技能目标：

· 掌握Cobbler安装部署

· 掌握Cobbler定制化安装

6.1 案例分析

6.1.1 案例概述

通常，作为公司的运维，经常会遇到一些机械式重复的工作，例如经常安装操作系统，或者有时公司同时上线几十甚至上百台服务器，而且需要我们在短时间内完成系统安装。这时需要借助自动化安装软件。

Cobbler是一个快速网络安装linux的服务，而且在经过调整也可以支持网络安装windows。该工具使用python开发，小巧轻便(才15k行python代码)，使用简单的命令即可完成PXE网络安装环境的配置，同时还可以管理DHCP、DNS、TFTP、RSYNC以及yum仓库、构造系统ISO镜像。Cobbler支持命令行管理，web界面管理，还提供了API接口，可以方便二次开发使用。Cobbler客户端Koan支持虚拟机安装和操作系统重新安装，使重装系统更便捷。

常规的办法有什么：

1) 光盘安装系统

2) U盘安装系统

3) 网络安装系统

6.1.2 案例前置知识点

1.Cobbler功能特性

使用Cobbler，可以做到无需进行人工干预即可安装机器；Cobbler设置一个PXE引导环境(它还可使用yaboot支持PowerPC)，并控制与安装相关的所有方面，比如网络引导服务 (DHCP和TFTP)与存储库镜像。当希望安装一台新机器时，Cobbler可以：使用一个以前定义的模板来配置DHCP服务(如果启用了管理 DHCP)将一个存储库(yum或rsync)建立镜像或解压缩一个媒介，以注册一个新操作系统在DHCP配置文件中为需要安装的机器创建一个条目，并使用您指定的参数（IP和MAC地址）；在TFTFP服务目录下创建适当的PXE文件；重新启动DHCP服务以反映更改；重新启动机器以开始安装（如果电源管理已启用）。

1.什么是PXE

1) PXE，全名Pre-boot Execution Environment，预启动执行环境；

2) 通过网络接口启动计算机，不依赖本地存储设备（如硬盘）或本地已安装的操作系统；

3) 由Intel和Systemsoft公司于1999年9月20日公布的技术；

4) Client/Server的工作模式；

5) PXE客户端会调用网际协议(IP)、用户数据报协议(UDP)、动态主机设定协议(DHCP)、小型文件传输协议(TFTP)等网络协议；

6) PXE客户端(client)这个术语是指机器在PXE启动过程中的角色。一个PXE客户端可以是一台服务器、笔记本电脑或者其他装有PXE启动代码的机器。

2.PXE的工作过程

PXE Client向DHCP发送请求：

PXE Client从自己的PXE网卡启动，通过PXE BootROM(自启动芯片)会以UDP(简单用户数据报协议)发送一个广播请求，向本网络中的DHCP服务器索取IP。

DHCP服务器提供信息:

DHCP服务器收到客户端的请求，验证是否来至合法的PXE Client的请求，验证通过它将给客户端一个"提供"响应，这个"提供"响应中包含了为客户端分配的IP地址、pxelinux启动程序(TFTP)位置，以及配置文件所在位置。

PXE客户端请求下载启动文件：

客户端收到服务器的"回应"后，会回应一个帧，以请求传送启动所需文件。这些启动文件包括：pxelinux.0、pxelinux.cfg/default、vmlinuz、initrd.img等文件。

Boot Server响应客户端请求并传送文件:

当服务器收到客户端的请求后，他们之间之后将有更多的信息在客户端与服务器之间作应答, 用以决定启动参数。BootROM由TFTP通讯协议从Boot Server下载启动安装程序所必须的文件(pxelinux.0、pxelinux.cfg/default)。default文件下载完成后，会根据该文件中定义的引导顺序，启动Linux安装程序的引导内核。

请求下载自动应答文件：

客户端通过pxelinux.cfg/default文件成功的引导Linux安装内核后，安装程序首先必须确定你通过什么安装介质来安装linux，如果是通过网络安装(NFS, FTP, HTTP)，则会在这个时候初始化网络，并定位安装源位置。接着会读取default文件中指定的自动应答文件ks.cfg所在位置，根据该位置请求下载该文件。

客户端安装操作系统

将ks.cfg文件下载回来后，通过该文件找到OS Server，并按照该文件的配置请求下载安装过程需要的软件包。OS Server和客户端建立连接后，将开始传输软件包，客户端将开始安装操作系统。安装完成后，将提示重新引导计算机。

