当前位置 : 主页 > 网络安全 > 测试自动化 >

自动化运维(一):Cobbler批量部署操作系统

来源:互联网 收集:自由互联 发布时间:2021-06-19
作者: 独笔孤行@TaoCloud 前言 Cobbler是自动化运维的必备工具,可通过网络启动(PXE)方式实现操作系统快速批量安装。Cobbler快速安装操作系统基于kickstart实现,但Cobbler功能更完善,管理
作者: 独笔孤行@TaoCloud

前言

Cobbler是自动化运维的必备工具,可通过网络启动(PXE)方式实现操作系统快速批量安装。Cobbler快速安装操作系统基于kickstart实现,但Cobbler功能更完善,管理更加简便、高效。Cobbler通过将安装系统所涉及的服务(tftp、dhcp、kickstart)集中管理,提供全自动化批量快速安装系统的网络环境,以实现大规模机房设备的统一管理。

一、简介

Cobbler支持CLI与WEB两种管理方式。要求所有被安装系统的服务器与Cobbler服务器在同一局域网内,且该网络环境中有且只有Cobbler服务器中具有DHCP服务,以防止多个DHCP服务冲突。

本次实验环境将Cobbler部署在虚拟机中,需要关闭虚拟化自带的DHCP功能。
VMware Workstation关闭方法:编辑—虚拟网络编辑器—更改设置—使用本地DHCP服务将IP地址分配给虚拟机,去掉选中的对勾后应用保存即可。其他虚拟化环境请自行寻找关闭办法。

二、环境准备

操作系统:CentOS 7.6.1810
网络IP:10.10.10.70
主机名:cobbler

1.关闭selinux及防火墙

systemctl stop firewalld
systemctl disable firewalld
sed -i "s/SELINUX=enforcing/SELINUX=disabled/g" /etc/selinux/config

2.配置epel源

yum install epel-release -y
reboot

配完后重启服务器以使配置生效。

三、安装Cobbler

1.安装cobbler及相关软件包

yum -y install cobbler cobbler-web dhcp tftp-server xinetd pykickstart httpd

2.配置cobbler,用openssl生成新密码

[[email protected] ~]# openssl passwd -1
Password: 
Verifying - Password: 
$1$7Rx88tdC$j5r4XFSO8D9YgMCU1zEwU1

本次设置密码为:111111. 记录输出结果:$1$7Rx88tdC$j5r4XFSO8D9YgMCU1zEwU1

修改/etc/cobbler/settings配置文件,找到default_password_crypted参数,用上面输出的结果替换原有密码,替换后内容如下:

#约101行
default_password_crypted: "$1$7Rx88tdC$j5r4XFSO8D9YgMCU1zEwU1"

修改server ip为本地ip地址:

sed -i ‘s/server: 127.0.0.1/server: 10.10.10.70/g‘ /etc/cobbler/settings
sed -i ‘s/next_server: 127.0.0.1/next_server: 10.10.10.70/g‘ /etc/cobbler/settings

3.配置使用dhcp服务。将manage_dhcp参数值0改为1。

sed -i ‘s/manage_dhcp: 0/manage_dhcp: 1/g‘ /etc/cobbler/settings

根据网络实际配置修改/etc/cobbler/dhcp.template文件内容,一般情况只需要修改以下内容:

subnet 10.10.10.0 netmask 255.255.255.0 {
     option routers             10.10.10.254;
     option domain-name-servers 10.10.10.254;
     option subnet-mask         255.255.255.0;
     range dynamic-bootp        10.10.10.100 10.10.10.200;
     default-lease-time         21600;
     max-lease-time             43200;
     next-server                $next_server;

相关参数说明:

subnet :动态分配ip网段,一般与Cobbler服务器IP同一网段
netmask:子网掩码
option routers : 路由,一般为网关地址
option domain-name-servers : DNS服务器
option subnet-mask : 子网掩码
range dynamic-bootp : 动态IP地址分配范围

其余参数为默认即可。

4.启动dhcp、cobbler、http等服务并设置开机自启动

systemctl enable dhcpd.service

systemctl enable cobblerd.service
systemctl start cobblerd.service
systemctl status cobblerd.service

systemctl start httpd
systemctl enable httpd

systemctl start xinetd
systemctl enable xinetd

5.检查缺失文件

[[email protected] ~]# cobbler check
The following are potential configuration items that you may want to fix:

1 : change ‘disable‘ to ‘no‘ in /etc/xinetd.d/tftp
2 : Some network boot-loaders are missing from /var/lib/cobbler/loaders, you may run ‘cobbler get-loaders‘ to download them, or, if you only want to handle x86/x86_64 netbooting, you may ensure that you have installed a *recent* version of the syslinux package installed and can ignore this message entirely.  Files in this directory, should you want to support all architectures, should include pxelinux.0, menu.c32, elilo.efi, and yaboot. The ‘cobbler get-loaders‘ command is the easiest way to resolve these requirements.
3 : enable and start rsyncd.service with systemctl
4 : debmirror package is not installed, it will be required to manage debian deployments and repositories
5 : fencing tools were not found, and are required to use the (optional) power management features. install cman or fence-agents to use them

Restart cobblerd and then run ‘cobbler sync‘ to apply changes.

