Operation and maintenance automation of the Cobbler system installation and use of detailed

Source: Internet
Author: User
Tags rsync

First, Introduction

Cobbler is a fast network-installed Linux service and can be adjusted to support network installation of Windows. The tool uses Python development, small and lightweight (just 15k of Python code), using simple commands to complete the configuration of the PXE network installation environment, while also managing DHCP, DNS, and the Yum Warehouse, the construction system ISO image.

Cobbler Support Command line management, web interface management, also provides API interface, can be easily used two times development.

Cobbler client Koan supports virtual machine installation and operating system reinstallation, making reloading systems easier.

Second, the function provided by cobbler

With Cobbler, you can install machines without manual intervention. Cobbler set up a PXE boot environment (it can also use Yaboot to support PowerPC) and control all aspects related to installation, such as network boot service (DHCP and TFTP) and repository mirroring. When you want to install a new machine, the Cobbler can:

Use a previously defined template to configure the DHCP service (if management DHCP is enabled)

Create a mirror or unzip one of the repositories (yum or rsync) to register a new operating system

Create an entry in the DHCP configuration file for the machine that needs to be installed and use the parameters you specified (IP and MAC address)

Create the appropriate PXE file under the TFTFP service directory

Restart the DHCP service to reflect changes

Restart the machine to start the installation (if power management is enabled)

Cobbler supports numerous distributions: Red Hat, Fedora, CentOS, Debian, Ubuntu, and SuSE. When adding an operating system (usually by using an ISO file), Cobbler knows how to decompress the appropriate files and adjust the network service to properly boot the machine.

Cobbler can use kickstart templates. Systems based on Red Hat or Fedora use the Kickstart file to automate the installation process. By using a template, you will have a basic kickstart template, and then define how to replace variables in one configuration file or machine configuration. For example, a template might contain two variables $domain and $machine _name. In the Cobbler configuration, a configuration file specifies Domain=mydomain.com, and each machine that uses the configuration file specifies its name in the machine_name variable. All machines in the configuration file are installed with the same kickstart and configured for domain=mydomain.com, but each machine has its own machine name. You can still use the Kickstart template to install other machines in different domains and use different machine names.

To assist with the management system, the Cobbler can be connected to a variety of power management environments via fence scripts. Cobbler supports APC_SNMP, BladeCenter, Bullpap, Drac, Ether_wake, ILO, Integrity, Ipmilan, Ipmitool, Lpar, RSA, Virsh, and WTI. To reinstall a machine, you run the reboot system foo Command, and Cobbler uses the necessary credentials and information to run the appropriate fence scripts for you (such as the number of machine slots).

In addition to these features, you can also use a configuration management system (CMS). You have two options: an internal system within the tool, or integration with an existing external CMS, such as Chef or Puppet. With internal systems, you can specify file templates that are processed according to configuration parameters (as with the Kickstart template), and then copied to the location you specify. This is useful if you must automatically deploy the configuration file to a specific machine.

Using the Koan client, Cobbler can configure the virtual machine from the client and reinstall the system. I will not discuss configuration management and Koan features, as they are not part of the scope of this article. However, they are useful features that merit research.


Three, installation configuration

1. Installation method

Cobbler can be manually compiled or installed on a Yum source, and if required to be installed through a Yum source, you need to configure the EPEL source, EPEL source can be installed by downloading the directory of the official EPEL source Https://fedoraproject.org/wiki/EPEL


# yum Install cobbler Cobbler-web pykickstart debmirror-y

2. Check the configuration file, you need to check the Cobblerd and httpd boot case

# cobbler check the following are potential configuration items  that you may want to fix: 1 : the  ' Server '  field in  /etc/cobbler/settings must be set to something other than  Localhost, or kickstarting features will not work.  this should  be a resolvable hostname or ip for the boot server as  reachable by all machines that will use it. 2 : for  PXE to be functional, the  ' Next_server '  field in /etc/cobbler/ settings must be set to something other than 127.0.0.1, and  should match the ip of the boot server on the pxe  Network. 3 : some&nBsp;network boot-loaders are missing from /var/lib/cobbler/loaders, you may  run  ' Cobbler get-loaders '  to download them, or, if you only  want to handle x86/x86_64 netbooting, you may ensure that  you have installed a *recent* version of the syslinuxpackage  installed and can ignore this message entirely.  files in  this directory, should you want to support all architectures,  should include pxelinux.0, menu.c32, elilo.efi, and yaboot. the  ' Cobbler get-loaders '  command is the easiest way to resolve these  requirements. 4 : change  ' disable '  to  ' no '  in /etc/xinetd.d/ Rsync 5 : comment out  ' dists '  on /etc/debmirror.conf for proper debian support 6  : comment out  ' arches '  on /etc/debmirror.conf for proper debian  support 7 : The default password used by the sample  templates for newly installed machines  (default_password_crypted in /etc/ cobbler/settings)  is still set to  ' Cobbler '  and should be changed , try:  "openssl passwd -1 -salt  ' random-phrase-here '   ' Your-password-here '"  to generate new one 8 : fencing tools were not found,  and are required to use the  (optional)  power management  Features. install cman or fence-agents to use them

