搭建 Cobbler 自动装机系统
背景
因工作原因,需要搭建 Cobbler 自动装机系统,测试能为服务器无人值守安装 CentOS7.5 版本的操作系统。关于 Cobbler 的详细介绍,网上的资料有很多,因此这里不再赘述,直接展示搭建过程。
版本信息
- 服务端操作系统:CentOS 7.5 (VMware 虚机)
- Cobbler: 2.8.5
- syslinux: 4.05
系统环境准备
- 使用 VMware 新建 CentOS7.5 虚机,用于部署 Cobbler 系统。
- 为虚机添加两个网络适配器,一个配置 NAT,另一个配置仅主机模式(我这里选择 VMnet2),并设置子网及掩码
192.168.3.0 255.255.255.0,关闭 VMnet2 的 DHCP 功能。 - 操作系统调整以下服务及配置:
- 关闭 firewalld 服务
- 关闭 NetworkManager,设置 ens34 网卡的静态 IP 地址为
192.168.3.10作为 cobbler 服务 IP 地址。 - 关闭 selinux 。
- 开启 sshd 远程登录。
# 1. firewalld
$ systemctl stop firewalld
$ systemctl disable firewalld
# 2. network
# 关闭 NetworkManager
$ systemctl stop NetworkManager
$ systemctl disable NetworkManager
# 静态IP 网卡配置 (仅主机模式对应的网卡配置,注意自己的系统网卡名称是否为 ens34)
$ vim /etc/sysconfig/network-scripts/ifcfg-ens34
TYPE=Ethernet
PROXY_METHOD=none
BROWSER_ONLY=no
BOOTPROTO=static # 重点:分 dhcp 和 static
DEFROUTE=yes
IPV4_FAILURE_FATAL=no
IPV6INIT=yes
IPV6_AUTOCONF=yes
IPV6_DEFROUTE=yes
IPV6_FAILURE_FATAL=no
IPV6_ADDR_GEN_MODE=stable-privacy
NAME=ens34
UUID=7722a310-a8bb-49a4-a86c-4695df66bbc4
DEVICE=ens34
ONBOOT=yes # 重点:启动系统后激活网卡
IPADDR=192.168.3.10 # 重点:cobbler Server 的 IP 地址
NETMASK=255.255.255.0
# 重启 network
$ systemctl restart network
# 3. selinux
$ vim /etc/sysconfig/selinux
SELINUX=disabled
$ reboot
$ getenforce
disabled
# 4. sshd
# 允许 root 远程登录,对照以下修改
$ vim /etc/ssh/sshd_config
PermiRootLogin yes
# ssh 登录慢,对照以下修改
$ vim /etc/ssh/sshd_config
GSSAPIAuthentication no
UseDNS no
Cobbler 部署搭建
安装 Cobbler 服务
1、yum + epel 配置
# 配置阿里云的 yum 源
$ minorver=7.5.1804
$ sudo sed -e "s|^mirrorlist=|#mirrorlist=|g" \
-e "s|^#baseurl=http://mirror.centos.org/centos/\$releasever|baseurl=https://mirrors.aliyun.com/centos-vault/$minorver|g" \
-i.bak \
/etc/yum.repos.d/CentOS-*.repo
# 配置阿里云的 epel 源
$ wget -O /etc/yum.repos.d/eple.repo http://mirrors.aliyun.com/repo/epel-7.repo
$ yum -y install epel*
$ yum makecache
2、安装 PXE 相关服务
$ yum -y install xinetd syslinux dhcp tftp-server httpd rsync
3.、安装 pip 及升级
$ yum -y install python-pip
$ python -m pip install --upgrade pip==20.3.4
pip 直接升级到 21 版本后会不支持 python2 并报错,所以要指定 20.3.4 版本进行 pip 更新。
4.、安装 Cobbler 服务
$ yum -y install cobbler cobbler-web pykickstart
pykickstat 用于验证 kickstart 配置文件语法
5、cobbler 文件说明
$ rpm -ql cobbler # 查看安装的文件,下面列出部分
/etc/cobbler # 配置文件目录
/etc/cobbler/settings # cobbler主配置文件,这个文件是YAML格式
/etc/cobbler/dhcp.template # DHCP服务的配置模板
/etc/cobbler/tftpd.template # tftp服务的配置模板
/etc/cobbler/rsync.template # rsync服务的配置模板
/etc/cobbler/dnsmasq.template # DNS服务的配置模板
/etc/cobbler/iso # iso模板配置文件目录
/etc/cobbler/pxe # pxe模板文件目录