6.根据如上提示进行相关修改
(1)修改/etc/xinetd.d/tftp文件,设置disable参数值为no

sed -i ‘/disable/s/yes/no/g‘ /etc/xinetd.d/tftp

(2)下载缺失文件,运行命令:

cobbler get-loaders

(3)启动rsyncd并设置开机自启动

systemctl enable rsyncd.service && systemctl start rsyncd.service

(4)安装debmirror软件包和fence-agents工具

yum install debmirror fence-agents -y

(5)注释掉dists和arches以支持debian系统

sed -i "s/@dists/#@dists/g" /etc/debmirror.conf
sed -i "s/@arches/#@arches/g" /etc/debmirror.conf

(6)重启cobblerd服务,并重新同步配置

systemctl restart cobblerd.service
cobbler sync

没有报错才能进行下一步,返回如下内容:

[[email protected] ~]# cobbler sync
task started: 2019-08-11_113013_sync
task started (id=Sync, time=Sun Aug 11 11:30:13 2019)
running pre-sync triggers
cleaning trees
removing: /var/lib/tftpboot/grub/images
copying bootloaders
copying: /var/lib/cobbler/loaders/pxelinux.0 -> /var/lib/tftpboot/pxelinux.0
copying: /var/lib/cobbler/loaders/menu.c32 -> /var/lib/tftpboot/menu.c32
copying: /var/lib/cobbler/loaders/yaboot -> /var/lib/tftpboot/yaboot
copying: /usr/share/syslinux/memdisk -> /var/lib/tftpboot/memdisk
copying: /var/lib/cobbler/loaders/grub-x86.efi -> /var/lib/tftpboot/grub/grub-x86.efi
copying: /var/lib/cobbler/loaders/grub-x86_64.efi -> /var/lib/tftpboot/grub/grub-x86_64.efi
copying distros to tftpboot
copying images
generating PXE configuration files
generating PXE menu structure
rendering DHCP files
generating /etc/dhcp/dhcpd.conf
rendering TFTPD files
generating /etc/xinetd.d/tftp
cleaning link caches
running post-sync triggers
running python triggers from /var/lib/cobbler/triggers/sync/post/*
running python trigger cobbler.modules.sync_post_restart_services
running: dhcpd -t -q
received on stdout: 
received on stderr: 
running: service dhcpd restart
received on stdout: 
received on stderr: Redirecting to /bin/systemctl restart dhcpd.service

running shell triggers from /var/lib/cobbler/triggers/sync/post/*
running python triggers from /var/lib/cobbler/triggers/change/*
running python trigger cobbler.modules.manage_genders
running python trigger cobbler.modules.scm_track
running shell triggers from /var/lib/cobbler/triggers/change/*
*** TASK COMPLETE ***

7.处理完成后,再次运行命令检查缺失文件,出现以下内容说明检测通过。

# cobbler check
No configuration problems found.  All systems go.

四、CLI管理

1.下载镜像
将镜像文件上传至服务器并挂载到/mnt目录下

mount -t iso9660 -o loop,ro /root/CentOS-7-x86_64-Minimal-1511.iso /mnt/

2.导入镜像

cobbler import --name=centos7.2 --arch=x86_64 --path=/mnt

/var/www/cobbler/ks_mirror 目录用于存放系统数据文件,一般需要至少预留5-10GB空间用于导入系统数据
3.查看对象及相关详细信息

cobbler distro list
cobbler profile list
cobbler distro report --name=centos7.2-x86_64

4.创建系统

cobbler system add --name=test --profile=centos7.2-x86_64

cobbler system edit --name=test --interface=eth0 --mac=00:11:22:AA:BB:CC --ip-address=10.10.10.100 --netmask=255.255.255.0 --static=1 --dns-name=test.mydomain.com

由于默认网关不是设置所有网口,所以单独添加

cobbler system edit --name=test --gateway=10.10.10.254 --hostname=test.mydomain.com

5.查看相关配置信息

cobbler system report --name=test

6.新建测试虚拟机,可以看到开启虚拟机后,自动进入操作系统安装。

五、WEB管理

1.配置web访问
配置访问用户cobbler密码:111111

# htdigest /etc/cobbler/users.digest "Cobbler" cobbler
Changing password for user cobbler in realm Cobbler
New password: 
Re-type new password:

2.同步信息

cobbler sync

3.重启服务

systemctl restart httpd
systemctl restart cobblerd

4.在chrome或Firefox浏览器中,输入:https://10.10.10.70/cobbler_web 进行访问,用户名:cobbler ,密码:111111. 如果不能正常访问,请查看后边“错误处理”章节内容。

六、错误处理

打开WEB链接:https://10.10.10.70/cobbler_web ,WEB报错信息:

查看/var/log/httpd/ssl_error_log日志报错信息

[Mon Aug 12 22:10:03.269242 2019] [:error] [pid 9707] [remote 10.10.10.1:0] mod_wsgi (pid=9707): Exception occurred processing WSGI script ‘/usr/share/cobbler/web/cobbler.wsgi‘.
[Mon Aug 12 22:10:03.269317 2019] [:error] [pid 9707] [remote 10.10.10.1:0] Traceback (most recent call last):
[Mon Aug 12 22:10:03.269342 2019] [:error] [pid 9707] [remote 10.10.10.1:0]   File "/usr/share/cobbler/web/cobbler.wsgi", line 26, in application
[Mon Aug 12 22:10:03.269417 2019] [:error] [pid 9707] [remote 10.10.10.1:0]     _application = get_wsgi_application()
[Mon Aug 12 22:10:03.269431 2019] [:error] [pid 9707] [remote 10.10.10.1:0]   File "/usr/lib/python2.7/site-packages/django/core/wsgi.py", line 13, in get_wsgi_application
[Mon Aug 12 22:10:03.270122 2019] [:error] [pid 9707] [remote 10.10.10.1:0]     django.setup(set_prefix=False)
[Mon Aug 12 22:10:03.270146 2019] [:error] [pid 9707] [remote 10.10.10.1:0]   File "/usr/lib/python2.7/site-packages/django/__init__.py", line 22, in setup
[Mon Aug 12 22:10:03.270893 2019] [:error] [pid 9707] [remote 10.10.10.1:0]     configure_logging(settings.LOGGING_CONFIG, settings.LOGGING)
[Mon Aug 12 22:10:03.270923 2019] [:error] [pid 9707] [remote 10.10.10.1:0]   File "/usr/lib/python2.7/site-packages/django/conf/__init__.py", line 56, in __getattr__
[Mon Aug 12 22:10:03.271868 2019] [:error] [pid 9707] [remote 10.10.10.1:0]     self._setup(name)
[Mon Aug 12 22:10:03.271902 2019] [:error] [pid 9707] [remote 10.10.10.1:0]   File "/usr/lib/python2.7/site-packages/django/conf/__init__.py", line 41, in _setup
[Mon Aug 12 22:10:03.271929 2019] [:error] [pid 9707] [remote 10.10.10.1:0]     self._wrapped = Settings(settings_module)
[Mon Aug 12 22:10:03.271939 2019] [:error] [pid 9707] [remote 10.10.10.1:0]   File "/usr/lib/python2.7/site-packages/django/conf/__init__.py", line 110, in __init__
[Mon Aug 12 22:10:03.271951 2019] [:error] [pid 9707] [remote 10.10.10.1:0]     mod = importlib.import_module(self.SETTINGS_MODULE)
[Mon Aug 12 22:10:03.271963 2019] [:error] [pid 9707] [remote 10.10.10.1:0]   File "/usr/lib64/python2.7/importlib/__init__.py", line 37, in import_module
[Mon Aug 12 22:10:03.272747 2019] [:error] [pid 9707] [remote 10.10.10.1:0]     __import__(name)
[Mon Aug 12 22:10:03.272767 2019] [:error] [pid 9707] [remote 10.10.10.1:0]   File "/usr/share/cobbler/web/settings.py", line 89, in <module>
[Mon Aug 12 22:10:03.273494 2019] [:error] [pid 9707] [remote 10.10.10.1:0]     from django.conf.global_settings import TEMPLATE_CONTEXT_PROCESSORS
[Mon Aug 12 22:10:03.273523 2019] [:error] [pid 9707] [remote 10.10.10.1:0] ImportError: cannot import name TEMPLATE_CONTEXT_PROCESSORS

判断为Django版本问题,需要安装指定Django版本进行处理

yum install python-pip -y
pip install Django==1.8.9
systemctl restart cobblerd
systemctl restart httpd

刷新浏览器,重新访问。

输入用户名:cobbler 密码:111111 ,通过认证后打开cobbler web管理页面进行操作。

欢迎扫码提问,可在线解答。会定期分享虚拟化、容器、DevOps等相关内容

网友评论