歡迎您光臨本站 註冊首頁

批量部署Linux操作系統的一場革命----Cobbler

←手機掃碼閱讀     火星人 @ 2014-03-08 , reply:0

默認的rhel 光碟中沒有 cobbler 軟體,必須使用第三方的軟體源才能安裝 cobbler 軟體 .但是呢光是安裝這一個軟體包是不能幫助我們完成大批量安裝這個工作滴.那麼問題來了.看見這個標題有童鞋問了.為什麼不用 Kickstart 部署呢?你這種部署有啥與眾不同呢? Cobbler 批量部署的原理其實和 Kickstart 部署的原理有類似之處. 在此 就不予以深究,沒有理解的童鞋請回顧 Kickstart 網路安裝的原理以及實施方式. 直奔Cobbler 的主題吧,這才是今天討論的重點. Cobbler

項目最初在 2008 年左右發布.是紅帽軟體 Fedora 項目社區的一個子項目.是新一代網路安裝套件可以快速建立網路安裝環境.降低大批量部署安裝的難度.兄弟們苦逼的日子來啦啊. 原因你懂的!

cobbler官方網站: https://fedorahosted.org/cobbler

Cobbler作為一個預備工具,使部署 RedHat/Centos/Fedora 系統更容易,同時也支持 Suse Debian 系統的部署.(據說支持WINDOWS,還么測試哦.不過有個東西可以再LINUX上快速部署WIN系統.已經測試很成功.下回分享給大家)

它提供以下服務集成:

* PXE服務支持

* DHCP服務管理

* DNS服務管理

* Kickstart服務支持

* yum倉庫管理

Cobbler客戶端 Koan 支持虛擬機安裝和操作系統重新安裝.

Cobbler伺服器部署:

1、 先 確保EPEL 倉庫可用,如果不可用先安裝 epel 包: 同時確保本地倉庫也是可用的. (確保機器可以聯網)需要注意一點,注意 /var/www/cobbler 目錄必須具有足夠容納 Linux 安裝文件的空間 ( 移動,建軟鏈接 ) 一本 5G

左右吧,但是你要同步不了 YUM 源了.這個後面再探討.

# rpm -Uvh http://download.fedora.redhat.com/pub/epel/5/i386/epel-release-5-4.noarch.rpm

# wget http://download.fedora.redhat.com/pub/epel/5/x86_64/epel-release-5-4.noarch.rpm

# rpm -ivh epel-release-5-4.noarch.rpm

#yum list

2

、安裝 cobbler server 需要的的所有包:

# yum install cobbler httpd rsync tftp-server xinetd dhcp

修改 tftp

# sed '/disable/s/no/yes/g' /etc/xinetd.d/tftp

# sed '/disable/s/no/yes/g' /etc/xinetd.d/rsync

# /etc/init.d/xinetd restart

3、啟動 httpd cobblerd ,並設置為開機自啟動:

# service httpd start

# service cobblerd start

chkconfig httpd on

chkconfig dhcpd on

sbin/chkconfig xinetd on

sbin/chkconfig tftp on

sbin/chkconfig cobblerd on

4、檢查 cobbler 相關配置:

下面是執行# cobbler check 出來的信息:

The following are potential configuration items that you may want to fix:

1 : The 'server' field in /etc/cobbler/settings must be set to something other than localhost, or kickstarting features will not work. This should be a resolvable hostname or IP for the boot server as reachable by all machines that will use it.

#修改 server 選項為主機名或是 IP 地址

2 : For PXE to be functional, the 'next_server' field in /etc/cobbler/settings must be set to something other than 127.0.0.1, and should match the IP of the boot server on the PXE network.

#修改 next-server 對應的 IP 地址

3 : Must enable a selinux boolean to enable vital web services components, run: setsebool -P httpd_can_network_connect true

#

修改 SELINUX setsebool -P httpd_can_network_connect true

4 : you need to set some SELinux content rules to ensure cobbler serves content correctly in your SELinux environment, run the following: /usr/sbin/semanage fcontext -a -t public_content_t "/tftpboot/.*" && /usr/sbin/semanage fcontext -a -t public_content_t "/var/www/cobbler/images/.*"

#修改 selinux 安全上下文標籤

5 : you need to set some SELinux rules if you want to use cobbler-web (an optional package), run the following: /usr/sbin/semanage fcontext -a -t httpd_sys_content_rw_t "/var/lib/cobbler/webui_sessions/.*"

#修改 cobbler 對應的安全上下文標籤

6 : some network boot-loaders are missing from /var/lib/cobbler/loaders, you may run 'cobbler get-loaders' to download them, or, if you only want to handle x86/x86_64 netbooting, you may ensure that you have installed a *recent* version of the syslinux package installed and can ignore this message entirely. Files in this directory, should you want to support all architectures, should include pxelinux.0, menu.c32, elilo.efi, and yaboot. The 'cobbler get-loaders' command is the easiest way to resolve these requirements.

