前言
官网:https://cobbler.github.io/
Cobbler 是一个快速网络安装 Linux 的服务,而且经过调整也可以支持网络安装 Windows。
该工具使用 Python 开发,小巧轻便(才 15 k 行 Python 代码),使用简单的命令即可完成PXE网络安装环境的配置, 同时还可以管理 DHCP、DNS、TFTP、RSYNC 以及 YUM 仓库、构造系统 ISO 镜像。
Cobbler 支持命令行管理,Web 界面管理,还提供了 API 接口,可以方便二次开发使用。 Cobbler 客户端 koan 支持虚拟机安装和操作系统重新安装,使重装系统更便捷。
2 Cobbler 功能
使用 Cobbler,您无需进行人工干预即可安装机器。Cobbler 设置一个 PXE 引导环境(它还可使用 yaboot 支持 PowerPC),
并控制与安装相关的所有方面,比如网络引导服务(DHCP 和 TFTP)与存储库镜像。当希望安装一台新机器时,Cobbler 可以:
使用一个以前定义的模板来配置 DHCP 服务(如果启用了管理 DHCP)
将一个存储库(yum 或 rsync)建立镜像或解压缩一个媒介,以注册一个新操作系统
在 DHCP 配置文件中为需要安装的机器创建一个条目,并使用您指定的参数(IP 和 MAC 地址)
在 TFTP 服务目录下创建适当的 PXE 文件
重新启动 DHCP 服务以反映更改
重新启动机器以开始安装(如果电源管理已启用)
Cobbler 支持众多的发行版:Red Hat、Fedora、CentOS、Debian、Ubuntu 和 SuSE。当添加一个操作系统(通常通过使用 ISO 文件)时,
Cobbler 知道如何解压缩合适的文件并调整网络服务,以正确引导机器。
Cobbler 可使用 kickstart 模板。基于 Red Hat 或 Fedora 的系统使用 kickstart 文件来自动化安装流程。
通过使用模板,您就会拥有基本的 kickstart 模板,然后定义如何针对一种配置文件或机器配置而替换其中的变量。
例如,一个模板可能包含两个变量 $domain 和 $machine_name。在 Cobbler 配置中,一个配置文件指定 domain=mydomain.com,
并且每台使用该配置文件的机器在 machine_name 变量中指定其名称。该配置文件中的所有机器都使用相同的 kickstart 安装且针对 domain=mydomain.com
进行配置,但每台机器拥有其自己的机器名称。您仍然可以使用 kickstart 模板在不同的域中安装其他机器并使用不同的机器名称。
为了协助管理系统,Cobbler 可通过 fence scripts 连接到各种电源管理环境。
Cobbler 支持 apc_snmp、bladecenter、bullpap、drac、ether_wake、ilo、integrity、ipmilan、ipmitool、lpar、rsa、virsh 和 wti。
要重新安装一台机器,可运行 reboot system foo 命令,而且 Cobbler 会使用必要的凭据和信息来为您运行恰当的 fence scripts(比如机器插槽数)。
除了这些特性,还可使用一个配置管理系统 (CMS)。您有两种选择:该工具内的一个内部系统,或者集成一个现有的外部 CMS,比如 Chef 或 Puppet。
借助内部系统,您可以指定文件模板,这些模板会依据配置参数进行处理(与 kickstart 模板的处理方式一样),然后复制到您指定的位置。
如果必须自动将配置文件部署到特定机器,那么此功能很有用。
使用 koan 客户端,Cobbler 可从客户端配置虚拟机并重新安装系统。我不会讨论配置管理和 koan 特性,因为它们不属于本文的介绍范畴。
但是,它们是值得研究的有用特性。
cobbler三大核心组件
repository*
distrbution
profile
repository:
就是安装树,也就是我们通常说的yum源
多种操作系统,需为没个系统准备自己的repositoryDistrbution
这里就是指liux的发行版,其实就是用于引导系统启动的程序,通常来说就是pxe程序。
构成:vmlinuz+initrd.img完成安装系统的过程,需要两个要素
1. 启动特定的系统
vmlinuz initrd
2. 安装特定的软件包
yum repositoryprofile
指定哪个引导程序和哪个yum源是一个整体,可以完成一个特定系统的启动和安装
在profile中需要定义的要素
yum repo
vmlinuz initrd
ks
例子:
centos6 yum centos6 vvmlinuz initrd centos6 ks
演示机环境如下
4核6G 100G硬盘 2台
VMware net8网卡(非必须)
网段:192.168.90.0/24
使用NAT 8 网卡 是为了后续验证cobbler源及cobbler web访问,其它方式均可,VMware关闭DHCP功能,net8网卡与本地网卡绑定(简单理解:DHCP和cobbler、目标主机在同一网段)
小白VMware教程镜像:https://mirrors.aliyun.com/centos/7.9.2009/isos/x86_64/CentOS-7-x86_64-DVD-2009.iso
1. 服务安装
1.1 安装服务依赖
# 基础软件包、依赖安装
# 安装syslinux,管理pxelinux.0文件
yum install -y cobbler cobbler-web httpd syslinux dhcp tftp-server pykickstart xinetd python-ctypes debmirror
1.2 启动服务
# 启动web服务
systemctl start httpd
# 管理TFTP服务
systemctl start xinetd
systemctl start rsyncd
systemctl start tftp
systemctl start cobblerd# 开机启动
systemctl enable httpd
systemctl enable xinetd
systemctl enable rsyncd
systemctl enable tftp
systemctl enable cobblerd
2. 服务配置
2.1 集成服务配置
- 配置cobbler配置文件修改如下
[root@localhost ~]# vim /etc/cobbler/settings
...