3.批量装机软件介绍

Kickstart是一种无人值守的安装方式。它的工作原理是在安装过程中记录人工干预填写的各种参数，并生成一个名为ks.cfg的文件。如果在自动安装过程中出现要填写参数的情况，安装程序首先会去查找ks.cfg文件，如果找到合适的参数，就采用所找到的参数；如果没有找到合适的参数，便会弹出对话框让安装者手工填写。所以，如果ks.cfg文件涵盖了安装过程中所有需要填写的参数，那么安装者完全可以只告诉安装程序从何处下载ks.cfg文件，然后就去忙自己的事情。等安装完毕，安装程序会根据ks.cfg中的设置重启/关闭系统，并结束安装。

Cobbler集中和简化了通过网络安装操作系统需要使用到的DHCP、TFTP和DNS服务的配置。Cobbler不仅有一个命令行界面，还提供了一个Web界面，大大降低了使用者的入门水平。Cobbler内置了一个轻量级配置管理系统，但它也支持和其它配置管理系统集成，如Puppet，暂时不支持SaltStack。简单的说，Cobbler是对kickstart的封装，简化安装步骤、使用流程，降低使用者的门槛。

6.1.3 案例环境

1.本案例环境

本案例环境如表6-1所示。

表6-1 案例环境

2案例需求

本案例的需求如下：

（1）安装部署

（2）通过Cobbler建立Linux网络安装环境

（3）为服务器远程安装Linux操作系统

6.2 案例实施

6.2.1 安装部署Cobbler

1.系统环境准备

[root@localhost ~]# hostnamectl set-hostname cobbler

[root@localhost ~]# bash

[root@cobbler ~]# systemctl stop firewalld

[root@cobbler ~]# systemctl disable firewalld

Removed symlink /etc/systemd/system/dbus-org.fedoraproject.FirewallD1.service.

Removed symlink /etc/systemd/system/basic.target.wants/firewalld.service.

[root@cobbler ~]# systemctl stop NetworkManager

[root@cobbler ~]# systemctl disable NetworkManager

Removed symlink /etc/systemd/system/multi-user.target.wants/NetworkManager.service.

Removed symlink /etc/systemd/system/dbus-org.freedesktop.NetworkManager.service.

Removed symlink /etc/systemd/system/dbus-org.freedesktop.nm-dispatcher.service.

[root@cobbler ~]# vi /etc/sysconfig/selinux

SELINUX=permissive

[root@cobbler ~]# reboot

2.添加安装Cobbler 依赖epel yum源

[root@cobbler ~]# curl -o /etc/yum.repos.d/epel.repo http://mirrors.aliyun.com/repo/epel-7.repo

% Total % Received % Xferd Average Speed Time Time Time Current

Dload Upload Total Spent Left Speed

100 664 100 664 0 0 4481 0 --:--:-- --:--:-- --:--:-- 4486

3.使用yum安装Cobbler

[root@cobbler ~]# yum -y install cobbler cobbler-web dhcp tftp-server pykickstart httpd

4.Cobbler语法检查前先启动http与Cobbler

[root@cobbler ~]# systemctl start httpd.service

[root@cobbler ~]# systemctl enable httpd.service

Created symlink from /etc/systemd/system/multi-user.target.wants/httpd.service to /usr/lib/systemd/system/httpd.service.

[root@cobbler ~]# systemctl start cobblerd.service

[root@cobbler ~]# systemctl enable cobblerd.service

Created symlink from /etc/systemd/system/multi-user.target.wants/cobblerd.service to /usr/lib/systemd/system/cobblerd.service.

[root@cobbler ~]# cobbler check

The following are potential configuration items that you may want to fix:

1 : The 'server' field in /etc/cobbler/settings must be set to something other than localhost, or kickstarting features will not work. This should be a resolvable hostname or IP for the boot server as reachable by all machines that will use it.

2 : For PXE to be functional, the 'next_server' field in /etc/cobbler/settings must be set to something other than 127.0.0.1, and should match the IP of the boot server on the PXE network.

3 : SELinux is enabled. Please review the following wiki page for details on ensuring cobbler works correctly in your SELinux environment:

https://github.com/cobbler/cobbler/wiki/Selinux

4 : change 'disable' to 'no' in /etc/xinetd.d/tftp

5 : Some network boot-loaders are missing from /var/lib/cobbler/loaders, you may run 'cobbler get-loaders' to download them, or, if you only want to handle x86/x86_64 netbooting, you may ensure that you have installed a *recent* version of the syslinux package installed and can ignore this message entirely. Files in this directory, should you want to support all architectures, should include pxelinux.0, menu.c32, elilo.efi, and yaboot. The 'cobbler get-loaders' command is the easiest way to resolve these requirements.

