cobbler 安裝

cobbler 安裝

Cobbler作為一個預備工具，使部署RedHat/Centos/Fedora系統更容易，同時也支持Suse和Debian系統的部署。
它提供以下服務集成：

* PXE服務支持
* DHCP服務管理
* DNS服務管理
* Kickstart服務支持
* yum倉庫管理

Cobbler客戶端Koan支持虛擬機安裝和操作系統重新安裝。

Cobbler伺服器部署：

1、確保EPEL倉庫可用，如果不可用先安裝epel包：

rpm -Uvh http://download.fedora.redhat.com/pub/epel/5/i386/epel-release-5-4.noarch.rpm

2、安裝cobbler server需要的的所有包：

yum install cobbler httpd rsync tftp-server xinetd dhcp

3、啟動httpd和cobblerd，並設置為開機自啟動：

/sbin/service httpd start
/sbin/service cobblerd start

/sbin/chkconfig httpd on
/sbin/chkconfig dhcpd on
/sbin/chkconfig xinetd on
/sbin/chkconfig tftp on
/sbin/chkconfig cobblerd on

4、檢查cobbler相關配置：

cobbler check

The following are potential configuration items that you may want to fix:

1 : The 'server' field in /etc/cobbler/settings must be set to something other than localhost, or kickstarting features will not work. This should be a resolvable hostname or IP for the boot server as reachable by all machines that will use it.
2 : For PXE to be functional, the 'next_server' field in /etc/cobbler/settings must be set to something other than 127.0.0.1, and should match the IP of the boot server on the PXE network.
3 : you need to set some SELinux content rules to ensure cobbler works correctly in your SELinux environment, run the following: /usr/sbin/semanage fcontext -a -t public_content_t "/tftpboot/.*" && \ /usr/sbin/semanage fcontext -a -t public_content_t "/var/www/cobbler/images/.*"
4 : some network boot-loaders are missing from /var/lib/cobbler/loaders, you may run 'cobbler get-loaders' to download them, or, if you only want to handle x86/x86_64 netbooting, you may ensure that you have installed a *recent* version of the syslinux package installed and can ignore this message entirely. Files in this directory, should you want to support all architectures, should include pxelinux.0, menu.c32, elilo.efi, and yaboot. The 'cobbler get-loaders' command is the easiest way to resolve these requirements.
5 : change 'disable' to 'no' in /etc/xinetd.d/tftp
6 : change 'disable' to 'no' in /etc/xinetd.d/rsync
7 : since iptables may be running, ensure 69, 80, and 25151 are unblocked
8 : debmirror package is not installed, it will be required to manage debian deployments and repositories
9 : The default password used by the sample templates for newly installed machines (default_password_crypted in /etc/cobbler/settings) is still set to 'cobbler' and should be changed, try: "openssl passwd -1 -salt 'random-phrase-here' 'your-password-here'" to generate new one

Restart cobblerd and then run 'cobbler sync' to apply changes.

修正上面錯誤：
1）、vi /etc/cobbler/settings
server: 192.168.0.2   #設置cobbler server的IP地址
next-server: 192.168.0.2  #設置PXE server的IP地址
manage_dhcp: 1   #開啟管理DHCP服務
default_kickstart: /var/lib/cobbler/kickstarts/default.ks  #設置默認的kickstart配置文件，此文件建議用system-config-kickstart（需要X環境）生成
2)、關閉防火牆和SElinux
3)、獲取啟動鏡像
cobbler get-loaders
4)、啟動tftp和rsync
vi /etc/xinetd.d/tftp
將disable                 = yes改為：disable                 = no
vi /etc/xinetd.d/rsync
將disable                 = yes改為：disable                 = no

重啟xinetd服務：
/etc/init.d/xinetd restart
5)、修改DHCP模板，確保DHCP分配的地址和Cobbler在同一網段
vi
/etc/cobbler/dhcp.template
# ******************************************************************
# Cobbler managed dhcpd.conf file
#
# generated from cobbler dhcp.conf template ($date)
# Do NOT make changes to /etc/dhcpd.conf. Instead, make your changes
# in /etc/cobbler/dhcp.template, as /etc/dhcpd.conf will be
# overwritten.
#
# ******************************************************************

ddns-update-style interim;

allow booting;
allow bootp;

ignore client-updates;
set vendorclass = option vendor-class-identifier;

subnet 192.168.0.0 netmask 255.255.255.0 {
     option routers             192.168.0.1;
     # option domain-name-servers 192.168.0.2;
     option subnet-mask         255.255.255.0;
     range dynamic-bootp        192.168.0.100 192.168.0.200;
     filename                   "/pxelinux.0";
     default-lease-time         21600;
     max-lease-time             43200;
     next-server                $next_server;
}