# 绑定cobbler主机
bind_master: 192.168.90.1
# DHCP 获取变量,指定cobbler主机
next_server: 192.168.90.1
# 监听cobbler主机IP
server: 192.168.90.1
# cobbler管理DHCP 0 1,0不需要cobbler管理DHCP,1 使用cobbler管理DHCP
manage_dhcp: 1
# 执行pxe次数:0 客户机可以多次执行 1 pxe第一次启动后自动更新启动顺序,防止再次网络启动
pxe_just_once: 1
# cobbler管理TFTP,0 不管理,1 管理
manage_tftpd: 0#通过 openssl passwd -1 -salt `openssl rand 15 -base64` '123123' ,该项为客户端安装完成后root密码,这里root密码为:123123
# $1$ MD5
# /MHaU+wq 随机生成杂质
# wDMN/pdlrtfWvAE.0DFkg1 加密数据
default_password_crypted: "$1$/MHaU+wq$wDMN/pdlrtfWvAE.0DFkg1"# 0 不生成,1 生成,是否生成本地yum源,默认是1,镜像源默认指向cobbler主机
yum_post_install_mirror: 1
# 动态修改配置文件无需重启
allow_dynamic_settings: 1
...
- 配置dhcp模板
修改
dhcp.template配置文件使用cobbler生成,如dhcp变动必须修改dhcp.template文件,然后使用cobbler进行同步:cobbler sync,重启一次dhcp:systemctl restart dhcpd。dhcp配置段不能有
#注释
#注意修改为192.168.90.0/24 网段的IP
[root@localhost ~]# vim /etc/cobbler/dhcp.template
......
subnet 192.168.90.0 netmask 255.255.255.0 {option routers 192.168.90.1;option domain-name-servers 223.5.5.5;option subnet-mask 255.255.255.0;range dynamic-bootp 192.168.90.110 192.168.90.200;default-lease-time 21600;max-lease-time 43200;next-server $next_server;
...
#######################################################################################
subnet 192.168.90.0 netmask 255.255.255.0 {# cobbler主机option routers 192.168.90.1;# 客户端安装后分配的DNSoption domain-name-servers 223.5.5.5;# 子网掩码option subnet-mask 255.255.255.0;# 网段范围range dynamic-bootp 192.168.90.110 192.168.90.200;default-lease-time 21600;max-lease-time 43200;# cobbler主机next-server $next_server;
- 配置tftp配置文件,将
disable改为no。
用于控制 TFTP 服务是否可用。当设置为
no时,表示 TFTP 服务允许被激活并响应来自网络的请求;如果设置为yes,则表示 TFTP 服务被禁用,不会响应任何网络请求。这是 xinetd 配置文件中用来开启或关闭服务的标准方法。tftp是由xinetd控制,无网络请求时服务处于关闭状态,当xinetd接收到网络请求后将唤醒tftp服务,平时检查服务时看到是关闭状态属正常。
# 修改tftp配置
vim /etc/xinetd.d/tftpservice tftp
{socket_type = dgramprotocol = udpwait = yesuser = rootserver = /usr/sbin/in.tftpdserver_args = -s /var/lib/tftpbootdisable = noper_source = 11cps = 100 2flags = IPv4
}
3.1 cobbler管理tftp目录,因此tftp目录不需要手动管理,cobbler会自动生成安装系统所需要的文件
[root@localhost ~]# ls /var/lib/tftpboot/
boot etc grub images images2 memdisk menu.c32 ppc pxelinux.0 pxelinux.cfg s390x
3.2 对修改过的服务进行重启
systemctl restart xinetd
systemctl restart tftp
systemctl restart cobblerd
- cobbler同步配置文件
# 同步配置文件
[root@localhost ~]# cobbler sync
task started: 2024-12-05_223739_sync
task started (id=Sync, time=Thu Dec 5 22:37:39 2024)
running pre-sync triggers
cleaning trees
removing: /var/lib/tftpboot/pxelinux.cfg/default
removing: /var/lib/tftpboot/grub/images
removing: /var/lib/tftpboot/grub/efidefault
removing: /var/lib/tftpboot/s390x/profile_list
copying bootloaders
copying distros to tftpboot
copying images
generating PXE configuration files
generating PXE menu structure
rendering DHCP files
generating /etc/dhcp/dhcpd.conf
rendering TFTPD files
generating /etc/xinetd.d/tftp
cleaning link caches
running post-sync triggers
running python triggers from /var/lib/cobbler/triggers/sync/post/*
running python trigger cobbler.modules.sync_post_restart_services
running: dhcpd -t -q
received on stdout:
received on stderr:
running: service dhcpd restart
received on stdout:
received on stderr: Redirecting to /bin/systemctl restart dhcpd.servicerunning shell triggers from /var/lib/cobbler/triggers/sync/post/*
running python triggers from /var/lib/cobbler/triggers/change/*
running python trigger cobbler.modules.manage_genders
running python trigger cobbler.modules.scm_track
running shell triggers from /var/lib/cobbler/triggers/change/*
*** TASK COMPLETE ***
注:每次修改配置文件都要使用cobbler进行同步
- cobbler自检
# cobbler自检
[root@localhost ~]# cobbler check
The following are potential configuration items that you may want to fix:1 : change 'disable' to 'no' in /etc/xinetd.d/tftp
2 : Some network boot-loaders are missing from /var/lib/cobbler/loaders. If you only want to handle x86/x86_64 netbooting, you may ensure that you have installed a *recent* version of the syslinux package installed and can ignore this message entirely. Files in this directory, should you want to support all architectures, should include pxelinux.0, menu.c32, elilo.efi, and yaboot.
