Pxe +ks+ cobbler+ cobbler-web 实现centos6.7,centos7.2无人值守全自动...

432qw

    Pxe +ks+ cobbler+ cobbler-web 实现centos6.7,centos7.2无人值守全自动化网络安装系统。
实验环境：一台centos7.2 主机 一块网卡 vnet1 10.0.0.10/8 静态ip地址。两台测试安装centos6.7及centos7.2的虚拟机，网卡各1块，都是vnet1，网卡启动（bios里调）
由于cobbler软件包，是epel源的，所以安装epel源。

Wget http://mirrors.sohu.com/fedora-e ... latest-7.noarch.rpm（centos7与centos6的epel源不同）
Rpm -ivh epel-lease-latest.noarch
安装的结果：加了一个yum创库配置文件及配置和此创库软件包校验签名的公钥文件/etc/pki/rpm-gpg/RPM_GPG_KEY_EPEL-7
[epel]
name=Extra Packages for Enterprise Linux 7 - $basearch
#baseurl=http://download.fedoraproject.org/pub/epel/6/$basearch
mirrorlist=https://mirrors.fedoraproject.org/metalink?repo=epel-7&arch=$basearch
failovermethod=priority
enabled=1
gpgcheck=0
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-EPEL-7

安装相关软件：
Yum  -y  install cobbler cobbler-web bind dhcp syslinux (httpd,tftp-server........会关联安装上）
Systemctl stop firewalld   setenforce 0
[iyunv@localhost Desktop]# nmcli connection modify eno16777728 ipv4.method manual ipv4.addresses 10.0.0.10/8
[iyunv@localhost Desktop]# systemctl restart network
配置cobbler  其主配置文件/etc/cobbler/setting

server:10.0.0.10
next_server:10.0.0.10----------是dhcp里配置next-server的地址即为tftp-server地址
default_password_crypted:"$1$love$sMbBwgqmuHcawBZ7sh04c0"
[iyunv@localhost Desktop]# openssl passwd -1 -salt 'love' '11qq```'
$1$love$sMbBwgqmuHcawBZ7sh04c0
Manage_dhcp:1
Manage_dns:1
Manage_tftpd:1
Bind_master:10.0.0.10
配置cobbler管理的服务的配置模板文件：
Vim /etc/cobbler/dhcp-template------------dhcp模板文件
subnet 10.0.0.0 netmask 255.0.0.0 {
#     option routers             192.168.1.5;
     option domain-name-servers 10.0.0.10;
     option subnet-mask         255.0.0.0;
     range dynamic-bootp       10.0.0.100 10.0.0.200;
     default-lease-time         21600;
     max-lease-time             43200;
     next-server                $next_server;
     filename  "pxelinux.0";
}
[iyunv@localhost Desktop]# cat /etc/cobbler/zone.template---------------dns模板文件
$TTL 1D
@         IN      SOA    ns1.wudang.com. admin.wudang.com. (
                        2016081401   ; Serial
                        600         ; Refresh
                       1800         ; Retry
                      604800       ; Expire
                       300   )       ; TTL

                        IN      NS     ns1
ns1                            IN      A      10.0.0.10
www                             IN      A       10.0.0.10
Systemctl start httpd
Systemctl start cobbler
如果能上互联网：cobbler get-loaders (去cobbler的自己专门的网站下载loaders文件到自己本地的数据目录/var/lib/cobbler/loaders)
如果不能上互联网：可以cp syslinux提供的文件
Cp /usr/share/syslinux/pxelinux.0   /var/lib/cobbler/loaders
Cp /usr/share/syslinux/menu.c32   /var/lib/cobbler/loaders
Cp /usr/share/syslinux/memdisk   /var/lib/cobbler/loaders
安装cobbler
在tftp-server的根目录下安装了几个空目录：[iyunv@localhost Desktop]# ls /var/lib/tftpboot/*
/var/lib/tftpboot/boot:

/var/lib/tftpboot/etc:

/var/lib/tftpboot/grub:

/var/lib/tftpboot/images:

/var/lib/tftpboot/images2:

/var/lib/tftpboot/ppc:

/var/lib/tftpboot/pxelinux.cfg:

/var/lib/tftpboot/s390x:
在httpd 的/var/www/cobbler下安装了几个目录，有些目录下还有几个文件：

[iyunv@localhost Desktop]# ls /var/www/cobbler/*（站点的cobbler静态数据）
/var/www/cobbler/aux:
anamon  anamon.init

/var/www/cobbler/images:

/var/www/cobbler/ks_mirror:
config

/var/www/cobbler/links:

/var/www/cobbler/localmirror:

/var/www/cobbler/pub:

/var/www/cobbler/rendered:

/var/www/cobbler/repo_mirror:

/var/www/cobbler/svc:
services.py  services.pyc  services.pyo
自己的数据目录：
[iyunv@localhost Desktop]# ls /var/lib/cobbler/*
/var/lib/cobbler/distro_signatures.json