#for dhcp_tag in $dhcp_tags.keys():
    ## group could be subnet if your dhcp tags line up with your subnets
    ## or really any valid dhcpd.conf construct ... if you only use the
    ## default dhcp tag in cobbler, the group block can be deleted for a
    ## flat configuration
# group for Cobbler DHCP tag: $dhcp_tag
group {
        #for mac in $dhcp_tags[$dhcp_tag].keys():
            #set iface = $dhcp_tags[$dhcp_tag][$mac]
    host $iface.name {
        hardware ethernet $mac;
        #if $iface.ip_address:
        fixed-address $iface.ip_address;
        #end if
        #if $iface.hostname:
        option host-name "$iface.hostname";
        #end if
        #if $iface.subnet:
        option subnet-mask $iface.subnet;
        #end if
        #if $iface.gateway:
        option routers $iface.gateway;
        #end if
        filename "$iface.filename";
        ## Cobbler defaults to $next_server, but some users
        ## may like to use $iface.system.server for proxied setups
        next-server $next_server;
        ## next-server $iface.next_server;
    }
        #end for
}
#end for

5、同步cobbler配置，使修改生效：

cobbler sync

6、掛載Linux安裝盤，生成安裝鏡像：

mount /dev/cdrom /mnt/
cobbler import --path=/mnt/ --name=CentOS-5-i386

7、RPM倉庫管理

相關閱讀：https://fedorahosted.org/cobbler/wiki/ManageYumRepos

我們可以為cobbler添加RPM倉庫：
cobbler repo add --name=CentOS-5-i386 --mirror=http://mirrors.163.com/centos/5/os/i386/
cobbler repo add --name=EPEL-5-i386 --mirror=http://download.fedoraproject.org/pub/epel/5/i386/

同步倉庫到本地：
cobbler reposync

也可以通過設置--mirror-locally=0不下載到本地，而通過kickstart server去倉庫下載rpm包。

添加計劃任務，每天凌晨兩點進行一次同步：
crontab -e
0 2 * * * cobbler reposync --tries=3 --no-fail

8、設置profile和system

profile可以理解為按角色進行分類。
cobbler profile add --name=webserver --distro=CentOS-5-i386 --repos=EPEL-5-i386 --kickstart=/var/lib/cobbler/kickstarts/webserver.ks

system是對待安裝機器做具體設置，如設置主機名、IP地址、hostname等，這些設置根據MAC應用到具體機器上。
cobbler system add --name=webserver1 --ip=192.168.0.110 --mac=00:0C:29:77:89:c7 --profile=webserver --kickstart=/var/lib/cobbler/kickstarts/webserver.ks --static=1
cobbler system edit --name=webserver1 --dns-name=webserver1.grid.house.sina.com.cn --hostname=webserver1.grid.house.sina.com.cn
cobbler system edit --name=webserver1 --gateway=192.168.0.1 --subnet=255.255.255.0
cobbler system edit --name=webserver1 --interface=eth1 --static=0

可以通過訪問http://192.168.0.2/cblr/svc/op/ks/system/webserver1來查看真正的kickstart配置。

9、啟動待安裝的伺服器，開始安裝。

10、重新安裝

yum install koan
koan --server=192.168.0.2 --list=profiles
koan --replace-self --server=192.168.0.2 --profile=webserver
/sbin/reboot

11、設置Cobbler web界面

Cobbler web界面是一個很好的前端，非常容易管理很多Cobbler操作。可以用它列出和編輯distros, profiles, subprofiles, systems, repos and kickstart文件。

安裝Cobbler web：
yum install cobbler-web

Cobbler web界面訪問地址：
http://192.168.0.2/cobbler_web/
  （192.168.0.2為Cobbler web server地址）

設置用戶名密碼：
為已存在的用戶重置密碼：
htdigest /etc/cobbler/users.digest "Cobbler" cobbler
添加新用戶：
htdigest /etc/cobbler/users.digest "Cobbler" yourname

設置/etc/cobbler/modules如下：
  
module = authn_configfile  
  
module = authz_allowall   

重啟Cobbler服務：
service cobblerd restart

12、Cobbler命令說明

cobbler check - 核對當前設置是否有問題
cobbler list - 列出所有的cobbler元素
cobbler report - 詳細的列出個元素
cobbler sync - 同步配置到dhcp/pxe和數據目錄
cobbler reposync - 同步yum倉庫

13、Cobbler配置文件說明

Cobbler配置文件存放在/etc/cobbler下。/etc/cobbler/settings為主配置文件；在/etc/cobbler下你還能看到dhcp、dns、pxe、dnsmasq的模板配置文件；/etc/cobbler/users.digest為用於web訪問的用戶名密碼配置文件；/etc/cobbler/modules.conf 為模塊配置文件；/etc/cobbler/users.conf為Cobbler WebUI/Web service授權配置文件。

Repo數據目錄/var/www/cobbler
導入的發行版，repos鏡像和kickstart文件都放置在/var/www/cobbler目錄下。確保/var目錄有足夠的空間來存儲這些文件。
images/ - 存儲所有導入發行版的Kernel和initrd鏡像用於遠程網路啟動  
ks_mirror/ - 存儲導入的發行版  
repo_mirror/ - yum repos存儲目錄