3 : enable and start rsyncd.service with systemctl
4 : comment out 'dists' on /etc/debmirror.conf for proper debian support
5 : comment out 'arches' on /etc/debmirror.conf for proper debian support
6 : fencing tools were not found, and are required to use the (optional) power management features. install cman or fence-agents to use them
有6个问题处,处理如下:
每个人出现的问题不相同,处理方式不相同,根据提示修改即可。
问题1:修改/etc/xinetd.d/tftp,将disable改为no。
问题2:确保安装了最新版syslinux,如已安装则忽略该提示。
问题3:启动rsyncd服务,启动并设置开机启动
systemctl start rsyncd
systemctl enable rsyncd
问题4,问题5:注释掉/etc/debmirror.conf文件下的dists arches
[root@localhost ~]# vim /etc/debmirror.conf
......
#@dists="sid";
#@arches="i386";
......
######################################################
# 快速修改
sed -i 's/@dists="sid";/# @dists="sid";/g' /etc/debmirror.conf
sed -i 's/@arches="i386";/# @arches="i386";/g' /etc/debmirror.conf
问题6:找不到tools软件包,忽略即可,debian系统中的软件包,本服务基于Centos7安装,找不到忽略即可。
cobbler同步+自检
[root@localhost ~]# cobbler sync[root@localhost ~]# cobbler check
The following are potential configuration items that you may want to fix:1 : Some network boot-loaders are missing from /var/lib/cobbler/loaders. If you only want to handle x86/x86_64 netbooting, you may ensure that you have installed a *recent* version of the syslinux packageinstalled and can ignore this message entirely. Files in this directory, should you want to support allarchitectures, should include pxelinux.0, menu.c32, elilo.efi, and yaboot.
2 : fencing tools were not found, and are required to use the (optional) power management features. install cman or fence-agents to use themRestart cobblerd and then run 'cobbler sync' to apply changes.
此时只有两个提示,服务配置完成。
2.2 挂载镜像、导入
2.2.1挂载镜像
镜像挂载列举两种方式:cdrom挂载、本地挂载
1. cdrom挂载
挂载系统镜像文件
由于这里为虚拟机,直接挂载 CD/DVD 即可。[root@localhost ~]# mkdir -pv /mnt/centos7.9
mkdir: created directory ‘/mnt/centos7.9’
[root@localhost ~]# mount /dev/sr0 /mnt/centos7.9/
mount: /dev/sr0 is write-protected, mounting read-only
[root@localhost ~]# mount |grep /mnt/centos7.9 && ls /mnt/centos7.9/
/dev/sr0 on /mnt/centos7.9 type iso9660 (ro,relatime)
CentOS_BuildTag EULA images LiveOS repodata RPM-GPG-KEY-CentOS-Testing-7
EFI GPL isolinux Packages RPM-GPG-KEY-CentOS-7 TRANS.TBL
2. 本地挂载
[root@localhost ~]# mkdir -p /mnt/centos7.9/
mount -o loop CentOS-7-x86_64-DVD-2009.iso /mnt/centos7.9/
mount: /dev/loop0 is write-protected, mounting read-only
[root@localhost ~]# mount
......
/mnt/CentOS-7-x86_64-DVD-2009.iso on /mnt/centos7.9 type iso9660 (ro,relatime)
2.2.2 导入镜像
该操作是将挂载的镜像复制到系统中一份
cobbler导入镜像语法:cobbler import [options]
--path=/mnt/centos7.9 # 指定挂载镜像目录
--name=CentOS-7.9-x86_64 # 导入后系统名称,可自定义
--arch=x86_64 # 架构描述[32位/64位],在导入时如不指定,cobbler会自行判断并添加参数
[root@localhost ~]# cobbler import --path=/mnt/centos7.9 --name=CentOS-7.9-x86_64 --arch=x86_64
task started: 2024-01-10_012008_import
task started (id=Media import, time=Wed Jan 10 01:20:08 2024)
Found a candidate signature: breed=suse, version=opensuse15.0
Found a candidate signature: breed=suse, version=opensuse15.1
Found a candidate signature: breed=redhat, version=rhel6
Found a candidate signature: breed=redhat, version=rhel7
Found a matching signature: breed=redhat, version=rhel7
Adding distros from path /var/www/cobbler/ks_mirror/CentOS-7.9-x86_64:
creating new distro: CentOS-7.9-x86_64
trying symlink: /var/www/cobbler/ks_mirror/CentOS-7.9-x86_64 -> /var/www/cobbler/links/CentOS-7.9-x86_64
creating new profile: CentOS-7.9-x86_64
associating repos
checking for rsync repo(s)
checking for rhn repo(s)
checking for yum repo(s)
starting descent into /var/www/cobbler/ks_mirror/CentOS-7.9-x86_64 for CentOS-7.9-x86_64
processing repo at : /var/www/cobbler/ks_mirror/CentOS-7.9-x86_64
need to process repo/comps: /var/www/cobbler/ks_mirror/CentOS-7.9-x86_64
looking for /var/www/cobbler/ks_mirror/CentOS-7.9-x86_64/repodata/*comps*.xml
Keeping repodata as-is :/var/www/cobbler/ks_mirror/CentOS-7.9-x86_64/repodata
*** TASK COMPLETE ***
镜像导入后会在/var/www/cobbler/ks_mirror/目录下生成同名指定目录用于存放镜像
[root@localhost ~]# ls /var/www/cobbler/ks_mirror/
CentOS-7.9-x86_64 config
2.3 查看创建的repo
