【原理】
Cobbler 是一个系统启动服务(boot server),可以通过网络启动(PXE)的方式用来快速安装、重装物理服务器和虚拟机,支持安装不同的 Linux 发行版和Windows。
Cobbler 是个轻量级 Python 程序,总共大概1.5万行代码,还可以用来管理 DHCP, DNS, yum 源等。Cobbler 使用命令行方式管理,也提供了基于 Web 的界面管理工具(cobbler-web),不过命令行方式已经很方便,实在没有必要为了不实用的 Web 界面再添加一个 Web 服务器。
【安装】
1、需要导入EPEL源,我用的是centos5.4系统
wget http://dl.fedoraproject.org/pub/epel/5/x86_64/epel-release-5-4.noarch.rpm
rpm -ivh epel-release-5-4.noarch.rpm
yum -y install cobbler cobbler-web httpd rsync tftp-server xinetd dhcp python-ctypes debmirror pykickstart
需要关闭selinux和防火墙,不然后面启动cobbler会报错
2、修改主配置文件
vi /etc/cobbler/settings
修改如下几个参数,改为cobbler服务器ip地址【服务器ip为192.168.1.8】
next_server:192.168.1.8
server:192.168.1.8
3、修改rsync 和 tftp 这两个服务的 xinetd 配置:
# vi /etc/xinetd.d/rsync
service rsync
{
disable = no
...
}
# vi /etc/xinetd.d/tftp
service tftp
{
...
disable = no
...
}
重启/etc/init.d/xinetd restart
web可以登陆
sed -i 's/authn_denyall/authn_configfile/g' /etc/cobbler/modules.conf
设置cobbler web登陆,用户登陆密码
htdigest /etc/cobbler/users.digest "Cobbler" cobbler
设置cobbler登陆服务器地址
sed -i 's/server: 127.0.0.1/server: 192.168.1.8/g' /etc/cobbler/settings
https://192.168.1.8/cobbler_web user:cobbler 密码就是上面设置的。
ks脚本关闭pxe,这样就不会重复安装
sed -i 's/pxe_just_once: 0/pxe_just_once: 1/g' /etc/cobbler/settings
cobbler管理rsync
sed -i 's/manage_rsync: 0/manage_rsync: 1/g' /etc/cobbler/settings
cobbler管理dhcp 【yum -y install dhcp】
sed -i 's/manage_dhcp: 0/manage_dhcp: 1/g' /etc/cobbler/settings
将 manage_dhcp 设置为 1 表示由 cobbler 会根据 dhcp.template 生成 dhcp.conf 文件
dhcp服务是由cobbler来管理 /etc/cobbler/dhcp.template,每次修改dhcp.template,然后cobbler sync,就会自动更新到/etc/dhcpd.conf中
dhcp.template内容如下,只截取主要部分【其中192.168.1.8为本机ip】
【启动】
启动cobbler的时候,可能会报如下错误:
1.cobbler启动报错
[root@localhost]# /etc/init.d/cobblerd start
Starting cobbler daemon: No module named ctypes
Traceback (most recent call last):
File "/usr/bin/cobblerd", line 76, in main
api = cobbler_api.BootAPI(is_cobblerd=True)
File "/usr/lib/python2.4/site-packages/cobbler/api.py", line 127, in __init__
module_loader.load_modules()
File "/usr/lib/python2.4/site-packages/cobbler/module_loader.py", line 62, in load_modules
blip = __import__("modules.%s" % ( modname), globals(), locals(), [modname])
File "/usr/lib/python2.4/site-packages/cobbler/modules/authn_pam.py", line 53, in ?
