第一節(jié)：背景介紹

作為運(yùn)維，在公司經(jīng)常遇到一些機(jī)械性重復(fù)工作要做，例如：為新機(jī)器裝系統(tǒng)，一臺(tái)兩臺(tái)機(jī)器裝系統(tǒng)，可以用光盤、U 盤等介質(zhì)安裝，1小時(shí)也完成了，但是如果有成百臺(tái)的服務(wù)器還要用光盤、U盤去安裝，就顯得有些力不從心了。PXE技術(shù)就 能很好的解決這個(gè)問(wèn)題，本文將會(huì)對(duì)PXE的工作原理有所介紹，而cobbler則是基于PXE技術(shù)的工作原理的二次封裝，通過(guò)命 令的方式簡(jiǎn)化了PXE配置過(guò)程。

第二節(jié)：安裝系統(tǒng)的方法

光盤（ISO文件，光盤的鏡像文件）===>>每一臺(tái)物理機(jī)都得給一個(gè)光驅(qū)，如果用外置光驅(qū)的話，是不是每臺(tái)機(jī)器都 需要插一下
U盤：ISO鏡像刻錄到U盤==>>需要每臺(tái)機(jī)器都需要插一下
并行安裝==>>網(wǎng)絡(luò)安裝
自動(dòng)化安裝

第三節(jié)：PXE說(shuō)明

PXE：全名Pre-boot Execution Environment，預(yù)啟動(dòng)執(zhí)行環(huán)境；
通過(guò)網(wǎng)絡(luò)接口啟動(dòng)計(jì)算機(jī)，不依賴本地存儲(chǔ)設(shè)備（如硬盤）或本地已安裝的操作系統(tǒng)；
由Intel和Systemsoft公司于1999年9月20日公布的技術(shù)；
客戶端/Server的工作模式；
PXE客戶端會(huì)調(diào)用網(wǎng)際協(xié)議(IP)、用戶數(shù)據(jù)報(bào)協(xié)議(UDP)、動(dòng)態(tài)主機(jī)設(shè)定協(xié)議(DHCP)、小型文件傳輸協(xié)議(TFTP)等網(wǎng) 絡(luò)協(xié)議；
PXE客戶端(客戶端)這個(gè)術(shù)語(yǔ)是指機(jī)器在PXE啟動(dòng)過(guò)程中的角色。一個(gè)PXE客戶端可以是一臺(tái)服務(wù)器、筆記本電腦或者其 他裝有PXE啟動(dòng)代碼的機(jī)器（我們電腦的網(wǎng)卡）

PXE+cobbler工作步驟圖

img

第四節(jié)：cobbler安裝系統(tǒng)實(shí)踐

1.環(huán)境準(zhǔn)備

[root@cobbler ~]# cat /etc/redhat-release 
CentOS Linux release 7.5.1804 (Core) [root@cobbler ~]# uname -r 
3.10.0-862.el7.x86_64 
[root@cobbler ~]# hostname
 cobbler 
[root@cobbler ~]# systemctl status firewalld.service 
● firewalld.service - firewalld - dynamic firewall daemon
 Loaded: loaded (/usr/lib/systemd/system/firewalld.service; disabled; vendor preset: enabled) Active: inactive (dead) 
Docs: man:firewalld(1) 
[root@cobbler ~]# getenforce 
Disabled 
[root@cobbler ~]# hostname -I 10.0.0.202 172.16.1.202

2.安裝cobbler

[root@cobbler ~]# yum install -y cobbler cobbler-web dhcp tftp-server pykickstart httpd python-django

3.啟動(dòng)服務(wù)

[root@cobbler ~]# systemctl start httpd.service cobblerd.service

4.檢測(cè)cobbler

[root@cobbler ~]# cobbler check

img

第五節(jié)：檢查出8個(gè)問(wèn)題，需要修改

1.cobbler配置文件中server參數(shù)信息要改為相應(yīng)的指定信息,不能使用默認(rèn)localhosts

1 : The 'server' field in /etc/cobbler/settings must be set to something other than localhost, or kickstarting features will not work.
This should be a resolvable hostname or IP for the boot server as reachable by all machines that will use it.

2.cobbler配置文件中next_server參數(shù)信息要改為相應(yīng)指定的tftp服務(wù)器地址信息,不能使用默認(rèn)的127.0.0.1

2 : For PXE to be functional, the 'next_server' field in /etc/cobbler/settings must be set to something other than 127.0.0.1,
and should match the IP of the boot server on the PXE network.