查看配置列表cobbler distro profile配置是否正确
[root@localhost ~]# cobbler list
distros:CentOS-7.9-x86_64profiles:CentOS-7.9-x86_64systems:repos:images:mgmtclasses:packages:#######################################################################################
# 查看 distro 配置
[root@localhost ~]# cobbler distro report
Name : CentOS-7.9-x86_64 # 自定义系统名称
Architecture : x86_64 # 架构描述
TFTP Boot Files : {}
Breed : redhat
Comment :
Fetchable Files : {}
Initrd : /var/www/cobbler/ks_mirror/CentOS-7.9-x86_64/images/pxeboot/initrd.img #初始化磁盘启动文件
Kernel : /var/www/cobbler/ks_mirror/CentOS-7.9-x86_64/images/pxeboot/vmlinuz # 内核路径
Kernel Options : {}
Kernel Options (Post Install) : {}
Kickstart Metadata : {'tree': 'http://@@http_server@@/cblr/links/CentOS-7.9-x86_64'} #Kickstart树,通过web可以访问:http://192.168.90.1/cblr/links/CentOS-7.9-x86_64
Management Classes : []
OS Version : rhel7
Owners : ['admin']
Red Hat Management Key : <<inherit>>
Red Hat Management Server : <<inherit>>
Template Files : {}#######################################################################################
# 查看 profile 配置
[root@localhost ~]# cobbler profile report
Name : CentOS-7.9-x86_64 # 自定义系统名称
TFTP Boot Files : {}
Comment :
DHCP Tag : default
Distribution : CentOS-7.9-x86_64
Enable gPXE? : 0
Enable PXE Menu? : 1
Fetchable Files : {}
Kernel Options : {}
Kernel Options (Post Install) : {}
Kickstart : /var/lib/cobbler/kickstarts/CentOS-7-x86_64.ks.cfg # ks启动文件,即自定义系统配置文件
Kickstart Metadata : {}
Management Classes : []
Management Parameters : <<inherit>>
Name Servers : []
Name Servers Search Path : []
Owners : ['admin']
Parent Profile :
Internal proxy :
Red Hat Management Key : <<inherit>>
Red Hat Management Server : <<inherit>>
Repos : []
Server Override : <<inherit>>
Template Files : {}
Virt Auto Boot : 1
Virt Bridge : xenbr0
Virt CPUs : 1
Virt Disk Driver Type : raw
Virt File Size(GB) : 5
Virt Path :
Virt RAM (MB) : 512
Virt Type : kvm
2.3.1 Kickstart树
可以做为本地软件源来使用。
http://
3. ks文件配置
kickstart文件的基本组成
第一部分:命令段作用:用于对系统进行基本的配置命令:install:启动安装过程url:指定启动安装进程后,去哪个url下找安装包keyboard:指定键盘类型lang:指定语言类型harddrive:指定驱动程序network:设置网络rootpw:设置管理员密码firewall:设置防火墙功能authconfig:密码加密方式selinux:设置selinux是否自动启动timezone:设置时区bootloader:指定启动系统的bootloader放在哪里part:指定分区类型、大小、挂载点logvol:设置逻辑卷及其卷组volgroup:设置卷组大小及其包含的物理卷repo:指定rpm仓库的信息
######################################################
第二部分:软件包段%packages 软件包段的开头%end 软件包段的结尾在这两个中间所放的是包名和包组名
######################################################
第三部分:脚本段%pre:安装前脚本%post:安装后脚本
3.1 ks文件准备
ks文件可以从两个地方获取,新安装系统
cfg没有变量# cobbler主机中模板文件 sample_end.ks [root@localhost kickstarts]# ls /var/lib/cobbler/kickstarts CentOS-7-x86_64.ks.cfg esxi5-ks.cfg pxerescue.ks sample_esx4.ks sample_esxi6.ks sample.seed default.ks install_profiles sample_autoyast.xml sample_esxi4.ks sample.ks esxi4-ks.cfg legacy.ks sample_end.ks sample_esxi5.ks sample_old.seed# 新安装系统/root目录下cfg文件 [root@localhost ~]# pwd /root [root@localhost ~]# tree . ├── anaconda-ks.cfg └── initial-setup-ks.cfg安装后执行脚本文件统一放在该目录下
# 调用脚本存储存放路径,cobbler服务settings中配置 # /var/lib/cobbler/snippets [root@localhost kickstarts]# ls /var/lib/cobbler/snippets addons.xml keep_ssh_host_keys network_config_esxi pre_install_network_config cobbler_register kickstart_done networking.xml pre_partition_select download_config_files kickstart_start partition_select preseed_apt_repo_config download_config_files_deb koan_environment post_anamon proxy.xml func_install_if_enabled late_apt_repo_config post_install_kernel_options puppet_install_if_enabled func_register_if_enabled log_ks_post post_install_network_config puppet_register_if_enabled hosts.xml log_ks_post_nochroot post_install_network_config_deb redhat_register kdump.xml log_ks_pre post_koan_add_reinstall_entry restore_boot_device keep_cfengine_keys main_partition_select post_run_deb rhn_certificate_based_register keep_files network_config post_s390_reboot save_boot_device keep_rhn_keys network_config_esx pre_anamon suse_scriptwrapper.xml# 调用示例 %post # 内置变量生成本地yum源,指向的是cobbler源 $yum_config_stanza $SNIPPET('post_install_kernel_options') $SNIPPET('post_install_network_config') %end
