用docker快速布署cobbler装机系统

ftsr

　　好久没写过博客了，上来撸一篇。。。。
最近在看K8s,刚好机房环境里需要加个cobbler 装机系统，便有了下面的折腾
　　环境：原有cobbler几台（因有多个机房，故有多个cobbler)
需求：新机房需要cobbler 自动装机系统
　　先做个cobbler2.8的镜像（为什么用2.8版本？2.6版本安装exsi会报错）
　　docker file 参照https://github.com/jasonlix5/docker-cobbler 修改

FROM bd2fd3afdba2
ADD cobbler-*  /
ADD entrypoint.sh  /entrypoint.sh
ADD supervisord.d/conf.ini /etc/supervisord.d/conf.ini
RUN yum localinstall cobbler-2.8.0-4.el7.x86_64.rpm cobbler-web-2.8.0-4.el7.noarch.rpm -y  && yum install  tftp-server dhcp supervisor -y && yum clean a
ll &&  rm -rf /var/cache/yum/* /tmp/*
CMD /entrypoint.sh
　　其中bd2fd3afdba2是我自己的centos7镜像，需要更改为自己环境的镜像 ，比如官方的镜像

cat entrypoint.sh
#!/bin/sh
set -ex
if [ ! $SERVER_IP ]
then
echo "Please use $SERVER_IP set the IP address of the need to monitor."
exit 1
elif [ ! $DHCP_RANGE ]
then
echo "Please use $DHCP_RANGE set up DHCP network segment."
exit 1
elif [ ! $NEXT_SERVER ]
then
echo "Please use $NEXT_SERVER set TFTP PXE booting ."
exit 1
elif [ ! $ROOT_PASSWORD ]
then
echo "Please use $ROOT_PASSWORD set the root password."
exit 1
elif [ ! $DHCP_SUBNET ]
then
echo "Please use $DHCP_SUBNET set the dhcp subnet."
exit 1
elif [ ! $DHCP_ROUTER ]
then
echo "Please use $DHCP_ROUTER set the dhcp router."
exit 1
elif [ ! $DHCP_DNS ]
then
echo "Please use $DHCP_DNS set the dhcp dns."
exit 1
elif [ ! $COBBLER_MASTER ]
then
echo "Please use $COBBLER_MASTER set the cobbler master to rsync."
exit 1
else
PASSWORD=`openssl passwd -1 -salt hLGoLIZR $ROOT_PASSWORD`
sed -i "s/^server: 127.0.0.1/server: $SERVER_IP/g" /etc/cobbler/settings
sed -i "s/^next_server: 127.0.0.1/next_server: $NEXT_SERVER/g" /etc/cobbler/settings
sed -i 's/pxe_just_once: 0/pxe_just_once: 1/g' /etc/cobbler/settings
sed -i 's/manage_dhcp: 0/manage_dhcp: 1/g' /etc/cobbler/settings
sed -i "s#^default_password.*#default_password_crypted: \"$PASSWORD\"#g" /etc/cobbler/settings
sed -i 's/$pxe_menu_items//' /etc/cobbler/pxe/pxedefault.template
sed -i "s/192.168.1.0/$DHCP_SUBNET/" /etc/cobbler/dhcp.template
sed -i "s/192.168.1.5/$DHCP_ROUTER/" /etc/cobbler/dhcp.template
sed -i "s/192.168.1.1;/$DHCP_DNS;/" /etc/cobbler/dhcp.template
sed -i "s/192.168.1.100 192.168.1.254/$DHCP_RANGE/" /etc/cobbler/dhcp.template
sed -i "s/^#ServerName www.example.com:80/ServerName localhost:80/" /etc/httpd/conf/httpd.conf
sed -i "s/service %s restart/supervisorctl restart %s/g" /usr/lib/python2.7/site-packages/cobbler/modules/sync_post_restart_services.py
rm -rf /run/httpd/*
apachectl
cobblerd
cobbler sync
cobbler replicate --master=$COBBLER_MASTER --distros=* --profiles=*
pkill cobblerd
pkill httpd
rm -rf /run/httpd/*
exec supervisord -n -c /etc/supervisord.conf
fi

　　supervisord 管理进程

supervisord.d/conf.ini     
参照       https://github.com/jasonlix5/docker-cobbler/blob/master/supervisord.d/conf.ini                                                                                                   

　　docker build -t cobbler:2.8 .
　　把创建的镜像上传到自己的私有仓库
　　为了使用原cobbler资源，避免大量的文件同步
新的cobbler 挂载旧cobbler的几个文件和目录
挂载文件（web_api 用户名密码）

/etc/cobbler/users.digest
NFS共享文件夹，只读
/var/www/cobbler/repo_mirror/
/var/www/cobbler/ks_mirror/
/var/lib/cobbler/loaders

　　在原有的cobbler 安装nfs服务，用于新的cobbler挂载
NFS 服务器

yum install rpcbind nfs-utils -y
vim /etc/exports
/opt/data/cobbler/ks_mirror  10.0.0.0/8(ro,sync)
/opt/data/cobbler/repo_mirror  10.0.0.0/8(ro,sync)
/var/lib/cobbler/loaders      10.0.0.0/8(ro,sync)
　　启动NFS服务
　　在新的cobbler主机上安装docker-ce
　　启动docker
　　copy kubelet 二进制文件到/bin/kubelet
　　创建kubelet监视目录

mkdir /etc/kubernetes/manifests/
　　启动kubelet

nohup kubelet --allow-privileged=true --pod-manifest-path=/etc/kubernetes/manifests/   --fail-swap-on=false --pod-infra-container-image=10.8.15.127:5000/rhel7/pod-infrastructure:latest --v=2 --runtime-cgroups=/systemd/system.slice --kubelet-cgroups=/systemd/system.slice &
　　最好放supervisord 管理
　　把老的web api密码文件 放到主机 /etc/cobbler/users.digest ，我这样做是保持用户名密码一致，看官需要根据自己的环境更改
新建cobbler配置文件

vim /etc/kubernetes/manifests/cobbler.yaml
apiVersion: v1
kind: Pod
metadata:
name: cobbler28
labels:
app: cobbler28
spec:
hostNetwork: true
containers:
- image: 10.8.15.127:5000/cobbler:2.8
name: cobbler28
volumeMounts:
- mountPath: /etc/cobbler/users.digest
name: webaccess
- mountPath: /var/www/cobbler/repo_mirror
name: repo
- mountPath: /var/www/cobbler/ks_mirror
name: ksmirror
- mountPath: /var/lib/cobbler/loaders
name: loaders
env:
- name: SERVER_IP
value: "10.8.14.234"
- name: NEXT_SERVER
value: "20.8.14.234"
- name: ROOT_PASSWORD
value: "xxx"
- name: DHCP_RANGE
value: "20.8.14.230 20.8.14.235"
- name: DHCP_SUBNET
value: "20.8.14.0"
- name: DHCP_ROUTER
value: "20.8.14.234"
- name: DHCP_DNS
value: "20.8.14.234"
- name: COBBLER_MASTER
value: "10.8.15.234"
volumes:
- name: webaccess
hostPath:
path: /etc/cobbler/users.digest
type: File
readOnly: true
- name: ksmirror
nfs:
server: 10.20.10.61
path: "/var/www/cobbler/ks_mirror"
readOnly: true
- name: repo
nfs:
server: 10.20.10.61
path: "/var/www/cobbler/repo_mirror"
readOnly: true
- name: loaders
nfs:
server: 10.20.10.61
path: "/var/lib/cobbler/loaders"
readOnly: true
　　注意上面的           DHCP_RANGE 等部分，我这里是cobbler配置了第二个20网段的ip，是为了避免分配Ip地址冲突
　　COBBLER_MASTER 是需要同步的旧cobbler
　　查看cobbler容器是否启动
docker ps
　　docker logs cobbler-contain 查看同步是否完成
　　同步完成后
使用登录cobbler_web查看Distros和Profiles 是否同步过来了

　　添加api配置到自己的装机系统中

　　done