/var/log/cobbler用於存放日誌文件/var/log/cobbler/cobbler.log

Cobbler數據目錄/var/lib/cobbler，此目錄存儲和Cobbler profiles、systems、distros相關的配置。
configs/ - 此目錄用於存儲distros、repos、systems和profiles相關信息
backup/ - 備份目錄
snippets/  - 用於放置一些可以在kickstarts導入的腳本小片段
triggers/  - 此目錄用來放置一些可執行腳本
kickstarts/  - 此目錄用來放置kickstart模板文件

14、與Puppet整合進行配置管理：

相關參考：https://fedorahosted.org/cobbler/wiki/UsingCobblerWithConfigManagementSystem
# vi /etc/puppet/puppet.conf

# 添加下面行，使puppet支持擴展節點
external_nodes = /usr/bin/cobbler-ext-nodes
node_terminus = exec

# 添加Puppet管理類basesclass，並設置dns name
# cobbler system edit --name=webserver1 --mgmt-classes="baseclass" --dns-name=webserver1.grid.house.sina.com.cn
# 確保下面命令的獲得配置管理類（baseclass）及參數
# /usr/bin/cobbler-ext-nodes "webserver1.grid.house.sina.com.cn"
classes:
parameters: {from_cobbler: 1, tree: 'http://@@http_server@@/cblr/links/CentOS-5-i386'}
注意：上面給腳本提供的參數為你設置的dns name，不是cobbler system命令中設置的name。

kickstart參考：

# cat /var/lib/cobbler/kickstarts/webserver.ks
#platform=x86, AMD64, or Intel EM64T
# System authorization information
auth  --useshadow  --enablemd5
# System bootloader configuration
bootloader --location=mbr
# Partition clearing information
clearpart --all --initlabel
# Use text mode install
text
# Firewall configuration
firewall --disable
# Run the Setup Agent on first boot
firstboot --disable
# System keyboard
keyboard us
# System language
lang en_US
# Use network installation
url --url=$tree
# If any cobbler repo definitions were referenced in the kickstart profile, include them here.
$yum_repo_stanza
# Network information
$SNIPPET('network_config')
# Reboot after installation
reboot

#Root password
rootpw --iscrypted $default_password_crypted
# SELinux configuration
selinux --disabled
# Do not configure the X Window System
skipx
# System timezone
timezone  --utc Asia/Shanghai
# Install OS instead of upgrade
install
# Clear the Master Boot Record
zerombr
# Allow anaconda to partition the system as needed
autopart
clearpart --all --drives=sda --initlabel
part /boot --fstype ext3 --size=128
part /usr --fstype ext3 --size=4192
part / --fstype ext3 --size=2048
part /var --fstype ext3 --size=2048
part /tmp --fstype ext3 --size=2048
part swap --size=2048
part /data0 --fstype ext3 --size=100 --grow


%pre
$SNIPPET('log_ks_pre')
$kickstart_start
$SNIPPET('pre_install_network_config')
# Enable installation monitoring
$SNIPPET('pre_anamon')

%packages
@admin-tools
@base
@chinese-support
@core
@development-libs
@development-tools
@editors
@system-tools
@text-internet
OpenIPMI-tools
hardlink
kernel-PAE
kernel-PAE-devel
kernel-devel
libpng-devel
lrzsz
minicom
net-snmp-utils
pcre-devel
sysstat
x86info
puppet
$SNIPPET('func_install_if_enabled')

%post
$SNIPPET('log_ks_post')
kill_service_list='S00microcode_ctl S19rpcgssd S26hidd S11auditd S22messagebus S90xfs S12restorecond S28autofs S25bluetooth S95atd S05kudzu S25netfs S56cups S97yum-updatesd S06cpuspeed S13portmap S25pcscd S56rawdevices S98avahi-daemon S08ip6tables S14nfslock S26acpid S08iptables S15mdmonitor S26apmd S80sendmail S08mcstrans S18rpcidmapd S26haldaemon S85gpm S99smartd'
for service in $kill_service_list
do
     k_service=`echo $service |sed 's/^S/K/'`
     if [[ -f /etc/rc3.d/$service ]]; then
          mv /etc/rc3.d/$service /etc/rc3.d/$k_service
     fi
done
/sbin/chkconfig --level 345 puppet on
/usr/sbin/puppetd --test

# Start yum configuration
$yum_config_stanza
# End yum configuration
$SNIPPET('post_install_kernel_options')
$SNIPPET('post_install_network_config')
$SNIPPET('func_register_if_enabled')
$SNIPPET('download_config_files')
$SNIPPET('koan_environment')
$SNIPPET('redhat_register')
$SNIPPET('cobbler_register')
# Enable post-install boot notification
$SNIPPET('post_anamon')
# Start final steps
$kickstart_done
# End final steps


參考:
UserDocs: https://fedorahosted.org/cobbler/wiki/UserDocs
Cobbler on Centos with Vmware: http://www.jedi.be/blog/2009/03/19/cobbler-on-centos-with-vmware/
Cobbler Documentation, examples and use of Cobbler Linux Provisioning System: http://openskill.info/topic.php?ID=201

Tags: