最近筆者研究cobbler批量裝機系統。
cobbler裝機系統是較早前kickstart的升級版,優點比較容易配置,還內建web介面比較易於管理,不足在於中文資料較少。
這裡就詳細的介紹下筆者親自經曆的一次安裝過程。
開始的時候筆者用的是centos 5.8系統,但是在安裝cpbbler-web的時候報錯,於是這次採用了centos6.4系統進行安裝配置。
環境:
作業系統:CentOS 6.4
測試機器ip:10.0.0.128
先將iptables selinux 關掉。
/etc/init.d/iptables stop
chkconfig iptables off
setenforce0
並修改設定檔/etc/sysconfig/selinux 將其disable
一、匯入yum源,安裝軟體.
rpm -Uvh http://mirrors.hustunique.com/epel/6/x86_64/epel-release-6-8.noarch.rpm yum install cobbler cobbler-web yum install dhcp httpd chkconfig cobblerd on chkconfig httpd on cobbler check |
二:配置環境
1>修改cobbler 的設定檔
Vi /etc/cobbler/settings
修改如下地方:
next_server: 10.0.0.128 server: 10.0.0.128 manage_dhcp: 1 manage_rsync: 1 |
產生密碼串
[root@puppet ~]# openssl passwd -1-salt "cobber" "123456" #舉個簡單例子"123456"
$1$cobber$yV9XfOuaaiVDvImopK7o.1
openssl passwd -1 -salt '任間字元' '密碼'
這個命令的用法,任一字元可以隨便寫,這個密碼就是安裝完系統root的密碼了。替換設定檔裡的字串。
vi /etc/cobbler/settings
default_password_crypted: "$1$cobber$yV9XfOuaaiVDvImopK7o.1"
2>啟用tfpt 和 rsync
vim /etc/xinetd.d/tftp
vim /etc/xinetd.d/rsync
將disable的值修改成no
啟動服務
/etc/init.d/xinetd restart
3>修改dhcp的設定檔
# vi /etc/cobbler/dhcp.template
ddns-update-style interim; allow booting; allow bootp; ignore client-updates; set vendorclass = option vendor-class-identifier; option pxe-system-type code 93 = unsigned integer 16; subnet 10.0.0.0 netmask 255.255.255.0 { option routers 10.0.0.1; option domain-name-servers 8.8.8.8; option subnet-mask 255.255.255.0; range dynamic-bootp 10.0.0.2 10.0.0.100; default-lease-time 21600; max-lease-time 43200; next-server $next_server; }
|
餘下預設,只修改這個模板就行,cobbler 會同步到dhcp的配置。
[root@cobbler~]# cobbler get-loaders
task started: 2014-03-25_163306_get_loaders task started (id=Download Bootloader Content, time=Tue Mar 25 16:33:06 2014) path /var/lib/cobbler/loaders/README already exists, not overwriting existing content, use --force if you wish to update path /var/lib/cobbler/loaders/COPYING.elilo already exists, not overwriting existing content, use --force if you wish to update path /var/lib/cobbler/loaders/COPYING.yaboot already exists, not overwriting existing content, use --force if you wish to update path /var/lib/cobbler/loaders/COPYING.syslinux already exists, not overwriting existing content, use --force if you wish to update path /var/lib/cobbler/loaders/elilo-ia64.efi already exists, not overwriting existing content, use --force if you wish to update downloading http://www.cobblerd.org/loaders/yaboot-1.3.14-12 to /var/lib/cobbler/loaders/yaboot downloading http://www.cobblerd.org/loaders/pxelinux.0-3.61 to /var/lib/cobbler/loaders/pxelinux.0 downloading http://www.cobblerd.org/loaders/menu.c32-3.61 to /var/lib/cobbler/loaders/menu.c32 downloading http://www.cobblerd.org/loaders/grub-0.97-x86.efi to /var/lib/cobbler/loaders/grub-x86.efi downloading http://www.cobblerd.org/loaders/grub-0.97-x86_64.efi to /var/lib/cobbler/loaders/grub-x86_64.efi *** TASK COMPLETE *** |
三:配置web環境
#vi /etc/cobbler/modules.conf
module = authn_configfile /修改認證方式為密碼檔案類型
#htdigest/etc/cobbler/users.digest "Cobbler"cobbler/添加cobbler使用者,提示輸入2遍密碼確認
# cobbler sync /輸出*** TASK COMPLETE*** 表示配置無錯誤
# /etc/init.d/httpd restart
# /etc/init.d/cobblerdrestart
訪問web頁面 https://10.0.0.128/cobbler_web /使用剛才建立的使用者登入
1:添加DVD源,
[root@puppet soft]# mount /dev/cdrom/mnt/cdrom/
cobbler import --path=/mnt/cdrom--name=centos6.4
[root@cobbler ~]# cobblerimport --path=/mnt/cdrom --name=centos6.4
