cobbler网络安装服务器-总结


Cobbler学习文档



     作者:perofu

 

 

Emailperofu.com@gmail.com

 

     版本:version:2.0

 

             2013/11/06

 

 



... 22

 

 

 

一、Cobbler介绍

1、Cobbler(补鞋匠)是一个快速网络安装linux的服务,而且在经过调整也可以支持网络安装windows。该工具使用python开发,小巧轻便(才15k行代码),使用简单的命令即可完成PXE网络安装环境的配置,同时还可以管理DHCP,DNS,以及yum包镜像。

 

2、Cobbler支持命令行管理,web界面管理,还提供了API接口,可以方便二次开发使用。

 

3、和Kickstart不同的是,使用cobbler不会因为在局域网中启动了dhcp而导致有些机器因为默认从pxe启动在重启服务器后加载tftp内容导致启动终止。

 

4、Cobbler作为一个预备工具,使部署RedHat/Centos/Fedora系统更容易,同时也支持Suse和Debian系统的部署。

 

5、它提供以下服务集成:

* PXE服务支持

* DHCP服务管理

* DNS服务管理

* Kickstart服务支持

* yum仓库管理

 

6、Cobbler客户端Koan支持虚拟机安装和操作系统重新安装。

 

7、Cobbler web界面 可以更好得管理用户操作界面。

 

8、常用架构如下图:

 

9、工作流程:

10、Cobbler配置文件说明:

 

配置文件名称

作    用

/etc/cobbler/settings

Cobbler主配置文件

/etc/cobbler/users.digest

用于web访问的用户名密码配置文件

/etc/cobbler/modules.conf

模块配置文件

/etc/cobbler/users.conf

Cobbler   WebUI/Web 服务授权配置文件

/etc/cobbler/iso/

Buildiso 模板配置文件

/etc/cobbler/power

电源配置文件

/etc/cobbler/pxe

Pxeprofile配置模板

/etc/cobbler

此目录也包含rsync、dhcp、dns、pxe、dnsmasq等服务的模板配置文件

 

11、镜像数据目录/var/www/cobbler:

 

目录名称

作    用

/var/www/cobbler/images/

存储所有导入发行版的Kernel和initrd镜像用于远程网络启动

/var/www/cobbler/ks_mirror/

存储导入的发行版系统数据

/var/www/cobbler/repo_mirror/

仓库存储目录

/var/log/cobbler

Cobbler日志文件   cobbler.log install.log

 

12、Cobbler数据目录/var/lib/cobbler

 

目录名称

作    用

/var/lib/cobbler/config/

存放distros、repos、systems和profiles等信息配置文件,一般都是json文件

/var/lib/cobbler/snippets/

存放ks文件可以导入的脚本小片段,值得研究

/var/lib/cobbler/triggers

存放用户定义的cobbler 命令

/var/lib/cobbler/kickstarts/

存放kickstart配置文件

 

13、Cobbler日志:

 

目录名称

作    用

/var/log/cobbler/install.log

使用cobbler网络安装过的记录

/var/log/cobbler/cobbler.log

Cobbler日志

14、cobbler命令:

 

命令名称

命令用途

cobbler   check

检查cobbler配置

cobbler   list

列出所有的cobbler元素

cobbler   report

列出元素的详细信息

cobbler   distro

查看导入的发行版系统信息

cobbler   system

查看添加的系统信息

cobbler   profile

查看配置信息

cobbler   sync

同步Cobbler配置,更改配置最好都要执行下

cobbler   reposync

同步yum仓库

 

二、安装详解

1.配置EPEL:

wget http://mirrors.ustc.edu.cn/fedora/epel/6/x86_64/epel-release-6-8.noarch.rpm

rpm -ivh epel-release-6-8.noarch.rpm

 

2.安装Cobbler:

yum install cobbler httpd rsync tftp-server xinetd dhcp python-ctypes koan cobbler-web -y

 

3.关闭selinux:

setenforce 0

vi /etc/sysconfig/selinux

       SELINUX=disabled

 

4.启动相关服务,并设置为自启动:

/etc/init.d/httpd start

/etc/init.d/cobblerd start

       chkconfig --add httpd

       chkconfig httpd on

chkconfig --add cobblerd

chkconfig cobblerd on

       chkconfig dhcpd on

       chkconfig xinetd on

       chkconfig tftp on

 

5. 配置cobbler:

①.检查配置:

    打印想要完成cobbler配置的步骤,只需要按照步骤进行配置cobbler即可(除了第七和第九步以外)。如想使用脚本自动安装,此步骤可不用。

 

 

cobbler check

The   following are potential configuration items that you may want to fix:

1 : The   ‘server’ field in /etc/cobbler/settings must be set to something other than   localhost, or kickstarting features will not work.  This should be a resolvable hostname or IP   for the boot server as reachable by all machines that will use it.

