Cobbler自动化批量安装Centos和ubuntu系统
Cobbler自动化安装系统
-
- 安装步骤
- 相关文件路径:
- 常用命令:
- 若要分离DHCP和Cobbler:
-
-
-
-
- 单独配置DHCP_server:vi /etc/dhcp/dhcpd.conf
- 若要交由Cobbler统一管理
-
-
-
- 搭建本地仓库
-
-
- rpm仓库
- deb仓库
- local,自建仓库
-
- IPMI配置IP和修改启动项
- kickstart配置文件
- deb seed文件
服务器IP:192.168.96.8(centos7)
注意事项:
1.如果虚拟机作为客户机内存需要至少2G
2.ubuntu必须使用server镜像才支持自动安装(本例使用ubuntu-18.04-x86_64-server)
3.如果选择DHCP和Cobbler分离架构,使用指定mac安装系统时,不仅要在cobbler配置,还需要在dhcp配置文件中的group中配置,IP-mac对应关系
安装步骤
wget -O /etc/yum.repos.d/epel.repo https://mirrors.aliyun.com/repo/epel-7.repo
yum clean all
yum makecache
yum install cobbler dhcp syslinux rsync fence-agents pykickstart -y
systemctl start cobblerd.service httpd.service tftp.socket rsyncd
systemctl enable cobblerd.service httpd.service tftp.socket rsyncd
systemctl stop firewalld
systemctl disable firewalld
setenforce 0
sed -i 's/^SELINUX=.*/SELINUX=disabled/' /etc/sysconfig/selinux
cobbler get-loaders
cobbler check
openssl passwd -1 -salt `openssl rand -hex 6`
生成新装机器的root密码,将结果添加到下面配置文件的“default_password_crypted”
vi /etc/cobbler/settings
修改以下参数对应的值(default,密码为rootroot)
server: 192.168.96.8
next_server: 192.168.96.8
default_password_crypted: "$1$f56e742f$3N.fj0ZlspO/U3dHfQmxc."
systemctl restart cobblerd.service
cobbler sync
cobbler check
[root@localhost ~]# cobbler check
The following are potential configuration items that you may want to fix:
1: debmirror package is not installed, it will be required to manage debian deployments and repositories
##############以上问题可忽略也可运行(若要同步debian系mirror,必须安装):yum install debmirror -y
可选择安装cobbler-web
yum install cobbler-web -y
systemctl restart cobblerd.service httpd.service tftp.socket
相关文件路径:
/etc/cobbler/setting
/var/lib/cobbler/
/var/www/html/
/etc/cobbler/pxe/pxedefault.template
/var/lib/tftpboot
/etc/cobbler/pxe/
tailf /var/log/message 查看安装进度
系统自动应答文件路径:
centos:/root/anaconda-ks.cfg original-ks.cfg
deb:/var/log/installer/cdebconf/questions.dat
常用命令:
挂载镜像:
mount -o loop /root/ubuntu-18.04.5-server-amd64.iso /media/ubuntuiso
导入新distro
cobbler import --name=ubuntu-18.04 --path=/media/ubuntuiso
添加自定义profile:
cobbler profile add --name=centos-virtul \
--distro=centos-7-x86_64 \
--kopts='biosdevname=0 net.ifnames=0' \
--kickstart=/var/lib/cobbler/kickstarts/ks-virtul.cfg \
--name-servers=192.168.6.7
基于mac定制系统:
cobbler system add --name=linux-59 --mac=8C:EC:4B:41:FD:D7 \
--profile=centos-7-x86_64 \
--ip-address=192.168.88.59 --subnet=255.255.255.0 \
--gateway=192.168.88.1 --interface=eth0 \
--static=1 --hostname=server59 \
--name-servers="192.168.6.7" \
--kickstart=/var/lib/cobbler/kickstarts/ks-server-mac.cfg
repo管理:
cobbler repo add --name=centos --breed=yum --mirror=http://mirrors.aliyun.com/centos/7/os/x86_64/
若要分离DHCP和Cobbler:
单独配置DHCP_server:vi /etc/dhcp/dhcpd.conf
ddns-update-style interim;
allow booting;
allow bootp;
ignore client-updates;
set vendorclass = option vendor-class-identifier;
option pxe-system-type code 93 = unsigned integer 16;
subnet 192.168.88.0 netmask 255.255.255.0 {
option routers 192.168.88.1;
option domain-name-servers 192.168.6.7;
option subnet-mask 255.255.255.0;
range dynamic-bootp 192.168.88.100 192.168.88.200;
default-lease-time 21600;
max-lease-time 43200;
next-server 192.168.96.8;
class "pxeclients" {
match if substring (option vendor-class-identifier, 0, 9) = "PXEClient";
if option pxe-system-type = 00:02 {
filename "ia64/elilo.efi";
} else if option pxe-system-type = 00:06 {
filename "grub/grub-x86.efi";
} else if option pxe-system-type = 00:07 {
filename "grub/grub-x86_64.efi";
} else if option pxe-system-type = 00:09 {
filename "grub/grub-x86_64.efi";
} else {
filename "pxelinux.0";
}
}
}
group {
#host generic1 {
# hardware ethernet 00:0C:29:3D:1A:77;
# fixed-address 192.168.96.24;
# }
}
若要交由Cobbler统一管理
cobbler setting edit --name=manage_dhcp --value=1
# 修改cobbler的dhcp模块,不要直接修改dhcp本身的配置文件,因为cobbler会覆盖
# 只修改subnet部分内容
vi /etc/cobbler/dhcp.template
....