task started: 2014-03-25_182605_import task started (id=Media import, time=Tue Mar 25 18:26:05 2014) Found a candidate signature: breed=redhat, version=rhel6 Found a matching signature: breed=redhat, version=rhel6 Adding distros from path /var/www/cobbler/ks_mirror/centos6.4: creating new distro: centos6.4-i386 trying symlink: /var/www/cobbler/ks_mirror/centos6.4 -> /var/www/cobbler/links/centos6.4-i386 creating new profile: centos6.4-i386 associating repos checking for rsync repo(s) checking for rhn repo(s) checking for yum repo(s) starting descent into /var/www/cobbler/ks_mirror/centos6.4 for centos6.4-i386 processing repo at : /var/www/cobbler/ks_mirror/centos6.4 need to process repo/comps: /var/www/cobbler/ks_mirror/centos6.4 looking for /var/www/cobbler/ks_mirror/centos6.4/repodata/*comps*.xml running: createrepo -c cache -s sha --groupfile /var/www/cobbler/ks_mirror/centos6.4/repodata/151ad5b0a3056212a6012b429192adcabba8b37571ff12453d6a29bc5199c943-c6-i386-comps.xml /var/www/cobbler/ks_mirror/centos6.4 received on stdout: Spawning worker 0 with 3114 pkgs Workers Finished Gathering worker results Saving Primary metadata Saving file lists metadata Saving other metadata Generating sqlite DBs Sqlite DBs complete received on stderr: *** TASK COMPLETE *** |
圖形介面操作點擊Importer DVD (先掛載鏡像ISO),然後再Importer,點擊run
匯入完成後可以看到
選擇左側profile配置ks檔案
輸入你所需要的ks檔案路徑
Centos6.ks檔案如下,這裡只是個比較簡單的ks檔案,大家可以根據自己的需求配置。
#platform=x86, AMD64, or Intel EM64T # System authorization information auth --useshadow --enablemd5 # System bootloader configuration bootloader --location=mbr # Partition clearing information clearpart --all --initlabel # Use text mode install text # Firewall configuration firewall --disable # Run the Setup Agent on first boot firstboot --disable # System keyboard keyboard us # System language lang en_US # Use network installation url --url=$tree # If any cobbler repo definitions were referenced in the kickstart profile, include them here. $yum_repo_stanza # Network information $SNIPPET('network_config') # Reboot after installation reboot #Root password rootpw --iscrypted $default_password_crypted # SELinux configuration selinux --disabled # Do not configure the X Window System skipx # System timezone timezone --utc Asia/Shanghai # Install OS instead of upgrade install # Clear the Master Boot Record zerombr # Allow anaconda to partition the system as needed autopart clearpart --all --drives=sda --initlabel part /boot --fstype ext3 --size=200 part / --fstype ext3 --size=8000 part swap --size=2048 %pre $SNIPPET('log_ks_pre') $kickstart_start $SNIPPET('pre_install_network_config') # Enable installation monitoring $SNIPPET('pre_anamon') %packages @admin-tools @base @chinese-support @core @development-libs @development-tools @editors @system-tools @text-internet OpenIPMI-tools hardlink kernel-PAE kernel-PAE-devel kernel-devel libpng-devel lrzsz minicom net-snmp-utils pcre-devel sysstat x86info puppet %pre $SNIPPET('log_ks_pre') $SNIPPET('kickstart_start') $SNIPPET('pre_install_network_config') # Enable installation monitoring $SNIPPET('pre_anamon') %packages $SNIPPET('func_install_if_enabled') $SNIPPET('puppet_install_if_enabled') %post $SNIPPET('log_ks_post') # Start yum configuration $yum_config_stanza # End yum configuration $SNIPPET('post_install_kernel_options') $SNIPPET('post_install_network_config') $SNIPPET('func_register_if_enabled') $SNIPPET('puppet_register_if_enabled') $SNIPPET('download_config_files') $SNIPPET('koan_environment') $SNIPPET('redhat_register') $SNIPPET('cobbler_register') # Enable post-install boot notification $SNIPPET('post_anamon') # Start final steps $SNIPPET('kickstart_done') # End final steps |
5:用戶端從網路啟動後選擇對應的工程檔案開始自動部署
選擇配置好的選項開始自動安裝
完成後自動重啟,可以用先前定義好的密碼("123456")登陸了.