/etc/cobbler/power # 电源的配置文件目录
/etc/cobbler/users.conf # Web服务授权配置文件
/etc/cobbler/users.digest # 用于web访问的用户名密码配置文件
/etc/cobbler/modules.conf # Cobbler模块配置文件
/var/lib/cobbler # Cobbler数据目录
/var/lib/cobbler/config # 配置文件
/var/lib/cobbler/kickstarts # 默认存放kickstart文件
/var/lib/cobbler/loaders # 存放的各种引导程序
/var/lib/cobbler/triggers/ # 用于存放用户定义的cobbler命令
/var/www/cobbler # 系统安装镜像目录
/var/www/cobbler/ks_mirror # 导入的系统镜像列表
/var/www/cobbler/images # 导入的系统镜像启动文件
/var/www/cobbler/repo_mirror # yum源存储目录
/var/log/cobbler # 日志目录
/var/log/cobbler/install.log # 客户端系统安装日志
/var/log/cobbler/cobbler.log # cobbler日志
配置 cobbler 环境
1、启动 Cobbler
# 启动 httpd 服务
$ systemctl start httpd
# 启动 cobbler 服务
$ systemctl start cobblerd
2、配置自启动
$ systemctl enable httpd
$ systemctl enable xinetd
$ systemctl enable cobblerd
$ systemctl enable rsyncd
3、检查 Cobbler 配置
$ cobbler check
The following are potential configuration items that you may want to fix:
1 : The 'server' field in /etc/cobbler/settings must be set to something other than localhost, or kickstarting features will not work. This should be a resolvable hostname or IP for the boot server as reachable by all machines that will use it.
2 : For PXE to be functional, the 'next_server' field in /etc/cobbler/settings must be set to something other than 127.0.0.1, and should match the IP of the boot server on the PXE network.
3 : change 'disable' to 'no' in /etc/xinetd.d/tftp
4 : Some network boot-loaders are missing from /var/lib/cobbler/loaders, you may run 'cobbler get-loaders' to download them, or, if you only want to handle x86/x86_64 netbooting, you may ensure that you have installed a *recent* version of the syslinux package installed and can ignore this message entirely. Files in this directory, should you want to support all architectures, should include pxelinux.0, menu.c32, elilo.efi, and yaboot. The 'cobbler get-loaders' command is the easiest way to resolve these requirements.
5 : debmirror package is not installed, it will be required to manage debian deployments and repositories
6 : The default password used by the sample templates for newly installed machines (default_password_crypted in /etc/cobbler/settings) is still set to 'cobbler' and should be changed, try: "openssl passwd -1 -salt 'random-phrase-here' 'your-password-here'" to generate new one
7 : fencing tools were not found, and are required to use the (optional) power management features. install cman or fence-agents to use them
Restart cobblerd and then run 'cobbler sync' to apply changes.
