Pxe +ks+ cobbler+ cobbler-web 实现centos6.7 centos7.2无人值守全自动化网络安装系统。

Pxe +ks+ cobbler+ cobbler-web 实现centos6.7,centos7.2无人值守全自动化网络安装系统。

实验环境：一台centos7.2 主机 一块网卡 vnet1 10.0.0.10/8 静态ip地址。两台测试安装centos6.7及centos7.2的虚拟机，网卡各1块，都是vnet1，网卡启动（bios里调）

由于cobbler软件包，是epel源的，所以安装epel源。

Wget /fedora-epel/epel-release-latest-7.noarch.rpm（centos7与centos6的epel源不同）

Rpm -ivh epel-lease-latest.noarch

安装的结果：加了一个yum创库配置文件及配置和此创库软件包校验签名的公钥文件/etc/pki/rpm-gpg/RPM_GPG_KEY_EPEL-7

[epel]

name=Extra Packages for Enterprise Linux 7 - $basearch

#baseurl=/pub/epel/6/$basearch

mirrorlist=/metalink?repo=epel-7&arch=$basearch

failovermethod=priority

enabled=1

gpgcheck=0

gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-EPEL-7

安装相关软件：

Yum -y install cobbler cobbler-web bind dhcp syslinux (httpd,tftp-server........会关联安装上）

Systemctl stop firewalld setenforce 0

[root@localhost Desktop]# nmcli connection modify eno16777728 ipv4.method manual ipv4.addresses 10.0.0.10/8

[root@localhost Desktop]# systemctl restart network

配置cobbler 其主配置文件/etc/cobbler/setting

server:10.0.0.10

next_server:10.0.0.10----------是dhcp里配置next-server的地址即为tftp-server地址

default_password_crypted:"$1$love$sMbBwgqmuHcawBZ7sh04c0"

[root@localhost Desktop]# openssl passwd -1 -salt 'love' '11qq```'

$1$love$sMbBwgqmuHcawBZ7sh04c0

Manage_dhcp:1

Manage_dns:1

Manage_tftpd:1

Bind_master:10.0.0.10

配置cobbler管理的服务的配置模板文件：

Vim /etc/cobbler/dhcp-template------------dhcp模板文件

subnet 10.0.0.0 netmask 255.0.0.0 {

# option routers 192.168.1.5;

option domain-name-servers 10.0.0.10;

option subnet-mask 255.0.0.0;

range dynamic-bootp 10.0.0.100 10.0.0.200;

default-lease-time 21600;

max-lease-time 43200;

next-server $next_server;

filename "pxelinux.0";

}

[root@localhost Desktop]# cat /etc/cobbler/zone.template---------------dns模板文件

$TTL 1D

@IN SOA . . (

081401 ; Serial

600 ; Refresh

1800 ; Retry

604800 ; Expire

300 ) ; TTL

IN NS ns1

ns1 IN A 10.0.0.10

wwwIN A 10.0.0.10

Systemctl start httpd

Systemctl start cobbler

如果能上互联网：cobbler get-loaders (去cobbler的自己专门的网站下载loaders文件到自己本地的数据目录/var/lib/cobbler/loaders)

如果不能上互联网：可以cp syslinux提供的文件

Cp /usr/share/syslinux/pxelinux.0 /var/lib/cobbler/loaders

Cp /usr/share/syslinux/menu.c32 /var/lib/cobbler/loaders

Cp /usr/share/syslinux/memdisk /var/lib/cobbler/loaders

安装cobbler

在tftp-server的根目录下安装了几个空目录：[root@localhost Desktop]# ls /var/lib/tftpboot/*

/var/lib/tftpboot/boot:

/var/lib/tftpboot/etc:

/var/lib/tftpboot/grub:

/var/lib/tftpboot/p_w_picpaths:

/var/lib/tftpboot/p_w_picpaths2:

/var/lib/tftpboot/ppc:

/var/lib/tftpboot/pxelinux.cfg:

/var/lib/tftpboot/s390x:

在httpd 的/var/www/cobbler下安装了几个目录，有些目录下还有几个文件：

[root@localhost Desktop]# ls /var/www/cobbler/*（站点的cobbler静态数据）

/var/www/cobbler/aux:

anamon anamon.init

/var/www/cobbler/p_w_picpaths:

/var/www/cobbler/ks_mirror:

config

/var/www/cobbler/links:

/var/www/cobbler/localmirror:

/var/www/cobbler/pub:

/var/www/cobbler/rendered:

/var/www/cobbler/repo_mirror:

/var/www/cobbler/svc:

services.py services.pyc services.pyo

自己的数据目录：

[root@localhost Desktop]# ls /var/lib/cobbler/*

/var/lib/cobbler/distro_signatures.json

/var/lib/cobbler/config:

distros.d files.d p_w_picpaths.d mgmtclasses.d packages.d profiles.d repos.d systems.d