subnet 192.168.88.0 netmask 255.255.255.0 {
option routers 192.168.88.1;
option domain-name-servers 192.168.6.7;
option subnet-mask 255.255.255.0;
range dynamic-bootp 192.168.88.100 192.168.88.200;
default-lease-time 21600;
max-lease-time 43200;
next-server 192.168.96.8;
....
cobbler sync
导入镜像:
mount /dev/cdrom /media/cdrom
cobbler import --name=centos-7-x86_64 --path=/media/cdrom --arch=x86_64
cobbler sync
cobbler list
cobbler profile report
cobbler profile edit --name centos-7-x86_64 --kopts='net.ifnames=0 biosdevname=0'
#上传文末的kickstart文件:ks.cfg,修改profile的kickstart文件修改为上传文件
cobbler profile edit --name centos-7-x86_64 --kickstart=/var/lib/cobbler/kickstarts/ks.cfg
cobbler sync
cobbler profile report
systemctl restart cobblerd.service httpd.service tftp.socket rsync
搭建本地仓库
rpm仓库
cobbler repo add --name=centos7 --breed=yum \
--mirror=http://mirrors.aliyun.com/centos/7/os/x86_64/
deb仓库
cobbler repo add --name=ubuntu --arch=x86_64 --breed=apt \
--mirror=https://mirrors.aliyun.com/ubuntu/ \
--apt-dists=bionic --apt-components=main,restricted,universe,multiverse \
--yumopts='--verbose --ignore-release-gpg'
local,自建仓库
rpm:
yum install createrepo -y
mkdir /var/www/html/local_repo
将rpm包copy到目录内
createrepo /var/www/html/local_repo
cobbler repo add --name=local --breed=yum --mirror=http://192.168.96.8/local_repo/
deb:
yum install dpkg-dev -y
mkdir /var/www/cobbler/pub/local_deb
将deb包放到local_deb目录内
cd /var/www/cobbler/pub/
dpkg-scanpackages local_deb /dev/null |gzip > local_deb/Packages.gz
配置/etc/apt/source.list
http://192.168.96.8/cobbler/pub local_deb/
apt-get update --allow-insecure-repositories
IPMI配置IP和修改启动项
ipmitool lan set 1 ipsrc static
ipmitool lan set 1 ipaddr 192.168.88.56
ipmitool lan set 1 netmask 255.255.255.0
ipmitool lan set 1 defgw ipaddr 192.168.88.1
ipmitool lan set 1 chassis bootdev disk options=persistent
ipmitool mc reset
kickstart配置文件
可根据需要适当调整
###kickstart文件:ks.cfg
#platform=x86, AMD64, or Intel EM64T
#version=DEVEL
# Install OS instead of upgrade
install
# Keyboard layouts
keyboard 'us'
# Root password
rootpw --iscrypted $default_password_crypted
# System language
lang en_US
# System authorization information
auth --useshadow --passalgo=sha512
# Use text mode install
text
# SELinux configuration
selinux --disabled
# Do not configure the X Window System
skipx
# Firewall configuration
firewall --disabled
# Network information
network --bootproto=dhcp --onboot=yes --ipv6=auto
# Reboot after installation
reboot
# System timezone
timezone Asia/Shanghai
# Use network installation
#url --url="ftp://192.168.96.7/pub"
url --url=$tree
# System bootloader configuration
#bootloader --append="net.ifnames=exx1" --location=mbr
bootloader --location=mbr
# Clear the Master Boot Record
zerombr
# Partition clearing information
clearpart --all --initlabel
# Disk partitioning information
part /boot/efi --fstype=efi --ondisk=sda --size=200
part /boot --fstype="xfs" --ondisk=sda --size=500
part swap --fstype="swap" --ondisk=sda --size=8192
#part / --fstype="xfs" --ondisk=sda --grow --size=1
#part pv.00 --size=1 --grow
part pv.01 --size=1 --ondisk=sda --grow --size=1
volgroup centos pv.01
logvol / --vgname=centos --size=202800 --name=root
logvol /home --vgname=centos --size=1 --grow --name=home
%packages
@^minimal
@core
%end
#%post
#%end
deb seed文件
#language&keyboard