修改lvm part 分区,软件包是Server with GUI全量包,根据需求调整即可。配置文件中不能有中文注释
--ondisk=sda 指定盘
--grow 自动扩展,剩余全部分给根分区,只分配sda,其它不会被挂载/格式化
--size 单位是M。
将修改后的文件保存至vim /var/lib/cobbler/kickstarts/CentOS-7-x86_64.ks.cfg
# This kickstart file should only be used with EL > 5 and/or Fedora > 7.
# For older versions please use the sample.ks kickstart file.# System authorization information
#auth --enableshadow --passalgo=sha512
auth --useshadow --enablemd5
# Use CDROM installation media
# cdrom
# Use graphical install
text
# graphical
# Do not configure the X Window System
# skipx
# X Window System configuration information
# xconfig --startxonboot
# Run the Setup Agent on first boot
firstboot --disable
# Specify Disk
ignoredisk --only-use=sda
# Keyboard layouts
keyboard --vckeymap=us --xlayouts='us'
# System language
lang en_US.UTF-8 --addsupport=zh_CN.UTF-8
# Use network installation
url --url=$tree
# If any cobbler repo definitions were referenced in the kickstart profile, include them here.
$yum_repo_stanza
# Network information
$SNIPPET('network_config')
# Reboot after installation
reboot# Root password
rootpw --iscrypted $default_password_crypted
# services --disabled=auditd,cups,smartd,nfslock
# System services
services --disabled="cups,rpcbind,dnsmasq"
# Firewall configuration
firewall --disabled
# selinux configuration
selinux --disabled
# System timezone
timezone Asia/Shanghai --isUtc --nontp
# Install OS instead of upgrade
install
# Clear the Master Boot Record
zerombr
# System bootloader configuration
bootloader --append=" crashkernel=auto" --location=mbr --boot-drive=sda
# Partition clearing information
clearpart --all --initlabel --drives=sda
# Disk partitioning information
# lvm part
part pv.456 --fstype="lvmpv" --ondisk=sda --grow
part biosboot --fstype="biosboot" --ondisk=sda --size=2
part /boot --fstype="xfs" --ondisk=sda --size=1024
volgroup centos --pesize=4096 pv.456
logvol / --fstype="xfs" --grow --size=1 --name=root --vgname=centos
logvol swap --fstype="swap" --size=4096 --name=swap --vgname=centos%packages
@^graphical-server-environment
@backup-server
@base
@compat-libraries
@core
@desktop-debugging
@development
@dial-up
@dns-server
@file-server
@fonts
@ftp-server
@gnome-desktop
@guest-agents
@guest-desktop-agents
@ha
@hardware-monitoring
@identity-management-server
@infiniband
@input-methods
@internet-browser
@java-platform
@kde-desktop
@large-systems
@load-balancer
@mail-server
@mainframe-access
@mariadb
@multimedia
@network-file-system-client
@performance
@postgresql
@print-client
@print-server
@remote-system-management
@resilient-storage
@security-tools
@smart-card
@system-admin-tools
@virtualization-client
@virtualization-hypervisor
@virtualization-tools
@x11
kexec-tools
-postfix
%end%anaconda
pwpolicy root --minlen=6 --minquality=1 --notstrict --nochanges --notempty
pwpolicy user --minlen=6 --minquality=1 --notstrict --nochanges --emptyok
pwpolicy luks --minlen=6 --minquality=1 --notstrict --nochanges --notempty
%end%post
$SNIPPET('log_ks_post')
# Start yum configuration
$yum_config_stanza
# End yum configuration
$SNIPPET('post_install_kernel_options')
$SNIPPET('post_install_network_config')
$SNIPPET('func_register_if_enabled')
$SNIPPET('download_config_files')
$SNIPPET('koan_environment')
$SNIPPET('redhat_register')
$SNIPPET('cobbler_register')
# Enable post-install boot notification
$SNIPPET('post_anamon')
# Start final steps
$SNIPPET('kickstart_done')
# End final steps
%end
注释参考
# This kickstart file should only be used with EL > 5 and/or Fedora > 7.
# For older versions please use the sample.ks kickstart file.#platform=x86, AMD64, or Intel EM64T
# System authorization information
auth --useshadow --enablemd5
# Use text mode install 安装方式 text最小化 graphical图形化,启动图开化需要注释 skipx
text
# graphical
# Do not configure the X Window System 跳过图形化
skipx
# X Window System configuration information 图形化安装时启用
# xconfig --startxonboot
# Run the Setup Agent on first boot
firstboot --disable
# System keyboard
keyboard --vckeymap=us --xlayouts='us'
# System language 字符集,支持zh_CN
lang en_US.UTF-8 --addsupport=zh_CN.UTF-8
# Use network installation 指向cobbler服务器,此处是变量获取默认是本机,可手动指定
url --url=$tree
# If any cobbler repo definitions were referenced in the kickstart profile, include them here.
$yum_repo_stanza
# Network information 网卡配置
# network --bootproto=dhcp --device=ens32 --onboot=off --ipv6=auto --no-activate
# network --hostname=localhost.localdomain
$SNIPPET('network_config')
# Reboot after installation 安装完成重启
reboot#Root password 系统默认密码,cobbler settings中配置
rootpw --iscrypted $default_password_crypted
# System services
# 同时禁用多个服务,仅禁用 auditd 服务。要禁用所有四个服务,这个条目不应包含空格:
# services --disabled=auditd,cups,smartd,nfslock
services --disabled="cups,rpcbind,dnsmasq"
# Firewall configuration
firewall --disabled
# SELinux configuration
selinux --disabled
# System timezone 时区,--nontp 不启用ntp
timezone Asia/Shanghai --isUtc --nontp
# Install OS instead of upgrade 全新安装
install
# Clear the Master Boot Record 清理boot分区
zerombr
# System bootloader configuration
# --boot-drive=sda 指定盘
bootloader --append=" crashkernel=auto" --location=mbr --boot-drive=sda
# Partition clearing information
# --drives=sda 指定盘
clearpart --all --initlabel --drives=sda
# Allow anaconda to partition the system as needed
# autopart --size 指定大小 --grow 动态大小[有多少给多少]
# --grow --asprimary --size=1 最小1M~到大值
# lvm分区
part pv.456 --fstype="lvmpv" --ondisk=sda --grow
part biosboot --fstype="biosboot" --ondisk=sda --size=2
part /boot --fstype="xfs" --ondisk=sda --size=1024
volgroup centos --pesize=4096 pv.456
# --asprimary cobbler 2.8.5 版本不支持该参数
#logvol / --fstype="xfs" --grow --asprimary --size=1 --name=root --vgname=centos
logvol / --fstype="xfs" --grow --size=1 --name=root --vgname=centos
logvol swap --fstype="swap" --size=4096 --name=swap --vgname=centos# 标准分区
# part /boot --fstype="xfs" --asprimary --size=2048
# part swap --fstype="swap" --size=1024
# part / --fstype="xfs" --grow --asprimary --size=1# 安装前执行脚本
%pre
......
# 内存小于2G挂载缓存区
mount -t tmpfs -o size=512M tmpfs /run/initramfs
%end# 安装包
%packages
@^graphical-server-environment
# - 表示不安装该软件包
-dnsmasq
......
%end# 密码策略
# pwpolicy root root
# pwpolicy user普通用户
# pwpolicy luks LUKS加密系统密码策略
# --minlen
# --minlen=6:密码最小长度为6。
# --minquality=1:密码复杂度最低要求(通常从0到100,较低的数值表示较低的复杂度要求)。
# --notstrict:如果不满足密码策略,安装时不会强制错误。
# --nochanges:安装过程中不允许更改密码策略。
# --notempty 或 --emptyok:指定密码是否可以为空。--notempty 表示密码不可为空,--emptyok 表示密码可以为空。
%anaconda
pwpolicy root --minlen=6 --minquality=1 --notstrict --nochanges --notempty
pwpolicy user --minlen=6 --minquality=1 --notstrict --nochanges --emptyok
pwpolicy luks --minlen=6 --minquality=1 --notstrict --nochanges --notempty
%end# 安装后执行脚本,默认路径:/var/lib/cobbler/snippets
%post
$SNIPPET('log_ks_post')
......
%end
3.2 动态编辑指定新的ks文件
指定profile使用哪个ks文件,即上面自定义的配置文件
[root@localhost ~]# cobbler profile edit --name=CentOS-7.9-x86_64 --kickstart=/var/lib/cobbler/kickstarts/CentOS-7-x86_64.ks.cfg#查看配置信息
[root@localhost ~]# cobbler profile report
Name : CentOS-7.9-x86_64
TFTP Boot Files : {}
Comment :
DHCP Tag : default
Distribution : CentOS-7.9-x86_64
Enable gPXE? : 0
Enable PXE Menu? : 1
Fetchable Files : {}
Kernel Options : {}
Kernel Options (Post Install) : {}
Kickstart : /var/lib/cobbler/kickstarts/CentOS-7-x86_64.ks.cfg #ks文件已经更新
Kickstart Metadata : {}
Management Classes : []
Management Parameters : <<inherit>>
Name Servers : []
Name Servers Search Path : []
Owners : ['admin']
Parent Profile :
Internal proxy :
Red Hat Management Key : <<inherit>>
Red Hat Management Server : <<inherit>>
Repos : []
Server Override : <<inherit>>
Template Files : {}
Virt Auto Boot : 1
Virt Bridge : xenbr0
Virt CPUs : 1
Virt Disk Driver Type : raw
Virt File Size(GB) : 5
Virt Path :
Virt RAM (MB) : 512
Virt Type : kvm#######################################################################################
#每次修改都需要执行一次 sync
cobbler sync
4. client客户端装系统
新建一台虚拟机,选择nat 8网卡,与cobbler网络互通。
注意:如果这里是物理机的安装,则需要开机选择网络启动的方式;修改cobbler发布顶部URL
[root@localhost ~]# ls
anaconda-ks.cfg cobbler.ks ks-post.log original-ks.cfg
##################################################################
[root@localhost ~]# egrep -i "^selinux" /etc/selinux/config
SELINUX=disabled
SELINUXTYPE=targeted
##################################################################
[root@localhost yum.repos.d]# systemctl status firewalld cups rpcbind dnsmasq postfix
● firewalld.service - firewalld - dynamic firewall daemonLoaded: loaded (/usr/lib/systemd/system/firewalld.service; disabled; vendor preset: enabled)Active: inactive (dead)Docs: man:firewalld(1)● cups.service - CUPS Printing ServiceLoaded: loaded (/usr/lib/systemd/system/cups.service; disabled; vendor preset: enabled)Active: inactive (dead)● rpcbind.service - RPC bind serviceLoaded: loaded (/usr/lib/systemd/system/rpcbind.service; disabled; vendor preset: enabled)Active: inactive (dead)● dnsmasq.service - DNS caching server.Loaded: loaded (/usr/lib/systemd/system/dnsmasq.service; disabled; vendor preset: disabled)Active: inactive (dead)
Unit postfix.service could not be found.