/var/lib/cobbler/kickstarts:

default.ks install_profiles sample_autoyast.xml sample_esxi4.ks sample_old.seed

esxi4-ks.cfg legacy.ks sample_end.ks sample_esxi5.ks sample.seed

esxi5-ks.cfg pxerescue.ks sample_esx4.ks sample.ks

/var/lib/cobbler/loaders:

memdisk menu.c32 pxelinux.0

/var/lib/cobbler/scripts:

preseed_early_default preseed_late_default

/var/lib/cobbler/snippets:

cobbler_register kickstart_done networking.xml pre_partition_select

download_config_files kickstart_start partition_select preseed_apt_repo_config

download_config_files_deb koan_environment post_anamon proxy.xml

func_install_if_enabled late_apt_repo_config post_install_kernel_options puppet_install_if_enabled

func_register_if_enabled log_ks_post post_install_network_config puppet_register_if_enabled

hosts.xml log_ks_post_nochroot post_install_network_config_deb redhat_register

kdump.xml log_ks_pre post_koan_add_reinstall_entry restore_boot_device

keep_cfengine_keys main_partition_select post_run_deb rhn_certificate_based_register

keep_files network_config post_s390_reboot save_boot_device

keep_rhn_keys network_config_esx pre_anamon suse_scriptwrapper.xml

keep_ssh_host_keys network_config_esxi pre_install_network_config

/var/lib/cobbler/triggers:

add change delete install sync

/var/lib/cobbler/webui_sessions:

Vim /etc/xinetd/tftp disable = no

[root@localhost Desktop]# systemctl start tftp.socket

[root@localhost Desktop]#

[root@localhost Desktop]# systemctl start rsyncd.socket

注意：所有的服务的ip地址要相同。

Cobbler check 检查cobbler 工作环境是否满足条件。不满足，按照提示配置使其满足条件即可。

[root@localhost Desktop]# cobbler sync

task started: -08-14_154703_sync

task started (id=Sync, time=Sun Aug 14 15:47:03 )

running pre-sync triggers

cleaning trees

removing: /var/lib/tftpboot/grub/p_w_picpaths

copying bootloaders

copying: /var/lib/cobbler/loaders/pxelinux.0 -> /var/lib/tftpboot/pxelinux.0

copying: /var/lib/cobbler/loaders/menu.c32 -> /var/lib/tftpboot/menu.c32

copying: /usr/share/syslinux/memdisk -> /var/lib/tftpboot/memdisk

copying distros to tftpboot

copying p_w_picpaths

generating PXE configuration files

generating PXE menu structure

rendering DHCP files

generating /etc/dhcp/dhcpd.conf

rendering TFTPD files

generating /etc/xinetd.d/tftp

cleaning link caches

running post-sync triggers

running python triggers from /var/lib/cobbler/triggers/sync/post/*

running python trigger cobbler.modules.sync_post_restart_services

running: dhcpd -t -q

received on stdout:

received on stderr:

running: service dhcpd restart

received on stdout:

received on stderr: Redirecting to /bin/systemctl restart dhcpd.service

running shell triggers from /var/lib/cobbler/triggers/sync/post/*

running python triggers from /var/lib/cobbler/triggers/change/*

running python trigger cobbler.modules.scm_track

running shell triggers from /var/lib/cobbler/triggers/change/*

*** TASK COMPLETE ***

Systemctl start dhcpd systemctl start tftp.service

[root@localhost Desktop]# cp /etc/cobbler/zone.template /var/named/wudang

[root@localhost Desktop]# named-checkzone "" /var/named/wudang

zone /IN: loaded serial 081401

OK

[root@localhost Desktop]# named-checkconf /etc/named.conf

Systemclt start named

所有服务一切正常工作，万事俱备，只欠东风，只差distro和ks文件，先用cobbler-web 来管理。(python写的动态网站程序）

Vim /etc/httpd/conf.d/cobbler_web.conf

# SSLRequireSSL

# N×××equireSSL

# SSLRequireSSL

# N×××equireSSL

注释掉上述四行，不能提示没有权限。（Centos6.7，不用注释）

Cobbler-web的管理账号：

[root@localhost Desktop]# htdigest -c /etc/cobbler/users.digest Cobbler lili

Adding password for lili in realm Cobbler.

