cobbler

1.cobbler及相关服务简介

cobbler:

Cobbler是一个Linux安装服务器，允许快速设置网络安装环境。它将许多相关的Linux任务粘合在一起并实现自动化，因此在部署新系统时，您不必在许多不同的命令和应用程序之间跳转，在某些情况下，还可以更改现有的系统。Cobbler封装了DHCP、TFTP、XINTED等服务，结合了PXE、kickstart等安装方法，可以实现自动化安装操作系统，并且可以同时提供多种版本，以实现在线安装不同版本的系统。

DHCP:

DHCP（Dynamic Host Configuration Protocol，动态主机配置协议）是一个局域网的网络协议，使用UDP协议工作， 主要有两个用途：给内部网络或网络服务供应商自动分配IP地址，给用户或者内部网络管理员作为对所有计算机作中央管理的手段。DHCP有3个端口，其中UDP67和UDP68为正常的DHCP服务端口，分别作为DHCP Server和DHCP Client的服务端口；546号端口用于DHCPv6 Client，而不用于DHCPv4，是为DHCP failover服务，这是需要特别开启的服务，DHCP failover是用来做“双机热备”的。

TFTP:

TFTP是一种比较特殊的文件传输协议。相对于FTP和目前经常使用的SFTP，TFTP是基于TCP/IP协议簇，用于进行简单文件传输，提供简单、低开销的传输服务。TFTP的端口设置为69。

相对于常见的FTP，TFTP有两个比较好的优势：

• TFTP基于UDP协议，如果环境中没有TCP协议，是比较合适的；
• TFTP执行和代码占用内存量比较小；
• 默认情况下，Linux内部是安装了tftp服务器包的。但是默认是不启动的。

PXE:

PXE:预启动执行环境（Preboot eXecution Environment，PXE，也被称为预执行环境)提供了一种使用网络接口（Network Interface）启动计算机的机制。这种机制让计算机的启动可以不依赖本地数据存储设备（如硬盘）或本地已安装的操作系统。

PXE当初是作为Intel的有线管理体系的一部分，Intel 和 Systemsoft于1999年9月20日公布其规格(版本2.1)[1]。通过使用像网际协议(IP)、用户数据报协议(UDP)、动态主机设定协定(DHCP)、小型文件传输协议(TFTP)等几种网络协议和全局唯一标识符(GUID)、通用网络驱动接口(UNDI)、通用唯一识别码(UUID)的概念并通过对客户机(通过PXE自检的电脑)固件扩展预设的API来实现目的。

交互过程

1. 裸机配置了从网络启动后，开机后会广播包请求DHCP服务器（cobbler server）发送其分配好的一个IP
2. DHCP服务器（cobbler server）收到请求后发送responese，包括其ip地址
3. 裸机拿到ip后再向cobbler server发送请求OS引导文件的请求
4. cobbler server告诉裸机OS引导文件的名字和TFTP server的ip和port
5. 裸机通过上面告知的TFTP server地址和port通信，下载引导文件
6. 裸机执行执行该引导文件，确定加载信息，选择要安装的os，期间会再向cobbler server请求kickstart文件和os image
7. cobbler server发送请求的kickstart和os iamge
8. 裸机加载kickstart文件
9. 裸机接收os image，安装该os image

2.cobbler部署

第一步：配置yum源

╭─root@www.du1.com ~
╰─➤  vim /etc/yum.repos.d/local.repo
...
[epel]
name=epel
enabled=1
gpgcheck=0
baseurl=https://mirrors.aliyun.com/epel/7/x86_64/

[centos]
name=centos base
enabled=1
gpgcheck=0
baseurl=http://mirrors.163.com/centos/7/os/x86_64/
...

