Cobbler+kickstart实现批量全自动装机

2025-05-08 14:12:15

cobbler简介 cobbler 是一个系统启动服务boot server,可以通过pxe得方式用来快速安装，重装系统，支持安装不同linux发行版和windows。这个工具是用python开发，方便小巧，15k行代码，使用简单得命令完成pxe网络安装环境配置，还可以管理dhcp，dns，yum包镜像。cobbler可以命令行，也可以web（cobbler-web）,还提供api接口，可以方便二次开发使用。其实就是多安装树的pxe环境，是pxe的高级应用

cobbler支持的功能 1、pxe支持

2、dhcp管理

3、dns服务管理（bind，dnsmasq）

4、电源管理

5、kickstart支持

6、yum仓库管理

7、tftp（pxe启动时需要）

8、apache，提供ks得安装源，并提供定制化得ks配置，同时，它和apache做了深度整合，通过cobbler，可以师兄redhat/centos/fedora系统得快速部署，同时也支持suse、debian（ubuntu）系统，通过配置开可以支持windows

cobbler架构及工作原理、核心框架 cobbler工作原理 cobbler框架 介绍一下profile核心，由三个组件组成

repositories （安装树或安装源） mirror 镜像，光盘或者网络中得安装源 import 导入distribution（vmlinuz-内核，initrd.img-引导映像文件） cobbler 自动从reporitories抽取出来生成 kickstart file 组成得完完整整得系统发行版

cobbler就是较早pxe的升级版，优点容易配置，还自带web界面比较易于管理，但是中文资料少，（有人测试：cobbler不会应为在局域网中启动了dhcp而导致有些机器因为默认从pxe启动在重启服务器后加载tftp内容导致启动终止，这部分没有验证）

可以通过cobbler自动部署dhcp，tftp，http，在安装过程中加载ks无人值守安装应答文件实现无人值守，从客户端使用pxe引导启动安装

一、准备Windows的ADK和win PE

ADK下载地址：https://go.microsoft.com/fwlink/?linkid=2026036

win PE下载地址：https://go.microsoft.com/fwlink/?linkid=2022233

注意，adk 的两个都要下载，这俩都是引导包，真正的安装程序会由这俩软件进行下载。

二、安装 ADK 和 WinPE

安装完后，以管理员身份打开部署和映像工具环境

定制 Win 10 PE

copype amd64 C:\winpe

Dism /mount-image /imagefile:C:\winpe\media\sources\boot.wim /index:1 /mountdir:C:\winpe\mount

echo net use z: \\192.168.0.253\share >> C:\winpe\mount\Windows\System32\startnet.cmd

echo z:\win\setup.exe /unattend:z:\win\win10_x64_bios_auto.xml >> C:\winpe\mount\Windows\System32\startnet.cmd

Dism /unmount-image /mountdir:C:\winpe\mount /commit

MakeWinPEMedia /ISO C:\winpe C:\winpe\winpe_win10_amd64.iso

本地生成 winpe 文件目录dism 挂载 winpe 的启动文件到 winpe 的 mount 目录将启动命令硬编码写死到 winpe 的 startnet.cmd 文件里无人值守安装卸载 winpe 的挂载（一定要执行，否则直接强制删除文件夹会出一些稀奇古怪的问题）制作 win10 镜像，名为 winpe_win10_amd64.iso

三、乌班图安装Cobbler

乌班图安装需要编译安装，建议使用centos安装

安装Apache

[root@node1.local ~]# apt update

[root@node1.local ~]# apt install apache2

启用所需的 Apache 模块

使用 a2enmod 来启用 proxy、proxy_http 和 rewrite 模块

a2enmod proxy

a2enmod proxy_http

a2enmod rewrite

检查是否正确启用模块

apache2ctl -M | grep proxy

proxy_module (shared)

proxy_http_module (shared)