6 : enable and start rsyncd.service with systemctl

7 : debmirror package is not installed, it will be required to manage debian deployments and repositories

8 : The default password used by the sample templates for newly installed machines (default_password_crypted in /etc/cobbler/settings) is still set to 'cobbler' and should be changed, try: "openssl passwd -1 -salt 'random-phrase-here' 'your-password-here'" to generate new one

9 : fencing tools were not found, and are required to use the (optional) power management features. install cman or fence-agents to use them

Restart cobblerd and then run 'cobbler sync' to apply changes.[root@cobbler ~]# cobbler check

5.配置CobblerCobbler、tftp

[root@cobbler ~]# sed -i 's/server: 127.0.0.1/server: 192.168.168.93/' /etc/cobbler/settings

[root@cobbler ~]# sed -i 's/next_server: 127.0.0.1/next_server: 192.168.168.93/' /etc/cobbler/settings

[root@cobbler ~]# sed -i 's/server: 127.0.0.1/server: 192.168.168.91/' /etc/cobbler/settings

[root@cobbler ~]# sed -i 's/next_server: 127.0.0.1/next_server: 192.168.168.91/' /etc/cobbler/settings

[root@cobbler ~]# sed 's#yes#no#g' /etc/xinetd.d/tftp -i

[root@cobbler ~]# sed 's#yes#no#g' /etc/xinetd.d/tftp –i

6.下载包所需的软件包

[root@cobbler ~]# cobbler get-loaders

task started: 2018-10-15_171214_get_loaders

task started (id=Download Bootloader Content, time=Mon Oct 15 17:12:14 2018)

downloading https://cobbler.github.io/loaders/README to /var/lib/cobbler/loaders/README

downloading https://cobbler.github.io/loaders/COPYING.elilo to /var/lib/cobbler/loaders/COPYING.elilo

downloading https://cobbler.github.io/loaders/COPYING.yaboot to /var/lib/cobbler/loaders/COPYING.yaboot

downloading https://cobbler.github.io/loaders/COPYING.syslinux to /var/lib/cobbler/loaders/COPYING.syslinux

downloading https://cobbler.github.io/loaders/elilo-3.8-ia64.efi to /var/lib/cobbler/loaders/elilo-ia64.efi

downloading https://cobbler.github.io/loaders/yaboot-1.3.17 to /var/lib/cobbler/loaders/yaboot

downloading https://cobbler.github.io/loaders/pxelinux.0-3.86 to /var/lib/cobbler/loaders/pxelinux.0

downloading https://cobbler.github.io/loaders/menu.c32-3.86 to /var/lib/cobbler/loaders/menu.c32

downloading https://cobbler.github.io/loaders/grub-0.97-x86.efi to /var/lib/cobbler/loaders/grub-x86.efi

downloading https://cobbler.github.io/loaders/grub-0.97-x86_64.efi to /var/lib/cobbler/loaders/grub-x86_64.efi

*** TASK COMPLETE ***

[root@cobbler ~]# cobbler get-loaders

task started: 2018-06-01_070615_get_loaders

task started (id=Download Bootloader Content, time=Fri Jun 1 07:06:15 2018)

downloading https://cobbler.github.io/loaders/README to /var/lib/cobbler/loaders/README

downloading https://cobbler.github.io/loaders/COPYING.elilo to /var/lib/cobbler/loaders/COPYING.elilo

downloading https://cobbler.github.io/loaders/COPYING.yaboot to /var/lib/cobbler/loaders/COPYING.yaboot

downloading https://cobbler.github.io/loaders/COPYING.syslinux to /var/lib/cobbler/loaders/COPYING.syslinux

downloading https://cobbler.github.io/loaders/elilo-3.8-ia64.efi to /var/lib/cobbler/loaders/elilo-ia64.efi

downloading https://cobbler.github.io/loaders/yaboot-1.3.17 to /var/lib/cobbler/loaders/yaboot

downloading https://cobbler.github.io/loaders/pxelinux.0-3.86 to /var/lib/cobbler/loaders/pxelinux.0

downloading https://cobbler.github.io/loaders/menu.c32-3.86 to /var/lib/cobbler/loaders/menu.c32

downloading https://cobbler.github.io/loaders/grub-0.97-x86.efi to /var/lib/cobbler/loaders/grub-x86.efi

downloading https://cobbler.github.io/loaders/grub-0.97-x86_64.efi to /var/lib/cobbler/loaders/grub-x86_64.efi

*** TASK COMPLETE ***

6.启动rsync服务

[root@cobbler ~]# systemctl start rsyncd.service

[root@cobbler ~]# systemctl enable rsyncd.service

Created symlink from /etc/systemd/system/multi-user.target.wants/rsyncd.service to /usr/lib/systemd/system/rsyncd.service.

[root@Cobbler ~]# systemctl start rsyncd.service

[root@Cobbler ~]# systemctl enable rsyncd.service

7.debian相关无需修改

8.修改安装完成后的root密码

openssl passwd -1 -salt 'random-phrase-here' 'your-password-here'Comment by Administrator: Comment by Administrator: 其含义待确定

random-phrase-here 随机字符串

your-password-here 密码

示例：

[root@cobbler ~]# openssl passwd -1 -salt 'admin' '123456'

$1$admin$LClYcRe.ee8dQwgrFc5nz.[root@cobbler ~]# openssl passwd -1 -salt 'admin' '123456'

$1$admin$LClYcRe.ee8dQwgrFc5nz.

[root@cobbler ~]# vi /etc/cobbler/settings[root@cobbler ~]# vim /etc/cobbler/settings

default_password_crypted: "$1$admin$LClYcRe.ee8dQwgrFc5nz."default_password_crypted: "$1$admin$LClYcRe.ee8dQwgrFc5nz."

9.cobblerCobbler负责管理dhcp、防止重装

[root@cobbler ~]# sed -i 's/manage_dhcp: 0/manage_dhcp: 1/' /etc/cobbler/settings

[root@cobbler ~]# sed -i 's/pxe_just_once: 0/pxe_just_once: 1/' /etc/cobbler/settings

[root@cobbler ~]# sed -i 's/manage_dhcp: 0/manage_dhcp: 1/' /etc/cobbler/settings

[root@cobbler ~]# sed -i 's/pxe_just_once: 0/pxe_just_once: 1/' /etc/cobbler/settings

10.修改dhcp配置文件

[root@cobbler ~]# sed -i.ori 's#192.168.1#192.168.168#g;22d;23d' /etc/cobbler/dhcp.template

11.修改同步配置文件

修改完成之后要使用cobbler sync 命令进行同步，否则不生效。

[root@cobbler ~]# cobbler sync

task started: 2018-10-15_171654_sync

task started (id=Sync, time=Mon Oct 15 17:16:54 2018)

running pre-sync triggers

cleaning trees

removing: /var/lib/tftpboot/grub/images

copying bootloaders

copying: /var/lib/cobbler/loaders/pxelinux.0 -> /var/lib/tftpboot/pxelinux.0

copying: /var/lib/cobbler/loaders/menu.c32 -> /var/lib/tftpboot/menu.c32

copying: /var/lib/cobbler/loaders/yaboot -> /var/lib/tftpboot/yaboot

copying: /usr/share/syslinux/memdisk -> /var/lib/tftpboot/memdisk

copying: /var/lib/cobbler/loaders/grub-x86.efi -> /var/lib/tftpboot/grub/grub-x86.efi

copying: /var/lib/cobbler/loaders/grub-x86_64.efi -> /var/lib/tftpboot/grub/grub-x86_64.efi

copying distros to tftpboot

copying images

generating PXE configuration files

generating PXE menu structure

rendering TFTPD files

generating /etc/xinetd.d/tftp

cleaning link caches

running post-sync triggers

running python triggers from /var/lib/cobbler/triggers/sync/post/*

running python trigger cobbler.modules.sync_post_restart_services

running shell triggers from /var/lib/cobbler/triggers/sync/post/*

running python triggers from /var/lib/cobbler/triggers/change/*

running python trigger cobbler.modules.scm_track

running shell triggers from /var/lib/cobbler/triggers/change/*

*** TASK COMPLETE ***

[root@cobbler ~]# cobbler sync

[root@cobbler ~]# systemctl restart cobblerd

[root@cobbler ~]# cobbler check[root@cobbler ~]# systemctl restart cobblerd

[root@cobbler ~]# cobbler check

The following are potential configuration items that you may want to fix:

1 : SELinux is enabled. Please review the following wiki page for details on ensuring cobbler works correctly in your SELinux environment:

https://github.com/cobbler/cobbler/wiki/Selinux

2 : debmirror package is not installed, it will be required to manage debian deployments and repositories

3 : fencing tools were not found, and are required to use the (optional) power management features. install cman or fence-agents to use them

Restart cobblerd and then run 'cobbler sync' to apply changes.