- 问题1 & 2 & 6:
$ cp /etc/cobbler/settings{,.bak}
# 设置 Cobbler server 的 IP 地址 [问题1]
$ sed -i 's/^server: 127.0.0.1/server: 192.168.3.10/' /etc/cobbler/settings
# 设置 Cobbler DHCP 的中 TFTP 服务器 IP 地址 [问题2]
$ sed -i 's/^next_server: 127.0.0.1/next_server: 192.168.3.10/' /etc/cobbler/settings
# 用 Cobbler 管理 DHCP
$ sed -i 's/^manage_dhcp: 0/manage_dhcp: 1/' /etc/cobbler/settings
# 防止循环装系统,适用于服务器第一启动项是PXE启动。
$ sed -i 's/^pxe_just_once: 0/pxe_just_once: 1/' /etc/cobbler/settings
# 设置新装系统的默认root密码123456。 [问题6]
# random-phrase-here为干扰码,可以自行设定
$ openssl passwd -1 -salt 'SherLockOD' '123456' $1$SherLock$SjChDXGrCaipQoms3.8GF/
$ vim /etc/cobbler/settings default_password_crypted: "$1$SherLock$SjChDXGrCaipQoms3.8GF/"
- 问题3:
# 默认可以不进行修改,cobbler 提供的 TFTP 配置模板里已经修改过此参数,后面执行 cobbler sync 命令即可同步修改。当然自行按问题3提示修改也没关系。
$ cat /etc/cobbler/tftpd.template
# default: off
# description: The tftp server serves files using the trivial file transfer \
# protocol. The tftp protocol is often used to boot diskless \
# workstations, download configuration files to network-aware printers, \
# and to start the installation process for some operating systems.
service tftp
{
disable = no
socket_type = dgram
protocol = udp
wait = yes
user = $user
server = $binary
server_args = -B 1380 -v -s $args
per_source = 11
cps = 100 2
flags = IPv4
}
- 问题4:
# Copy 引导文件及菜单模块到 /var/lib/cobbler/loaders 目录下。
$ cp /usr/share/syslinux/pxelinux.0 /var/lib/cobbler/loaders/
$ cp /usr/share/syslinux/menu.c32 /var/lib/cobbler/loaders/
旧版 cobbler 提供的 get-loaders 已经被禁用,BIOS 类型固件系统可以在 syslinux 目录下拷贝 PXE 引导文件,UEFI 系统需自行查阅资料。
4、 配置 DHCP
$ vim /etc/cobbler/dhcp.template
...省略...
subnet 192.168.3.0 netmask 255.255.255.0 { # 子网及掩码
option routers 192.168.3.1;
option domain-name-servers 192.168.3.10; # 路由网关
option subnet-mask 255.255.255.0;
range dynamic-bootp 192.168.3.100 192.168.3.254; # dhcp地址池范围
default-lease-time 21600;
max-lease-time 43200;
next-server $next_server; # tftp 地址,无需修改,cobbler 会自行替换变量。
class "pxeclients" {
match if substring (option vendor-class-identifier, 0, 9) = "PXEClient";
if option pxe-system-type = 00:00 {
filename "pxelinux.0";
}
}
}
...省略...
配置 Cobbler 管理 DHCP 后,需要通过 Cobbler 提供的 dhcp 模板来修改配置,并通过 sync 命令进行同步生效。此配置仅支持 BIOS 系统,UEFI 系统需要自行修改支持。
5、多网卡 DHCP 服务修改
系统存在多网卡时,DHCP 需要指定网卡名称启动,不然要给多个网卡都提供 DHCP 配置,否则会影响 DHCP 服务。
# 查看 DHCP 服务状态,显示 ens33 网卡需要子网配置。
$ systemctl status dhcpd
● dhcpd.service - DHCPv4 Server Daemon
Loaded: loaded (/usr/lib/systemd/system/dhcpd.service; disabled; vendor preset: disabled)
Active: active (running) since Tue 2023-01-10 08:03:53 PST; 15min ago
Docs: man:dhcpd(8)
man:dhcpd.conf(5)
Main PID: 8254 (dhcpd)
Status: "Dispatching packets..."