创建 TFTP 根目录的符号链接

Cobbler 需要 TFTP 目录来进行 PXE 启动。创建一个符号链接，指向 tftpboot 目录

[root@node1.local ~]# ln -s /srv/tftp /var/lib/tftpboot

重新启动 Apache 服务

[root@node1.local ~]# systemctl restart apache2

查看服务状态

[root@node1.local ~]# systemctl status apache2

构建 .deb 包

下载 Cobbler 源代码

[root@node1.local ~]# git clone https://github.com/cobbler/cobbler.git

[root@node1.local ~]# cd cobbler

安装 debuild 和其他构建工具

[root@node1.local cobbler]# apt update

[root@node1.local cobbler]# apt install devscripts build-essential fakeroot debhelper

构建

[root@node1.local cobbler]# make debs

查看构建包位置

[root@node1.local ~]# find ~ -iname '*.deb'

/root/cobbler/deb-build/cobbler-tests-containers_3.4.0_all.deb

/root/cobbler/deb-build/cobbler_3.4.0_all.deb

/root/cobbler/deb-build/cobbler-tests_3.4.0_all.deb

/root/cobbler-tests-containers_3.4.0_all.deb

/root/cobbler_3.4.0_all.deb

/root/cobbler-tests_3.4.0_all.deb

安装

[root@node1.local ~]# dpkg -i /root/cobbler_3.4.0_all.deb

#安装的时候会提示以下缺少依赖

fence-agents

xorriso

python3-gunicorn

python3-pymong

安装依赖

#安装依赖会报错

[root@node1.local ~]# apt-get install fence-agents xorriso python3-gunicorn python3-pymongo

eading package lists... Done

Building dependency tree... Done

Reading state information... Done

You might want to run 'apt --fix-broken install' to correct these.

The following packages have unmet dependencies:

cobbler : Depends: fence-agents but it is not going to be installed

Depends: xorriso but it is not going to be installed

Depends: python3-gunicorn but it is not going to be installed

python3-pymongo : Depends: python3-bson (= 3.11.0-1ubuntu0.24.04.1) but it is not going to be installed

Recommends: python3-gridfs (>= 3.11.0-1ubuntu0.24.04.1) but it is not going to be installed

Recommends: python3-pymongo-ext but it is not going to be installed

E: Unmet dependencies. Try 'apt --fix-broken install' with no packages (or specify a solution).

#修复破损的依赖关系

[root@node1.local ~]# apt --fix-broken install

#安装成功

[root@node1.local ~]# apt-get install fence-agents xorriso python3-gunicorn python3-pymongo

Reading package lists... Done

Building dependency tree... Done

Reading state information... Done

fence-agents is already the newest version (4.12.1-2~exp1ubuntu4).

fence-agents set to manually installed.

xorriso is already the newest version (1:1.5.6-1.1ubuntu3).

xorriso set to manually installed.

python3-gunicorn is already the newest version (20.1.0-6).

python3-gunicorn set to manually installed.

python3-pymongo is already the newest version (3.11.0-1ubuntu0.24.04.1).

python3-pymongo set to manually installed.

0 upgraded, 0 newly installed, 0 to remove and 19 not upgraded.

安装cobbler

[root@node1.local cobbler]# dpkg -i /root/cobbler_3.4.0_all.deb

(Reading database ... 196119 files and directories currently installed.)

Preparing to unpack /root/cobbler_3.4.0_all.deb ...

Unpacking cobbler (3.4.0) over (3.4.0) ...

Setting up cobbler (3.4.0) ...

Processing triggers for man-db (2.12.0-4build2) ...

启动cobbler

mv /etc/cobbler/cobblerd.service /etc/systemd/system/

systemctl daemon-reload

systemctl start cobblerd

systemctl enable cobblerd

cobblerd check

三、centos安装

参考地址：https://blog.swireb.cn/archives/docs-011

准备工作

#关闭防火墙和selinux

systemctl disable firewalld.service

systemctl stop firewalld.service

sed -i 's/^SELINUX=.*/SELINUX=disabled/g' /etc/selinux/config

#关闭了selinux需要重启服务器生效

reboot

安装 EPEL 仓库

yum install -y epel-release

更新仓库安装

yum update

yum install -y dhcp tftp-server xinetd debmirror pykickstart cobbler cobbler-web

#组件作用简介

cobbler #基础组件

cobbler-web #web组件

debmirror #镜像管理工具

pykickstart #检查cobbler配置文件语法

httpd #发布镜像

syslinux #配置引导文件（生成pxelinux.0）

tftp-server #为PXE的客户端提供引导文件

dhcp #为PXE的客户端提供IP地址、告知tftp的服务地址

Cobbler目录文件简介

rpm -ql cobbler

/etc/cobbler #配置文件目录

/etc/cobbler/settings #cobbler主配置文件

/etc/cobbler/dhcp.template #dhcp服务的配置模板

/etc/cobbler/tftpd.template #tftp服务的配置模板

/etc/cobbler/rsync.template #rsync服务的配置模板

/etc/cobbler/iso #iso模板配置文件目录

/etc/cobbler/pxe #pxe模板文件目录

/etc/cobbler/power #电源的配置文件目录

/etc/cobbler/users.conf #web服务授权配置文件

/etc/cobbler/users.digest #用于web访问的用户名密码配置文件

/etc/cobbler/dnsmasq.template #dns服务的配置模板

/etc/cobbler/modules.conf #cobbler模块配置文件

/var/lib/cobbler #cobbler数据目录

/var/lib/cobbler/config #配置文件

/var/lib/cobbler/kickstarts #默认存放kickstart文件

/var/lib/cobbler/loaders #存放的各种引导程序

/var/www/cobbler #系统安装镜像目录

/var/www/cobbler/ks_mirror #导入的系统镜像列表

/var/www/cobbler/images #导入的系统镜像启动文件

/var/www/cobbler/repo_mirror #YUM源存储目录

/var/log/cobbler #日志目录

/var/log/cobbler/install.log #客户端系统安装日志

/var/log/cobbler/cobbler.log #cobbler日志

Cobbler主配置文件修改

#生成密文密码

openssl passwd -1

#设置root密码

sed -i 's|^default_password_crypted.*|default_password_crypted: "$1$Nrt/tXCR$BrRthh4tFphGyCunrGWzi/"|g' /etc/cobbler/settings

#设置指定tftp服务IP地址

sed -i 's|^next_server.*|next_server: 192.1.1.211|g' /etc/cobbler/settings

#设置cobbler服务地址

sed -i 's|^server.*|server: 192.1.1.211|g' /etc/cobbler/settings

#cobbler接管dhcp（0为关闭 1为开启）

sed -i 's|^manage_dhcp.*|manage_dhcp: 0|g' /etc/cobbler/settings

#cobbler接管tftp（0为关闭 1为开启）

sed -i 's|^manage_tftpd.*|manage_tftpd: 1|g' /etc/cobbler/settings

#cobbler启动服务

systemctl enable --now httpd.service

systemctl enable --now cobblerd.service

Cobbler首次检查

cobbler check

1 : change 'disable' to 'no' in /etc/xinetd.d/tftp

2 : Some network boot-loaders are missing from /var/lib/cobbler/loaders, you may run 'cobbler get-loaders' to download them, or, if you only want to handle x86/x86_64 netbooting, you may ensure that you have installed a *recent* version of the syslinux package installed and can ignore this message entirely. Files in this directory, should you want to support all architectures, should include pxelinux.0, menu.c32, elilo.efi, and yaboot. The 'cobbler get-loaders' command is the easiest way to resolve these requirements. #可以忽略（确保系统已经安装pxelinux）

3 : enable and start rsyncd.service with systemctl

4 : comment out 'dists' on /etc/debmirror.conf for proper debian support

5 : comment out 'arches' on /etc/debmirror.conf for proper debian support

6 : fencing tools were not found, and are required to use the (optional) power management features. install cman or fence-agents to use them #可以忽略

