Ansibleを使ってCobblerのサーバを作ってみた
VagrantfileとAnsibleのファイルを以下においた
yasuaki-tahira/cobbler-server 汚いので修正してあげてくださいね
手順
[PMAC226S test4]$ git clone git@github.com:yasuaki-tahira/cobbler-server.git [PMAC226S test4]$ cd cobbler-server/ [PMAC226S cobbler-server]$ vagrant up [PMAC226S cobbler-server]$ vagrant ssh [vagrant@cobbler-server ~]$ sudo mount -t iso9660 -o loop /vagrant/CentOS-6.6-x86_64-minimal.iso /mnt [vagrant@cobbler-server ~]$ sudo cobbler import --name CentOS-6.6 --path=/mnt [vagrant@cobbler-server ~]$ sudo cobbler distro list CentOS-6.6-x86_64 [vagrant@cobbler-server ~]$ sudo cobbler profile list CentOS-6.6-x86_64 [vagrant@cobbler-server ~]$ sudo cobbler system add --name=sample001.com --profile=CentOS-6.6-x86_64 --hostname=sample001.com [vagrant@cobbler-server ~]$ sudo cobbler system edit --name=sample001.com --ip-address=192.168.20.15 --subnet=255.255.255.0 --mac=08:00:27:CE:8C:47 --interface=eth0 [vagrant@cobbler-server ~]$ sudo cobbler sync
あとは、内部ネットワーク「cobbler-net」に属する仮想マシンを新規作成して、起動すれば勝手にインストールが走ります。
補足
構成
|--README.md |--Vagrantfile |--roles | |--cobbler | | |--handlers | | | |--main.yml | | |--tasks | | | |--main.yml | | |--templates | | | |--dnsmasq.template.j2 | | | |--modules.conf.j2 | | | |--settings.j2 | | |--vars | | | |--main.yml | |--common | | |--tasks | | | |--main.yml |--site.yml
README.md
りーどみーです。
Vagrantfile
Vagrant.configure(2) do |config| config.vm.box = "CentOS6.6" config.vm.hostname = "cobbler-server" # 内部ネットワークを「cobbler-net」という名前で定義。合わせて固定IPも。 config.vm.network :private_network, ip: "192.168.20.2", virtualbox__intnet: "cobbler-net" # プロビジョニングの設定。Ansibleを使ってsite.ymlを流している config.vm.provision "ansible" do |ansible| ansible.playbook = "site.yml" ansible.limit = "all" end end
site.yml
- name: Install Cobbler hosts: all sudo: yes # roleを2つ流してます roles: - common - cobbler
roles/common/tasks/main.yml
# 必要なパッケージをまとめて入れる # selinuxモジュールを使用するため、libselinux-pythonを入れてる - name: Installing Required Packages yum: name={{ item }} state=latest with_items: - epel-release - libselinux-python # SElinuxを止めて自動起動しなくしている - name: disabled SELinux selinux: state=disabled # iptablesもとめておく - name: disabled iptables service: name=iptables state=stopped enabled=no
roles/cobbler/vars/main.yml
# roles/cobbler/templates/の下で{{hoge}}と使用する変数定義 cobbler_manage_dhcp: 1 cobbler_manage_dns: 1 # サーバの固定IPを指定 cobbler_next_server: 192.168.20.2 cobbler_server: 192.168.20.2 # $ openssl passwd -1で生成。下記は「cobbler」 cobbler_default_password_crypted: $1$FBpFkrpD$fu5NLQhZwDDb4Zsc4mf9s. cobbler_dhcp_start_ip: 192.168.20.10 cobbler_dhcp_end_ip: 192.168.20.100 cobbler_dns_module: manage_dnsmasq cobbler_dhcp_module: manage_dnsmasq
roles/cobbler/templates/dnsmasq.template.j2
# dnsmasqを使ってるのでそれの設定ファイルテンプレ read-ethers addn-hosts = /var/lib/cobbler/cobbler_hosts # このへんでvarsに定義した変数を読んでる dhcp-range={{cobbler_dhcp_start_ip}},{{cobbler_dhcp_end_ip}} dhcp-option=3,$next_server dhcp-lease-max=1000 dhcp-authoritative dhcp-boot=pxelinux.0 dhcp-boot=net:normalarch,pxelinux.0 dhcp-boot=net:ia64,$elilo $insert_cobbler_system_definitions
roles/cobbler/templates/module.conf.j2
# これはcobblerでどのモジュール使うかの設定してる [authentication] module = authn_configfile [authorization] module = authz_allowall [dns] module = {{cobbler_dns_module}} [dhcp] module = {{cobbler_dhcp_module}} [tftpd] module = manage_in_tftpd
roles/cobbler/templates/settings.js
# cobblerのsettings。