Ansibleを使ってCobblerのサーバを作ってみた
VagrantfileとAnsibleのファイルを以下においた
yasuaki-tahira/cobbler-server 汚いので修正してあげてくださいね
手順
[PMAC226S test4]$ git clone git@github.com:yasuaki-tahira/cobbler-server.git [PMAC226S test4]$ cd cobbler-server/ [PMAC226S cobbler-server]$ vagrant up [PMAC226S cobbler-server]$ vagrant ssh [vagrant@cobbler-server ~]$ sudo mount -t iso9660 -o loop /vagrant/CentOS-6.6-x86_64-minimal.iso /mnt [vagrant@cobbler-server ~]$ sudo cobbler import --name CentOS-6.6 --path=/mnt [vagrant@cobbler-server ~]$ sudo cobbler distro list CentOS-6.6-x86_64 [vagrant@cobbler-server ~]$ sudo cobbler profile list CentOS-6.6-x86_64 [vagrant@cobbler-server ~]$ sudo cobbler system add --name=sample001.com --profile=CentOS-6.6-x86_64 --hostname=sample001.com [vagrant@cobbler-server ~]$ sudo cobbler system edit --name=sample001.com --ip-address=192.168.20.15 --subnet=255.255.255.0 --mac=08:00:27:CE:8C:47 --interface=eth0 [vagrant@cobbler-server ~]$ sudo cobbler sync
あとは、内部ネットワーク「cobbler-net」に属する仮想マシンを新規作成して、起動すれば勝手にインストールが走ります。
補足
構成
|--README.md |--Vagrantfile |--roles | |--cobbler | | |--handlers | | | |--main.yml | | |--tasks | | | |--main.yml | | |--templates | | | |--dnsmasq.template.j2 | | | |--modules.conf.j2 | | | |--settings.j2 | | |--vars | | | |--main.yml | |--common | | |--tasks | | | |--main.yml |--site.yml
README.md
りーどみーです。
Vagrantfile
Vagrant.configure(2) do |config|
config.vm.box = "CentOS6.6"
config.vm.hostname = "cobbler-server"
# 内部ネットワークを「cobbler-net」という名前で定義。合わせて固定IPも。
config.vm.network :private_network, ip: "192.168.20.2", virtualbox__intnet: "cobbler-net"
# プロビジョニングの設定。Ansibleを使ってsite.ymlを流している
config.vm.provision "ansible" do |ansible|
ansible.playbook = "site.yml"
ansible.limit = "all"
end
end
site.yml
- name: Install Cobbler
hosts: all
sudo: yes
# roleを2つ流してます
roles:
- common
- cobbler
roles/common/tasks/main.yml
# 必要なパッケージをまとめて入れる
# selinuxモジュールを使用するため、libselinux-pythonを入れてる
- name: Installing Required Packages
yum: name={{ item }} state=latest
with_items:
- epel-release
- libselinux-python
# SElinuxを止めて自動起動しなくしている
- name: disabled SELinux
selinux: state=disabled
# iptablesもとめておく
- name: disabled iptables
service: name=iptables state=stopped enabled=no
roles/cobbler/vars/main.yml
# roles/cobbler/templates/の下で{{hoge}}と使用する変数定義
cobbler_manage_dhcp: 1
cobbler_manage_dns: 1
# サーバの固定IPを指定
cobbler_next_server: 192.168.20.2
cobbler_server: 192.168.20.2
# $ openssl passwd -1で生成。下記は「cobbler」
cobbler_default_password_crypted: $1$FBpFkrpD$fu5NLQhZwDDb4Zsc4mf9s.
cobbler_dhcp_start_ip: 192.168.20.10
cobbler_dhcp_end_ip: 192.168.20.100
cobbler_dns_module: manage_dnsmasq
cobbler_dhcp_module: manage_dnsmasq
roles/cobbler/templates/dnsmasq.template.j2
# dnsmasqを使ってるのでそれの設定ファイルテンプレ
read-ethers
addn-hosts = /var/lib/cobbler/cobbler_hosts
# このへんでvarsに定義した変数を読んでる
dhcp-range={{cobbler_dhcp_start_ip}},{{cobbler_dhcp_end_ip}}
dhcp-option=3,$next_server
dhcp-lease-max=1000
dhcp-authoritative
dhcp-boot=pxelinux.0
dhcp-boot=net:normalarch,pxelinux.0
dhcp-boot=net:ia64,$elilo
$insert_cobbler_system_definitions
roles/cobbler/templates/module.conf.j2
# これはcobblerでどのモジュール使うかの設定してる
[authentication]
module = authn_configfile
[authorization]
module = authz_allowall
[dns]
module = {{cobbler_dns_module}}
[dhcp]
module = {{cobbler_dhcp_module}}
[tftpd]
module = manage_in_tftpd
roles/cobbler/templates/settings.js
# cobblerのsettings。dhcpとかdnsをcobbler配下におくか、とか決めてる
---
allow_duplicate_hostnames: 0
allow_duplicate_ips: 0
allow_duplicate_macs: 0
allow_dynamic_settings: 0
anamon_enabled: 0
authn_pam_service: "login"
auth_token_expiration: 3600
build_reporting_enabled: 0
build_reporting_sender: ""
build_reporting_email: [ 'root@localhost' ]
build_reporting_smtp_server: "localhost"
build_reporting_subject: ""
build_reporting_ignorelist: [ "" ]
cheetah_import_whitelist:
- "random"
- "re"
- "time"
createrepo_flags: "-c cache -s sha"
default_kickstart: /var/lib/cobbler/kickstarts/default.ks
default_name_servers: []
