Original article link
References
References
Sa now knows the importance of O & M automation, especially for companies with hundreds of servers and thousands of servers, simply installing systems. If they are not automated, it is simply unimaginable.
In terms of automated O & M installation, human PXE + DHCP + tftp and kickstart were usually used in the early days. Now there are more open-source tools, such as cobbler, openqrm, and spacewalk. This article focuses on cobbler.
Introduction to cobbler
Cobbler is a fast network-based Linux installation service. It also supports Windows installation on the network after adjustment. This tool is developed in Python and is small and lightweight (only 15 K lines of code). You can use simple commands to configure the PXE network installation environment and manage DHCP, DNS, and Yum package images.
Cobbler supports command line management and web interface management. It also provides APIs to facilitate secondary development.
Unlike KickStart, cobbler does not enable DHCP in the LAN, which causes some machines to terminate the startup because it starts from PXE by default and loads TFTP content after the server is restarted.
Common architectures include:
Cobbler installation and deployment configuration
Prepare the cobbler installation environment
For the centos source, you can select an image source near your own location, such as mirrors.163.com or mirrors.sohu.com.
1. Install epel
rpm -Uvh ‘http://dl.fedoraproject.org/pub/epel/6/x86_64/epel-release-6-8.noarch.rpm‘
2. Install the DHCP service.
yum -y install dhcp
3. install other services
Additional services are required: TFTP, rsync, Xinetd, and httpd. Therefore, if these packages are not installed during system installation, install them manually.
Yum-y install TFTP rsync xinetd httpd
4. Disable SELinux.
Restart SELinux To Make The SELinux settings take effect.
VI/etc/SELinux/config
# SELinux = enforcing # comment out
# Selinuxtype = targeted # comment out
SELinux = disabled # Add
: WQ! # Save and exit
Setenforce 0 # Make the configuration take effect immediately
Cobbler installation Configuration
1. Cobbler Installation
yum -y install cobbler
2. Cobbler Configuration
Start cobbler
# /etc/init.d/cobblerd start
Start the HTTPd service
#/Etc/init. d/httpd start
Possible error: httpd: cocould not reliably determine the server's fully qualified domain name, using 127.0.0.1 for servername
Solution: VI/etc/httpd/CONF/httpd. conf
Add: servername localhost: 80
Restart the HTTP service:/etc/init. d/httpd restart
Check the configuration and execute
cobbler check
The following are potential configuration items that you may be want to fix:
1: The 'server' field in/etc/cobbler/settings must be set to something other than localhost, or kickstarting features will not work. this shoshould be a resolvable hostname or IP for the boot server as reachable by all machines that will use it.
2: For PXE to be functional, the 'next _ Server' field in/etc/cobbler/settings must be set to something other than 127.0.0.1, and shoshould match the IP of the boot server on the PXE network.
3: SELinux is enabled. Please review the following wiki page for details on ensuring cobbler works correctly in your SELinux environment:
Https://github.com/cobbler/cobbler/wiki/Selinux
4: Some network boot-loaders are missing from/var/lib/cobbler/loaders, you may run 'cobbler get-loaders' to download them, or, if you only want to handle x86/x86_64 netbooting, you may ensure that you have installed a * recent * version of The syslinux package installed and can ignore this message entirely. files in this directory, shocould you want to support all ubuntures, shocould include pxelinux.0, menu. c32, elilo. EFI, and yaboot. the 'cobbler get-loaders' command is the easiest way to resolve these requirements.
5: Change 'disable' to 'no' in/etc/xinetd. d/rsync
6: debmirror package is not installed, it will be required to manage Debian deployments and repositories
7: ksvalidator was not found, install pykickstart
8: the default password used by the sample templates for newly installed machines (default_password_crypted in/etc/cobbler/settings) is still set to 'jobbler' and shocould be changed, try: "OpenSSL passwd-1-salt 'random-phrase-Here ''ur-password-Here '" to generate new one
9: Fencing tools were not found, and are required to use the (optional) power management features. Install CMAN or fence-agents to use them
Restart cobblerd and then run 'cobbler sync' to apply changes.
1. Edit the/etc/cobbler/settings file, find the server option, and change it to an appropriate IP address. The IP address configured for this instance is 192.168.10.10.
2. Edit the/etc/cobbler/settings file, find the next_server option, and change it to an appropriate IP address. The IP address configured for this instance is 192.168.10.10.
3. SELinux settings
VI/etc/SELinux/config
# SELinux = enforcing # comment out
# Selinuxtype = targeted # comment out
SELinux = disabled # Add
: WQ! # Save and exit
Setenforce 0 # Make the configuration take effect immediately
If SELinux has been disabled, you don't need to worry about it.
4. Execute the cobbler get-loaders command. The system will automatically download the loader program and complete the fix in Tip 4.
5. Edit the/etc/xinetd. d/rsync file and change the disable field configuration in the file from yes to No.
6. It indicates that debmirror is not installed. If Debian is not installed, this prompt can be ignored. If you need to install it, it is:
http://rpmfind.net/linux/rpm2html/search.php?query=debmirror
7. Yum-y install pykickstart
8. Change the default password of a cobbler user. Use the following command to generate a password and replace the password in/etc/cobbler/settings. Password generation command:
OpenSSL passwd-1-salt 'random-phrase-Here ''your-password-where' # Where "-1" is the number "1"
Where "random-phrase-Here" is the interference code
Effect after replacement: default_password_crypted: "$1 $ 303kfy $ xl2k9dttfhlzkbmv0owhy1"
9, sudo Yum-y install CMAN
Run
/etc/init.d/cobblerd restart
Use of cobbler
Import the Installation File
Images are divided into local and network types, but must be downloaded to the local HTTP access directory!
A. Mount the local ISO file and generate the image to/var/www/cobbler/ks_mirror/centos6.5.
Mount image: Mount-T iso9660-o loop/home/cobbler/soft/CentOS-6.5-x86_64-bin-DVD1.iso/mnt/
Import the image to cobbler: Cobbler import -- Path =/mnt/CDROM -- name = centos6.5
B. Copy the network image to the local device.
Cobbler import -- Path = rsync: // mirrors.163.com/centos/6.0/ OS/I #/ -- name = centos-6.0-i386
If an image is deleted, the local/var/www/cobbler/ks_mirror/centos6.0 directory is removed.
Cobbler profile remove -- name = centos6.0-xen-i386
View the list after generating the image, cobbler list
Print profile list cobbler profile report
From the information shown above, cobbler copies the image to a local copy and places it in the centos-6.0-i386 directory under/var/www/cobbler/ks_mirrors. A release version named centos-6.0-i386 and a profile file named centos-6.0-i386 will also be created.
Configure Dhcp Service
First, modify the cobbler configuration so that cobbler can manage the DHCP service and edit the file/etc/cobbler/settings.
manage_dhcp: 1
Next, modify/etc/cobbler/DHCP. template. This file is a template for cobbler to manage DHCP.
In this example, you only need to modify the following parts:
subnet 192.168.10.0 netmask 255.255.255.0 { option routers 192.168.10.1; option domain-name-servers 8.8.8.8; option subnet-mask 255.255.255.0; range dynamic-bootp 192.168.10.100 192.168.10.254;
filename "/pxelinux.0";
default-lease-time 21600;
max-lease-time 43200;
next-server $next_server;
}
You can keep the default value for the rest.
So far, all the preparations have been completed, and the next step is to start the service. In the previous debugging process, many services have already been started. Here you only need to start the xinetd service:
/etc/init.d/xinetd start
Synchronize cobbler configurations
Run
# cobbler sync
Cobbler automatically performs initialization, removes existing startup items, and copies the loader file according to the template. Then generate the PXE configuration file, generate the DHCP configuration file, and then restart the DHCP service.
Now, you can use a virtual machine to test cobbler installation.
Cobbler test and Installation
Select the PXE mode when starting.
Then you can see the following illustration. The Virtual Machine obtains the IP address segment 122 through DHCP, and then obtains the PXE Startup File through TFTP.
It is the PXE installation and Startup menu of cobbler. Here we have just created the centos version.
The system uses the default KS file for installation. After a short wait, the system is automatically installed.
Shows the installed system.
Linux system reinstallation Test
1. First confirm that the koan software has been installed in the current Linux system. For koan installation, you can put it in the KS file to complete the installation during system installation. Run the following command to check
# rpm -qa|grep koankoan-2.0.11-2.el6.noarch
2. With the koan software, you can perform the following operations to view the system version list on cobbler.
# koan --server=192.168.10.1 --list=profiles- looking for Cobbler at http://192.168.10.1/cobbler_apicentos-6.0-i386centos-6.0-i386-kvmcentos6-vmcentos-6.0-x86_64
Here we choose centos-6.0-i386 to reinstall. Run the following command:
# koan --server=192.168.10.1 --profile=centos-6.0-i386 --replace-self- looking for Cobbler at http://192.168.10.1/cobbler_api- reading URL: http://192.168.10.1/cblr/svc/op/ks/profile/centos-6.0-i386install_tree: http://192.168.10.1/cobbler/ks_mirror/centos-6.0-i386downloading initrd initrd.img to /boot/initrd.imgurl=http://192.168.10.1/cobbler/images/centos-6.0-i386/initrd.img- reading URL: http://192.168.10.1/cobbler/images/centos-6.0-i386/initrd.imgdownloading kernel vmlinuz to /boot/vmlinuzurl=http://192.168.10.1/cobbler/images/centos-6.0-i386/vmlinuz- reading URL: http://192.168.10.1/cobbler/images/centos-6.0-i386/vmlinuz- [‘/sbin/grubby‘, ‘--add-kernel‘, ‘/boot/vmlinuz‘, ‘--initrd‘, ‘/boot/initrd.img‘, ‘--args‘, ‘"ks=http://192.168.10.1/cblr/svc/op/ks/profile/centos-6.0-i386 ksdevice=link kssendmac lang= text "‘, ‘--copy-default‘, ‘--make-default‘, ‘--title=kick1313675750‘]- reboot to apply changes# reboot
The red part is manually entered. from other information, we can see that koan has helped us with a lot of content that should have been manually operated.
Next, let's take a look at the restart process:
From this we can see that the system has entered the reinstallation status.
Installation experience
All of the above content is tested on the KVM virtual machine, but can be directly used in the production environment without affecting the existing environment. The only thing that needs to be done is to plan the existing network.
I don't think it will affect the existing production environment because many people are worried about enabling the DHCP service in the Generation Environment for two reasons:
1. No one will enable the NIC to use DHCP mode after installing the system. Usually, static IP is configured for the NIC.
2. During the test, we can see that even if the server is set to start through PXE by default, and it is successfully started through PXE, we will receive the cobbler boot menu. If no selection is made by default, the system will be loaded in Local Mode in 20 seconds, that is, the system on the hard disk will be started.
To sum up, cobbler is still safe.