Tasks: 1
CGroup: /system.slice/dhcpd.service
└─8254 /usr/sbin/dhcpd -f -cf /etc/dhcp/dhcpd.conf -user dhcpd -group dhcpd --no-pid
Jan 10 08:03:53 localhost.localdomain dhcpd[8254]: Sending on LPF/ens34/00:0c:29:dc:2f:4d/192.168.0.0/24
Jan 10 08:03:53 localhost.localdomain systemd[1]: Started DHCPv4 Server Daemon.
Jan 10 08:03:53 localhost.localdomain dhcpd[8254]:
Jan 10 08:03:53 localhost.localdomain dhcpd[8254]: No subnet declaration for ens33 (192.168.179.133).
Jan 10 08:03:53 localhost.localdomain dhcpd[8254]: ** Ignoring requests on ens33. If this is not what
Jan 10 08:03:53 localhost.localdomain dhcpd[8254]: you want, please write a subnet declaration
Jan 10 08:03:53 localhost.localdomain dhcpd[8254]: in your dhcpd.conf file for the network segment
Jan 10 08:03:53 localhost.localdomain dhcpd[8254]: to which interface ens33 is attached. **
Jan 10 08:03:53 localhost.localdomain dhcpd[8254]:
Jan 10 08:03:53 localhost.localdomain dhcpd[8254]: Sending on Socket/fallback/fallback-net
# 查看网卡情况
$ ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: ens33: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
link/ether 00:0c:29:dc:2f:43 brd ff:ff:ff:ff:ff:ff
inet 192.168.179.133/24 brd 192.168.179.255 scope global dynamic ens33
valid_lft 1577sec preferred_lft 1577sec
inet6 fe80::20c:29ff:fedc:2f43/64 scope link
valid_lft forever preferred_lft forever
3: ens34: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
link/ether 00:0c:29:dc:2f:4d brd ff:ff:ff:ff:ff:ff
inet 192.168.3.10/24 brd 192.168.3.255 scope global ens34
valid_lft forever preferred_lft forever
inet6 fe80::20c:29ff:fedc:2f4d/64 scope link
valid_lft forever preferred_lft forever
网上有资料表示在/etc/sysconfig/dhcpd 配置下指定网卡启动,查看发现该配置已经禁用,但提供了新的操作说明。
$ cat /etc/sysconfig/dhcpd
# WARNING: This file is NOT used anymore.
# If you are here to restrict what interfaces should dhcpd listen on,
# be aware that dhcpd listens *only* on interfaces for which it finds subnet
# declaration in dhcpd.conf. It means that explicitly enumerating interfaces
# also on command line should not be required in most cases.
# If you still insist on adding some command line options,
# copy dhcpd.service from /lib/systemd/system to /etc/systemd/system and modify
# it there.
# https://fedoraproject.org/wiki/Systemd#How_do_I_customize_a_unit_file.2F_add_a_custom_unit_file.3F
# example:
# $ cp /usr/lib/systemd/system/dhcpd.service /etc/systemd/system/
# $ vi /etc/systemd/system/dhcpd.service
# $ ExecStart=/usr/sbin/dhcpd -f -cf /etc/dhcp/dhcpd.conf -user dhcpd -group dhcpd --no-pid <your_interface_name(s)>
# $ systemctl --system daemon-reload
# $ systemctl restart dhcpd.service
# 指定 ens34 启动 dhcp 服务
$ cp /usr/lib/systemd/system/dhcpd.service /etc/systemd/system/
$ vim /etc/systemd/system/dhcpd.service
ExecStart=/usr/sbin/dhcpd -f -cf /etc/dhcp/dhcpd.conf -user dhcpd -group dhcpd --no-pid ens34
$ systemctl --system daemon-reload
$ systemctl restart dhcpd
# 查看 DHCP 服务状态,已经没有异常信息。
[root@localhost xinetd.d]# systemctl status dhcpd
● dhcpd.service - DHCPv4 Server Daemon
Loaded: loaded (/etc/systemd/system/dhcpd.service; disabled; vendor preset: disabled)
Active: active (running) since Tue 2023-01-10 08:22:28 PST; 2min 36s ago
Docs: man:dhcpd(8)
man:dhcpd.conf(5)
Main PID: 9185 (dhcpd)
Status: "Dispatching packets..."
Tasks: 1
CGroup: /system.slice/dhcpd.service
└─9185 /usr/sbin/dhcpd -f -cf /etc/dhcp/dhcpd.conf -user dhcpd -group dhcpd --no-pid ens34
Jan 10 08:22:28 localhost.localdomain dhcpd[9185]: Copyright 2004-2013 Internet Systems Consortium.
Jan 10 08:22:28 localhost.localdomain dhcpd[9185]: All rights reserved.
Jan 10 08:22:28 localhost.localdomain dhcpd[9185]: For info, please visit https://www.isc.org/software/dhcp/
Jan 10 08:22:28 localhost.localdomain dhcpd[9185]: Not searching LDAP since ldap-server, ldap-port and ldap-base-dn were not specified in the config file
Jan 10 08:22:28 localhost.localdomain dhcpd[9185]: Wrote 0 class decls to leases file.
Jan 10 08:22:28 localhost.localdomain dhcpd[9185]: Wrote 0 leases to leases file.
Jan 10 08:22:28 localhost.localdomain dhcpd[9185]: Listening on LPF/ens34/00:0c:29:dc:2f:4d/192.168.0.0/24
Jan 10 08:22:28 localhost.localdomain dhcpd[9185]: Sending on LPF/ens34/00:0c:29:dc:2f:4d/192.168.0.0/24
Jan 10 08:22:28 localhost.localdomain systemd[1]: Started DHCPv4 Server Daemon.
Jan 10 08:22:28 localhost.localdomain dhcpd[9185]: Sending on Socket/fallback/fallback-net
Hint: Some lines were ellipsized, use -l to show in full.
5、同步 cobbler 配置
$ cobbler sync
sync 命令会同步 cobbler 所有配置,并重启相关服务,具体情况,可以查看 sync 命令的输出日志。
Cobbler 进行 PXE 安装系统
1、导入 CentOS7.5 镜像
# 挂载 CentOS7.5 镜像,可以通过下载或 scp 将镜像发送到 Cobbler 虚机。
[root@localhost ~]# mkdir /mnt/cdrom
[root@localhost ~]# mount -o loop /root/CentOS-7-x86_64-DVD-1804.iso /mnt/cdrom/
# import 导入镜像,path 为镜像挂载路径,name 为 镜像名称(cobbler 系统内需要唯一),arch 为架构类型
[root@localhost ~]# cobbler import --path=/mnt/cdrom/ --name=CentOS-7.5-x86_64 --arch=x86_64
task started: 2023-01-10_083324_import
task started (id=Media import, time=Tue Jan 10 08:33:24 2023)
Found a candidate signature: breed=suse, version=opensuse15.0
Found a candidate signature: breed=suse, version=opensuse15.1
Found a candidate signature: breed=redhat, version=rhel6
Found a candidate signature: breed=redhat, version=rhel7
Found a matching signature: breed=redhat, version=rhel7
Adding distros from path /var/www/cobbler/ks_mirror/CentOS-7.5-x86_64:
creating new distro: CentOS-7.5-x86_64
trying symlink: /var/www/cobbler/ks_mirror/CentOS-7.5-x86_64 -> /var/www/cobbler/links/CentOS-7.5-x86_64
creating new profile: CentOS-7.5-x86_64
associating repos
checking for rsync repo(s)
checking for rhn repo(s)
checking for yum repo(s)
starting descent into /var/www/cobbler/ks_mirror/CentOS-7.5-x86_64 for CentOS-7.5-x86_64
processing repo at : /var/www/cobbler/ks_mirror/CentOS-7.5-x86_64
need to process repo/comps: /var/www/cobbler/ks_mirror/CentOS-7.5-x86_64
looking for /var/www/cobbler/ks_mirror/CentOS-7.5-x86_64/repodata/*comps*.xml
Keeping repodata as-is :/var/www/cobbler/ks_mirror/CentOS-7.5-x86_64/repodata
*** TASK COMPLETE ***
# 查看镜像列表
[root@localhost ~]# cobbler distro list
CentOS-7.5-x86_64
2、指定 kickstart 文件
# Cobbler 中,ks 文件存放在 /var/lib/cobbler/kickstart/ 下
# 导入自己的 ks 测试文件
$ rz -be
$ cat /var/lib/cobbler/kickstart/CentOS-7.5-x86_64.cfg
#platform=x86, AMD64,Intel EM64T
#version=CentOS75
install
keyboard 'us'
rootpw --plaintext 123456
lang en_US
firewall --disabled
auth --useshadow --passalgo=sha512
text
selinux --disabled
skipx
# Use http installation source
url --url=$tree
network --bootproto=dhcp --device=eth0 --onboot=on
reboot
timezone Asia/Shanghai
bootloader --append="net.ifnames=0" --location=mbr --boot-drive=sda
clearpart --all --initlabel
zerombr
autopart --type=lvm
%packages
@^minimal
@core
%end
%addon com_redhat_kdump --disable --reserve-mb='auto'
%end
%pre
%end
%post
%end
# 用 ksvalidator 验证文件语法正确
$ ksvalidator /var/lib/cobbler/kickstarts/CentOS-7.5-x86_64.cfg
- url 参数中的 $tree 可以被 cobbler 自动替换成 CentOS7.5 的镜像源地址。
- 注意:ks 文件中不能有中文,否则 cobbler 会报错,并且导致后续自动应答安装流程失败。
3、 关联 ks 文件
# 将 ks 与镜像进行关联 name 指定系统镜像名称 kickstart 为 ks 文件路径
$ cobbler profile edit --name=CentOS-7.5-x86_64 --kickstart=/var/lib/cobbler/kickstarts/CentOS-7.5-x86_64.cfg
# 查看 profile 的信息
$ cobbler profile report --name=CentOS-7.5-x86_64
Name : CentOS-7.5-x86_64
TFTP Boot Files : {}
Comment :
DHCP Tag : default
Distribution : CentOS-7.5-x86_64
Enable gPXE? : 0
Enable PXE Menu? : 1
Fetchable Files : {}
Kernel Options : {}
Kernel Options (Post Install) : {}
Kickstart : /var/lib/cobbler/kickstarts/CentOS-7.5-x86_64.cfg
Kickstart Metadata : {}
Management Classes : []
Management Parameters : <<inherit>>
Name Servers : []
Name Servers Search Path : []
Owners : ['admin']
Parent Profile :
Internal proxy :
Red Hat Management Key : <<inherit>>
Red Hat Management Server : <<inherit>>
Repos : []
Server Override : <<inherit>>
Template Files : {}
Virt Auto Boot : 1
Virt Bridge : xenbr0
Virt CPUs : 1
Virt Disk Driver Type : raw
Virt File Size(GB) : 5
Virt Path :
Virt RAM (MB) : 512
Virt Type : kvm
4、检查 ks 文件
# 通过 curl 查看 ks 文件是否能通过 cobbler 展示,或者通过 cobbler web 的 profile 选项中的 view kickstart 查看也可以。
$ curl http://192.168.3.10/cblr/svc/op/ks/profile/CentOS-7.5-x86_64
- 出现如下问题,检验 ks 文件是否有中文字符,需要进行删除:
Tue Jan 10 21:10:25 2023 - INFO | generate_kickstart
Tue Jan 10 21:10:25 2023 - INFO | Exception occured: <type 'exceptions.UnicodeDecodeError'>
Tue Jan 10 21:10:25 2023 - INFO | Exception value: 'ascii' codec can't decode byte 0xe6 in position 47: ordinal not in range(128)
Tue Jan 10 21:10:25 2023 - INFO | Exception Info:
File "/usr/lib/python2.7/site-packages/cobbler/remote.py", line 1044, in generate_kickstart
return self.api.generate_kickstart(profile,system)
File "/usr/lib/python2.7/site-packages/cobbler/api.py", line 679, in generate_kickstart
return self.kickgen.generate_kickstart_for_profile(profile)
File "/usr/lib/python2.7/site-packages/cobbler/kickgen.py", line 295, in generate_kickstart_for_profile
return self.generate_kickstart(profile=g)
File "/usr/lib/python2.7/site-packages/cobbler/kickgen.py", line 277, in generate_kickstart
data = self.templar.render(raw_data, meta, None, obj)
File "/usr/lib/python2.7/site-packages/cobbler/templar.py", line 116, in render
data_out = self.render_cheetah(raw_data, search_table, subject)
File "/usr/lib/python2.7/site-packages/cobbler/templar.py", line 201, in render_cheetah
t = Template(source=raw_data, searchList=[search_table], compilerSettings={'useStackFrame':False})
File "DynamicallyCompiledCheetahTemplate.py", line 58, in __init__
File "_etc_cobbler_cheetah_macros.py", line 58, in __init__
File "/usr/lib64/python2.7/site-packages/Cheetah/Template.py", line 1259, in __init__
self._compile(source, file, compilerSettings=compilerSettings)
File "/usr/lib64/python2.7/site-packages/Cheetah/Template.py", line 1553, in _compile
keepRefToGeneratedCode=True)
File "/usr/lib/python2.7/site-packages/cobbler/template_api.py", line 127, in compile
return Cheetah.Template.Template.compile(*args, **kwargs)
File "/usr/lib64/python2.7/site-packages/Cheetah/Template.py", line 740, in compile
settings=(compilerSettings or {}))
File "/usr/lib64/python2.7/site-packages/Cheetah/Compiler.py", line 1579, in __init__
source = unicode(source)
ksvalidator 无法检验出 ks 文件有中文字符。
5、 修改 kernel 内核参数(3种方法)
- CentOS7 系统,指定 boot 网卡名称为 eth0 (net.ifnames=0 biosdevname=0 两个参数搭配使用)
# 通过 cobbler 命令设置内核参数
cobbler profile edit --name=CentOS-7.5-x86_64 --kopts='net.ifnames=0 biosdevname=0'
- 通用参数,还可以通过 cobbler 的 setting 配置文件中的 kernel_options 来配置 (终端或web端均可)。
# 终端修改:
$ vim /etc/cobbler/setting
kernel_options:
ksdevice: bootif
lang: ' '
text: ~
net.ifnames: 0
biosdevname: 0
# web端修改:
略
上述几种方式的底层都是去修改 pxelinux 的配置文件,如果使用的 default 配置,可以在执行 cobbler sync 之后,通过 /var/lib/tftpboot/pxelinux.cfg/default 查看确认。
- 当然通过 ks 文件中的 bootloader 来指定 append 参数也可以。
bootloader --append="net.ifnames=0 biosdevname=0" --location=mbr --boot-drive=sda
6、查看或修改 pxelinux 配置
# cobbler pxe 模板位置
$ cat /etc/cobbler/pxe/pxedefault.template
DEFAULT menu
PROMPT 0
MENU TITLE Cobbler | http://cobbler.github.io/
TIMEOUT 200
TOTALTIMEOUT 6000
ONTIMEOUT $pxe_timeout_profile
LABEL local
MENU LABEL (local)
MENU DEFAULT
LOCALBOOT -1
$pxe_menu_items
MENU end
可以通过默认 pxe 模板进行调整,$pxe_menu_items 变量会由 cobbler 进行替换。
7、同步 Cobbler 配置
$ cobbler sync
# 查看 pxelinux 默认配置文件详情
$ cat /var/lib/tftpboot/pxelinux.cfg/default
DEFAULT menu
PROMPT 0
MENU TITLE Cobbler | http://cobbler.github.io/
TIMEOUT 200
TOTALTIMEOUT 6000
ONTIMEOUT local
LABEL local
MENU LABEL (local)
MENU DEFAULT
LOCALBOOT -1
LABEL CentOS-7.5-x86_64
kernel /images/CentOS-7.5-x86_64/vmlinuz
MENU LABEL CentOS-7.5-x86_64
append initrd=/images/CentOS-7.5-x86_64/initrd.img ksdevice=bootif lang= kssendmac text ks=http://192.168.3.10/cblr/svc/op/ks/profile/CentOS-7.5-x86_64
ipappend 2
MENU end
此配置默认会从 local 标签进行启动,需要手动选择所需安装的镜像。想要进行无人值守安装系统,后面会进行介绍。
装机测试
1、手动选择系统
- 新建vm虚拟机,配置网络适配器为VMnet2。
- 启动虚拟机,DHCP 获取到地址,并进入引导菜单。
2、无人值守装机
- 创建 system 设置默认的装机系统
cobbler system add --name=default --profile=CentOS-7.5-x86_64
cobbler sync
- 查看 /var/lib/tftpboot/pxelinux.cfg/default 配置
DEFAULT menu
PROMPT 0
MENU TITLE Cobbler | http://cobbler.github.io/
TIMEOUT 200
TOTALTIMEOUT 6000
ONTIMEOUT CentOS-7.5-x86_64 # 超时启动标签改为,CentOS-7.5 系统
LABEL local
MENU LABEL (local)
MENU DEFAULT
LOCALBOOT -1
LABEL CentOS-7.5-x86_64
kernel /images/CentOS-7.5-x86_64/vmlinuz
MENU LABEL CentOS-7.5-x86_64
append initrd=/images/CentOS-7.5-x86_64/initrd.img ksdevice=bootif lang= kssendmac text ks=http://192.168.0.10/cblr/svc/op/ks/profile/CentOS-7.5-x86_64
ipappend 2
MENU end
3. 恢复 local 默认启动
# 删除 default system 配置
cobbler system remove --name=default
cobbler sync
- 查看 /var/lib/tftpboot/pxelinux.cfg/default 配置
DEFAULT menu
PROMPT 0
MENU TITLE Cobbler | http://cobbler.github.io/
TIMEOUT 200
TOTALTIMEOUT 6000
ONTIMEOUT local
LABEL local
MENU LABEL (local)
MENU DEFAULT
LOCALBOOT -1
LABEL CentOS-7.5-x86_64
kernel /images/CentOS-7.5-x86_64/vmlinuz
MENU LABEL CentOS-7.5-x86_64
append initrd=/images/CentOS-7.5-x86_64/initrd.img ksdevice=bootif lang= kssendmac text ks=http://192.168.0.10/cblr/svc/op/ks/profile/CentOS-7.5-x86_64
ipappend 2
MENU end
遇到问题
- dhcpd duplicate key 问题
$ > /var/lib/dhcpd/dhcpd.leases
$ > /var/lib/dhcpd/dhcpd.leases~
$ systemctl restart dhcpd
- 在使用测试物理服务器装机过程中,偶然出现服务器获取的 IP 地址不在 DHCP 地址池范围内的情况,导致 PXE 引导失败。通过排查发现,是由于更换网口测试时,网卡 MAC地址已经与其他 IP 进行绑定,此时需要清除dhcp的缓存信息再进行 PXE 引导。
总结
- 通过测试 Cobbler 系统,可以很方便的进行 PXE 自动装机任务。
- Cobbler 提供灵活的配置方式,能够支持安装多种主流的操作系统,但灵活配置的同时带来了配置的复杂性,需要对系统深入的了解才能更好的使用。
参考资料
- Cobbler 安装及部署:cloud.tencent.com/developer/a…
- Cobbler 配置无人值守安装:ieevee.com/tech/2017/0…