As a workaround for the previous question:

1. Modify the value of the server parameter of the/etc/cobbler/settings file to the IP address of the host that provided the Cobbler service

2. Modify the value of the Next_server parameter of the/etc/cobbler/settings file to the corresponding IP address of the host that provided the PXE service

3. If the current node can access the Internet, perform the "Cobbler get-loader" command to download Pxelinux.0,menu.c32,elilo.efi, or yaboot files, otherwise, you need to install the Syslinux package, and then copy/usr/ PXELINUX.0,MENU.C32 files in share/syslinux/to/var/lib/cobbler/loaders directory 4. Change disable in/etc/xinetd.d/rsync to No, or execute " Chkconfig rsync on "

5. Note "@dists =" Sid "in the/etc/dedmirror.conf file;" Line

6. Note "@arches =" i386 "in the/etc/dedmirror.conf file; Line

7. Execute "OpenSSL passwd-1-salt $ (OpenSSL Rand-hex 4)" To generate the password and replace the default_password_crypted parameter in the/etc/cobbler/settings file with it

8. Installing the cam and fance-agents for power management

Synchronizing files via Cobbler Get-loaders:


# Cobbler Get-loaders

Iv. Configuring and starting the services on which cobbler depends


The cobbler operation relies on DHCP, TFTP, rsync, and DNS services, where DHCP can be provided by DHCPD (ISC) or DNSMASQ, TFTP can be provided by the Tftp-server package, or it can be provided by the Cobbler function. Rsync has the Rsync package provided, DNS can be provided by bind, or it can be provided by DNSMASQ

Cobbler can manage some or all of these services on its own, but need to configure "Manange_dhcp", "manager_tftpd", "Manager_rsync", "/etc/cobbler/settings", " Manager_dns "is defined separately, and since various services have different implementations, if you need to customize it, you need to modify the values of the module parameters of each service in the/etc/cobbler/modules.conf configuration file to achieve


The department is independently managed. That does not manage these services through cobbler.

1. Configuring the DHCP service

Define the required "subnet" and other parameters, and the configuration is as follows:

# cp/usr/share/doc/dhcp*/dhcpd.conf.sample/etc/dhcp/dhcpd.conf edit config file option domain-name "wangfeng7399"; Option Domain-name-servers 192.168.1.201; Default-lease-time 43200; Max-lease-time 86400; Log-facility Local7;                          Subnet 192.168.1.0 netmask 255.255.255.0 {range 192.168.1.210 192.168.1.230 Option Routers 192.168.1.253} next-server 192.168.1.210; Filename= "pxelinux.0";


2. Configuring the TFTPD Service


# Chkconfig TFTP on

V. Configuration Cobbler

The relationships between the main components of the cobbler are as follows:

650) this.width=650; "class=" Fit-image "src=" http://s3.51cto.com/wyfs02/M00/27/31/ Wkiom1nw3unbvnxhaajgnktby9o030.jpg "title=" Replication.png "alt=" wkiom1nw3unbvnxhaajgnktby9o030.jpg "width=" 498 " Style= "border:0px;"/>

1. Management distro

The first step that cobbler becomes available is to define the distro, which can be implemented by specifying an external installation boot kernel and RAMDisk file for it. If you already have a completed installation tree (such as an installation image of the OS), it is recommended to use the Improt import:

# Mount/dev/cdrom/media Mount:block device/dev/sr0 is write-protected, mounting read-only # Cobbler Import--name=cent Os6.5-x86-64--path=/media/

List all the distro:

# Cobbler Distro List centos6.5-64-x86_64

If you have a kickstart file, you can also import it using--kickstart=/path/to/kickstart_file, so import automatically generates a profile for the imported distro

2. Managing Profiles

Cobbler uses profile to provide a lock for a specific requirement category that needs to be installed, that is, to generate a specific system installation configuration by providing Kiskstart files on distro basis. Distro profile can appear in the PXE boot menu as one of the options for installation

# Cobbler Profile Add--name=centos6.5-x86_64--distro=centos6.5-64-x86_64 kickstart=/root/anaconda-ks.cfg

List profiles on the current system:

# Cobbler Profile List centos6.5-64-x86_64 centos6.5-x86_64

Delete a profile:


# Cobbler Profile Remove--name=centos6.5-64-x86_64


3. Restart the service and synchronize the data to the response directory


# service Cobblerd Restart stopping cobbler daemon: [OK] Starting Cobbler daemon: [OK] # Cobbler Sync

4. Testing

650) this.width=650; "class=" Fit-image "src=" Http://s3.51cto.com/wyfs02/M00/27/34/wKioL1Nw_ Olb236xaaczwyddgi8873.jpg "title=" 3.png "alt=" wkiol1nw_olb236xaaczwyddgi8873.jpg "width=" 498 "style=" border:0px; "/ >

You can see our customized System launch page and start installing the system

650) this.width=650; "class=" Fit-image "src=" http://s3.51cto.com/wyfs02/M02/27/34/wKiom1Nw_Q2zpiUNAAEV8Xm_ Jps672.jpg "title=" 4.png "alt=" wkiom1nw_q2zpiunaaev8xm_jps672.jpg "width=" 498 "style=" border:0px; "/>

System installed successfully, login system

650) this.width=650; "class=" Fit-image "src=" Http://s3.51cto.com/wyfs02/M01/27/34/wKiom1Nw_ 92gocwhaaeitwn87q4866.jpg "title=" 1.png "alt=" wkiom1nw_92gocwhaaeitwn87q4866.jpg "width=" 498 "style=" border:0px; "/ >

Vi. Use of Cobbler_web

Cobbler_web supports a variety of authentication methods, such as Authn_configfil, Authn_ldap, or authn_pam, the default is Authn_denyall, that is, deny all users login. Here are two ways to authenticate user login Cobbler_web

1. Use the Authn_pam module to authenticate cobbler_web users

First modify the [Authentication] section in the modules the value of the module parameter is Authn_pam, then set the system user, and set a password for the user, and then add the set of system users to the Cobbler_web Admin Group, modify/etc /cobbler/users.conf file, add the set user as the value of the admin parameter.

2. Use the Authn_configfile module to authenticate cobbler_web users

First modify the value of the module parameter in the [authentication] segment in modules to Authn_configfile, then create its authentication file/etc/cobbler/users.digest, and add the required user. It is important to note that when you add the first user, you need to use the "-C" option for the Htdigest command, and subsequent additions to the user are no longer available.

The authn_pam is used by the department

# vi/etc/cobbler/modules.conf [Authentication] module = authn_pam # useradd Admin # passwd Admin # vi/etc/cobbler/users. conf [Admins] admin = "admin"

650) this.width=650; "class=" Fit-image "src=" http://s3.51cto.com/wyfs02/M01/27/34/ Wkiol1nxagdh2j3xaajoswkbn8c655.jpg "title=" 5.png "alt=" wkiol1nxagdh2j3xaajoswkbn8c655.jpg "width=" 498 "style=" border:0px; "/>

650) this.width=650; "class=" Fit-image "src=" http://s3.51cto.com/wyfs02/M00/27/34/ Wkiom1nxaiyqhr8maagb1odxoqw457.jpg "title=" 6.png "alt=" wkiom1nxaiyqhr8maagb1odxoqw457.jpg "width=" 498 "style=" border:0px; "/>

650) this.width=650; "class=" Fit-image "src=" http://s3.51cto.com/wyfs02/M00/27/34/ Wkiol1nxaggzzhafaahx4uwbjie851.jpg "title=" 7.png "alt=" wkiol1nxaggzzhafaahx4uwbjie851.jpg "width=" 498 "style=" border:0px; "/>

650) this.width=650; "class=" Fit-image "src=" http://s3.51cto.com/wyfs02/M02/27/34/ Wkiom1nxaizzqvtaaajojmvry5w390.jpg "title=" 8.png "alt=" wkiom1nxaizzqvtaaajojmvry5w390.jpg "width=" 498 "style=" border:0px; "/>

Can be added manually, it is not to remember the command and worry about!

Finished, the follow-up will launch automation operations related content, please look forward to!



This article is from the "Little Water Drop" blog, please make sure to keep this source http://wangzan18.blog.51cto.com/8021085/1693374

Operation and maintenance automation of the Cobbler system installation and use of detailed

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.