2 : For   PXE to be functional, the ‘next_server’ field in /etc/cobbler/settings must   be set to something other than 127.0.0.1, and should match the IP of the boot   server on the PXE network.

3 :   some network boot-loaders are missing from /var/lib/cobbler/loaders, you may   run ‘cobbler get-loaders’ to download them, or, if you only want to handle   x86/x86_64 netbooting, you may ensure that you have installed a *recent*   version of the syslinux package installed and can ignore this message   entirely.  Files in this directory,   should you want to support all architectures, should include pxelinux.0,   menu.c32, elilo.efi, and yaboot. The ‘cobbler get-loaders’ command is the   easiest way to resolve these requirements.

4 :   change ‘disable’ to ‘no’ in /etc/xinetd.d/rsync

5 :   since iptables may be running, ensure 69, 80/443, and 25151 are unblocked

6 :   debmirror package is not installed, it will be required to manage debian   deployments and repositories

7 :   ksvalidator was not found, install pykickstart

8 : The   default password used by the sample templates for newly installed machines   (default_password_crypted in /etc/cobbler/settings) is still set to ‘cobbler’   and should be changed, try: “openssl passwd -1 -salt ‘random-phrase-here’   ‘your-password-here’” to generate new one

9 :   fencing tools were not found, and are required to use the (optional) power   management features. install cman or fence-agents to use them

Restart cobblerd and then run ‘cobbler sync’ to apply changes.

 

 

注:

上面这段信息大意就是:

1.编辑/etc/cobbler/settings文件,找到 server选项,修改为适当的ip地址,

2.编辑/etc/cobbler/settings文件,找到 next_server选项,修改为适当的ip地址,

3.SELinux的设置。如果上面已经关闭了SELinux就不用管了。

4.执行 cobbler get-loaders,系统将自动下载loader程序,完成提示4的修复工作。

5.编辑/etc/xinetd.d/tftp文件,将文件中的disable字段的配置由yes改为no。

6.编辑/etc/xinetd.d/rsync文件,将文件中的disable字段的配置由yes改为no。

7.在iptables中将69,80,25151端口打开。如果仅仅只是在内部环境中使用,建议直接将防火墙关掉。

8.提示说debmirror没安装。

 

②.修改cobbler的配置文件/etc/cobbler/settings:

    vi /etc/cobbler/settings

              server: 本机ip

              next_server: 本机ip

              manage_dhcp: 1

 

              server: 172.22.2.97

              next_server: 172.22.2.97

              manage_dhcp: 1

 

 

③.下载网络引导程序:

此步骤是下载一些文件,可将下载的文件保存,应用到下一个cobbler,就可不用执行cobbler get-loaders了。

 

cobbler get-loaders

[root@localhost  ~]# cobbler get-loaders

task started:   2013-08-07_062050_get_loaders

task started (id=Download   Bootloader Content, time=Wed Aug  7   06:20:50 2013)

downloading   http://www.cobblerd.org/loaders/README to /var/lib/cobbler/loaders/README

downloading   http://www.cobblerd.org/loaders/COPYING.elilo to   /var/lib/cobbler/loaders/COPYING.elilo

downloading   http://www.cobblerd.org/loaders/COPYING.yaboot to /var/lib/cobbler/loaders/COPYING.yaboot

downloading   http://www.cobblerd.org/loaders/COPYING.syslinux to   /var/lib/cobbler/loaders/COPYING.syslinux

downloading   http://www.cobblerd.org/loaders/elilo-3.8-ia64.efi to   /var/lib/cobbler/loaders/elilo-ia64.efi

downloading http://www.cobblerd.org/loaders/yaboot-1.3.14-12   to /var/lib/cobbler/loaders/yaboot

downloading   http://www.cobblerd.org/loaders/pxelinux.0-3.61 to   /var/lib/cobbler/loaders/pxelinux.0

downloading   http://www.cobblerd.org/loaders/menu.c32-3.61 to /var/lib/cobbler/loaders/menu.c32

downloading   http://www.cobblerd.org/loaders/grub-0.97-x86.efi to   /var/lib/cobbler/loaders/grub-x86.efi

downloading   http://www.cobblerd.org/loaders/grub-0.97-x86_64.efi to   /var/lib/cobbler/loaders/grub-x86_64.efi

*** TASK COMPLETE ***

 

 

④.开启rsync和tftp:

    vim /etc/xinetd.d/rsync

              disable = no

 

    vim /etc/xinetd.d/tftp

              disable = no

 

⑤.安装扩展工具(可不用):

yum -y install pykickstart debmirror cman fence-agents

 

⑥.设置系统的初始密码:

    openssl passwd -1 -salt ‘'任意字符串' '密码'

[root@localhost    ~]# openssl passwd -1 -salt ‘'asd asd asdccs' '123456'

$1$‘asd a$MFZfPSaYJxyIu5eL48cl10

 

    vi /etc/cobbler/settings

default_password_crypted:   "$1$‘asd a$MFZfPSaYJxyIu5eL48cl10"

 

⑦.修改debmirror.conf文件(可不用):

vi /etc/debmirror.conf

#@dists=”sid”;

#@arches=i386;

              @di_dists="dists";

@di_archs="arches";

 

⑧.配置dhcp:

vi /etc/cobbler/dhcp.template

ddns-update-style interim;

allow booting;

allow bootp;

ignore client-updates;

set vendorclass = option   vendor-class-identifier;

option pxe-system-type code 93   = unsigned integer 16;

subnet 172.22.2.0 netmask   255.255.255.0 {

     option routers             172.22.2.97;

     option domain-name-servers 172.22.2.1;

     option subnet-mask         255.255.255.0;

     range dynamic-bootp        172.22.2.100 172.22.2.254;

     default-lease-time         21600;

     max-lease-time             43200;

     next-server                $next_server;

     filename                    "/pxelinux.0";

}

 

 

    vi /etc/dhcp/dhcpd.conf

ddns-update-style none;

subnet 172.22.2.0 netmask   255.255.255.0 {

     option routers             172.22.2.79;

     option domain-name-servers 8.8.8.8;

     option subnet-mask         255.255.255.0;

     range dynamic-bootp        172.22.2.100 172.22.2.254;

     filename                   "/pxelinux.0";

     default-lease-time         21600;

     max-lease-time             43200;

     next-server                172.22.2.79;

}

 

注:网上有的是配置/etc/dhcp/dhcpd.conf的,就会出现无法启动dhcpd。

 

vi /etc/sysconfig/dhcpd

              DHCPDARGS=eth1

 

⑨.同步cobbler配置:

/etc/init.d/cobblerd restart

/etc/init.d/xinetd restart

/etc/init.d/dhcpd restart

/etc/init.d/httpd restart

 

每次修改dhcp的配置(/etc/dhcp/dhcpd.conf后,必须cobbler sync同步配置。

 

cobbler sync

[root@localhost  ~]# cobbler   sync

task started:   2013-08-07_064126_sync

task started (id=Sync, time=Wed   Aug  7 06:41:26 2013)

running pre-sync triggers

cleaning trees

removing:   /var/www/cobbler/images/CentOS6.3-x86_64

removing:   /var/lib/tftpboot/pxelinux.cfg/default

removing:   /var/lib/tftpboot/grub/efidefault

removing:   /var/lib/tftpboot/grub/images

removing:   /var/lib/tftpboot/images/CentOS6.3-x86_64

removing:   /var/lib/tftpboot/s390x/profile_list

copying bootloaders

trying hardlink   /var/lib/cobbler/loaders/pxelinux.0 -> /var/lib/tftpboot/pxelinux.0

trying hardlink   /var/lib/cobbler/loaders/menu.c32 -> /var/lib/tftpboot/menu.c32

trying hardlink   /var/lib/cobbler/loaders/yaboot -> /var/lib/tftpboot/yaboot

trying hardlink   /usr/share/syslinux/memdisk -> /var/lib/tftpboot/memdisk

trying hardlink   /var/lib/cobbler/loaders/grub-x86.efi -> /var/lib/tftpboot/grub/grub-x86.efi

trying hardlink   /var/lib/cobbler/loaders/grub-x86_64.efi ->   /var/lib/tftpboot/grub/grub-x86_64.efi

copying distros to tftpboot

copying files for distro:   CentOS6.3-x86_64

trying hardlink   /var/www/cobbler/ks_mirror/CentOS6.3/images/pxeboot/vmlinuz ->   /var/lib/tftpboot/images/CentOS6.3-x86_64/vmlinuz

trying hardlink   /var/www/cobbler/ks_mirror/CentOS6.3/images/pxeboot/initrd.img ->   /var/lib/tftpboot/images/CentOS6.3-x86_64/initrd.img

copying images

generating PXE configuration   files

generating PXE menu structure

copying files for distro:   CentOS6.3-x86_64

trying hardlink   /var/www/cobbler/ks_mirror/CentOS6.3/images/pxeboot/vmlinuz ->   /var/www/cobbler/images/CentOS6.3-x86_64/vmlinuz

trying hardlink   /var/www/cobbler/ks_mirror/CentOS6.3/images/pxeboot/initrd.img ->   /var/www/cobbler/images/CentOS6.3-x86_64/initrd.img

Writing template files for   CentOS6.3-x86_64

rendering DHCP files

generating /etc/dhcp/dhcpd.conf

rendering TFTPD files

generating /etc/xinetd.d/tftp

cleaning link caches

running post-sync triggers

running python triggers from   /var/lib/cobbler/triggers/sync/post/*

running python trigger   cobbler.modules.sync_post_restart_services

running: dhcpd -t -q

received on stdout:

received on stderr:

running: service   dhcpd restart

received on stdout:   Starting dhcpd: [  OK  ]

received on stderr:

running shell triggers from   /var/lib/cobbler/triggers/sync/post/*

running python triggers from   /var/lib/cobbler/triggers/change/*

running python trigger   cobbler.modules.scm_track

running shell triggers from /var/lib/cobbler/triggers/change/*

*** TASK COMPLETE ***

 

 

⑩.导入光盘镜像或网站镜像:

    光盘:(--path:光盘挂载路径 --name:显示名称)

        cobbler import --path=/mnt/ --name=CentOS6.3

 

    注:被导入的镜像存在:/var/www/cobbler/ks_mirror/

 

    镜像:

              cobbler import --path=rsync://mirrors.163.com/centos/6.0/os/i386/ --name=centos-6.0-i386

 

       注:如删除镜像,删除后,本地/var/www/cobbler/ks_mirror/centos6.0 目录被移除。

〇.重启相关服务:

/etc/init.d/cobblerd restart

       /etc/init.d/xinetd restart

       /etc/init.d/dhcpd restart

/etc/init.d/httpd restart

 

◎.定义kickstart文件:

    设置profile,关联镜像和kickstart文件,profile可以理解为按角色进行分类。

 

用cobbler安装操作系统时,cobbler真正执行的kickstart文件其实不是 /var/lib/cobbler/kickstarts/default.ks,

而是 /var/lib/cobbler/kickstarts/sample.ks,可在配置文件/etc/cobbler/settings中看到。

 

添加profile文件,即指定名为centos5.5,使用某个kickstart文件:

cobbler   profile add --name=centos5.5   --distro=centos5.5-i386 --kickstart=/var/lib/cobbler/kickstarts/centos55.ks

 

 

变更profile配置名称,名称由CenOS5.5修改为CentOS5.5-i386

cobbler   profile rename --name=CentOS5.5   –newname=CentOS5.5-i386

 

    删除profile配置,需要删除的profile名称为CenOS5.5

cobbler   profile remove --name=CentOS5.5

 

☉设置system:

system是对待安装机器做具体设置,如设置主机名、IP地址、hostname等,这些设置根据MAC应用到具体机器上。

 

个人感觉用处不大,因为这些完全在ks中可配置。

 

#添加system配置,配置文件名称:webserver1,机器IP地址192.168.0.110,机器MAC地址:00:0C:29:77:89:c7,使用配置文件名称:webserver,kickstart文件为:/var/lib/cobbler/kickstarts/webserver.ks

 

cobbler   system add --name=webserver1   --ip=192.168.0.110  --mac=00:0C:29:77:89:c7   --profile=webserver  --kickstart=/var/lib/cobbler/kickstarts/webserver.ks   --static=1

 

#删除system配置,需要删除的profile名称为dberver1

 

cobbler system remove   --name=dbserver1

 

 

三、配置Cobbler-web网页

1.修改配置文件:

       sed -i 's/authn_denyall/authn_configfile/g' /etc/cobbler/modules.conf

   

注:vi /etc/cobbler/modules.conf

       [authentication] 

module = authn_configfile 

[authorization] 

module = authz_allowall

 

2.重启cobbler:

    /etc/init.d/cobblerd restart

 

3.增加用户或修改已有用户的密码:

    htdigest /etc/cobbler/users.digest "Cobbler" 用户名

       

4.访问Cobbler-web:

    https://172.22.2.97/cobbler_web

 

 

四、重装

1.安装koan:

    yum install koan -y

2.查看cobbler服务器的可以安装列表:

    koan --list=profiles  --server=ip

3.执行重装:

    koan --replace-self --server=192.168.2.142 --profile=列表

4.重启即可:

    reboot

 

注:从测试过程中看到,就算是服务器默认设置成了通过pxe启动,而且也顺利的通过pxe启动了,但之后会收到cobbler的引导菜单。如果默认没有任何选择的话,20秒后会使用local方式加载,也就是启动硬盘上的系统。

 

五、测试

    同pxe,只需新建虚拟机,并启动,即可。

 

 

六、服务控制脚本

vi /etc/init.d/cobbler_all

 

    #!/bin/sh 

    case $1 in 

            start) 

                   /etc/init.d/httpd start 

                   /etc/init.d/xinetd start  

                   /etc/init.d/dhcpd start 

                   /etc/init.d/cobblerd start 

                    ;; 

            stop) 

                   /etc/init.d/httpd stop 

                   /etc/init.d/xinetd stop  

                   /etc/init.d/dhcpd stop 

                   /etc/init.d/cobblerd stop 

                    ;; 

            status) 

                    /etc/init.d/httpd status 

                    /etc/init.d/xinetd status  

                    /etc/init.d/dhcpd status 

                    /etc/init.d/cobblerd status 

                    ;;      

             sync) 

                    cobbler sync 

                    ;;                           

            *) 

                    echo "Input error,please in put 'start|stop|status|sync'!";  

                    exit 2>&1 >/dev/null & 

                    ;;  

            esac

 

chmod +x /etc/init.d/cobbler_all

/etc/init.d/cobbler_all  start|stop|startus|sync

 

 

 

 

七、错误及解决方法

 

1cobblerd校验错误:

cobblerd does   not appear to be running/accessible

 

 

解决方法:

service cobblerd   restart

service httpd restart

 

 

 

2、重启httpd错误:

Starting httpd: Syntax error on line 10 of   /etc/httpd/conf.d/cobbler.conf:

Invalid command 'WSGIScriptAliasMatch', perhaps   misspelled or defined by a module not included in the server configuration

 

 

解决方法:

 

vi /etc/httpd/conf.d/wsgi.conf

#去掉#号

LoadModule wsgi_module modules/mod_wsgi.so

 

3httpdSELinux未运行:

httpd does not appear to be running and proxying   cobbler, or SELinux is in the way. Original traceback:

Traceback (most recent call last):

 

 

解决方法:

 

service httpd start

vi /etc/sysconfig/selinux

SELINUX=enforcing更改为SELINUX=disabled,重启使之生效。

 

4、较验cobbler check出错:

Traceback (most recent call last):

File "/usr/bin/cobbler", line 35, in ?

sys.exit(app.main())

File   "/usr/lib/python2.4/site-packages/cobbler/cli.py", line 558, in   main

rc = cli.run(sys.argv)

File   "/usr/lib/python2.4/site-packages/cobbler/cli.py", line 202, in run

self.token = self.remote.login("",   self.shared_secret)

File "/usr/lib64/python2.4/xmlrpclib.py",   line 1096, in __call__

return self.__send(self.__name, args)

File "/usr/lib64/python2.4/xmlrpclib.py",   line 1383, in __request

verbose=self.__verbose

File "/usr/lib64/python2.4/xmlrpclib.py",   line 1147, in request

return self._parse_response(h.getfile(), sock)

File "/usr/lib64/python2.4/xmlrpclib.py",   line 1286, in _parse_response

return u.close()

File "/usr/lib64/python2.4/xmlrpclib.py",   line 744, in close

raise Fault(**self._stack[0])

xmlrpclib.Fault: <Fault 1:   "cobbler.cexceptions.CX:'login failed'">

 

 

解决方法:此为BUG,按下方操作执行即可。

 

service cobblerd restart

cobbler get-loaders

 

 

5tftp连接失败:

 

解决方法:停止iptables ,即可。

 

iptables -F

chkconfig iptables off

 

 

 

 


你可能感兴趣的:(pxe,cobbler,网络安装,批量安装)