Cobbler作为一个预备工具,使部署RedHat/Centos/Fedora系统更容易,同时也支持Suse和Debian系统的部署。
它提供以下服务集成:
* PXE服务支持
* DHCP服务管理
* DNS服务管理
* Kickstart服务支持
* yum仓库管理
Cobbler客户端Koan支持虚拟机安装和操作系统重新安装。
Cobbler服务器部署:
1、确保EPEL仓库可用,如果不可用先安装epel包:
rpm -Uvhhttp://download.fedora.redhat.com/pub/epel/5/i386/epel-release-5-4.noarch.rpm
2、安装cobbler server需要的的所有包:
yum install cobbler httpd rsync tftp-server xinetd dhcp
3、启动httpd和cobblerd,并设置为开机自启动:
/sbin/service httpd start
/sbin/service cobblerd start
/sbin/chkconfig httpd on
/sbin/chkconfig dhcpd on
/sbin/chkconfig xinetd on
/sbin/chkconfig tftp on
/sbin/chkconfig cobblerd on
4、检查cobbler相关配置:
cobbler check
The following are potential configuration items that you maywant to fix:
1 : The 'server' field in /etc/cobbler/settings must be set tosomething other than localhost, or kickstarting features will notwork. This should be a resolvable hostname or IP for the bootserver as reachable by all machines that will use it.
2 : For PXE to be functional, the 'next_server' field in/etc/cobbler/settings must be set to something other than127.0.0.1, and should match the IP of the boot server on the PXEnetwork.
3 : you need to set some SELinux content rules to ensurecobbler works correctly in your SELinux environment, run thefollowing: /usr/sbin/semanage fcontext -a -t public_content_t"/tftpboot/.*" && \/usr/sbin/semanage fcontext -a -t public_content_t"/var/www/cobbler/images/.*"
4 : some network boot-loaders are missing from/var/lib/cobbler/loaders, you may run 'cobbler get-loaders' todownload them, or, if you only want to handle x86/x86_64netbooting, you may ensure that you have installed a *recent*version of the syslinux package installed and can ignore thismessage entirely. Files in this directory, should you want tosupport all architectures, should include pxelinux.0, menu.c32,elilo.efi, and yaboot. The 'cobbler get-loaders' command is theeasiest way to resolve these requirements.
5 : change 'disable' to 'no' in /etc/xinetd.d/tftp
6 : change 'disable' to 'no' in /etc/xinetd.d/rsync
7 : since iptables may be running, ensure 69, 80, and 25151are unblocked
8 : debmirror package is not installed, it will be required tomanage debian deployments and repositories
9 : The default password used by the sample templates fornewly installed machines (default_password_crypted in/etc/cobbler/settings) is still set to 'cobbler' and should bechanged, try: "openssl passwd -1 -salt 'random-phrase-here''your-password-here'" to generate new one
Restart cobblerd and then run 'cobbler sync' to applychanges.
修正上面错误:
1)vi /etc/cobbler/settings
server: 192.168.0.2 #设置cobblerserver的IP地址
next-server: 192.168.0.2 #设置PXEserver的IP地址
manage_dhcp: 1 #开启管理DHCP服务
default_kickstart: /var/lib/cobbler/kickstarts/default.ks #设置默认的kickstart配置文件,此文件建议用system-config-kickstart(需要X环境)生成
2)关闭防火墙和SElinux
3)获取启动镜像
cobbler get-loaders
4)启动tftp和rsync
vi /etc/xinetd.d/tftp
将disable =yes改为:disable = no
vi /etc/xinetd.d/rsync
将disable =yes改为:disable = no
重启xinetd服务:
/etc/init.d/xinetd restart
5)修改DHCP模板,确保DHCP分配的地址和Cobbler在同一网段
vi
/etc/cobbler/dhcp.template
#******************************************************************
# Cobbler managed dhcpd.conf file
#
# generated from cobbler dhcp.conf template ($date)
# Do NOT make changes to /etc/dhcpd.conf. Instead, make yourchanges
# in /etc/cobbler/dhcp.template, as /etc/dhcpd.conf willbe
# overwritten.
#
#******************************************************************
ddns-update-style interim;
allow booting;
allow bootp;
ignore client-updates;
set vendorclass = option vendor-class-identifier;
subnet 192.168.0.0 netmask 255.255.255.0 {
optionrouters 192.168.0.1;
#option domain-name-servers 192.168.0.2;
optionsubnet-mask 255.255.255.0;
rangedynamic-bootp 192.168.0.100192.168.0.200;
filename "/pxelinux.0";
default-lease-time 21600;
max-lease-time 43200;
next-server $next_server;
}
#for dhcp_tag in $dhcp_tags.keys():
##group could be subnet if your dhcp tags line up with yoursubnets
## orreally any valid dhcpd.conf construct ... if you only use the
##default dhcp tag in cobbler, the group block can be deleted fora
## flatconfiguration
# group for Cobbler DHCP tag: $dhcp_tag
group {
#for mac in$dhcp_tags[$dhcp_tag].keys():
#set iface = $dhcp_tags[$dhcp_tag][$mac]
host$iface.name {
hardware ethernet $mac;
#if $iface.ip_address:
fixed-address$iface.ip_address;
#end if
#if $iface.hostname:
option host-name"$iface.hostname";
#end if
#if $iface.subnet:
option subnet-mask$iface.subnet;
#end if
#if $iface.gateway:
option routers$iface.gateway;
#end if
filename"$iface.filename";
## Cobbler defaults to$next_server, but some users
## may like to use$iface.system.server for proxied setups
next-server$next_server;
## next-server$iface.next_server;
}
#end for
}
#end for
5、同步cobbler配置,使修改生效:
cobbler sync
6、挂载Linux安装盘,生成安装镜像:
mount /dev/cdrom /mnt/
cobbler import --path=/mnt/ --name=CentOS-5-i386
7、RPM仓库管理
相关阅读:https://fedorahosted.org/cobbler/wiki/ManageYumRepos
我们可以为cobbler添加RPM仓库:
cobbler repo add --name=CentOS-5-i386--mirror=http://mirrors.163.com/centos/5/os/i386/
cobbler repo add --name=EPEL-5-i386--mirror=http://download.fedoraproject.org/pub/epel/5/i386/
同步仓库到本地:
cobbler reposync
也可以通过设置--mirror-locally=0不下载到本地,而通过kickstartserver去仓库下载rpm包。
添加计划任务,每天凌晨两点进行一次同步:
crontab -e
0 2 * * * cobbler reposync --tries=3 --no-fail
8、设置profile和system
profile可以理解为按角色进行分类。
cobbler profile add --name=webserver --distro=CentOS-5-i386--repos=EPEL-5-i386--kickstart=/var/lib/cobbler/kickstarts/webserver.ks
system是对待安装机器做具体设置,如设置主机名、IP地址、hostname等,这些设置根据MAC应用到具体机器上。cobbler system add --name=webserver1 --ip=192.168.0.110--mac=00:0C:29:77:89:c7 --profile=webserver--kickstart=/var/lib/cobbler/kickstarts/webserver.ks--static=1
cobbler system edit --name=webserver1--dns-name=webserver1.grid.house.sina.com.cn--hostname=webserver1.grid.house.sina.com.cn
cobbler system edit --name=webserver1 --gateway=192.168.0.1--subnet=255.255.255.0
cobbler system edit --name=webserver1 --interface=eth1--static=0
可以通过访问http://192.168.0.2/cblr/svc/op/ks/system/webserver1来查看真正的kickstart配置。
9、启动待安装的服务器,开始安装。
10、重新安装
yum install koan
koan --server=192.168.0.2 --list=profiles
koan --replace-self --server=192.168.0.2--profile=webserver
/sbin/reboot
11、设置Cobbler web界面
Cobbler web界面是一个很好的前端,非常容易管理很多Cobbler操作。可以用它列出和编辑distros,profiles, subprofiles, systems, repos and kickstart文件。
安装Cobbler web:
yum install cobbler-web
Cobbler web界面访问地址:
http://192.168.0.2/cobbler_web/
(192.168.0.2为Cobbler webserver地址)
设置用户名密码:
为已存在的用户重置密码:
htdigest /etc/cobbler/users.digest "Cobbler"cobbler
添加新用户:
htdigest /etc/cobbler/users.digest "Cobbler" yourname
设置/etc/cobbler/modules如下:
[authentication]
module = authn_configfile
[authorization]
module = authz_allowall
重启Cobbler服务:
service cobblerd restart
12、Cobbler命令说明
cobbler check - 核对当前设置是否有问题
cobbler list - 列出所有的cobbler元素
cobbler report - 详细的列出个元素
cobbler sync - 同步配置到dhcp/pxe和数据目录
cobbler reposync - 同步yum仓库
13、Cobbler配置文件说明
Cobbler配置文件存放在/etc/cobbler下。/etc/cobbler/settings为主配置文件;在/etc/cobbler下你还能看到dhcp、dns、pxe、dnsmasq的模板配置文件;/etc/cobbler/users.digest为用于web访问的用户名密码配置文件;/etc/cobbler/modules.conf为模块配置文件;/etc/cobbler/users.conf为Cobbler WebUI/Webservice授权配置文件。
Repo数据目录/var/www/cobbler
导入的发行版,repos镜像和kickstart文件都放置在/var/www/cobbler目录下。确保/var目录有足够的空间来存储这些文件。
images/ - 存储所有导入发行版的Kernel和initrd镜像用于远程网络启动
ks_mirror/ - 存储导入的发行版
repo_mirror/ - yum repos存储目录
/var/log/cobbler用于存放日志文件/var/log/cobbler/cobbler.log
Cobbler数据目录/var/lib/cobbler,此目录存储和Cobblerprofiles、systems、distros相关的配置。
configs/ - 此目录用于存储distros、repos、systems和profiles相关信息
backup/ - 备份目录
snippets/ -用于放置一些可以在kickstarts导入的脚本小片段
triggers/ - 此目录用来放置一些可执行脚本
kickstarts/ - 此目录用来放置kickstart模板文件
14、与Puppet整合进行配置管理:
相关参考:https://fedorahosted.org/cobbler/wiki/UsingCobblerWithConfigMa nagementSystem
[root@puppetmaster ~]# vi /etc/puppet/puppet.conf
[main]
# 添加下面行,使puppet支持扩展节点
external_nodes = /usr/bin/cobbler-ext-nodes
node_terminus = exec
# 添加Puppet管理类basesclass,并设置dns name
[root@puppetmaster ~]# cobbler system edit --name=webserver1--mgmt-classes="baseclass"--dns-name=webserver1.grid.house.sina.com.cn
# 确保下面命令的获得配置管理类(baseclass)及参数
[root@puppetmaster ~]# /usr/bin/cobbler-ext-nodes"webserver1.grid.house.sina.com.cn"
classes: [baseclass]
parameters: {from_cobbler: 1, tree:'http://@@http_server@@/cblr/links/CentOS-5-i386'}
注意:上面给脚本提供的参数为你设置的dns name,不是cobbler system命令中设置的name。
[root@leju ~]# cat/var/lib/cobbler/kickstarts/webserver.ks
#platform=x86, AMD64, or Intel EM64T
# System authorization information
auth --useshadow --enablemd5
# System bootloader configuration
bootloader --location=mbr
# Partition clearing information
clearpart --all --initlabel
# Use text mode install
text
# Firewall configuration
firewall --disable
# Run the Setup Agent on first boot
firstboot --disable
# System keyboard
keyboard us
# System language
lang en_US
# Use network installation
url --url=$tree
# If any cobbler repo definitions were referenced in thekickstart profile, include them here.
$yum_repo_stanza
# Network information
$SNIPPET('network_config')
# Reboot after installation
reboot
#Root password
rootpw --iscrypted $default_password_crypted
# SELinux configuration
selinux --disabled
# Do not configure the X Window System
skipx
# System timezone
timezone --utc Asia/Shanghai
# Install OS instead of upgrade
install
# Clear the Master Boot Record
zerombr
# Allow anaconda to partition the system as needed
autopart
clearpart --all --drives=sda --initlabel
part /boot --fstype ext3 --size=128
part /usr --fstype ext3 --size=4192
part / --fstype ext3 --size=2048
part /var --fstype ext3 --size=2048
part /tmp --fstype ext3 --size=2048
part swap --size=2048
part /data0 --fstype ext3 --size=100 --grow
%pre
$SNIPPET('log_ks_pre')
$kickstart_start
$SNIPPET('pre_install_network_config')
# Enable installation monitoring
$SNIPPET('pre_anamon')
%packages
@admin-tools
@base
@chinese-support
@core
@development-libs
@development-tools
@editors
@system-tools
@text-internet
OpenIPMI-tools
hardlink
kernel-PAE
kernel-PAE-devel
kernel-devel
libpng-devel
lrzsz
minicom
net-snmp-utils
pcre-devel
sysstat
x86info
puppet
$SNIPPET('func_install_if_enabled')
%post
$SNIPPET('log_ks_post')
kill_service_list='S00microcode_ctl S19rpcgssd S26hiddS11auditd S22messagebus S90xfs S12restorecond S28autofsS25bluetooth S95atd S05kudzu S25netfs S56cups S97yum-updatesdS06cpuspeed S13portmap S25pcscd S56rawdevices S98avahi-daemonS08ip6tables S14nfslock S26acpid S08iptables S15mdmonitor S26apmdS80sendmail S08mcstrans S18rpcidmapd S26haldaemon S85gpmS99smartd'
for service in $kill_service_list
do
k_service=`echo $service |sed 's/^S/K/'`
if [[-f /etc/rc3.d/$service ]]; then
mv/etc/rc3.d/$service /etc/rc3.d/$k_service
fi
done
/sbin/chkconfig --level 345 puppet on
/usr/sbin/puppetd --test
# Start yum configuration
$yum_config_stanza
# End yum configuration
$SNIPPET('post_install_kernel_options')
$SNIPPET('post_install_network_config')
$SNIPPET('func_register_if_enabled')
$SNIPPET('download_config_files')
$SNIPPET('koan_environment')
$SNIPPET('redhat_register')
$SNIPPET('cobbler_register')
# Enable post-install boot notification
$SNIPPET('post_anamon')
# Start final steps
$kickstart_done
# End final steps
参考:
UserDocs: https://fedorahosted.org/cobbler/wiki/UserDocs
Cobbler on Centos with Vmware:http://www.jedi.be/blog/2009/03/19/cobbler-on-centos-with-vmware/
Cobbler Documentation, examples and use of Cobbler LinuxProvisioning System: http://openskill.info/topic.php?ID=201