11.重启所有服务

[root@cobbler ~]# systemctl restart dhcpd.service

[root@cobbler ~]# systemctl restart httpd.service

[root@cobbler ~]# systemctl restart cobblerd.service

[root@cobbler ~]# systemctl restart dhcpd.service

[root@cobbler ~]# systemctl restart rsyncd.service

[root@cobbler ~]# systemctl restart tftp.socket

到此cobbler就安装完成，下面进行web界面的操作。

到此cobbler就安装完成，下面进行web界面的操作。

6.2.2 cobblerCobbler的web及界面操作

1. 浏览器访问https://192.168.168.91168.93/cobbler_web

如下图6.3所示，注意CentOS7中cobblerCobbler只支持https访问。账号密码默认均为cobbler。

图6.3

2.操作说明--导入镜像

在虚拟机上添加上镜像，如下图6.4所示：

图6.4

挂载上镜像

[root@cobbler ~]# mount /dev/cdrom /mnt/

mount: /dev/sr0 is write-protected, mounting read-only

[root@cobbler ~]# du -s -h /mnt

4.3G/mnt

进行导入镜像，如下图6.5所示：

选择Import DVD 输入Prefix(文件前缀)，Arch（版本），Breed（名称），Path(要从什么地方导入),在导入镜像的时候要注意路径，防止循环导入。信息配置好后，点击run，即可进行导入。

图6.5

[root@cobbler ~]# ps -ef |grep rsync

root 2351 1 0 07:21 ? 00:00:00 /usr/bin/rsync --daemon --no-detach

root 12423 2328 27 07:42 ? 00:00:18 rsync -a /mnt/ /var/www/cobbler/ks_mirror/Centos_7.4-x86_64 --progress

root 12424 12423 0 07:42 ? 00:00:00 rsync -a /mnt/ /var/www/cobbler/ks_mirror/Centos_7.4-x86_64 --progress

root 12425 12424 11 07:42 ? 00:00:08 rsync -a /mnt/ /var/www/cobbler/ks_mirror/Centos_7.4-x86_64 --progress

root 12485 12451 0 07:44 pts/0 00:00:00 grep --color=auto rsync

导入过程使用rsync进行导入，三个进程消失表示导入完毕。查看日志可以发现右running进程，如下图6.6所示：

图6.6

导入完成后生成的文件夹

[root@cobbler ~]# cd /var/www/cobbler/ks_mirror

[root@cobbler ks_mirror]# ls

Centos_7.4-x86_64

3.创建一台虚拟机，测试网络是否正常安装

测试网络安装正常，虚拟机的内存不能小于2G,网卡的配置要保证网络互通，启动虚拟机即可发现会有cobblerCobbler的选择界面，如下图6.7所示：

图6.7

选择CentOS7.4即可进行安装，安装过程与光盘安装一致，这里就不在复述。

6.2.3 定制化安装操作系统

1.查看导入的镜像，点击edit。

添加内核参数，如下图6.8所示：

图6.8

2.在内核参数中添加net.ifnames=0 biosdevname=0

能够让显示的网卡变为eth0 ，而不是CentOS7中的ensXX结尾的网卡,修改完成后点击保存。如下图6.9所示：

图6.9

3.查看镜像属性

如下图6.10所示：

图6.10

4.编写ks文件，主机安装应答文件

创建新的ks文件，如下图6.11所示：

图6.11

5.添加ks文件，并配置文件名

创建完成后点击Save进行保存，所下图6.12所示：

图6.12

6.自定义安装系统

选择systems 创建一个新的系统，如下图6.13所示：

图6.13

定义系统信息，如下图6.14所示：

图6.14

配置全局网络信息,主机名，网关，域名。如下图6.15所示：

图6.15

配置网卡信息，eth0，eth1, 需要注意，选择static静态,如下图6.16所示：

图6.16-1

图6.16-2

以上的所有配置完成后，点击Save进行保存。

7.开始安装虚拟机

显示安装进度，如下图6.17所示：

图6.17

8.安装完成进行检查

如下图6.18所示，安装已经完成，主机跟刚才自定义的主机名完全相同。

图6.18

如下图6.19所示，输入系统用户名和密码，进入系统后，查看自定义的ip，软件都已经正常安装及配置。

至此Cobbler自动化安装操作系统已完成。