##################################################################
[root@localhost ~]# netstat -tnlp
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
tcp 0 0 192.168.122.1:53 0.0.0.0:* LISTEN 1924/dnsmasq
tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN 1211/sshd
tcp 0 0 127.0.0.1:6010 0.0.0.0:* LISTEN 8854/sshd: root@pts
tcp6 0 0 :::22 :::* LISTEN 1211/sshd
tcp6 0 0 ::1:6010 :::* LISTEN 8854/sshd: root@pts
##################################################################
# 单盘安装
[root@localhost ~]# df -h
Filesystem Size Used Avail Use% Mounted on
devtmpfs 1.4G 0 1.4G 0% /dev
tmpfs 1.4G 0 1.4G 0% /dev/shm
tmpfs 1.4G 12M 1.4G 1% /run
tmpfs 1.4G 0 1.4G 0% /sys/fs/cgroup
/dev/mapper/centos-root 45G 6.1G 39G 14% /
/dev/sda2 1014M 187M 828M 19% /boot
tmpfs 280M 16K 280M 1% /run/user/42
tmpfs 280M 0 280M 0% /run/user/0
##################################################################
[root@localhost ~]# lsblk
NAME MAJ:MIN RM SIZE RO TYPE MOUNTPOINT
sda 8:0 0 50G 0 disk
├─sda1 8:1 0 2M 0 part
├─sda2 8:2 0 1G 0 part /boot
└─sda3 8:3 0 49G 0 part ├─centos-root 253:0 0 45G 0 lvm /└─centos-swap 253:1 0 4G 0 lvm [SWAP]
sr0 11:0 1 4.4G 0 rom
##################################################################
[root@localhost ~]# lvsLV VG Attr LSize Pool Origin Data% Meta% Move Log Cpy%Sync Convertroot centos -wi-ao---- <45.00g swap centos -wi-ao---- 4.00g ##################################################################
# 多盘状态下指定盘安装
[root@localhost ~]# lvsLV VG Attr LSize Pool Origin Data% Meta% Move Log Cpy%Sync Convertroot centos -wi-ao---- <45.00g swap centos -wi-ao---- 4.00g
[root@localhost ~]# df -h
Filesystem Size Used Avail Use% Mounted on
devtmpfs 1.9G 0 1.9G 0% /dev
tmpfs 1.9G 0 1.9G 0% /dev/shm
tmpfs 1.9G 12M 1.9G 1% /run
tmpfs 1.9G 0 1.9G 0% /sys/fs/cgroup
/dev/mapper/centos-root 45G 6.1G 39G 14% /
/dev/sda2 1014M 187M 828M 19% /boot
tmpfs 378M 0 378M 0% /run/user/0
[root@localhost ~]# lsblk
NAME MAJ:MIN RM SIZE RO TYPE MOUNTPOINT
sda 8:0 0 50G 0 disk
├─sda1 8:1 0 2M 0 part
├─sda2 8:2 0 1G 0 part /boot
└─sda3 8:3 0 49G 0 part ├─centos-root 253:0 0 45G 0 lvm /└─centos-swap 253:1 0 4G 0 lvm [SWAP]
sdb 8:16 0 50G 0 disk
sr0 11:0 1 4.4G 0 rom
5. cobbler帮助&其它常用命令
待补充
# 删除 profile distro 会自动同步删除导入的镜像文件,ks文件不会被删除
cobbler profile remove --name CentOS-7.9-x86_64
cobbler distro remove --name CentOS-7.9-x86_64
cobbler list
distros:profiles:systems:repos:images:mgmtclasses:packages:files:#######################################################################################
# 启动菜单文件
# 放在该目录下文件名改为default
/var/lib/tftpboot/pxelinux.cfg
#######################################################################################
# 获取帮助 cobbler
[root@localhost ~]# cobbler --help
usage
=====
cobbler <distro|profile|system|repo|image|mgmtclass|package|file> ... [add|edit|copy|getks*|list|remove|rename|report] [options|--help]
cobbler <aclsetup|buildiso|import|list|replicate|report|reposync|sync|validateks|version|signature|hardlink> [options|--help][root@localhost ~]# cobbler profile --help
usage
=====
cobbler profile add
cobbler profile copy
cobbler profile dumpvars
cobbler profile edit
cobbler profile find
cobbler profile getks
cobbler profile list
cobbler profile remove
cobbler profile rename
cobbler profile report
附:扩展
1. 修改cobbler安装客户机时显示的地址
修改网络启动cobbler显示地址。
[root@localhost cobbler]# vim /etc/cobbler/pxe/pxedefault.template
DEFAULT menu
PROMPT 0
MENU TITLE Cobbler | http://cobbler.github.io/
......
修改前
修改后
2. httpd对外访提供服务与cobbler镜像导入路径
httpd对外提供访问配置与cobbler需要相对应,cobbler导入镜像路径变更,httpd与需要同步变更
待验证补充
修改httpd配置文件
[root@localhost ~]# cat /etc/httpd/conf.d/cobbler.conf
# This configuration file allows cobbler data
# to be accessed over HTTP.AliasMatch ^/cblr(?!/svc/)(.*)?$ "/var/www/cobbler$1"
AliasMatch ^/cobbler_track(.*)?$ "/var/www/cobbler$1"
#AliasMatch ^/cobbler(.*)?$ "/var/www/cobbler$1"
Alias /cobbler /var/www/cobbler
Alias /cobbler_webui_content /var/www/cobbler_webui_contentWSGIScriptAliasMatch ^/cblr/svc/([^/]*) /var/www/cobbler/svc/services.py<Directory "/var/www/cobbler">SetEnv VIRTUALENV Options Indexes FollowSymLinksOrder allow,denyAllow from all
</Directory>ProxyRequests offProxyPass /cobbler_api http://127.0.0.1:25151/
ProxyPassReverse /cobbler_api http://127.0.0.1:25151/BrowserMatch "MSIE" AuthDigestEnableQueryStringHack=On# the webui is now part of the "cobbler-web" package
# and is visited at http://.../cobbler_web not this URL.
# this is only a pointer to the new page.<Directory "/var/www/cobbler/web/">Options Indexes FollowSymLinksOrder allow,denyAllow from all
</Directory><IfVersion >= 2.4><Location /cblr>Require all granted</Location>
</IfVersion>
修改cobbler镜像导入路径
修改配置文件/etc/cobbler/settings中webdir: /var/www/cobbler,重启cobbler、httpd
vim /etc/cobbler/settings
......
webdir: /var/www/cobbler
......systemctl restart cobbler
systemctl restart httpd
3. cobbler_web
默认URL:https://192.168.90.1/cobbler_web/
用户/密码:cobbler
4. cobbler镜像源、本地镜像源
安装完成后会生成一个基于cobbler的镜像源, 将xxxxrepo文件移动后直接可用,桌面也会有一个ISO光盘(桌面登录一次后才能看到),如做本地yum源可用。
##################################################################
# cobbler源
[root@localhost ~]# cd /etc/yum.repos.d/
[root@localhost yum.repos.d]# ls
CentOS-Base.repo CentOS-Debuginfo.repo CentOS-Media.repo CentOS-Vault.repo cobbler-config.repo
CentOS-CR.repo CentOS-fasttrack.repo CentOS-Sources.repo CentOS-x86_64-kernel.repo[root@localhost yum.repos.d]# mkdir bak
[root@localhost yum.repos.d]# mv CentOS-* bak/[root@localhost yum.repos.d]# ls
bak cobbler-config.repo[root@localhost yum.repos.d]# yum list |more
Loaded plugins: fastestmirror, langpacks
Determining fastest mirrors
Installed Packages
389-ds-base.x86_64 1.3.10.2-6.el7 @anaconda
389-ds-base-libs.x86_64 1.3.10.2-6.el7 @anaconda
GConf2.x86_64 3.2.6-8.el7 @anaconda
GeoIP.x86_64 1.5.0-14.el7 @anaconda
LibRaw.x86_64 0.19.4-1.el7 @anaconda
ModemManager.x86_64 1.6.10-4.el7 @anaconda
ModemManager-glib.x86_64 1.6.10-4.el7 @anaconda
NetworkManager.x86_64 1:1.18.8-1.el7 @anaconda
NetworkManager-adsl.x86_64 1:1.18.8-1.el7 @anaconda
NetworkManager-glib.x86_64 1:1.18.8-1.el7 @anaconda
NetworkManager-libnm.x86_64 1:1.18.8-1.el7 @anaconda
......
##################################################################
# 本地源
# 安装图形化桌面
yum grouplist
......GNOME Desktop
......
yum -y groupinstall "GNOME Desktop"
init 5# 桌面登录后再次查看即可看到镜像在本地已经处于挂载状态
[root@localhost ~]# ls
anaconda-ks.cfg cobbler.ks Desktop Documents Downloads ks-post.log Music original-ks.cfg Pictures Public Templates Videos[root@localhost ~]# df -h
Filesystem Size Used Avail Use% Mounted on
devtmpfs 1.9G 0 1.9G 0% /dev
tmpfs 1.9G 0 1.9G 0% /dev/shm
tmpfs 1.9G 13M 1.9G 1% /run
tmpfs 1.9G 0 1.9G 0% /sys/fs/cgroup
/dev/mapper/centos-root 45G 6.1G 39G 14% /
/dev/sda2 1014M 187M 828M 19% /boot
tmpfs 378M 40K 378M 1% /run/user/0
tmpfs 378M 8.0K 378M 1% /run/user/42
/dev/sr0 4.4G 4.4G 0 100% /run/media/root/CentOS 7 x86_64[root@localhost ~]# lsblk
NAME MAJ:MIN RM SIZE RO TYPE MOUNTPOINT
sda 8:0 0 50G 0 disk
├─sda1 8:1 0 2M 0 part
├─sda2 8:2 0 1G 0 part /boot
└─sda3 8:3 0 49G 0 part ├─centos-root 253:0 0 45G 0 lvm /└─centos-swap 253:1 0 4G 0 lvm [SWAP]
sdb 8:16 0 50G 0 disk
sr0 11:0 1 4.4G 0 rom /run/media/root/CentOS 7 x86_64
参考:
https://cobbler.github.io/blog/2024/11/12/Cobbler-v3.3.6-Beginners-Guide.html#environment
https://github.com/cobbler/cobbler
官方文档树:https://cobbler.readthedocs.io/en/latest/quickstart-guide.html
模块:https://cobbler.readthedocs.io/en/latest/cobbler-conf.html
ks参数:https://docs.redhat.com/zh-cn/documentation/red_hat_enterprise_linux/7/html/installation_guide/sect-kickstart-syntax#sect-kickstart-commands
post参考:https://docs.redhat.com/zh-cn/documentation/red_hat_enterprise_linux/7/html/installation_guide/sect-kickstart-postinstall#sect-kickstart-postinstall
理论:https://www.cnblogs.com/hukey/p/18024800
前辈:https://jaminzhang.github.io/automated%20ops/Cobbler-automate-deployment-practice/
https://github.com/cobbler/cobbler-web
https://docs.redhat.com/en/documentation/red_hat_satellite/5.4/html/getting_started_guide/sect-red_hat_network_satellite-getting_started_guide-advanced_commands-cobbler#sect-Red_Hat_Network_Satellite-Getting_Started_Guide-Advanced_Commands-Cobbler
web配置参考:https://www.cnblogs.com/TQingS/p/16728160.html
https://cloud.tencent.com/developer/article/1594944
cobbler发布URL参考:https://www.cnblogs.com/ssgeek/p/9223496.html
祝各位好运,天天发财。
