cobbler自动装机实验小结

目录

  • 一、cobbler简介
  • 二、cobbler配置
    • 2.1 安装epel-release
    • 2.2 可以安装cobbler和相关软件包
    • 2.3 修改cobbler的主配置文件/etc/cobbler/settings
    • 2.4 关闭核心防护、防火墙,开启httpd和cobbler服务
    • 2.5 优化哪些项目--cobbler check
    • 2.6 重启服务
    • 三、开始安装
    • 3.1 管理方法
      • 添加一个cobbler用于管理的用户
      • 第二种管理方法:pam认证方式管理

一、cobbler简介

Cobbler通过将设置和管理一个安装服务器所涉及的任务集中在一起,从而简化了系统配置。相当于Cobbler封装了DHCP、TFTP、XINTED等服务,结合了PXE、kickstart等安装方法,可以实现自动化安装操作系统,并且可以同时提供多种版本,以实现在线安装不同版本的系统。

二、cobbler配置

2.1 安装epel-release

  • cobbler软件包在epel源中,所以安装cobbler前需要先安装epel-release
[root@localhost ~]# ll
总用量 24
-rw-------. 1 root root  1647 7月  15 18:36 anaconda-ks.cfg
-rw-r--r--  1 root root 15080 7月  20 12:18 epel-release-latest-7.noarch.rpm  ## eqel源的压缩包
-rw-------. 1 root root  1278 7月  15 18:36 original-ks.cfg
drwxr-xr-x  2 root root     6 7月  15 10:44 公共
drwxr-xr-x  2 root root     6 7月  15 10:44 模板
drwxr-xr-x  2 root root     6 7月  15 10:44 视频
drwxr-xr-x  2 root root     6 7月  15 10:44 图片
drwxr-xr-x  2 root root     6 7月  15 10:44 文档
drwxr-xr-x  2 root root     6 7月  15 10:44 下载
drwxr-xr-x  2 root root     6 7月  15 10:44 音乐
drwxr-xr-x  2 root root     6 7月  15 10:44 桌面
[root@localhost ~]# rpm -ivh epel-release-latest-7.noarch.rpm 
警告:epel-release-latest-7.noarch.rpm: 头V3 RSA/SHA256 Signature, 密钥 ID 352c64e5: NOKEY
准备中...                          ################################# [100%]
正在升级/安装...
   1:epel-release-7-11                ################################# [100%]
[root@localhost yum.repos.d]# ll
总用量 40
-rw-r--r--. 1 root root 1664 11月 23 2018 CentOS-Base.repo
-rw-r--r--. 1 root root 1309 11月 23 2018 CentOS-CR.repo
-rw-r--r--. 1 root root  649 11月 23 2018 CentOS-Debuginfo.repo
-rw-r--r--. 1 root root  314 11月 23 2018 CentOS-fasttrack.repo
-rw-r--r--. 1 root root  630 11月 23 2018 CentOS-Media.repo
-rw-r--r--. 1 root root 1331 11月 23 2018 CentOS-Sources.repo
-rw-r--r--. 1 root root 5701 11月 23 2018 CentOS-Vault.repo
-rw-r--r--  1 root root  951 10月  3 2017 epel.repo     ## yum里面发现epel源
-rw-r--r--  1 root root 1050 10月  3 2017 epel-testing.repo  ## yum里面发现epel源

2.2 可以安装cobbler和相关软件包

[root@localhost ~]# yum -y install  cobbler cobbler-web dhcp tftp-server pykickstart httpd xinetd

2.3 修改cobbler的主配置文件/etc/cobbler/settings

[root@localhost ~]# cd /etc/cobbler/    ## 查看cobbler配置文件
[root@localhost cobbler]# ls
auth.conf       dhcp.template           iso           named.template  rsync.exclude       tftpd.template  zone.template
cheetah_macros  dnsmasq.template        ldap          power           rsync.template      users.conf      zone_templates
cobbler_bash    genders.template        modules.conf  pxe             secondary.template  users.digest
completions     import_rsync_whitelist  mongodb.conf  reporting       settings            version
[root@localhost cobbler]# vim settings  ## 进入主配置文件
## 修改以下选项
manage_dhcp: 1                   #开启托管DHCP服务
next_server: 192.168.10.10  # 提供tftp服务的地址
server: 192.168.10.10

2.4 关闭核心防护、防火墙,开启httpd和cobbler服务

[root@localhost cobbler]# iptables -F  ## 清空防火墙配置 
[root@localhost cobbler]# setenforce 0 ## 关闭核心防护
[root@localhost cobbler]# systemctl start httpd  ## 开启httpd服务
[root@localhost cobbler]# systemctl start cobblerd ## 开启cobbler服务

2.5 优化哪些项目–cobbler check

[root@localhost cobbler]# cobbler check
The following are potential configuration items that you may want to fix:

1 : change 'disable' to 'no' in /etc/xinetd.d/tftp
2 : Some network boot-loaders are missing from /var/lib/cobbler/loaders, you may run 'cobbler get-loaders' to download them, or, if you only want to handle x86/x86_64 netbooting, you may ensure that you have installed a *recent* version of the syslinux package installed and can ignore this message entirely.  Files in this directory, should you want to support all architectures, should include pxelinux.0, menu.c32, elilo.efi, and yaboot. The 'cobbler get-loaders' command is the easiest way to resolve these requirements.       ## 导入镜像文件
3 : enable and start rsyncd.service with systemctl      ## 开启并启动rsyncd服务
4 : debmirror package is not installed, it will be required to manage debian deployments and repositories
5 : The default password used by the sample templates for newly installed machines (default_password_crypted in /etc/cobbler/settings) is still set to 'cobbler' and should be changed, try: "openssl passwd -1 -salt 'random-phrase-here' 'your-password-here'" to generate new one 
## 盐值加密
6 : fencing tools were not found, and are required to use the (optional) power management features. install cman or fence-agents to use them

Restart cobblerd and then run 'cobbler sync' to apply changes.  
  • 根据优化的第一条将/etc/xinetd.d/tftp disable的yes改为no
[root@localhost cobbler]# vim /etc/xinetd.d/tftp
        disable                 = no

  • 生成自动安装系统root用户盐值加密的密码,复制到/etc/cobbler/settings配置文件中
[root@localhost cobbler]# openssl passwd -1 -salt '123456' '123456' ## 盐值加密  密码为123456
$1$123456$wOSEtcyiP2N/IfIl15W6Z0    ## 加密后生成的密码
[root@localhost cobbler]# vim /etc/cobbler/settings ## 进入主配置文件
default_password_crypted: "$1$123456$wOSEtcyiP2N/IfIl15W6Z0" ## 用生成的密码覆盖原来的
  • cobbler控制dhcp服务配置
[root@localhost cobbler]# vim /etc/cobbler/dhcp.template  ## 进入cobbler内的dhcp配置文件
subnet 192.168.233.0 netmask 255.255.255.0 {
     option routers             192.168.233.2;
     option domain-name-servers 192.168.233.2;
     option subnet-mask         255.255.255.0;
     range dynamic-bootp        192.168.233.100 192.168.233.254;
[root@promote cobbler]# cobbler sync  ##同步服务
  • 导入镜像文件
[root@localhost cobbler]#  cobbler get-loaders  #下载镜像文件
[root@localhost cobbler]# mount /dev/sr0 /mnt ## 挂载光盘镜像文件
mount: /dev/sr0 写保护,将以只读方式挂载
[root@localhost cobbler]# cobbler import --path=/mnt/ --name=CentOS-7-x86_64 --arch=x86_64  ## 导入镜像文件
[root@localhost cobbler]# cd /var/www/cobbler/ks_mirror/
[root@localhost ks_mirror]# ls
CentOS-7-x86_64  config          ## 发现导入成功
[root@localhost ks_mirror]# cobbler list  ## 列出cobber 清单
distros:
   CentOS-7-x86_64

profiles:
   CentOS-7-x86_64

systems:

repos:

images:

mgmtclasses:

packages:

files:

2.6 重启服务

[root@promote ks_mirror]# systemctl restart cobblerd
[root@localhost ks_mirror]# systemctl restart dhcpd
[root@localhost ks_mirror]# systemctl restart xinetd.service 
[root@localhost ks_mirror]# systemctl restart httpd.service 
[root@promote cobbler]# systemctl start rsyncd

三、开始安装

cobbler自动装机实验小结_第1张图片
cobbler自动装机实验小结_第2张图片

3.1 管理方法

添加一个cobbler用于管理的用户

[root@localhost ~]# htdigest -c /etc/cobbler/users.digest Cobbler zhangsan ## 创建一个用户名为zhangsan的用户
Adding password for zhangsan in realm Cobbler.
New password: 
Re-type new password: 

  • 登录cobber_web 页面进行管理
    cobbler自动装机实验小结_第3张图片

第二种管理方法:pam认证方式管理

[root@localhost ~]#  vim /etc/cobbler/modules.conf 
## 修改配置文件
[authentication]
module = authn_pam

[authorization]
module = authz_ownership

  • 创建用户
[root@localhost ~]# useradd webuser 
[root@localhost ~]# passwd webuser
[root@localhost ~]# vim /etc/cobbler/users.conf

[admins]
admin = ""
cobbler = ""
webuser = "" ## 将用户添加到配置文件中

cobbler自动装机实验小结_第4张图片

你可能感兴趣的:(linux网络,linux)