New password:

Re-type new password:

Systemctl restart httpd

http://10.0.0.10/cobbler_web(脚本路径别名）

Yum -y install system-config-kickstart

Systemctl-config-kickstarts（在gui下运行），生成kickstart文件

生成Centos6.7的ks文件：/var/lib/cobbler/kickstarts/centos6ks.cfg

#platform=x86, AMD64, or Intel EM64T

#version=DEVEL

# Firewall configuration

firewall --disabled

# Install OS instead of upgrade

install

# Use network installation

url --url="/cobbler/links/centos6.7-x86_64"

# Root password

rootpw --iscrypted $1$xVtPuisx$X3B4rqKlzJKYLO7JiceSG1

# System authorization information

auth --useshadow --passalgo=sha512

# Use graphical install

text

firstboot --disable

# System keyboard

keyboard us

# System language

lang en_US

# SELinux configuration

selinux --disabled

# Installation logging level

logging --level=info

# Reboot after installation

Reboot# System timezone

timezone Africa/Abidjan

# System bootloader configuration

bootloader --location=mbr --md5pass="$1$ipBQVdC5$.8/AhDSGAzf10urvR6rcm."

# Clear the Master Boot Record

zerombr

# Partition clearing information

clearpart --all --initlabel

# Disk partitioning information

part / --fstype="ext4" --size=10240

part swap --fstype="swap" --ondisk=sda --size=1024

%post

useradd tom

echo '11qq```' | passwd --stdin tom

%end

%packages

@base

@basic-desktop

@x11

1,1 Top

生成centos7.2的ks文件：/var/lib/cobbler/kickstarts/centos7ks.cfg

#platform=x86, AMD64, or Intel EM64T

#version=DEVEL

# Install OS instead of upgrade

install

# Keyboard layouts

keyboard 'us'

# Root password

rootpw --iscrypted $1$LYe2x3i4$n/fkJEqo//QaFYUQAYvmk/

# System timezone

timezone Africa/Abidjan

# Use network installation

url --url="/cobbler/links/centos7.2-x86_64"

# System language

lang en_US

# Firewall configuration

firewall --disabled

# System authorization information

auth --useshadow --passalgo=sha512

# Use graphical install

#graphical

text

firstboot --disable

# SELinux configuration

selinux --disabled

# Reboot after installation

reboot

# System bootloader configuration

bootloader --location=mbr

# Clear the Master Boot Record

zerombr

# Partition clearing information

clearpart --all --initlabel

# Disk partitioning information

autopart --type=lvm

%packages

@^graphical-server-environment

@base

@core

@desktop-debugging

@dial-up

@fonts@guest-desktop-agents

@input-methods

@internet-browser

@multimedia

@print-client

@x11

kexec-tools

%end

%post

useradd jack

echo '11qq```' | passwd --stdin jack

%end

@gnome-desktop

@guest-agents

1,1 Top

Cobbler导入distro

Mount /dev/sr0 /mnt 挂载centos7.2安装光盘

Cobble import --name=centos7.2 --path=/mnt

删除默认的profile

[root@localhost Desktop]# cobbler profile remove --name=centos7.2-x86_64

添加一个profile /var/lib/cobbler/kickstarts/centos7ks.cfg

[root@localhost Desktop]# cobbler profile add --name=7.2 --distro=centos7.2-x86_64 kickstart=/var/lib/cobbler/kickstarts/centos7ks.cfg

同理：

Umount /dev/sr0

Mount /dev/sr0 /mnt 挂载centos6.7的光盘

Cobbler import --name=centos6.7 --path=/mnt

删除默认的profile

[root@localhost Desktop]# cobbler profile remove --name=centos6.7-x86_64

添加一个profile /var/lib/cobbler/kickstarts/centos7ks.cfg

[root@localhost Desktop]# cobbler profile add --name=6.7 --distro=centos6.7-x86_64 kickstart=/var/lib/cobbler/kickstarts/centos6ks.cfg

测试dns

dig @10.0.0.10

[root@localhost Desktop]# dig @10.0.0.10

; <<>> DiG 9.9.4-RedHat-9.9.4-29.el7 <<>> @10.0.0.10

;; global options: +cmd

;; Got answer:

;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 48102

;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 1, ADDITIONAL: 2

;; OPT PSEUDOSECTION:

; EDNS: version: 0, flags:; udp: 4096

;; QUESTION SECTION:

;.INA

;; ANSWER SECTION:

.86400INA10.0.0.10

;; AUTHORITY SECTION:

..

;; ADDITIONAL SECTION:

.86400INA10.0.0.10

;; Query time: 0 msec

;; SERVER: 10.0.0.10#53(10.0.0.10)

;; WHEN: Sun Aug 14 16:55:48 CST

;; MSG SIZE rcvd: 93

Dns工作正常。

安装测试：centos6.7虚拟机：

网卡启动:

Centos7.2虚拟机安装：

网卡启动:

总结：一个distro 可以结合多个不同的ks文件，生成这个发行版的多个不同的profile文件，满足多个不同的安装需要。

Cobbler 可以让配置更加简单，/var/lib/tftpboot/pxelinux.cfg/default自动生成，profile自动生成。