/var/lib/cobbler/config:
distros.d  files.d  images.d  mgmtclasses.d  packages.d  profiles.d  repos.d  systems.d

/var/lib/cobbler/kickstarts:
default.ks    install_profiles  sample_autoyast.xml  sample_esxi4.ks  sample_old.seed
esxi4-ks.cfg  legacy.ks         sample_end.ks        sample_esxi5.ks  sample.seed
esxi5-ks.cfg  pxerescue.ks      sample_esx4.ks       sample.ks

/var/lib/cobbler/loaders:
memdisk  menu.c32  pxelinux.0

/var/lib/cobbler/scripts:
preseed_early_default  preseed_late_default

/var/lib/cobbler/snippets:
cobbler_register           kickstart_done         networking.xml                   pre_partition_select
download_config_files      kickstart_start        partition_select                 preseed_apt_repo_config
download_config_files_deb  koan_environment       post_anamon                      proxy.xml
func_install_if_enabled    late_apt_repo_config   post_install_kernel_options      puppet_install_if_enabled
func_register_if_enabled   log_ks_post            post_install_network_config      puppet_register_if_enabled
hosts.xml                  log_ks_post_nochroot   post_install_network_config_deb  redhat_register
kdump.xml                  log_ks_pre             post_koan_add_reinstall_entry    restore_boot_device
keep_cfengine_keys         main_partition_select  post_run_deb                     rhn_certificate_based_register
keep_files                 network_config         post_s390_reboot                 save_boot_device
keep_rhn_keys              network_config_esx     pre_anamon                       suse_scriptwrapper.xml
keep_ssh_host_keys         network_config_esxi    pre_install_network_config

/var/lib/cobbler/triggers:
add  change  delete  install  sync

/var/lib/cobbler/webui_sessions:
Vim /etc/xinetd/tftp   disable  = no
[iyunv@localhost Desktop]# systemctl start tftp.socket
[iyunv@localhost Desktop]#
[iyunv@localhost Desktop]# systemctl start rsyncd.socket
注意：所有的服务的ip地址要相同。
Cobbler check 检查cobbler 工作环境是否满足条件。不满足，按照提示配置使其满足条件即可。
[iyunv@localhost Desktop]# cobbler sync
task started: 2016-08-14_154703_sync
task started (id=Sync, time=Sun Aug 14 15:47:03 2016)
running pre-sync triggers
cleaning trees
removing: /var/lib/tftpboot/grub/images
copying bootloaders
copying: /var/lib/cobbler/loaders/pxelinux.0 -> /var/lib/tftpboot/pxelinux.0
copying: /var/lib/cobbler/loaders/menu.c32 -> /var/lib/tftpboot/menu.c32
copying: /usr/share/syslinux/memdisk -> /var/lib/tftpboot/memdisk
copying distros to tftpboot
copying images
generating PXE configuration files
generating PXE menu structure
rendering DHCP files
generating /etc/dhcp/dhcpd.conf
rendering TFTPD files
generating /etc/xinetd.d/tftp
cleaning link caches
running post-sync triggers
running python triggers from /var/lib/cobbler/triggers/sync/post/*
running python trigger cobbler.modules.sync_post_restart_services
running: dhcpd -t -q
received on stdout:
received on stderr:
running: service dhcpd restart
received on stdout:
received on stderr: Redirecting to /bin/systemctl restart  dhcpd.service

running shell triggers from /var/lib/cobbler/triggers/sync/post/*
running python triggers from /var/lib/cobbler/triggers/change/*
running python trigger cobbler.modules.scm_track
running shell triggers from /var/lib/cobbler/triggers/change/*
*** TASK COMPLETE ***

Systemctl start dhcpd  systemctl start tftp.service

[iyunv@localhost Desktop]# cp /etc/cobbler/zone.template /var/named/wudang
[iyunv@localhost Desktop]# named-checkzone "wudang.com"  /var/named/wudang
zone wudang.com/IN: loaded serial 2016081401
OK
[iyunv@localhost Desktop]# named-checkconf /etc/named.conf
Systemclt start named

所有服务一切正常工作，万事俱备，只欠东风，只差distro和ks文件，先用cobbler-web 来管理。(python写的动态网站程序）
Vim /etc/httpd/conf.d/cobbler_web.conf
#            SSLRequireSSL
#            NSSRequireSSL
#            SSLRequireSSL
#            NSSRequireSSL
注释掉上述四行，不能提示没有权限。（Centos6.7，不用注释）
Cobbler-web的管理账号：
[iyunv@localhost Desktop]# htdigest -c /etc/cobbler/users.digest Cobbler lili
Adding password for lili in realm Cobbler.
New password:
Re-type new password:
Systemctl restart httpd
http://10.0.0.10/cobbler_web (脚本路径别名）