解决Cobbler检查报错

#报错1问题解决

cat << EOF | tee /etc/xinetd.d/tftp

service tftp

{

socket_type = dgram

protocol = udp

wait = yes

user = root

server = /usr/sbin/in.tftpd

server_args = -s /var/lib/tftpboot

disable = no

per_source = 11

cps = 100 2

flags = IPv4

}

EOF

#报错3问题解决

systemctl enable --now rsyncd.service

#报错4、5问题解决

sed -i 's|@dists=.*|# @dists=|' /etc/debmirror.conf

sed -i 's|@arches=.*|# @arches=|' /etc/debmirror.conf

Cobbler首次同步

#再次运行检查

cobbler check

1 : Some network boot-loaders are missing from /var/lib/cobbler/loaders, you may run 'cobbler get-loaders' to download them, or, if you only want to handle x86/x86_64 netbooting, you may ensure that you have installed a *recent* version of the syslinux package installed and can ignore this message entirely. Files in this directory, should you want to support all architectures, should include pxelinux.0, menu.c32, elilo.efi, and yaboot. The 'cobbler get-loaders' command is the easiest way to resolve these requirements.

#cobbler首次同步

cobbler sync

四、配置dhcp服务

Cobbler接管dhcp

vim /etc/cobbler/dhcp.template

subnet 10.99.88.0 netmask 255.255.255.0 {

# option routers 10.99.88.55;

# option domain-name-servers 127.0.0.1;

option subnet-mask 255.255.255.0;

range dynamic-bootp 10.99.88.100 10.99.88.254;

default-lease-time 21600;

max-lease-time 43200;

next-server $next_server;

class "pxeclients" {

match if substring (option vendor-class-identifier, 0, 9) = "PXEClient";

if option pxe-system-type = 00:02 {

filename "ia64/elilo.efi";

} else if option pxe-system-type = 00:06 {

filename "grub/grub-x86.efi";

} else if option pxe-system-type = 00:07 {

filename "grub/grub-x86_64.efi";

} else if option pxe-system-type = 00:09 {

filename "grub/grub-x86_64.efi";

} else {

filename "pxelinux.0";

}

}

}

#cobbler主配置文件开启dhcp接管

sed -i 's|^manage_dhcp.*|manage_dhcp: 1|g' /etc/cobbler/settings

#重新同步

systemctl restart cobblerd.service

cobbler sync

#启动dhcp服务

systemctl enable --now dhcpd.service

systemctl restart dhcpd.service

使用现有dhcp服务器–>定义了上面的模板下面会自动获取

#修改dhcp配置文件

vim /etc/dhcp/dhcpd.conf

subnet 10.99.88.0 netmask 255.255.255.0 {

# option routers 10.99.88.55;

# option domain-name-servers 127.0.0.1;

option subnet-mask 255.255.255.0;

range dynamic-bootp 10.99.88.100 10.99.88.254;

default-lease-time 21600;

max-lease-time 43200;

next-server 192.1.1.211;

class "pxeclients" {

match if substring (option vendor-class-identifier, 0, 9) = "PXEClient";

if option pxe-system-type = 00:02 {

filename "ia64/elilo.efi";

} else if option pxe-system-type = 00:06 {

filename "grub/grub-x86.efi";

} else if option pxe-system-type = 00:07 {

filename "grub/grub-x86_64.efi";

} else if option pxe-system-type = 00:09 {

filename "grub/grub-x86_64.efi";

} else {

filename "pxelinux.0";

}

}

}

#启动dhcp服务

systemctl enable --now dhcpd.service

systemctl restart dhcpd.service

五、其他相关服务配置

配置tftp服务

#确保tftp的站点目录存在引导文件（cobbler检查问题的过程中已经修了tftp的配置文件）

ll /var/lib/tftpboot/

drwxr-xr-x 3 root root 4096 Mar 1 23:54 boot

drwxr-xr-x. 2 root root 4096 Oct 15 2019 etc

drwxr-xr-x. 2 root root 4096 Mar 1 23:54 grub #UEFI启动菜单目录

drwxr-xr-x. 7 root root 4096 Mar 1 23:54 images

drwxr-xr-x. 2 root root 4096 Oct 15 2019 images2

-rw-r--r--. 2 root root 26140 Oct 31 2018 memdisk

-rw-r--r--. 2 root root 54964 Mar 1 23:54 menu.c32

drwxr-xr-x. 2 root root 4096 Oct 15 2019 ppc

-rw-r--r--. 2 root root 16794 Mar 1 23:54 pxelinux.0

drwxr-xr-x. 2 root root 4096 Mar 1 23:56 pxelinux.cfg #BIOS启动菜单目录

drwxr-xr-x. 2 root root 4096 Mar 1 23:54 s390x

-rw-r--r-- 2 root root 198236 Feb 8 15:17 yaboot

#启动tftp服务

systemctl enable --now tftp.service

systemctl enable --now xinetd.service

systemctl restart tftp.service

systemctl restart xinetd.service

六、配置 Cobbler Server

参考地址：https://anjia0532.github.io/2019/02/22/cobbler-win10-win-server-2019/

导入 Cobbler

使用 WinScp 等工具，将 winpe_win10_amd64.iso 上传到 Cobbler 服务器上

[root@localhost ~]# cobbler distro add --name=windows_10_x64 --kernel=/var/lib/tftpboot/memdisk --initrd=/root/winpe_win10_amd64.iso --kopts="raw iso"

[root@localhost ~]# touch /var/lib/cobbler/kickstarts/winpe.xml

[root@localhost ~]# cobbler profile add --name=windows_10_x64 --distro=windows_10_x64 --kickstart=/var/lib/cobbler/kickstarts/winpe.xml

创建自动应答文件

[root@localhost kickstarts]# pwd

/var/lib/cobbler/kickstarts

[root@localhost kickstarts]# vim winpe.xml

xmlns="urn:schemas-microsoft-com:unattend">

xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State"

xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">

en-US

0804:{81D4E9C9-1D3B-41BC-9E6C-4B40BF79E35E}{FA550B04-5AD7-411f-A5AC-CA038EC515D7}

zh-CN

zh-CN

zh-CN

zh-CN

xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State"

xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">

en-US

0804:{81D4E9C9-1D3B-41BC-9E6C-4B40BF79E35E}{FA550B04-5AD7-411f-A5AC-CA038EC515D7}

zh-CN

zh-CN

zh-CN

zh-CN

xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State"

xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">

1

Primary

100

true

2

Primary

true

NTFS

System Reserved

1

1

0x27

true

NTFS

OS

C

2

2

0

true

0

2

false

true

AnJia

AnJia

VK7JG-NPHTM-C97JM-9MPGT-3V66T

xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State"

xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">

1

Primary

100

true

2

Primary

true

NTFS

System Reserved

1

1

0x27

true

NTFS

OS

C

2

2

0

true

0

2

false

true

AnJia

AnJia

VK7JG-NPHTM-C97JM-9MPGT-3V66T

xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State"

xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">

false

xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State"

xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">

false

xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State"

xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">

1

xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State"

xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">

1

xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State"

xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">

0804:{81D4E9C9-1D3B-41BC-9E6C-4B40BF79E35E}{FA550B04-5AD7-411f-A5AC-CA038EC515D7}

zh-CN

zh-CN

zh-CN

zh-CN

xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State"

xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">

0804:{81D4E9C9-1D3B-41BC-9E6C-4B40BF79E35E}{FA550B04-5AD7-411f-A5AC-CA038EC515D7}

zh-CN

zh-CN

zh-CN

zh-CN

xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State"

xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">

true

xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State"

xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">

true

xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State"

xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">

0

xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State"

xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">

0

xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State"

xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">

AnJia-PC

VK7JG-NPHTM-C97JM-9MPGT-3V66T

xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State"

xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">

AnJia-PC

VK7JG-NPHTM-C97JM-9MPGT-3V66T

xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State"

xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">