default_ownership:
- "admin"
default_password_crypted: "{{cobbler_default_password_crypted}}"
default_template_type: "cheetah"
default_virt_bridge: xenbr0
default_virt_file_size: 5
default_virt_ram: 512
default_virt_type: xenpv
enable_gpxe: 0
enable_menu: 1
func_auto_setup: 0
func_master: overlord.example.org
http_port: 80
kernel_options:
ksdevice: bootif
lang: ' '
text: ~
kernel_options_s390x:
RUNKS: 1
ramdisk_size: 40000
root: /dev/ram0
ro: ~
ip: off
vnc: ~
ldap_server: "ldap.example.com"
ldap_base_dn: "DC=example,DC=com"
ldap_port: 389
ldap_tls: 1
ldap_anonymous_bind: 1
ldap_search_bind_dn: ''
ldap_search_passwd: ''
ldap_search_prefix: 'uid='
ldap_tls_cacertfile: ''
ldap_tls_keyfile: ''
ldap_tls_certfile: ''
mgmt_classes: []
mgmt_parameters:
from_cobbler: 1
puppet_auto_setup: 0
sign_puppet_certs_automatically: 0
puppetca_path: "/usr/bin/puppet"
remove_old_puppet_certs_automatically: 0
manage_dhcp: {{cobbler_manage_dhcp}}
manage_dns: {{cobbler_manage_dns}}
bind_chroot_path: ""
bind_master: 127.0.0.1
manage_tftpd: 1
manage_rsync: 0
manage_forward_zones: []
manage_reverse_zones: []
next_server: {{cobbler_next_server}}
power_management_default_type: 'ipmitool'
power_template_dir: "/etc/cobbler/power"
pxe_just_once: 0
pxe_template_dir: "/etc/cobbler/pxe"
consoles: "/var/consoles"
redhat_management_type: "off"
redhat_management_server: "xmlrpc.rhn.redhat.com"
redhat_management_key: ""
redhat_management_permissive: 0
register_new_installs: 0
reposync_flags: "-l -n -d"
restart_dns: 1
restart_dhcp: 1
run_install_triggers: 1
scm_track_enabled: 0
scm_track_mode: "git"
server: {{cobbler_server}}
client_use_localhost: 0
client_use_https: 0
snippetsdir: /var/lib/cobbler/snippets
template_remote_kickstarts: 0
virt_auto_boot: 1
webdir: /var/www/cobbler
xmlrpc_port: 25151
yum_post_install_mirror: 1
yum_distro_priority: 1
yumdownloader_flags: "--resolve"
serializer_pretty_json: 0
replicate_rsync_options: "-avzH"
replicate_repo_rsync_options: "-avzH"
always_write_dhcp_entries: 0
めも
- テンプレ使う方法と既存ファイル置換の方法で悩んだ。
- テンプレだったら正規表現いっぱい書かなくていいので楽だけど、ソフトウェアの構成が変わったときとかどうする?
- 置換だったら本当に想定の箇所だけ変わったか不安。あと↑と同じでデフォの値が変わった時なんかに、ちゃんと置換が動くか微妙
roles/cobbler/handlers/main.yml
# notifyで使うコマンドのショートカット的なの作ってる - name: restart cobbler command: cobbler sync notify: restart cobblerd - name: restart cobblerd service: name=cobblerd state=restarted
roles/cobbler/tasks/main.yml
# 必要なパッケージをまとめて入れる
- name: Installing Required Packages
yum: name={{ item }} state=latest
with_items:
- cobbler
- debmirror
- pykickstart
- dnsmasq
# 後の設定ファイルで使うための環境情報をregisterしておく→もともと置換で設定ファイルいじるつもりだった結局使ってない
# 実際、今回1サーバだけなので、varsにベタ書きでもいいと思うけど、複数あった時は環境に応じた値を当てはめるようにしなくてはいけない(IPとかMACアドレスとか・・・)
- name: get static ip
shell: /sbin/ifconfig eth1|grep inet|awk '{print $2}'|cut -d ':' -f2
register: eth1_static_ip
# テンプレ使ってファイル配置
- name: configure settings
template: src=settings.j2 dest=/etc/cobbler/settings owner=root group=root mode=0644
notify: restart cobbler
- name: configure modules.conf
template: src=modules.conf.j2 dest=/etc/cobbler/modules.conf owner=root group=root mode=0644
notify: restart cobbler
- name: configure dnsmasq.template
template: src=dnsmasq.template.j2 dest=/etc/cobbler/dnsmasq.template owner=root group=root mode=0644
notify: restart cobbler
# xinetdのrsyncとtftpを有効化
- name: config xinetd rsync
lineinfile: >
dest=/etc/xinetd.d/rsync
backup=yes
backrefs=yes
regexp='disable.*=\syes'
line='disable = no'
notify: restart cobbler
- name: config xinetd tftp
lineinfile: >
dest=/etc/xinetd.d/tftp
backup=yes
backrefs=yes
regexp='disable.*=\syes'
line='disable = no'
notify: restart cobbler
# cobbler導入後やる作業
- name: cobbler get-loader
command: /usr/bin/cobbler get-loaders
# サービス立ち上げ
- name: service up
service: name={{ item }} state=started enabled=yes
with_items:
- cobblerd
- httpd
- xinetd
- dnsmasq
# いろいろ設定いじったので同期
- name: cobbler sync
command: /usr/bin/cobbler sync
# 同じく再起動
- name: cobbler restart
service: name=cobblerd state=restarted