d-i debian-installer/locale string en_US
d-i console-setup/ask_detect boolean false
d-i keyboard-configuration/layoutcode string us
d-i keyboard-configuration/variantcode string
#network
#d-i interface=eth0
d-i netcfg/choose_interface select auto
d-i netcfg/get_hostname string $myhostname
#time
d-i time/zone string Asia/Shanghai
d-i clock-setup/ntp boolean false
d-i clock-setup/utc boolean true
d-i clock-setup/ntp-server string cn.pool.ntp.org
#mirror
d-i mirror/country string manual
d-i mirror/http/hostname string $http_server
d-i mirror/http/directory string $install_source_directory
d-i mirror/http/proxy string
d-i live-installer/net-image string http://$http_server/cobbler/links/$distro_name/install/filesystem.squashfs
#diskpart
d-i partman/choose_partition select finish
d-i partman/confirm boolean true
d-i partman/confirm_nooverwrite boolean true
d-i partman-auto/disk string /dev/sda
d-i partman-auto/method string lvm
d-i partman-lvm/device_remove_lvm boolean true
d-i partman-lvm/confirm boolean true
d-i partman-lvm/confirm_nooverwrite boolean true
d-i partman-md/device_remove_md boolean true
d-i partman-partitioning/confirm_write_new_label boolean true
# You can choose one of the three predefined partitioning recipes:
# - atomic: all files in one partition
# - home: separate /home partition
# - multi: separate /home, /usr, /var, and /tmp partitions
d-i partman-auto/choose_recipe select home
# If you just want to change the default filesystem from ext3 to something
# else, you can do that without providing a full recipe.
# d-i partman/default_filesystem string ext4
#user creat
d-i passwd/root-login boolean true
d-i passwd/root-password-crypted password $default_password_crypted
d-i passwd/make-user boolean true
d-i passwd/user-fullname string datauser
d-i passwd/username string datauser
d-i passwd/user-password-crypted password $default_password_crypted
d-i passwd/user-uid string
d-i user-setup/allow-password-weak boolean true
#preinstall
# Default for minimal
tasksel tasksel/first multiselect standard, desktop
d-i pkgsel/include string openssh-server build-essential libnss-ldapd libpam-ldapd ldap-utils ldap-auth-client nscd wget ssh ntp
d-i pkgsel/include string ssh wget vim
#d-i pkgsel/upgrade select none safe-upgrade full-upgrade
d-i pkgsel/upgrade select none
#bootloader
d-i grub-installer/grub2_instead_of_grub_legacy boolean true
d-i grub-installer/bootdev string default
d-i debian-installer/add-kernel-opts string $kernel_options_post
d-i finish-install/reboot_in_progress note
### LDAP
ldap-auth-config ldap-auth-config/dbrootlogin boolean false
ldap-auth-config ldap-auth-config/pam_password select crypt
ldap-auth-config ldap-auth-config/move-to-debconf boolean false
ldap-auth-config ldap-auth-config/ldapns/ldap-server string ldap
ldap-auth-config ldap-auth-config/ldapns/base-dn string ou=Account,dc=openldap,dc=wq
ldap-auth-config ldap-auth-config/ldapns/ldap-server string ldap://openldap.wq
ldap-auth-config ldap-auth-config/ldapns/ldap_version select 3
ldap-auth-config ldap-auth-config/dblogin boolean false
ldap-auth-config ldap-auth-config/override boolean true
libpam-runtime libpam-runtime/profiles multiselect unix, ldap
d-i preseed/late_command string wget -O- \
http://$http_server/cblr/svc/op/script/profile/$name/?script=preseed_late_default | \
chroot /target /bin/sh -s