# 或

yum install epel-release -y

第二步：下载环境相关软件

╭─root@www.du1.com ~
╰─➤  yum install httpd cobbler tftp-server xinetd syslinux dhcp pykickstart -y

第三步：启动tftp服务

╭─root@www.du1.com ~ 
╰─➤  vim /etc/xinetd.d/tftp

...
disable = no
...
╭─root@www.du1.com ~  
╰─➤  systemctl restart xinetd

第四步：配置dhcp服务

╭─root@www.du1.com ~  
╰─➤  vim /etc/dhcp/dhcpd.conf

...
subnet 192.168.80.0 netmask 255.255.255.0 {
  range 192.168.80.1 192.168.80.30;
  default-lease-time 600;
  max-lease-time 7200;
  filename "pxelinux.0";      # 不要忘记分号
}
...
╭─root@www.du1.com ~  
╰─➤  systemctl restart dhcpd 

第五步：启动httpd 和cobblerd

╭─root@www.du1.com ~  
╰─➤  systemctl restart httpd
╭─root@www.du1.com ~  
╰─➤  systemctl restart cobblerd

第六步：cobbler检测

╭─root@www.du1.com ~  
╰─➤  cobbler check
The following are potential configuration items that you may want to fix:

1 : The 'server' field in /etc/cobbler/settings must be set to something other than localhost, or kickstarting features will not work.  This should be a resolvable hostname or IP for the boot server as reachable by all machines that will use it.

 #把server指定的本地IP改为提供cobbler服务的IP地址

2 : For PXE to be functional, the 'next_server' field in /etc/cobbler/settings must be set to something other than 127.0.0.1, and should match the IP of the boot server on the PXE network.

  #把next_server指定的本地IP改为提供cobbler服务的IP地址

3 : Some network boot-loaders are missing from /var/lib/cobbler/loaders, you may run 'cobbler get-loaders' to download them, or, if you only want to handle x86/x86_64 netbooting, you may ensure that you have installed a *recent* version of the syslinux package installed and can ignore this message entirely.  Files in this directory, should you want to support all architectures, should include pxelinux.0, menu.c32, elilo.efi, and yaboot. The 'cobbler get-loaders' command is the easiest way to resolve these requirements.
4 : enable and start rsyncd.service with systemctl

   #两条命令 1、systemctl restart rsyncd  2、systemctl enable rsyncd

5 : debmirror package is not installed, it will be required to manage debian deployments and repositories
6 : The default password used by the sample templates for newly installed machines (default_password_crypted in /etc/cobbler/settings) is still set to 'cobbler' and should be changed, try: "openssl passwd -1 -salt 'random-phrase-here' 'your-password-here'" to generate new one

     ##default_password_crypted: "$1$123$nE5gIYTYiF1PIXVOFjQaW/"
     ##设置：使用cobbler安装的系统的默认登陆密码

7 : fencing tools were not found, and are required to use the (optional) power management features. install cman or fence-agents to use them

Restart cobblerd and then run 'cobbler sync' to apply changes.

第七步：处理提示信息内容

╭─root@www.du1.com ~  
╰─➤  vim /etc/cobbler/settings      #提示1 、 2
╭─root@www.du1.com ~  
╰─➤  systemctl restart rsyncd
╭─root@www.du1.com ~  
╰─➤  systemctl enable rsyncd
Created symlink from /etc/systemd/system/multi-user.target.wants/rsyncd.service to /usr/lib/systemd/system/rsyncd.service.     #提示4
╭─root@www.du1.com ~  
╰─➤  openssl passwd -1 -salt '123'
Password: 
$1$123$nE5gIYTYiF1PIXVOFjQaW/
╭─root@www.du1.com ~  
╰─➤  vim /etc/cobbler/settings
...
default_password_crypted: "$1$123$nE5gIYTYiF1PIXVOFjQaW/"
...                                 #提示6
                         
╭─root@www.du1.com ~  
╰─➤  systemctl restart cobblerd     

第八步：再检测cobbler

╭─root@www.du1.com ~  
╰─➤  cobbler check
The following are potential configuration items that you may want to fix:

1 : Some network boot-loaders are missing from /var/lib/cobbler/loaders, you may run 'cobbler get-loaders' to download them, or, if you only want to handle x86/x86_64 netbooting, you may ensure that you have installed a *recent* version of the syslinux package installed and can ignore this message entirely.  Files in this directory, should you want to support all architectures, should include pxelinux.0, menu.c32, elilo.efi, and yaboot. The 'cobbler get-loaders' command is the easiest way to resolve these requirements.
2 : debmirror package is not installed, it will be required to manage debian deployments and repositories
3 : fencing tools were not found, and are required to use the (optional) power management features. install cman or fence-agents to use them

Restart cobblerd and then run 'cobbler sync' to apply changes.

第九步：同步

╭─root@www.du1.com ~  
╰─➤  cobbler sync
task started: 2019-05-27_072735_sync
task started (id=Sync, time=Mon May 27 07:27:35 2019)
running pre-sync triggers
cleaning trees
removing: /var/lib/tftpboot/grub/images
copying bootloaders
trying hardlink /usr/share/syslinux/pxelinux.0 -> /var/lib/tftpboot/pxelinux.0
trying hardlink /usr/share/syslinux/menu.c32 -> /var/lib/tftpboot/menu.c32
trying hardlink /usr/share/syslinux/memdisk -> /var/lib/tftpboot/memdisk
copying distros to tftpboot
copying images
generating PXE configuration files
generating PXE menu structure
rendering TFTPD files
generating /etc/xinetd.d/tftp
cleaning link caches
running post-sync triggers
running python triggers from /var/lib/cobbler/triggers/sync/post/*
running python trigger cobbler.modules.sync_post_restart_services
running shell triggers from /var/lib/cobbler/triggers/sync/post/*
running python triggers from /var/lib/cobbler/triggers/change/*
running python trigger cobbler.modules.manage_genders
running python trigger cobbler.modules.scm_track
running shell triggers from /var/lib/cobbler/triggers/change/*
*** TASK COMPLETE ***

第十步：导入镜像

╭─root@www.du1.com ~  
╰─➤  mount /dev/cdrom /mnt
mount: /dev/sr0 is write-protected, mounting read-only
╭─root@www.du1.com ~  
╰─➤  cobbler import --path=/mnt --name="centos7"
task started: 2019-05-27_075827_import
task started (id=Media import, time=Mon May 27 07:58:27 2019)
Found a candidate signature: breed=redhat, version=rhel6
Found a candidate signature: breed=redhat, version=rhel7
Found a matching signature: breed=redhat, version=rhel7
Adding distros from path /var/www/cobbler/ks_mirror/centos7:
creating new distro: centos7-x86_64
trying symlink: /var/www/cobbler/ks_mirror/centos7 -> /var/www/cobbler/links/centos7-x86_64
creating new profile: centos7-x86_64
associating repos
checking for rsync repo(s)
checking for rhn repo(s)
checking for yum repo(s)
starting descent into /var/www/cobbler/ks_mirror/centos7 for centos7-x86_64
processing repo at : /var/www/cobbler/ks_mirror/centos7
need to process repo/comps: /var/www/cobbler/ks_mirror/centos7
looking for /var/www/cobbler/ks_mirror/centos7/repodata/*comps*.xml
Keeping repodata as-is :/var/www/cobbler/ks_mirror/centos7/repodata
*** TASK COMPLETE ***

第十一步：查看生成的distro

╭─root@www.du1.com ~  
╰─➤  cobbler distro list
   centos7-x86_64

第十二步：查看生成的profile

╭─root@www.du1.com ~  
╰─➤  cobbler profile list
   centos7-x86_64

第十三步：准备kickstart文件

╭─root@www.du1.com ~  
╰─➤  ls
anaconda-ks.cfg
╭─root@www.du1.com ~  
╰─➤  cp anaconda-ks.cfg /var/lib/cobbler/kickstarts/ks.cfg

