测试使用cobbler服务
测试使用cobbler服务
2015/12/28
一、基础环境
1、在tvm-base-centos66的基础上,复制一个镜像为tvm-cobbler来测试。
目的:无人值守安装一个个性化的OS,对比默认的os配置,做了如下的调整:
字符集,
时区,
系统分区,
指定的软件包,如:Base "Development Tools" "Chinese-Support" ntp lrzsz git 等,
yum的本地base和epel源(此时已经搭建完毕本地的base和epel源,否则应该在后面的步骤中去掉对应的操作),
针对个别服务的配置,如:ssh,crontab,salt-minion等。
2、网络:
eth0:host-only(用于虚拟内网,手动固定IP,这样从宿主机可以直接连接到这个vm)
eth1:NAT(用于上外网,动态IP)
[root@tvm-cobbler ~]# cd /etc/sysconfig/network-scripts/
[root@tvm-cobbler network-scripts]# cat ifcfg-eth0
DEVICE=eth0
TYPE=Ethernet
ONBOOT=yes
NM_CONTROLLED=yes
BOOTPROTO=none
IPADDR=192.168.56.252
PREFIX=24
GATEWAY=192.168.56.1
DNS1=192.168.56.254
[root@tvm-cobbler network-scripts]# cat ifcfg-eth1
DEVICE=eth1
TYPE=Ethernet
ONBOOT=yes
NM_CONTROLLED=yes
BOOTPROTO=dhcp
DNS1=192.168.56.254
二、配置cobbler环境
1、安装
使用局域网的epel源:
[root@tvm-rpm ~]# mv /etc/yum.repos.d/*.repo /tmp/ \
&& wget http://mirrors.office.test/local-office.repo -O /etc/yum.repos.d/local-office.repo \
&& yum clean all \
&& yum makecache
注:如果要使用公网的epel源,可以这样操作:
# rpm -Uvh http://dl.fedoraproject.org/pub/epel/epel-release-latest-6.noarch.rpm
[root@tvm-cobbler ~]# yum -y install cobbler cobbler-web httpd dhcp rsync tftp-server pykickstart xinetd syslinux cman
2、配置
安装后:
[root@tvm-cobbler ~]# ls /etc/cobbler/
auth.conf dnsmasq.template named.template secondary.template zone.template
cheetah_macros import_rsync_whitelist power settings zone_templates
cobbler_bash iso pxe tftpd.template
completions ldap reporting users.conf
dhcp.template modules.conf rsync.exclude users.digest
distro_signatures.json mongodb.conf rsync.template version
先生成一个密码串:
[root@tvm-cobbler ~]# openssl passwd -1 -salt 'tvm-cobbler'
Password: (TestVM)
$1$tvm-cobb$RD9M3INq6sjYzh5Vrbf4S/
更新http的密码:
[root@tvm-cobbler ~]# htdigest /etc/cobbler/users.digest "relbboc" cobbler
Adding user cobbler in realm relbboc
New password: (relbboc)
Re-type new password:(relbboc)
也可以通过这种方式来测试:
# authn_testing -- username/password is always testing/testing (debug)
[root@tvm-cobbler ~]# sed 's/ = authn_configfile/ = authn_testing/' /etc/cobbler/modules.conf
调整防火墙,允许:
tcp
80
443
25151
udp
69
sed -i -e 's|@dists=.*|#@dists=|' /etc/debmirror.conf
sed -i -e 's|@arches=.*|#@arches=|' /etc/debmirror.conf
调整配置:
[root@tvm-cobbler ~]# vim /etc/cobbler/settings
default_password_crypted: "$1$tvm-cobb$RD9M3INq6sjYzh5Vrbf4S/"
manage_dhcp: 1
manage_tftpd: 1
manage_rsync: 1
next_server: 192.168.56.252 # 接管DHCP服务器后,指定cobbler服务器的IP
server: 192.168.56.252 # cobbler服务器IP
[root@tvm-cobbler ~]# vim /etc/cobbler/dhcp.template
subnet 192.168.56.0 netmask 255.255.255.0 {
option routers 192.168.56.1;
option domain-name-servers 192.168.56.254;
option subnet-mask 255.255.255.0;
range dynamic-bootp 192.168.56.150 192.168.56.199;
[root@tvm-cobbler ~]# sed -i 's/yes/no/' /etc/xinetd.d/rsync
[root@tvm-cobbler ~]# service xinetd restart
先check一下,然后按照提示检查配置。
[root@tvm-cobbler ~]# cobbler check
[root@tvm-cobbler ~]# service cobblerd restart
[root@tvm-cobbler ~]# cobbler sync
开机启动:
chkconfig httpd on
3、导入os镜像
[root@tvm-cobbler ~]# mount -o loop /dev/scd0 /mnt
[root@tvm-cobbler ~]# cobbler import --path=/mnt/ --name=CentOS-6.5-x86_64
task started: 2015-07-16_171121_import
task started (id=Media import, time=Thu Jul 16 17:11:21 2015)
(等待导入完成)
Found a candidate signature: breed=redhat, version=rhel6
Found a matching signature: breed=redhat, version=rhel6
Adding distros from path /var/www/cobbler/ks_mirror/CentOS-6.5-x86_64:
creating new distro: CentOS-6.5-x86_64
trying symlink: /var/www/cobbler/ks_mirror/CentOS-6.5-x86_64 -> /var/www/cobbler/links/CentOS-6.5-x86_64
creating new profile: CentOS-6.5-x86_64
associating repos
checking for rsync repo(s)
checking for rhn repo(s)
checking for yum repo(s)
starting descent into /var/www/cobbler/ks_mirror/CentOS-6.5-x86_64 for CentOS-6.5-x86_64
processing repo at : /var/www/cobbler/ks_mirror/CentOS-6.5-x86_64
need to process repo/comps: /var/www/cobbler/ks_mirror/CentOS-6.5-x86_64
looking for /var/www/cobbler/ks_mirror/CentOS-6.5-x86_64/repodata/*comps*.xml
Keeping repodata as-is :/var/www/cobbler/ks_mirror/CentOS-6.5-x86_64/repodata
*** TASK COMPLETE ***
[root@tvm-cobbler ~]# umount /mnt/
[root@tvm-cobbler ~]# cd /var/lib/cobbler/kickstarts/
4、调整profiles配置。
[root@tvm-cobbler kickstarts]# cp -a sample_end.ks CentOS-6.5-x86_64.ks
查看我修改了哪些配置:
[root@tvm-cobbler kickstarts]# diff sample_end.ks CentOS-6.5-x86_64.ks
21c21
< lang en_US
---
> lang en_US.UTF-8
38c38
< timezone America/New_York
---
> timezone Asia/Shanghai
44c44,49
< autopart
---
> #autopart
> part /boot --bytes-per-inode=4096 --fstype="ext4" --size=200 --ondisk=sda
> part swap --bytes-per-inode=4096 --fstype="swap" --size=4096 --ondisk=sda
> part / --bytes-per-inode=4096 --fstype="ext4" --size=1 --grow --ondisk=sda
> part /data --bytes-per-inode=4096 --fstype="ext4" --size=1 --grow --ondisk=sdb
>
55a61,66
> @Base
> @Development Tools
> @Chinese-Support
> ntp
> lrzsz
> git
(diff的后续输出略过,因为后面显示的是os安装完成后的脚本,下面有个示例,写在CentOS-6.5-x86_64.ks这个文件的“# Start final steps”这一行之前)
-=-===---------------------------------------------------=-=-
### repo ###
#
mv /etc/yum.repos.d/*.repo /tmp/ \
&& wget http://mirrors.office.test/local-office.repo -O /etc/yum.repos.d/local-office.repo \
&& yum clean all \
&& yum makecache
### ssh config ###
#
mv /etc/ssh/sshd_config /etc/ssh/sshd_config.old \
&& cat <<"_EOF" >/etc/ssh/sshd_config
\# added by cobbler
Port 22
Protocol 2
SyslogFacility AUTHPRIV
\#PasswordAuthentication no
\#PermitRootLogin no
ChallengeResponseAuthentication no
GSSAPIAuthentication no
GSSAPICleanupCredentials no
UsePAM yes
AcceptEnv LANG LC_CTYPE LC_NUMERIC LC_TIME LC_COLLATE LC_MONETARY LC_MESSAGES
AcceptEnv LC_PAPER LC_NAME LC_ADDRESS LC_TELEPHONE LC_MEASUREMENT
AcceptEnv LC_IDENTIFICATION LC_ALL LANGUAGE
AcceptEnv XMODIFIERS
X11Forwarding yes
UseDNS no
Subsystem sftp /usr/libexec/openssh/sftp-server
_EOF
### datetime and crontab ###
#
ntpdate ntp.office.test
cat <<"_EOF" >/var/spool/cron/root
\# [daily]
\# added by cobbler
*/20 * * * * /usr/sbin/ntpdate ntp.office.test >/dev/null 2>&1 &
_EOF
### network ###
#
f_ifdev=`ip a |grep global |awk '{print \$NF}'`
f_ip=`ip a |grep global |cut -d '/' -f 1 |awk '{print \$NF}'`
f_mask=`ip a |grep global |cut -d '/' -f 2 |awk '{print \$1}'`
f_gw=`route -n |grep UG |awk '{print \$2}'`
f_dns=`cat /etc/resolv.conf |grep name |awk '{print $2}'`
cat <<_EOF >"/etc/sysconfig/network-scripts/ifcfg-\${f_ifdev}"
DEVICE=\${f_ifdev}
TYPE=Ethernet
ONBOOT=yes
NM_CONTROLLED=yes
BOOTPROTO=none
IPADDR=\${f_ip}
PREFIX=\${f_mask}
GATEWAY=\${f_gw}
DNS1=\${f_dns}
_EOF
### hostname ###
f_id=`echo \${f_ip} |awk -F '.' '{print "tvm-"\$3"-"\$4}'`
hostname \${f_id}
cat <<_EOF >/etc/sysconfig/network
NETWORKING=yes
HOSTNAME=\${f_id}
_EOF
### salt-minion ###
#
salt_m="salt-m.office.test"
yum install salt-minion -y
cp -a /etc/salt/minion /etc/salt/minion.bak
cat <<_EOF >/etc/salt/minion
master: \${salt_m}
id: \$(hostname)
_EOF
# Start final steps
-=-===---------------------------------------------------=-=-
[root@tvm-cobbler kickstarts]# cobbler profile edit \
--name=CentOS-6.5-x86_64 \
--distro=CentOS-6.5-x86_64 \
--kickstart=/var/lib/cobbler/kickstarts/CentOS-6.5-x86_64.ks
5、验证
[root@tvm-cobbler kickstarts]# cobbler validateks
task started: 2015-07-17_175218_validateks
task started (id=Kickstart Validation, time=Fri Jul 17 17:52:18 2015)
----------------------------
osversion: rhel6
checking url: http://192.168.56.252/cblr/svc/op/ks/profile/CentOS-6.5-x86_64
running: /usr/bin/ksvalidator -v "rhel6" "http://192.168.56.252/cblr/svc/op/ks/profile/CentOS-6.5-x86_64"
received on stdout:
received on stderr:
*** all kickstarts seem to be ok ***
*** TASK COMPLETE ***
上述文字结尾表示正常。
修改配置后,记得要sync一下来生效
[root@tvm-cobbler kickstarts]# cobbler sync
*** TASK COMPLETE ***
上述文字结尾表示正常。
注:可以这样查看已经更改后的profiles的状态:
[root@tvm-cobbler kickstarts]# cobbler profile report --name CentOS-6.5-x86_64
[root@tvm-cobbler kickstarts]# cat /var/lib/cobbler/config/profiles.d/CentOS-6.5-x86_64.json |python -m simplejson.tool
也可以这样:
[root@tvm-cobbler kickstarts]# curl http://192.168.56.252/cblr/svc/op/ks/profile/CentOS-6.5-x86_64
(略)
# End final steps
%end
6、调整systems配置
通过配置system,可以个性化的针对指定的客户端(例如通过mac地址来匹配到主机)来指定系统配置。
[root@tvm-cobbler kickstarts]# cobbler system add \
--name=cobbler-test \
--profile=CentOS-6.5-x86_64 \
--hostname=tvm-test \
--interface=eth0 \
--mac=08:00:27:bf:43:92 \
--ip-address=192.168.56.200 \
--subnet=255.255.255.0 \
--gateway=192.168.56.1 \
--static=1 \
--name-servers=192.168.56.254
[root@tvm-cobbler kickstarts]# cobbler system list
cobbler-test
[root@tvm-cobbler kickstarts]# cobbler system report --name=cobbler-test
[root@tvm-cobbler kickstarts]# cobbler validateks
task started: 2015-07-22_165915_validateks
task started (id=Kickstart Validation, time=Wed Jul 22 16:59:15 2015)
----------------------------
osversion: rhel6
checking url: http://192.168.56.252/cblr/svc/op/ks/profile/CentOS-6.5-x86_64
running: /usr/bin/ksvalidator -v "rhel6" "http://192.168.56.252/cblr/svc/op/ks/profile/CentOS-6.5-x86_64"
received on stdout:
received on stderr:
----------------------------
osversion: rhel6
checking url: http://192.168.56.252/cblr/svc/op/ks/system/cobbler-test
running: /usr/bin/ksvalidator -v "rhel6" "http://192.168.56.252/cblr/svc/op/ks/system/cobbler-test"
received on stdout:
received on stderr:
*** all kickstarts seem to be ok ***
*** TASK COMPLETE ***
[root@tvm-cobbler kickstarts]# cobbler sync
注:移除这个配置可以通过执行:cobbler system remove --name=cobbler-test
二、在virtualbox上新建一个虚拟机来测试。
1、调整网卡,使用host-only,且去掉dhcp服务器的功能。
2、启动测试的虚拟机tvm-client1,按F12,按L键,进入pxe启动模式
三、FAQ
Q1:客户端从PXE启动后,弹出蓝色菜单要选择,意味着ks没有起作用,故障在哪里?
A:检查以下内容:
试着浏览器或者curl访问下述URL:
[root@tvm-cobbler kickstarts]# curl http://192.168.56.252/cblr/svc/op/ks/profile/CentOS-6.5-x86_64
如果有错误,则会提示:
# This kickstart had errors that prevented it from being rendered correctly.
# The cobbler.log should have information relating to this failure.
此时可以查看日志:
[root@tvm-cobbler kickstarts]# tail /var/log/cobbler/cobbler.log
-------------------------------------------------------------
Q2:在生产环境中的一个案例,客户端多次尝试从PXE启动,失败
A:检查发现,总是em1的mac在请求dhcp,而cobbler服务是在em2所在局域网。
在dell服务器的bios设置中,调整网卡配置,启用em2的pxe并禁用em1的pxe后再次测试,通过。
-------------------------------------------------------------
ZYXW、参考
1、CENTOS6.5安装和配置COBBLER 2.4
http://blog.hackroad.com/operations-engineer/linux_server/11353.html
