基于Cobbler实现多版本操作系统部署

lfjgh

前言
在生产环境中，当需要批量部署几十甚至上百台服务器时，实现自动化安装操作系统尤为重要，按照传统的光盘引导安装是不可想象的；此前我们通过pxe+kickstart简单实现了自动化安装，但只能实现单一版本安装，当需要部署不同版本或不同引导模式（BIOS、EFI）时，此种方式就不够灵活。而Cobbler正是为了解决此问题而设计的，本文简单介绍Cobbler的安装配置及使用。
简介
Cobbler是一个免费开源系统安装部署软件，用于自动化网络安装操作系统。 Cobbler 集成了 DNS, DHCP, 软件包更新， 带外管理以及配置管理， 方便操作系统安装自动化。Cobbler 可以支持PXE启动, 操作系统重新安装, 以及虚拟化客户机创建，包括Xen, KVM or VMware. Cobbler透过koan程序以支持虚拟化客户机安装。Cobbler 可以支持管理复杂网路环境，如建立在链路聚合以太网的桥接环境。
Cobbler组件结构图


安装配置过程：
① 安装cobbler、dhcp、rsync
② 配置cobbler
③ 导入操作系统及kickstart文件到cobbler
④ 配置yum仓库

⑤ 配置dhcp、tftp、http
安装cobbler

1 2 3 4 5 6

#安装cobbler会把依赖的服务一并安装，如tftp-server、httpd [iyunv@localhost ~]# yum  install cobbler [iyunv@localhost ~]# yum -y install dhcp rsync #设置开机启动 [iyunv@localhost ~]# chkconfig tftp on [iyunv@localhost ~]# chkconfig rsync on

配置cobbler

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30

[iyunv@localhost ~]# service xinetd restart [iyunv@localhost ~]# service cobblerd start [iyunv@localhost ~]# cobbler check The following are potential configuration items that you may want to fix: 1 : The 'server' field in /etc/cobbler/settings must be set to something other than localhost, or kickstarting features will not work.  This should be a resolvable hostname or IP for the boot server as reachable by all machines that will use it. 2 : For PXE to be functional, the 'next_server' field in /etc/cobbler/settings must be set to something other than 127.0.0.1, and should match the IP of the boot server on the PXE network. 3 : some network boot-loaders are missing from /var/lib/cobbler/loaders, you may run 'cobbler get-loaders' to download them, or, if you only want to handle x86/x86_64 netbooting, you may ensure that you have installed a *recent* version of the syslinux package installed and can ignore this message entirely.  Files in this directory, should you want to support all architectures, should include pxelinux.0, menu.c32, elilo.efi, and yaboot. The 'cobbler get-loaders' command is the easiest way to resolve these requirements. 4 : debmirror package is not installed, it will be required to manage debian deployments and repositories 5 : ksvalidator was not found, install pykickstart 6 : The default password used by the sample templates for newly installed machines (default_password_crypted in /etc/cobbler/settings) is still set to 'cobbler' and should be changed, try: "openssl passwd -1 -salt 'random-phrase-here' 'your-password-here'" to generate new one 7 : fencing tools were not found, and are required to use the (optional) power management features. install cman or fence-agents to use them Restart cobblerd and then run 'cobbler sync' to apply changes. #解决办法 1，2： [iyunv@localhost ~]# vim /etc/cobbler/settings server: 192.168.18.45 next_server: 192.168.18.45 3： [iyunv@localhost ~]# cobbler get-loaders 4：可忽略 5： [iyunv@localhost ~]# yum -y install pykickstart 6： [iyunv@localhost ~]# openssl passwd -1 -salt 345223 123456 $1$345223$/jb8Mdzzy3SRfwM5RbG3D. [iyunv@localhost ~]# vim /etc/cobbler/settings default_password_crypted: "$1$345223$/jb8Mdzzy3SRfwM5RbG3D." 7：可忽略

同步cobbler配置，再检查有无报错

1 2 3 4 5 6 7 8 9 10

[iyunv@localhost ~]# cobbler sync [iyunv@localhost ~]# service cobblerd restart [iyunv@localhost ~]# cobbler check The following are potential configuration items that you may want to fix: 1 : debmirror package is not installed, it will be required to manage debian deployments and repositories 2 : fencing tools were not found, and are required to use the (optional) power management features. install cman or fence-agents to use them Restart cobblerd and then run 'cobbler sync' to apply changes. #配置成功

准备kickstart文件

1	[iyunv@localhost ~]# cp /var/lib/cobbler/kickstarts/sample_end.ks /var/lib/cobbler/kickstarts/basic.ks

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102

[iyunv@localhost ~]# vim /var/lib/cobbler/kickstarts/basic.ks # kickstart template for Fedora 8 and later. # (includes %end blocks) # do not use with earlier distros #platform=x86, AMD64, or Intel EM64T # System authorization information auth  --useshadow  --enablemd5 # System bootloader configuration bootloader --location=mbr # Partition clearing information clearpart --all --initlabel # Use text mode install text # Firewall configuration firewall --disable # Run the Setup Agent on first boot firstboot --disable # System keyboard keyboard us # System language lang en_US # Use network installation url --url=$tree # If any cobbler repo definitions were referenced in the kickstart profile, include them here. $yum_repo_stanza # Network information $SNIPPET('network_config') # Reboot after installation reboot #Root password rootpw --iscrypted $default_password_crypted   #md5加密的密码串，默认保存在/etc/cobbler/settings # SELinux configuration selinux --disabled # Do not configure the X Window System skipx # System timezone timezone  Asia/Chongqing # Install OS instead of upgrade install # Clear the Master Boot Record zerombr # Allow anaconda to partition the system as needed part pv.01 --grow --size=1             part /boot --fstype=ext4 --size=400 part /boot/efi --fstype=efi --size 200   #EFI模式需要创建该分区 volgroup VolGroup --pesize=4096 pv.01 logvol / --fstype=ext4 --name=lv_root --vgname=VolGroup --grow --size=1024 --maxsize=51200 logvol swap --name=lv_swap --vgname=VolGroup --grow --size=1984 --maxsize=4096 %pre $SNIPPET('log_ks_pre') $SNIPPET('kickstart_start') $SNIPPET('pre_install_network_config') # Enable installation monitoring $SNIPPET('pre_anamon') %end %packages @base @development @server-platform-devel samba-client lftp openssh-clients epel-release #$SNIPPET('func_install_if_enabled') %end %post --nochroot $SNIPPET('log_ks_post_nochroot') %end %post echo -e "alias net-pf-10 off\noptions ipv6 disable=1" >/etc/modprobe.d/ipv6.conf echo "NETWORKING_IPV6=no" >> /etc/sysconfig/network chkconfig ip6tables off cat >> /etc/security/limits.conf <<EOF *           soft    nproc           65535 *           hard    nproc           65535 *           soft    nofile          102400 *           hard    nofile          204800 EOF $SNIPPET('log_ks_post') # Start yum configuration $yum_config_stanza # End yum configuration $SNIPPET('post_install_kernel_options') $SNIPPET('post_install_network_config') $SNIPPET('func_register_if_enabled') $SNIPPET('download_config_files') $SNIPPET('koan_environment') $SNIPPET('redhat_register') $SNIPPET('cobbler_register') # Enable post-install boot notification $SNIPPET('post_anamon') # Start final steps $SNIPPET('kickstart_done') # End final steps %end

导入操作系统到cobbler，添加profile

1 2 3 4 5 6

[iyunv@localhost ~]# mount /dev/sr0 /mnt  #挂载光驱 [iyunv@localhost ~]# cobbler import --name=CentOS-6.6-x86_64 --path=/mnt  #导入操作系统 [iyunv@localhost ~]# ll /var/www/cobbler/ks_mirror/  #验证一下是否导成功 [iyunv@localhost ~]# cobbler profile add --name=CentOS-6.6-basic --distro=CentOS-6.6-x86_64 --kickstart=/var/lib/cobbler/kickstarts/basic.ks [iyunv@localhost ~]# cobbler profile list  #验证一下 [iyunv@localhost ~]# cobbler sync  #同步一下

配置本地yum仓库及epel仓库

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15

#配置本地yum仓库 [iyunv@localhost ~]# mkdir /tmp/rpms [iyunv@localhost ~]# createrepo /tmp/rpms  #放入rpm包,执行此步骤 [iyunv@localhost ~]# cobbler repo add --mirror=/tmp/rpms --name=local [iyunv@localhost ~]# cobbler reposync #配置epel仓库 [iyunv@localhost ~]# cobbler repo add --mirror=http://mirrors.aliyun.com/epel/6/x86_64/ --name=epel [iyunv@localhost ~]# cobbler reposync --tries=3 --no-fail  #同步epel仓库到本地,需要较长时间 #查看已添加的repo [iyunv@localhost ~]# cobbler repo list    epel    local #添加repo到profile [iyunv@localhost ~]# cobbler profile edit --name=CentOS-6.6-basic --repos="epel local" [iyunv@localhost ~]# cobbler sync

配置dhcp服务器

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23

[iyunv@localhost ~]# vim /etc/dhcp/dhcpd.conf   #BIOS或EFI模式网络启动都能引导 option arch code 93 = unsigned integer 16; # RFC4578 default-lease-time 600; max-lease-time 7200; log-facility local7; subnet 192.168.18.0 netmask 255.255.255.0 {     range 192.168.18.150 192.168.18.230;     option domain-name "example.org";     option domain-name-servers 114.114.114.114,8.8.8.8;     option routers 192.168.18.1;           class "pxeclients" {                   match if substring (option vendor-class-identifier, 0, 9) = "PXEClient";                   next-server 192.168.18.45;                   if option arch = 00:06 {                           filename "grub/grub-x86.efi";                   } else if option arch = 00:07 {                           filename "grub/grub-x86_64.efi";                   } else {                           filename "pxelinux.0";                   }         } }

重新启动服务

1 2 3 4

[iyunv@localhost ~]# service dhcpd restart [iyunv@localhost ~]# service xinetd restart [iyunv@localhost ~]# service httpd restart [iyunv@localhost ~]# service cobblerd restart

客户端安装测试
EFI模式

BIOS模式


客户端验证，可以看到生成了一个repo文件，指向cobbler服务器

1 2 3 4 5 6 7 8 9 10 11 12 13 14

[iyunv@localhost ~]# cat /etc/yum.repos.d/cobbler-config.repo [core-0] name=core-0 baseurl=http://192.168.18.45/cobbler/ks_mirror/CentOS-6.6-x86_64 enabled=1 gpgcheck=0 priority=1 [local] name=local baseurl=http://192.168.18.45/cobbler/repo_mirror/local enabled=1 priority=99 gpgcheck=0

至此安装完成，本文只简要介绍了cobbler的安装及配置
可登陆官网 http://cobbler.github.io/ 获取帮助