第十四步：编辑kickstart文件

╭─root@www.du1.com ~  
╰─➤  cd /var/www/cobbler/ks_mirror/centos7 
╭─root@www.du1.com /var/www/cobbler/ks_mirror/centos7  
╰─➤  vim /var/lib/cobbler/kickstarts/ks.cfg
...
# Use CDROM installation media
url -url=http://192.168.80.3/cobbler/ks_mirror/centos7

扩展：http://192.168.80.3/cobbler/ks_mirror/centos7的内容

第十五步：制作自己的profile

╭─root@www.du1.com /var/www/cobbler/ks_mirror/centos7  
╰─➤  cobbler profile add 
--distro=centos7-x86_64 
--kickstart=/var/lib/cobbler/kickstarts/ks.cfg 
--name="centos7_du" 

第十六步：删除默认的profile

╭─root@www.du1.com /var/lib/cobbler/kickstarts  
╰─➤  cobbler profile remove --name=centos7-x86_64             
╭─root@www.du1.com /var/lib/cobbler/kickstarts  
╰─➤  cobbler profile list
   centos7_du

注意：
1、客户端模式需要与服务器模式一致
2、安装系统时内存最少3个G

---

3、cobbler实现单台服务器提供安装不同操作系统

第一步：关机从新挂载新的光盘

第二步：开启相关服务

╭─root@www.du1.com ~  
╰─➤   systemctl restart httpd cobblerd xinetd dhcpd  

第三步：在linux系统中挂载光盘

╭─root@www.du1.com ~  
╰─➤  mount /dev/cdrom /mnt     
mount: /dev/sr0 is write-protected, mounting read-only

第四步：导入一个新的镜像

╭─root@www.du1.com ~  
╰─➤  cobbler import --path=/mnt --name=”centos7.3″
task started: 2019-05-24_192206_import
task started (id=Media import, time=Fri May 24 19:22:06 2019)
Found a candidate signature: breed=redhat, version=rhel6
Found a candidate signature: breed=redhat, version=rhel7
Found a matching signature: breed=redhat, version=rhel7
Adding distros from path /var/www/cobbler/ks_mirror/centos7.3:
creating new distro: centos7.3-x86_64
trying symlink: /var/www/cobbler/ks_mirror/centos7.3 -> /var/www/cobbler/links/centos7.3-x86_64
creating new profile: centos7.3-x86_64
associating repos
checking for rsync repo(s)
checking for rhn repo(s)
checking for yum repo(s)
starting descent into /var/www/cobbler/ks_mirror/centos7.3 for centos7.3-x86_64
processing repo at : /var/www/cobbler/ks_mirror/centos7.3
need to process repo/comps: /var/www/cobbler/ks_mirror/centos7.3
looking for /var/www/cobbler/ks_mirror/centos7.3/repodata/*comps*.xml
Keeping repodata as-is :/var/www/cobbler/ks_mirror/centos7.3/repodata
*** TASK COMPLETE ***

第五步：查看生成的distro

╭─root@www.du1.com ~  
╰─➤  cobbler distro list
centos7-x86_64
centos7.3-x86_64

第六步：制作profile

╭─root@www.du1.com ~  
╰─➤  cobbler profile add --distro=centos7.3-x86_64 
> --kickstart=/var/lib/cobbler/kickstarts/ks.cfg 
> --name=”centos7.3_du”   

第七步：删除默认的profile

╭─root@www.du1.com ~  
╰─➤  cobbler profile remove --name=centos7.3-x86_64  
 ╭─root@www.du1.com ~  
╰─➤      cobbler profile list
centos7_du
centos7.3_du

[root@localhost ~]# cobbler list
distros:
   centos7-x86_64

profiles:
   centos7-x86_64

systems:

repos:

images:

mgmtclasses:

packages:

files: