x86_64 --arch=x86_64 --path=/mnt/CentOS-8.4.2105-x86_64
task started: 2021-07-01_231829_import
task started (id=Media import, time=Thu Jul 1 23:18:29 2021)
No signature matched in /var/www/cobbler/ks_mirror/CentOS-8.4.2105-x86_64
!!! TASK FAILED !!!
查看当前的 distro 类型
cobbler signature report --name=redhat
$ cobbler signature update
task started: 2021-07-03_232303_sigupdate
task started (id=Updating Signatures, time=Sat Jul 3 23:23:03 2021)
Successfully got file from https://cobbler.github.io/signatures/2.8.x/latest.json
*** TASK COMPLETE ***
vim /var/lib/cobbler/distro_signatures.json
"rhel8": {
...
"version_file": "(redhat|sl|slf|almalinux|centos|oraclelinux|rocky|vzlinux)-release-(?!notes)([\\w]*-)*8(Server)*[\\.-]+(.*)\\.rpm",
...
为:
"rhel8": {
...
"version_file": "(redhat|sl|slf|centos|centos-linux|centos-stream|oraclelinux|vzlinux)-release-(?!notes)([\\w]*-)8[\\.-]+(.)\\.rpm",
...
重启
systemctl restart cobblerd.service
PXE 安装失败
PXE-E11: ARP timeout
PXE-E38: TFTP cannot open connection
PXE-MOF: Exiting PXE ROM
如果是使用 VMware 等虚拟化工具,可能是由于 Mac 地址冲突导致的,如当前节点和 Cobbler 节点的 Mac 地址相同
扩展
创建 ks 文件
$ yum install -y system-config-kickstart
$ system-config-kickstart
# 动态编辑新的kickstart文件
[root@cobbler ~]# cobbler profile edit --name=CentOS-7-DVD-2009-x86_64 --kickstart=/var/lib/cobbler/kickstarts/centos7.ks
$ cobbler profile report --name=CentOS-7-DVD-2009-x86_64 | grep Kickstart
Kickstart : /var/lib/cobbler/kickstarts/sample_end.ks
Kickstart Metadata : {}