附:錯誤排除
# cobbler check
The following are potential configuration items that you may want to fix:
1 : Must enable a selinux boolean to enable vital web services components, run:setsebool -P httpd_can_network_connect true
2 : you need to set some SELinux content rules to ensure cobbler serves contentcorrectly in your SELinux environment, run the following: /usr/sbin/semanagefcontext -a -t public_content_t "/tftpboot/.*" &&/usr/sbin/semanage fcontext -a -t public_content_t"/var/www/cobbler"/images/.*
3 : you need to set some SELinux rules if you want to use cobbler-web (anoptional package), run the following: /usr/sbin/semanage fcontext -a -thttpd_sys_content_rw_t "/var/lib/cobbler/webui_sessions/.*"
解決:關閉selinux
# vim /etc/sysconfig/selinux
SELINUX=disabled
4 : change 'disable' to 'no' in /etc/xinetd.d/tftp
解決:編輯/etc/xinetd.d/tftp檔案,將檔案中的disable欄位的配置由yes改為no
5 : change 'disable' to 'no' in /etc/xinetd.d/rsync
解決:編輯/etc/xinetd.d/rsync檔案,將檔案中的disable欄位的配置由yes改為no
6 : since iptables may be running, ensure 69, 80, and 25151 are unblocked
解決:在iptables中將69,80,25151連接埠開啟。如果僅僅只是在內部環境中使用,建議直接將防火牆關掉
7 : debmirror package is not installed, it will be required to manage debiandeployments and repositories
解決:yum install debmirror
或:rpm -Uvhftp://rpmfind.net/linux/epel/5/i386/debmirror-20090807-1.el5.noarch.rpm –nodeps–force
8 : ksvalidator was not found, install pykickstart
解決:yum install pykickstart
9 : The default password used by the sample templates for newly installedmachines (default_password_crypted in /etc/cobbler/settings) is still set to 'cobbler'and should be changed, try: "openssl passwd -1 -salt 'random-phrase-here''your-password-here'" to generate new one
解決: 修改預設密碼就OK了,然後把密碼寫入到/etc/cobbler/settings中
# openssl passwd -1 -salt 'random-phrase-here' 'your-password-here'
10 : comment 'dists' on /etc/debmirror.conf for proper debian support
11 : comment 'arches' on /etc/debmirror.conf for proper debian support
解決:注釋/etc/debmirror.conf 下面兩行
#@dists="sid";
@sections="main,main/debian-installer,contrib,non-free";
#@arches="i386";
12:fencing tools were not found, and are required to use the (optional)power management features. install cman or fence-agents to use them
解決: yum install cman
修複完成,再用 cobbler check 檢查一下,確認沒問題後用 cobbler sync 做同步操作:
# cobbler check
No configuration problems found. All systems go.
13. comment out 'dists' on/etc/debmirror.conf for proper debian support
comment out 'arches' on /etc/debmirror.conf for proper debiansupportvim vi /etc/debmirror.conf
#注釋掉@dists="sid"與@arches="i386即可
#@dists="sid";
#@arches="i386";
14. 較驗cobbler check出錯
Traceback (most recent call last):
File"/usr/bin/cobbler", line 35, in ?
sys.exit(app.main())
File"/usr/lib/python2.4/site-packages/cobbler/cli.py", line 558, in main
rc =cli.run(sys.argv)
File"/usr/lib/python2.4/site-packages/cobbler/cli.py", line 202, in run
self.token = self.remote.login("",self.shared_secret)
File"/usr/lib64/python2.4/xmlrpclib.py", line 1096, in __call__
return self.__send(self.__name, args)
File"/usr/lib64/python2.4/xmlrpclib.py", line 1383, in __request
verbose=self.__verbose
File"/usr/lib64/python2.4/xmlrpclib.py", line 1147, in request
return self._parse_response(h.getfile(), sock)
File"/usr/lib64/python2.4/xmlrpclib.py", line 1286, in _parse_response
return u.close()
File"/usr/lib64/python2.4/xmlrpclib.py", line 744, in close
raise Fault(**self._stack[0])
xmlrpclib.Fault: <Fault 1:"cobbler.cexceptions.CX:'login failed'">
解決方案:此為BUG,按下方操作執行即
service cobblerd restart
cobbler get-loaders
返回這個結果就OK了