centos 7.6 ——部署cobbler

centos 7.6 ——部署cobbler

cobbler

网络安装服务器套件 Cobbler(补鞋匠)从前，我们一直在做装机民工这份很有前途的职业。自打若干年前 Red Hat 推出了 Kickstart，此后我们顿觉身价倍增。不再需要刻了光盘一台一台地安装 Linux，只要搞定 PXE、DHCP、TFTP，还有那满屏眼花缭乱不知所云的 Kickstart 脚本，我们就可以像哈里波特一样，轻点魔棒，瞬间安装上百台服务器。

实验环境

• 一台 centos 7.6 作为cobbler服务器

• 一台 centos 7.6 作为客户机验证安装系统

cobbler 服务软件开启
systemctl start cobblerd.service
systemctl start xinetd.service
systemctl start dhcpd.service
systemctl start rsyncd.service
systemctl restart httpd.service
cobbler sync //同步cobbler配置修改
cobbler check //cobbler检查
cobbler get-loaders #下载镜像文件

实验步骤

1. 安装epel源并修改配置文件

1. 首先准备好epel源并且安装，之后才能安装cobbler。因为cobbler相关的软件包由epel源提供的。

安装cobbler 服务软件包

[root@localhost opt]#  rpm -ivh epel-release-latest-7.noarch.rpm 
准备中...                          ################################# [100%]
	软件包 epel-release-7-11.noarch 已经安装
[root@localhost opt]# rpm -ql epel-release 
/etc/pki/rpm-gpg/RPM-GPG-KEY-EPEL-7
/etc/yum.repos.d/epel-testing.repo
/etc/yum.repos.d/epel.repo
/usr/lib/systemd/system-preset/90-epel.preset
/usr/share/doc/epel-release-7
/usr/share/doc/epel-release-7/GPL
[root@localhost opt]# mount /dev/sr0 /mnt
mount: /dev/sr0 写保护，将以只读方式挂载
[root@localhost opt]# df -Th   //挂载光盘用于yum源安装
文件系统       类型      容量  已用  可用 已用% 挂载点
/dev/sda3      xfs       182G  5.6G  177G    4% /
devtmpfs       devtmpfs  2.0G     0  2.0G    0% /dev
tmpfs          tmpfs     2.0G     0  2.0G    0% /dev/shm
tmpfs          tmpfs     2.0G   11M  2.0G    1% /run
tmpfs          tmpfs     2.0G     0  2.0G    0% /sys/fs/cgroup
/dev/sda1      xfs      1014M  174M  841M   18% /boot
tmpfs          tmpfs     406M  8.0K  406M    1% /run/user/42
tmpfs          tmpfs     406M   36K  406M    1% /run/user/0
/dev/sr0       iso9660   4.3G  4.3G     0  100% /mnt
[root@localhost opt]#yum -y install cobbler   //安装cobbler
[root@localhost opt]# cd /etc/yum.repos.d/
[root@localhost yum.repos.d]# ll
总用量 16
-rw-r--r--. 1 root root 2523 6月  16 2018 aliyun.repo
drwxr-xr-x. 2 root root  187 6月  23 13:12 backup
-rw-r--r--. 1 root root 2523 6月  16 2018 bak
-rw-r--r--. 1 root root  951 10月  3 2017 epel.repo
-rw-r--r--. 1 root root 1050 10月  3 2017 epel-testing.repo

*****************安装cobbler以及相关的服务软件包*********************

[root@localhost ~]# yum install cobbler debmirror dhcp httpd rsync tftp-server xinetd pykickstart -y   

[root@localhost ~]# yum -y install cobbler-web.noarch 
[root@localhost ~]#vim /etc/cobbler/settings  //修改cobbler配置文件

[root@localhost cobbler]# systemctl start httpd.service
[root@localhost cobbler]# systemctl start cobblerd.service 
[root@localhost cobbler]# systemctl stop firewalld
[root@localhost cobbler]# systemctl disable firewalld
[root@localhost cobbler]# setenforce 0
[root@localhost cobbler]# systemctl restart httpd
[root@localhost cobbler]# cobbler check  //检查cobbler配置文件

[root@localhost cobbler]# vim /etc/xinetd.d/tftp
disable = no  //将disable改为no,开启tftp 服务
[root@localhost cobbler]# openssl passwd -1 -salt 'abc123' 'abc123'
$1$abc123$9v8z2./E/PZihXrVcy3II0
复制产生的密钥
[root@localhost cobbler]# vim settings
default_password_crypted: "$1$abc123$9v8z2./E/PZihXrVcy3II0"  //将这里密钥内容替换为自己设置生产的密钥并且保存退出
[root@localhost cobbler]# systemctl restart cobblerd.service 
[root@localhost cobbler]# systemctl start rsyncd.service
[root@localhost cobbler]# systemctl restart xinetd.service
[root@localhost cobbler]# cd /etc/cobbler/
[root@localhost cobbler]# vim dhcp.template   //修改DHCP网段为cobbler服务器的网段信息
subnet 192.168.75.0 netmask 255.255.255.0 {
     option routers             192.168.75.1;
     option domain-name-servers 192.168.75.2;
     option subnet-mask         255.255.255.0;
     range dynamic-bootp        192.168.75.100 192.168.75.254;
     default-lease-time         21600;
     max-lease-time             43200;
     next-server                $next_server;
[root@localhost cobbler]# cobbler sync  //同步一下cobbler，修改cobbler配置文件之后需要重启cobbler并且同步一下
[root@localhost cobbler]# cobbler check  //查看一下，还有哪些需要配置
[root@localhost cobbler]#cobbler get-loaders  //下载镜像文件
[root@localhost dhcp]# systemctl restart dhcpd.service 
[root@localhost dhcp]# systemctl start cobblerd.service 
[root@localhost dhcp]# systemctl start xinetd.service

2. 导入镜像文件

导入ISO镜像文件时间会有很多长
[root@localhost ks_mirror]# cobbler import --path=/mnt --name=Centos-7-x86 --arch=x86_64

/var/log/cobbler/cobbler.log	'//日志文件所在位置'
/var/www/cobbler/ks_mirror/CentOS-7-x86_64	'//默认导入存放位置'

[root@localhost ks_mirror]# cobbler list	'//查看导入结果'
[root@localhost ks_mirror]# cobbler distro list		'//查看发行版本'
[root@localhost ks_mirror]#tree /var/lib/tftpboot/images	'//查看内核和初始化文件在tftp server 共享目录'

[root@localhost ks_mirror]#tree /var/lib/tftpboot/
/var/lib/tftpboot/
├── boot
│   └── grub
│       └── menu.lst
├── etc
├── grub
│   ├── efidefault
│   └── images -> ../images
├── images
│   └── Centos-7-x86_64
│       ├── initrd.img
│       └── vmlinuz
├── images2
├── initrd.img
├── memdisk
├── menu.c32
├── ppc
├── pxelinux.0
├── pxelinux.cfg
│   └── default
├── s390x
│   └── profile_list
└── vmlinuz
[root@localhost kickstarts]# tree /var/lib/tftpboot/images
/var/lib/tftpboot/images
└── Centos-7-x86_64    //导入的镜像文件
    ├── initrd.img
    └── vmlinuz

1 directory, 2 files
[root@localhost kickstarts]# 

cobbler profile report

/var/lib/cobbler/kickstarts/sample_end.ks	'//ks默认文件存放位置'

[root@localhost ks_mirror]# cd /var/lib/cobbler/kickstarts
[root@localhost kickstarts]# ll
总用量 64
-rw-r--r--. 1 root root  115 8月  30 2019 default.ks
-rw-r--r--. 1 root root   22 8月  30 2019 esxi4-ks.cfg
-rw-r--r--. 1 root root   22 8月  30 2019 esxi5-ks.cfg
drwxr-xr-x. 2 root root   56 7月  26 11:36 install_profiles
-rw-r--r--. 1 root root 1424 8月  30 2019 legacy.ks
-rw-r--r--. 1 root root  292 8月  30 2019 pxerescue.ks
-rw-r--r--. 1 root root 2825 8月  30 2019 sample_autoyast.xml
-rw-r--r--. 1 root root 1856 8月  30 2019 sample_end.ks
-rw-r--r--. 1 root root    0 8月  30 2019 sample_esx4.ks
-rw-r--r--. 1 root root  324 8月  30 2019 sample_esxi4.ks
-rw-r--r--. 1 root root  386 8月  30 2019 sample_esxi5.ks
-rw-r--r--. 1 root root  386 8月  30 2019 sample_esxi6.ks
-rw-r--r--. 1 root root 1913 8月  30 2019 sample.ks
-rw-r--r--. 1 root root 3419 8月  30 2019 sample_old.seed
-rw-r--r--. 1 root root 6694 8月  30 2019 sample.seed
-rw-r--r--. 1 root root 6706 6月  18 2019 sample.seed.28
[root@localhost kickstarts]# 
[root@localhost kickstarts]# systemctl restart dhcpd.service 
[root@localhost kickstarts]# systemctl restart xinetd.service 
[root@localhost kickstarts]# systemctl restart cobblerd.service 
[root@localhost kickstarts]# systemctl restart httpd.service 
[root@localhost kickstarts]# 

3. 验证cobbler自动装机

新建一个虚拟机

扫描二维码关注公众号，回复： 11521543 查看本文章

自行安装之后是字符界面，需要手动安装图像界面

4.设置cobbler-web认证

第一种cobbler-web认证

[root@localhost kickstarts]#vim /etc/cobbler/modules.conf	//authn_configfile  模块认证
[root@localhost kickstarts]# htdigest -c /etc/cobbler/users.digest Cobbler cbadmin
Adding password for cbadmin in realm Cobbler.
New password: 
Re-type new password: 
[root@localhost kickstarts]# systemctl restart cobblerd.service 
[root@localhost kickstarts]# systemctl restart httpd.service 
[root@localhost kickstarts]# 

第二种cobbler-web认证

[root@localhost kickstarts]#vim /etc/cobbler/modules.conf
module = authn_pam	'//修改pam认证'
module = authz_ownership	'//在users.conf指定访问权限'
useradd webuser
passwd webuser
[root@localhost kickstarts]#vim /etc/cobbler/users.conf
[admins]
admin = “”
cobbler = “”
webuser = “”	'//添加'
systemctl restart cobblerd.service
systemctl restart httpd.service

在宿主机上访问

https://192.168.75.134/cobbler_web