3.讓tftp服務(wù)可以被xinetd服務(wù)管理

3 : change 'disable' to 'no' in /etc/xinetd.d/tftp

4.需要進(jìn)行下載系統(tǒng)啟動(dòng)時(shí)所需使用的啟動(dòng)引導(dǎo)文件信息,使用'cobbler get-loaders'命令

4 : Some network boot-loaders are missing from /var/lib/cobbler/loaders, you may run 'cobbler get-loaders' to download them, or, if you only want to handle x86/x86_64 netbooting, you may ensure that you have installed a *recent* version of the syslinux package installed and can ignore this message entirely. Files in this directory, should you want to support all architectures, should include pxelinux.0, menu.c32, elilo.efi, and yaboot. The 'cobbler get-loaders' command is the easiest way to resolve these requirements.

5.需要啟動(dòng)rsync服務(wù),并且設(shè)置開機(jī)自啟動(dòng)

5 : enable and start rsyncd.service with systemctl

6.debian系統(tǒng)的一個(gè)管理軟件包需要安裝 debmirror

6 : debmirror package is not installed, it will be required to manage debian deployments and repositories

7.cobbler配置文件中default_password_crypted參數(shù)信息要改為相應(yīng)指定的密碼信息,不能使用默認(rèn)

7 : The default password used by the sample templates for newly installed machines (default_password_crypted in /etc/cobbler/settings) is still set to 'cobbler' and should be changed, try: "openssl passwd -1 -salt 'random-phrase-here' 'your-password-here'" to generate new one

8.智能電源管理工具沒有找到

8 : fencing tools were not found, and are required to use the (optional) power management features. install cman or fence-agents to use them

第六節(jié)：解決相關(guān)檢查問(wèn)題

01. 解決問(wèn)題一 
[root@cobbler ~]# cp /etc/cobbler/settings{,.ori} #備份配置文件 [root@cobbler ~]# vim +384 /etc/cobbler/settings 
[root@cobbler ~]# sed -i 's/server: 127.0.0.1/server: 172.16.1.202/' /etc/cobbler/settings 
02. 解決問(wèn)題二 
[root@cobbler ~]# sed -i 's/next_server: 127.0.0.1/next_server: 172.16.1.202/' /etc/cobbler/settings 
03. 解決問(wèn)題三 
[root@cobbler ~]# sed -i '/disabled/s#yes#no#' /etc/xinetd.d/tftp 
04. 解決問(wèn)題四 
[root@cobbler ~]# cobbler get-loaders 
[root@cobbler ~]# tree /var/lib/cobbler/loaders/ 
05. 解決問(wèn)題五 
[root@cobbler ~]# systemctl start rsyncd 
[root@cobbler ~]# systemctl enable rsyncd 
[root@cobbler ~]# systemctl status rsyncd 
06. 解決問(wèn)題六 
debian系統(tǒng)才需要安裝相應(yīng)軟件包, 課程使用centos系統(tǒng)無(wú)需安裝 
07. 解決問(wèn)題七 
[root@cobbler ~]# sed -ri "/default_password_crypted/s#(.*: ).*#\1\"`openssl passwd -1 -salt 'oldboy' '123456'`\"#" /etc/cobbler/settings 
[root@cobbler ~]# openssl passwd -1 -salt 'oldboy' '123456' 
08. 解決問(wèn)題八 需要解決一些腦裂問(wèn)題,需要安裝智能電源軟件(暫時(shí)無(wú)需處理)

重啟服務(wù)?。?！

解決完成后，再次的進(jìn)行配置檢查 
[root@cobbler ~]# cobbler check 
The following are potential configuration items that you may want to fix:
1 : debmirror package is not installed, it will be required to manage debian deployments and repositories 
2 : fencing tools were not found, and are required to use the (optional) power management features. install cman or fence-agents to use them Restart cobblerd and then run 'cobbler sync' to apply changes.

修改dhcp服務(wù)配置文件

01. 修改配置文件信息 
[root@cobbler ~]# vim /etc/cobbler/dhcp.template 
22 # option routers 172.16.1.5; 
23 # option domain-name-servers 172.16.1.1; 
:%s#192.168.1#172.16.1#g 
#說(shuō)明: 修改模板配置文件的時(shí)候,即可把/etc/dhcp/dhcpd.conf文件進(jìn)行修改 [root@cobbler ~]#grep 172.16.1 /etc/cobbler/dhcp.template 
subnet 172.16.1.0 netmask 255.255.255.0 { 
# option routers 172.16.1.5; 
# option domain-name-servers 172.16.1.1;
   range dynamic-bootp 172.16.1.100 172.16.1.254; 
02. 使用cobbler服務(wù)管理dhcp服務(wù) 
[root@cobbler ~]# sed -i 's/manage_dhcp: 0/manage_dhcp: 1/g' /etc/cobbler/settings [root@cobbler ~]# vim /etc/cobbler/settings 
242 manage_dhcp: 1 #將默認(rèn)數(shù)值0改為1,即表示使用cobbler服務(wù)管理dhcp服務(wù)

啟動(dòng)應(yīng)有cbbler服務(wù)

[root@cobbler ~]# systemctl restart httpd.service rsyncd.service tftp.socket cobblerd.service dhcpd
[root@cobbler ~]# cobbler sync

第七節(jié)：cobbler軟件web頁(yè)面配置

加載cobbler網(wǎng)頁(yè)信息

img

解決方法

[root@cobbler ~]# tailf /var/log/httpd/ssl_error_log #查看日志

img

image.png

初步判斷應(yīng)該是python-django版本問(wèn)題

#下載pip.py 
[root@cobbler ~]# wget https://bootstrap.pypa.io/get-pip.py 
#安裝pip 
[root@cobbler ~]# yum install python-pip -y 
#調(diào)用本地python運(yùn)行pip.py腳本 
[root@cobbler ~]# python get-pip.py 
#安裝Django 
[root@cobbler ~]# pip install Django==1.8.9 
#查看Django版本號(hào) 
[root@cobbler ~]# python -c "import django; print(django.get_version())" 
#重啟httpd 
[root@cobbler ~]# systemctl restart httpd 
web界面再重新加載

登錄cobbler
默認(rèn)用戶名：cobbler 默認(rèn)密碼：cobbler
將光盤導(dǎo)入到系統(tǒng)

img

image.png

進(jìn)行改在光盤鏡像

[root@cobbler ~]# mount /dev/cdrom /mnt 
mount: /dev/sr0 is write-protected, mounting read-only 
[root@cobbler ~]# df -h

web界面進(jìn)行導(dǎo)入

img

image.png

檢查到如情況

[root@cobbler ~]# ps -ef|grep rsync

img

image.png

已經(jīng)同步成功了 
[root@cobbler ~]# du -sh /var/www/cobbler/ks_mirror/centos7.5_x86_64bit-x86_64/ 
4.2G /var/www/cobbler/ks_mirror/centos7.5_x86_64bit-x86_64/

img

image.png

第八節(jié)：系統(tǒng)安裝過(guò)程的配置

1.修改網(wǎng)絡(luò)系統(tǒng)安裝后主機(jī)網(wǎng)卡信息

img

2.設(shè)置centos網(wǎng)卡名稱規(guī)則

img

3.編寫網(wǎng)絡(luò)安裝系統(tǒng)時(shí)的自動(dòng)應(yīng)答文件信息

img

4.配置Filename

img

具體文件

配置文件
install
url --url=$tree
text
lang en_US.UTF-8
keyboard us 
zerombr 
bootloader --location=mbr --driveorder=sda --append="crashkernel=auto rhgb quiet" 
#Network information 
$SNIPPET('network_config') 
#network --bootproto=dhcp --device=eth0 --onboot=yes --noipv6 --hostname=CentOS7 
#network --bootproto=dhcp --device=eth1 --onboot=yes --noipv6 --hostname=CentOS7 
timezone --utc Asia/Shanghai 
authconfig --enableshadow --passalgo=sha512 
rootpw --iscrypted $default_password_crypted 
clearpart --all --initlabel
part /boot --fstype xfs --size 1024 
part swap --size 1024 
part / --fstype xfs --size 1 --grow 
firstboot --disable 
selinux --disabled 
firewall --disabled 
logging --level=info 
reboot 
%pre 
$SNIPPET('log_ks_pre') 
$SNIPPET('kickstart_start') 
$SNIPPET('pre_install_network_config') 
# Enable installation monitoring 
$SNIPPET('pre_anamon') 
%end 
%packages 
@^minimal 
@compat-libraries 
@core 
@debugging 
@development 
bash-completion 
chrony 
net-tools 
lrzsz 
nmap 
sysstat 
telnet 
tree 
vim 
wget 
%end 
%post 
systemctl disable postfix.service 
%end

5.加載配置完成的自動(dòng)應(yīng)答配置文件

img

img

6.配置主機(jī)安裝系統(tǒng)完成后獲取的IP地址信息

img

7.配置系統(tǒng)

img

8.配置主機(jī)名和DNS

img

9.配置網(wǎng)卡

img

10.獲取網(wǎng)課mac地址

img

img

img

img

11.配置完成

img

12.使之所有配置信息生效

img

img

img