dhcpとかdnsをcobbler配下におくか、とか決めてる --- allow_duplicate_hostnames: 0 allow_duplicate_ips: 0 allow_duplicate_macs: 0 allow_dynamic_settings: 0 anamon_enabled: 0 authn_pam_service: "login" auth_token_expiration: 3600 build_reporting_enabled: 0 build_reporting_sender: "" build_reporting_email: [ 'root@localhost' ] build_reporting_smtp_server: "localhost" build_reporting_subject: "" build_reporting_ignorelist: [ "" ] cheetah_import_whitelist: - "random" - "re" - "time" createrepo_flags: "-c cache -s sha" default_kickstart: /var/lib/cobbler/kickstarts/default.ks default_name_servers: [] default_ownership: - "admin" default_password_crypted: "{{cobbler_default_password_crypted}}" default_template_type: "cheetah" default_virt_bridge: xenbr0 default_virt_file_size: 5 default_virt_ram: 512 default_virt_type: xenpv enable_gpxe: 0 enable_menu: 1 func_auto_setup: 0 func_master: overlord.example.org http_port: 80 kernel_options: ksdevice: bootif lang: ' ' text: ~ kernel_options_s390x: RUNKS: 1 ramdisk_size: 40000 root: /dev/ram0 ro: ~ ip: off vnc: ~ ldap_server: "ldap.example.com" ldap_base_dn: "DC=example,DC=com" ldap_port: 389 ldap_tls: 1 ldap_anonymous_bind: 1 ldap_search_bind_dn: '' ldap_search_passwd: '' ldap_search_prefix: 'uid=' ldap_tls_cacertfile: '' ldap_tls_keyfile: '' ldap_tls_certfile: '' mgmt_classes: [] mgmt_parameters: from_cobbler: 1 puppet_auto_setup: 0 sign_puppet_certs_automatically: 0 puppetca_path: "/usr/bin/puppet" remove_old_puppet_certs_automatically: 0 manage_dhcp: {{cobbler_manage_dhcp}} manage_dns: {{cobbler_manage_dns}} bind_chroot_path: "" bind_master: 127.0.0.1 manage_tftpd: 1 manage_rsync: 0 manage_forward_zones: [] manage_reverse_zones: [] next_server: {{cobbler_next_server}} power_management_default_type: 'ipmitool' power_template_dir: "/etc/cobbler/power" pxe_just_once: 0 pxe_template_dir: "/etc/cobbler/pxe" consoles: "/var/consoles" redhat_management_type: "off" redhat_management_server: "xmlrpc.rhn.redhat.com" redhat_management_key: "" redhat_management_permissive: 0 register_new_installs: 0 reposync_flags: "-l -n -d" restart_dns: 1 restart_dhcp: 1 run_install_triggers: 1 scm_track_enabled: 0 scm_track_mode: "git" server: {{cobbler_server}} client_use_localhost: 0 client_use_https: 0 snippetsdir: /var/lib/cobbler/snippets template_remote_kickstarts: 0 virt_auto_boot: 1 webdir: /var/www/cobbler xmlrpc_port: 25151 yum_post_install_mirror: 1 yum_distro_priority: 1 yumdownloader_flags: "--resolve" serializer_pretty_json: 0 replicate_rsync_options: "-avzH" replicate_repo_rsync_options: "-avzH" always_write_dhcp_entries: 0
めも
- テンプレ使う方法と既存ファイル置換の方法で悩んだ。
- テンプレだったら正規表現いっぱい書かなくていいので楽だけど、ソフトウェアの構成が変わったときとかどうする?
- 置換だったら本当に想定の箇所だけ変わったか不安。あと↑と同じでデフォの値が変わった時なんかに、ちゃんと置換が動くか微妙
roles/cobbler/handlers/main.yml
# notifyで使うコマンドのショートカット的なの作ってる - name: restart cobbler command: cobbler sync notify: restart cobblerd - name: restart cobblerd service: name=cobblerd state=restarted
roles/cobbler/tasks/main.yml
# 必要なパッケージをまとめて入れる - name: Installing Required Packages yum: name={{ item }} state=latest with_items: - cobbler - debmirror - pykickstart - dnsmasq # 後の設定ファイルで使うための環境情報をregisterしておく→もともと置換で設定ファイルいじるつもりだった結局使ってない # 実際、今回1サーバだけなので、varsにベタ書きでもいいと思うけど、複数あった時は環境に応じた値を当てはめるようにしなくてはいけない(IPとかMACアドレスとか・・・) - name: get static ip shell: /sbin/ifconfig eth1|grep inet|awk '{print $2}'|cut -d ':' -f2 register: eth1_static_ip # テンプレ使ってファイル配置 - name: configure settings template: src=settings.j2 dest=/etc/cobbler/settings owner=root group=root mode=0644 notify: restart cobbler - name: configure modules.conf template: src=modules.conf.j2 dest=/etc/cobbler/modules.conf owner=root group=root mode=0644 notify: restart cobbler - name: configure dnsmasq.template template: src=dnsmasq.template.j2 dest=/etc/cobbler/dnsmasq.template owner=root group=root mode=0644 notify: restart cobbler # xinetdのrsyncとtftpを有効化 - name: config xinetd rsync lineinfile: > dest=/etc/xinetd.d/rsync backup=yes backrefs=yes regexp='disable.*=\syes' line='disable = no' notify: restart cobbler - name: config xinetd tftp lineinfile: > dest=/etc/xinetd.d/tftp backup=yes backrefs=yes regexp='disable.*=\syes' line='disable = no' notify: restart cobbler # cobbler導入後やる作業 - name: cobbler get-loader command: /usr/bin/cobbler get-loaders # サービス立ち上げ - name: service up service: name={{ item }} state=started enabled=yes with_items: - cobblerd - httpd - xinetd - dnsmasq # いろいろ設定いじったので同期 - name: cobbler sync command: /usr/bin/cobbler sync # 同じく再起動 - name: cobbler restart service: name=cobblerd state=restarted