#運行 cobbler get-loaders 以獲取 PXE 啟動需要的文件

7 : change 'disable' to 'no' in /etc/xinetd.d/tftp

#開啟 tftp

8 : change 'disable' to 'no' in /etc/xinetd.d/rsync

#開啟 rsync

9 : since iptables may be running, ensure 69, 80, and 25151 are unblocked

#確保 69,80,25151 這個幾個埠沒有 iptables 阻止

10 : debmirror package is not installed, it will be required to manage debian deployments and repositories

# debian

的鏡像包沒有安裝,如果不安裝 debian ,這條可忽略

11 : The default password used by the sample templates for newly installed machines (default_password_crypted in /etc/cobbler/settings) is still set to 'cobbler' and should be changed, try: "openssl passwd -1 -salt 'random-phrase-here' 'your-password-here'" to generate new one

# 要求使用以上命令行創建新的密碼

12 : fencing tools were not found, and are required to use the (optional) power management features. install cman or fence-agents to use them

# 沒有安裝 fencing 工具,

Restart cobblerd and then run 'cobbler sync' to apply changes.上面已經說的夠清楚的了吧?你看懂了嘛?下面給出我的應對之策:

修正上面錯誤:

1)、 vi /etc/cobbler/settings

server: 192.168. 1.40 #設置 cobbler server IP 地址

next-server: 192.168. 1 . 40 #設置 PXE server

IP 地址

manage_dhcp: 1 #開啟管理 DHCP 服務

default_kickstart: /var/lib/cobbler/kickstarts/default.ks #設置默認的 kickstart 配置文件,用 system-config-kickstart (需要 圖形 環境)生成 .直接寫得了.

2)、關閉防火牆和 SElinux

3)、獲取啟動鏡像

# cobbler get-loaders

4)、啟動 tftp rsync

vi /etc/xinetd.d/tftp

disable = yes 改為: disable = no

vi /etc/xinetd.d/rsync

disable = yes 改為: disable = no

重啟xinetd 服務:

/etc/init.d/xinetd restart

5)、修改 DHCP 模板,確保 DHCP 分配的地址和 Cobbler 在同一網段 (這個可用不這麼做.你可以直接架設一個 DHCP

vi

/etc/cobbler/dhcp.template

# ******************************************************************

# Cobbler managed dhcpd.conf file

#

# generated from cobbler dhcp.conf template ($date)

# Do NOT make changes to /etc/dhcpd.conf. Instead, make your changes

# in /etc/cobbler/dhcp.template, as /etc/dhcpd.conf will be

# overwritten.

#

# ******************************************************************

ddns-update-style interim;

allow booting;

allow bootp;

ignore client-updates;

set vendorclass = option vendor-class-identifier;

subnet 192.168. 1 .0 netmask 255.255.255.0 {

option routers 192.168. 1 . 254 ;

# option domain-name-servers 192.168. 1.1 ;

option subnet-mask 255.255.255.0;

range dynamic-bootp 192.168. 1 .100 192.168. 1 .200;

filename "/pxelinux.0";

next-server $next_server;

default-lease-time 21600;

max-lease-time 43200;

}

#for dhcp_tag in $dhcp_tags.keys():

## group could be subnet if your dhcp tags line up with your subnets

## or really any valid dhcpd.conf construct ... if you only use the

## default dhcp tag in cobbler, the group block can be deleted for a

## flat configuration

# group for Cobbler DHCP tag: $dhcp_tag

group {

#for mac in $dhcp_tags[$dhcp_tag].keys():

#set iface = $dhcp_tags[$dhcp_tag][$mac]

host $iface.name {

hardware ethernet $mac;

#if $iface.ip_address:

fixed-address $iface.ip_address;

#end if

#if $iface.hostname:

option host-name "$iface.hostname";

#end if

#if $iface.subnet:

option subnet-mask $iface.subnet;

#end if

#if $iface.gateway:

option routers $iface.gateway;

#end if

filename "$iface.filename";

## Cobbler defaults to $next_server, but some users

## may like to use $iface.system.server for proxied setups

next-server $next_server;

## next-server $iface.next_server;

}

#end for

}

#end for

5、同步

cobbler 配置,使修改生效:

# cobbler sync

6、掛載 Linux 光碟 ,生成安裝鏡像:

# mount /dev/cdrom /mnt/

# cobbler import --path=/mnt/ --name= RHEL5.6-x86-64

7RPM 倉庫管理 (根據需要自己決定吧)

相關閱讀:https://fedorahosted.org/cobbler/wiki/ManageYumRepos

我們可以為cobbler 添加 RPM 倉庫:

cobbler repo add --name= RHEL5.6-x86-64 --mirror= http://mirrors.163.com/centos/5/os/x86_64/

cobbler repo add --name= EPEL5.-x86-64 --mirror= http://mirrors.ustc.edu.cn/fedora/epel/5/x86_64/

同步倉庫到本地:

cobbler reposync

也可以通過設置--mirror-locally=0 不下載到本地,而通過 kickstart server 去倉庫下載 rpm 包.

添加計劃任務,每天凌晨兩點進行一次同步:

crontab -e

0 2 * * * cobbler reposync --tries=3 --no-fail

8、設置 profile system (這個功能比較牛 P.需要深入研究哈)

profile可以理解為按角色進行分類.

cobbler profile add --name=webserver --distro=CentOS-5-i386 --repos=EPEL-5-i386 --kickstart=/var/lib/cobbler/kickstarts/webserver.ks

system是對待安裝機器做具體設置,如設置主機名、 IP 地址、 hostname 等,這些設置根據 MAC 應用到具體機器上.

# cobbler system add --name=webserver1 --ip=192.168.0.110 --mac=00:0C:29:77:89:c7 --profile=webserver --kickstart=/var/lib/cobbler/kickstarts/webserver.ks --static=1

# cobbler system edit --name=webserver1 --dns-name=webserver1.grid.house.sina.com.cn --hostname=webserver1.grid.house.sina.com.cn

cobbler system edit --name=webserver1 --gateway=192.168.0.1 --subnet=255.255.255.0

cobbler system edit --name=webserver1 --interface=eth1 --static=0

可以通過訪問http://192.168.0.2/cblr/svc/op/ks/system/webserver1 來查看真正的 kickstart 配置.

9、啟動待安裝的伺服器,開始安裝.

10、重新安裝

yum install koan

koan --server=192.168. 1 . 40 --list=profiles

koan --replace-self --server=192.168. 1 . 40 --profile=webserver

reboot

11、設置 Cobbler web 界面

Cobbler web

界面是一個很好的前端,非常容易管理很多 Cobbler 操作.可以用它列出和編輯distros, profiles, subprofiles, systems, repos and kickstart 文件.

安裝Cobbler web

yum install cobbler-web

Cobbler web界面訪問地址:

http://192.168. 1.40 /cobbler_web/

192.168. 1.40 Cobbler web server 地址)

設置用戶名密碼:

為已存在的用戶重置密碼:

htdigest /etc/cobbler/users.digest "Cobbler" cobbler

添加新用戶:

htdigest /etc/cobbler/users.digest "Cobbler" username

設置/etc/cobbler/modules 如下:

[authentication]

module = authn_configfile

[authorization]

module = authz_allowall

重啟Cobbler 服務:

service cobblerd restart

12Cobbler 命令說明

cobbler check - 核對當前設置是否有問題

cobbler list - 列出所有的 cobbler 元素

cobbler report -

詳細的列出個元素

cobbler sync - 同步配置到 dhcp/pxe 和數據目錄

cobbler reposync - 同步 yum 倉庫

13Cobbler 配置文件說明

Cobbler配置文件存放在 /etc/cobbler 下.

/etc/cobbler/settings 為主配置文件;在 /etc/cobbler 下你還能看到 dhcp dns pxe dnsmasq 的模板配置文件; /etc/cobbler/users.digest 為用於 web 訪問的用戶名密碼配置文件; /etc/cobbler/modules.conf 為模塊配置文件;/etc/cobbler/users.conf Cobbler WebUI/Web service 授權配置文件.

Repo數據目錄 /var/www/cobbler

導入的發行版,repos 鏡像和 kickstart

文件都放置在 /var/www/cobbler 目錄下.確保 /var 目錄有足夠的空間來存儲這些文件.

images/ - 存儲所有導入發行版的 Kernel initrd 鏡像用於遠程網路啟動

ks_mirror/ - 存儲導入的發行版

repo_mirror/ - yum repos存儲目錄

/var/log/cobbler用於存放日誌文件 /var/log/cobbler/cobbler.log

Cobbler數據目錄 /var/lib/cobbler ,此目錄存儲和 Cobbler profiles systems distros 相關的配置.

configs/ - 此目錄用於存儲 distros repos systems profiles 相關信息

backup/ - 備份目錄

snippets/ - 用於放置一些可以在 kickstarts 導入的腳本小片段

triggers/ - 此目錄用來放置一些可執行腳本

kickstarts/ - 此目錄用來放置 kickstart 模板文件

Puppet 整合進行配置管理: 這個功能後續在研究吧.先寫到這裡.感謝你的支持.

參考文獻:

https://fedorahosted.org/cobbler/

http://candon123.blog.51cto.com/704299/596302

http://hi.baidu.com/lenvol/blog/item/8e8b123d038f98fb55e72342.html

https://fedorahosted.org/cobbler/wiki/CobblerWebInterface

http://kugoou.8bbs.cn/script/forum/view.asp?article_id=35137766

http://consultancy.edvoncken.net/index.php/HOWTO_Configure_Cobbler_on_Fedora_or_Red_Hat#Red_Hat_or_CentOS

http://www.iteye.com/topic/642690

http://myhat.blog.51cto.com/391263/684485

本文出自 「Susir驛站」 博客,請務必保留此出處http://susir.blog.51cto.com/1367500/755672


[火星人 ] 批量部署Linux操作系統的一場革命----Cobbler已經有679次圍觀

http://coctec.com/docs/linux/show-post-46747.html