from ctypes import CDLL, POINTER, Structure, CFUNCTYPE, cast, pointer, sizeof
ImportError: No module named ctypes
解决办法:
yum -y install python-ctypes
安装完成之后再重启cobbler
如果没报错,在cobbler check检查,可能还会报如下错误:
httpd does not appear to be running and proxying cobbler, or SELinux is in the way. Original traceback:
Traceback (most recent call last):
File "/usr/lib/python2.4/site-packages/cobbler/cli.py", line 184, in check_setup
s.ping()
File "/usr/lib64/python2.4/xmlrpclib.py", line 1096, in __call__
return self.__send(self.__name, args)
File "/usr/lib64/python2.4/xmlrpclib.py", line 1383, in __request
verbose=self.__verbose
File "/usr/lib64/python2.4/xmlrpclib.py", line 1129, in request
self.send_content(h, request_body)
File "/usr/lib64/python2.4/xmlrpclib.py", line 1243, in send_content
connection.endheaders()
File "/usr/lib64/python2.4/httplib.py", line 804, in endheaders
self._send_output()
File "/usr/lib64/python2.4/httplib.py", line 685, in _send_output
self.send(msg)
File "/usr/lib64/python2.4/httplib.py", line 652, in send
self.connect()
File "/usr/lib64/python2.4/httplib.py", line 636, in connect
raise socket.error, msg
error: (111, 'Connection refused')
解决办法:
原因:Cobbler 2.2.x has a requirement for mod_wsgi which when installed via EPEL will be disabled by default. If you try to start httpd you will see the following:
Invalid command 'WSGIScriptAliasMatch', perhaps misspelled or defined by a module not included in the server configuration
解决:
修改 /etc/httpd/conf.d/wsgi.conf,把LoadModule wsgi_module modules/mod_wsgi.so 前面的注释去掉,问题解决了。
重启cobbler就可以了
也许在cobbler check的时候,还是报同样错误,所以还需要启动apache服务
/etc/init.d/httpd restart
cobbler 跟 httpd 绑定的很紧密,也就是说默认使用的是 apache2,而非 nginx。如果使用了 nginx 开启了 80 端口,在 cobbler check 的时候会出现如上报错
【检查和修改Cobbler配置】
cobbler check
这是cobbler自带的检测命令,提供cobbler必须的一些设置的检查,运行之后根据不同的环境,检测出来的结果也是不同的,不过所有的检测中我们都可以按照他的提示,一步步的来完善配置。
【获取镜像】 即可获取各ios的bootloader
cobbler get-loaders
运行结果如下:
【debmirror】
希望能让这台 cobbler 服务器能同时部署 CentOS/Fedora 和 Debian/Ubuntu 系统,所以需要安装 debmirror,安装 debmirror-20090807-1.el5.noarch.rpm 前需要先安装依赖包,否则直接rpm debmirror的话会报依赖错误
yum -y install ed patch perl perl-Compress-Zlib perl-Cwd perl-Digest-MD5 \
perl-Digest-SHA1 perl-LockFile-Simple perl-libwww-perl
wget ftp://fr2.rpmfind.net/linux/epel/5/ppc/debmirror-20090807-1.el5.noarch.rpm
rpm -ivh debmirror-20090807-1.el5.noarch.rpm
修改 /etc/debmirror.conf 配置文件,注释掉 @dists 和 @arches 两行:
# vi /etc/debmirror.conf
...
#@dists="sid";
@sections="main,main/debian-installer,contrib,non-free";
#@arches="i386";
【为root密码加密】
用 openssl 生成一串密码后加入到 cobbler 的配置文件(/etc/cobbler/settings)里,替换 default_password_crypted 字段:
# openssl passwd -1 -salt 'random-phrase-here' '123456'
$1$123456$yP8cnPCBYvmC6UfX/e0zQ.
密码为123456,其中random-phrase-here为扰码,没用的
vi /etc/cobbler/settings
default_password_crypted: "$1$www.vpsee$T5FgCHY2P0NDr6JmbN0Bl0"
以上步骤都弄完之后,先重启cobbler,然后cobbler check,看看还有什么错误,如果没什么错误了,最后在cobbler sync,此时会自动启动dhcpd服务,并不需要我们自己手动去启动dhcp
【导入iso】
把iso拷贝到1.8上,然后挂载
mount -t auto -o loop /root/CentOS-6.3-x86_64-bin-DVD1.iso /mnt
注意:此处不要挂载CentOS-6.4-x86_64-minimal.iso这种iso,不然无法导入
然后导入
cobbler import --path=/mnt --name=centos5
此时耗时会比较长,会输出一大片信息,其中最后有个"*** TASK COMPLETE ***",那就说明ok了
其中导入的镜像存储在/var/www/cobbler/ks_mirror/这个目录下,
在把信息都保存下,cobbler sync,然后查看下iso是否已经载入
cobbler list
重要:用cobbler安装操作系统时,cobbler真正执行的kickstart文件其实不是 /var/lib/cobbler/kickstarts/default.ks,而是 /var/lib/cobbler/kickstarts/sample.ks,当然,这是在默认没有手动指定profile的情况下。
当然了,如果想用自己写的ks的话,可以这样做
cobbler profile edit --name=centos6.3 --kickstart=/var/lib/cobbler/kickstarts/centos.ks
name是/var/www/cobbler/ks_mirror/config下的centos6-x86_64
【贴下部分关键ks】
echo "NETWORKING=yes" >/etc/sysconfig/network
echo "NETWORKING_IPV6=no" >>/etc/sysconfig/network
echo "HOSTNAME=cobbler" >>/etc/sysconfig/network
ulimit -HSn 65535
rpm -ivh http://192.168.1.8/test/epel-release-5-4.noarch.rpm
wget http://192.168.1.8/test/1.sh && sh 1.sh
sed -i 's/mirror.centos.org/mirrors.163.com/' /etc/yum.repos.d/CentOS-Base.repo
mkdir -p /tt/pp
其中1.sh是通过yum安装puppet软件,所以自己可以修改ks,在客户端安装系统的时候自定义安装一些软件,以达到真正的自动化,大前提是,dhcp配置的文件里的网关和dns,必须要保证客户端能ping通外网,否则.....客户端系统安装成功后,可以查看/root/目录下的cobbler.log日志
【客户端】
设置客户端的bios启动项,改为从网卡启动,即pxe,把虚拟机设置成网络 PXE 启动(和 cobbler 在同一个网络)
然后的然后,就让它自己去安装吧,我们就不用管了
安装完成后,登录客户端,然后查看安装日志
如果安装centos6.0系统的话,则需要把part分区给注释掉
rootpw test --此处密码也可以用明文
这里就是客户端在执行自定义ks脚本里的内容
http://dl.fedoraproject.org/pub/epel/6/x86_64/epel-release-6-8.noarch.rpm
centos6.0的rpm
附件为自己的ks
ps:以下是自动化安装cobbler,适用于centos5和centos6
#install cobbler-server soft
#date 2013.08.07
#disabled iptables and selinux
/etc/init.d/iptables stop
setenforce 0
IP=`ifconfig eth0 |awk -F '[ :]+' 'NR==2 {print $4}'`
#yum epel
system_version=`cat /etc/issue|grep CentOS|awk -F '[ .]+' '{print $3}'`
if [ ${system_version} == 5 ]; then
rpm -ivh http://dl.fedoraproject.org/pub/epel/5/x86_64/epel-release-5-4.noarch.rpm
else
rpm -ivh http://dl.fedoraproject.org/pub/epel/6/x86_64/epel-release-6-8.noarch.rpm
fi
yum -y install cobbler httpd rsync tftp-server xinetd dhcp python-ctypes debmirror pykickstart
#modify the file /etc/cobbler/settings,1.78 is cobbler-server's ip
sed -i 's/server: 127.0.0.1/server: '${IP}'/g' /etc/cobbler/settings
#modify the /etc/xinetd.d/tftp and /etc/xinetd.d/rsync
sed -i '/disable/c\\tdisable\t\t\t= no' /etc/xinetd.d/tftp
sed -i 's/\=\ yes/\=\ no/g' /etc/xinetd.d/rsync
#或者此处也可以这样写
#sed -i '/disable/s/yes/no/' /etc/xinetd.d/tftp
#sed -i '/disable/s/no/yes' /etc/xinetd.d/rsync
/etc/init.d/xinetd restart
#web_log_in and set web_log_in_user and password
sed -i 's/authn_denyall/authn_configfile/g' /etc/cobbler/modules.conf
#htdigest /etc/cobbler/users.digest "Cobbler" cobbler
#Avoiding repeated installations by close pxe
sed -i 's/pxe_just_once: 0/pxe_just_once: 1/g' /etc/cobbler/settings
#cobbler manage dhcp
sed -i 's/manage_dhcp: 0/manage_dhcp: 1/g' /etc/cobbler/settings
#set
sed -i 's/^#Load/Load/' /etc/httpd/conf.d/wsgi.conf
#start httpd,not nginx
sed -i 's/#ServerName www.example.com:80/ServerName '${IP}':80/g' /etc/httpd/conf/httpd.conf
/etc/init.d/httpd restart
#get the os's bootloader
cobbler get-loaders
#dedmirrors
yum -y install ed patch perl perl-Compress-Zlib perl-Cwd perl-Digest-MD5 \
perl-Digest-SHA1 perl-LockFile-Simple perl-libwww-perl
rpm -ivh ftp://fr2.rpmfind.net/linux/epel/5/ppc/debmirror-20090807-1.el5.noarch.rpm
sed -i 's/@dists/#&/g' /etc/debmirror.conf
sed -i 's/@arches/#&/g' /etc/debmirror.conf
#set the root's password
a=`openssl passwd -1 -salt 'random-phrase-here' '123456'`
echo $a
#sed -i 's/default_password_crypted:"/&'$a'"/g' /etc/cobbler/settings
sed -i '/default_password_crypted/s/^/&#/g' /etc/cobbler/settings
cat >> /etc/cobbler/settings << EOF
default_password_crypted: "$a"
EOF
#set dhcp
sed -i 's/192.168.1.[0-9]\;/192.168.1.1\;/g' /etc/cobbler/dhcp.template
#start services
/etc/init.d/cobblerd restart
/etc/init.d/xinetd restart
cobbler sync
#mount iso
wget http://192.168.1.78/test/CentOS-6.4-x86_64-bin-DVD1.iso
mount -t auto -o loop CentOS-6.4-x86_64-bin-DVD1.iso /mnt
cobbler import --path=/mnt --name=centos6.4
cobbler sync