Yum -y install system-config-kickstart
Systemctl-config-kickstarts（在gui下运行），生成kickstart文件
生成Centos6.7的ks文件：/var/lib/cobbler/kickstarts/centos6ks.cfg
#platform=x86, AMD64, or Intel EM64T
#version=DEVEL
# Firewall configuration
firewall --disabled
# Install OS instead of upgrade
install
# Use network installation
url --url="http://www.wudang.com/cobbler/links/centos6.7-x86_64"
# Root password
rootpw --iscrypted $1$xVtPuisx$X3B4rqKlzJKYLO7JiceSG1
# System authorization information
auth  --useshadow  --passalgo=sha512
# Use graphical install
text
firstboot --disable
# System keyboard
keyboard us
# System language
lang en_US
# SELinux configuration
selinux --disabled
# Installation logging level
logging --level=info
# Reboot after installation
Reboot# System timezone
timezone  Africa/Abidjan
# System bootloader configuration
bootloader --location=mbr --md5pass="$1$ipBQVdC5$.8/AhDSGAzf10urvR6rcm."
# Clear the Master Boot Record
zerombr
# Partition clearing information
clearpart --all --initlabel
# Disk partitioning information
part / --fstype="ext4" --size=10240
part swap --fstype="swap" --ondisk=sda --size=1024

%post
useradd tom
echo '11qq```' | passwd --stdin tom
%end

%packages
@base
@basic-desktop
@x11



                                                                                                1,1           Top
生成centos7.2的ks文件：/var/lib/cobbler/kickstarts/centos7ks.cfg
#platform=x86, AMD64, or Intel EM64T
#version=DEVEL
# Install OS instead of upgrade
install
# Keyboard layouts
keyboard 'us'
# Root password
rootpw --iscrypted $1$LYe2x3i4$n/fkJEqo//QaFYUQAYvmk/
# System timezone
timezone Africa/Abidjan
# Use network installation
url --url="http://www.wudang.com/cobbler/links/centos7.2-x86_64"
# System language
lang en_US
# Firewall configuration
firewall --disabled
# System authorization information
auth  --useshadow  --passalgo=sha512
# Use graphical install
#graphical
text
firstboot --disable
# SELinux configuration
           selinux --disabled

# Reboot after installation
reboot
# System bootloader configuration
bootloader --location=mbr
# Clear the Master Boot Record
zerombr
# Partition clearing information
clearpart --all --initlabel
# Disk partitioning information
autopart --type=lvm

%packages
@^graphical-server-environment
@base
@core
@desktop-debugging
@dial-up
@fonts@guest-desktop-agents
@input-methods
@internet-browser
@multimedia
@print-client
@x11
kexec-tools
%end

%post
useradd jack
echo '11qq```' | passwd --stdin jack
%end

@gnome-desktop
@guest-agents
                                                   1,1           Top
Cobbler导入distro
Mount /dev/sr0 /mnt  挂载centos7.2安装光盘
Cobble import --name=centos7.2  --path=/mnt
删除默认的profile
[iyunv@localhost Desktop]# cobbler profile remove --name=centos7.2-x86_64
添加一个profile   /var/lib/cobbler/kickstarts/centos7ks.cfg

[iyunv@localhost Desktop]# cobbler profile add --name=7.2 --distro=centos7.2-x86_64 kickstart=/var/lib/cobbler/kickstarts/centos7ks.cfg
同理：
Umount  /dev/sr0
Mount /dev/sr0 /mnt 挂载centos6.7的光盘
Cobbler import --name=centos6.7 --path=/mnt

删除默认的profile
[iyunv@localhost Desktop]# cobbler profile remove --name=centos6.7-x86_64
添加一个profile   /var/lib/cobbler/kickstarts/centos7ks.cfg

[iyunv@localhost Desktop]# cobbler profile add --name=6.7 --distro=centos6.7-x86_64 kickstart=/var/lib/cobbler/kickstarts/centos6ks.cfg
测试dns
dig www.wudang.com @10.0.0.10
[iyunv@localhost Desktop]# dig www.wudang.com @10.0.0.10

; <<>> DiG 9.9.4-RedHat-9.9.4-29.el7 <<>> www.wudang.com @10.0.0.10
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 48102
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 1, ADDITIONAL: 2

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;www.wudang.com.INA

;; ANSWER SECTION:
www.wudang.com.86400INA10.0.0.10

;; AUTHORITY SECTION:
wudang.com.86400INNSns1.wudang.com.

;; ADDITIONAL SECTION:
ns1.wudang.com.86400INA10.0.0.10

;; Query time: 0 msec
;; SERVER: 10.0.0.10#53(10.0.0.10)
;; WHEN: Sun Aug 14 16:55:48 CST 2016
;; MSG SIZE  rcvd: 93
Dns工作正常。
安装测试：centos6.7虚拟机：
网卡启动:


Centos7.2虚拟机安装：
网卡启动:


总结：一个distro 可以结合多个不同的ks文件，生成这个发行版的多个不同的profile文件，满足多个不同的安装需要。
Cobbler 可以让配置更加简单，/var/lib/tftpboot/pxelinux.cfg/default自动生成，profile自动生成。