Cobbler 配置
1. 環(huán)境描述
- 系統(tǒng)環(huán)境: CentOS 7.3
- 網(wǎng)絡(luò)環(huán)境: 有兩塊網(wǎng)卡逮栅,第一塊用來(lái)配置正常訪問(wèn)互聯(lián)網(wǎng),第二塊配另一個(gè)網(wǎng)段钱贯,這里配置
172.16.1.1挫掏,用來(lái)提供無(wú)人值守安裝系統(tǒng)。 - SELinux: 關(guān)閉狀態(tài)
- iptables秩命、firewalld: 防火墻關(guān)閉狀態(tài)
2. 安裝部署
-
安裝前請(qǐng)先配好epel源尉共,然后使用yum進(jìn)行安裝:
rpm -ivh http://dl.fedoraproject.org/pub/epel/7/x86_64/e/epel-release-7-9.noarch.rpm yum install cobbler cobbler-web pykickstart debmirror dhcp tftp-server httpd syslinux xinetd -
安裝好后,把
/var/lib/tftpboot/目標(biāo)下所有文件移動(dòng)到另一位置弃锐,因?yàn)榇四夸浵碌奈募坑蒫obbler自己來(lái)生成袄友。mkdir /root/pxeboot mv /var/lib/tftpboot/* /root/pxeboot/ -
這時(shí)再編輯
/etc/dhcp/dhcpd.conf,內(nèi)容如下:[root@localhost ~]# cat /etc/dhcp/dhcpd.conf # # DHCP Server Configuration file. # see /usr/share/doc/dhcp*/dhcpd.conf.example # see dhcpd.conf(5) man page # option domain-name "localhost.localdomain"; option domain-name-servers 114.114.114.114,223.6.6.6; default-lease-time 3600; max-lease-time 7200; log-facility local7; subnet 172.16.1.0 netmask 255.255.255.0 { range 172.16.1.2 172.16.1.20; option routers 172.16.1.1; filename "pxelinux.0"; } -
確保第二塊網(wǎng)卡網(wǎng)絡(luò)配置正確霹菊,這里僅作測(cè)試臨時(shí)配置:
ifconfig enp6s0f1 172.16.1.1/24 -
依次啟動(dòng)服務(wù):
systemctl start dhcpd.service && systemctl enable dhcpd.service systemctl start cobblerd.service && systemctl enable cobblerd.service systemctl start httpd.service && systemctl enable httpd.service systemctl start rsyncd.service && systemctl enable rsyncd.service systemctl start xinetd.service && systemctl enable xinetd.service -
環(huán)境檢查修改:
cobbler check
-
報(bào)錯(cuò):
1 : The 'server' field in /etc/cobbler/settings must be set to something other than localhost, or kickstarting features will not work. This should be a resolvable hostname or IP for the boot server as reachable by all machines that will use it. 2 : For PXE to be functional, the 'next_server' field in /etc/cobbler/settings must be set to something other than 127.0.0.1, and should match the IP of the boot server on the PXE network. 3 : change 'disable' to 'no' in /etc/xinetd.d/tftp. 4 : some network boot-loaders are missing from /var/lib/cobbler/loaders, you may run 'cobbler get-loaders' to download them, or, if you only want to handle x86/x86_64 netbooting, you may ensure that you have installed a *recent* version of the syslinux package installed and can ignore this message entirely. Files in this directory, should you want to support all architectures, should include pxelinux.0, menu.c32, elilo.efi, and yaboot. The 'cobbler get-loaders' command is the easiest way to resolve these requirements. 5 : comment out 'dists' on /etc/debmirror.conf for proper debian support 6 : comment out 'arches' on /etc/debmirror.conf for proper debian support 7 : The default password used by the sample templates for newly installed machines (default_password_crypted in /etc/cobbler/settings) is still set to 'cobbler' and should be changed, try: "openssl passwd -1 -salt 'random-phrase-here' 'your-password-here'" to generate new one 8 : fencing tools were not found, and are required to use the (optional) power management features. install cman or fence-agents to use them 解決:
1剧蚣、2: 修改/etc/cobbler/settings
server: 172.16.1.1
next_server: 172.16.1.1
3: 修改/etc/xinetd.d/tftp
disable = no
4: 此問(wèn)題可忽略
5、6:修改/etc/debmirror.conf旋廷,注釋掉@dists="sid"和@arches="i386"
#@dists="sid";
#@arches="i386";
7: 修改默認(rèn)密碼券敌,注意,此密碼是安裝系統(tǒng)默認(rèn)的管理員root密碼
生成密碼串
openssl passwd -1 -saltopenssl rand -hex 4
Password:
0a7998bb
1
OrhhdGoYj.Ngr2yRzGuKB0"
8: 此問(wèn)題可忽略
接著重啟cobblerd服務(wù)柳洋,然后再執(zhí)行cobbler check進(jìn)行檢查待诅,直到只剩可忽略的問(wèn)題:
systemctl restart cobblerd.service
cobbler check
The following are potential configuration items that you may want to fix:
1 : some network boot-loaders are missing from /var/lib/cobbler/loaders, you may run 'cobbler get-loaders' to download them, or, if you only want to handle x86/x86_64 netbooting, you may ensure that you have installed a *recent* version of the syslinux package installed and can ignore this message entirely. Files in this directory, should you want to support all architectures, should include pxelinux.0, menu.c32, elilo.efi, and yaboot. The 'cobbler get-loaders' command is the easiest way to resolve these requirements.
2 : fencing tools were not found, and are required to use the (optional) power management features. install cman or fence-agents to use them
Restart cobblerd and then run 'cobbler sync' to apply changes.
3. cobbler_web
設(shè)置cobbler_web登錄頁(yè)面的用戶和密碼:
htdigest /etc/cobbler/users.digest "Cobbler" cobbler
Changing password for user cobbler in realm Cobbler
New password:
Re-type new password:
提示:
"Cobbler":Rename提示信息
cobbler : 這個(gè)是用戶名
/etc/cobbler/users.digest :帳號(hào)文件注意: 在cobbler-web-2.8.0-4.el7.noarch這個(gè)版本上熊镣,要通過(guò)https協(xié)議訪問(wèn)卑雁,用http協(xié)議訪問(wèn)提示403報(bào)錯(cuò)。
此時(shí)正常來(lái)說(shuō)可以從瀏覽器中通過(guò)http(s)://YOUR_COBBLERD_IP/cobbler_web訪問(wèn)绪囱。
4. 鏡像導(dǎo)入
在系統(tǒng)中將CentOS 7.3 鏡像導(dǎo)入测蹲,此功能在cobbler_web上也應(yīng)該可以操作,但沒(méi)有研究過(guò):
mkdir /media/cdrom
mount /var/local/iso/CentOS-7-x86_64-DVD-1611.iso /media/cdrom
cobbler import --name="CentOS-7-x86_64-DVD-1611" --path=/media/cdrom
接著以同樣的方式導(dǎo)入CentOS 6.5鬼吵,此時(shí)在命令行可執(zhí)行cobbler distro list 可查看到已經(jīng)導(dǎo)入進(jìn)來(lái)的鏡像扣甲。默認(rèn)在導(dǎo)入鏡像的同時(shí),已經(jīng)有創(chuàng)建好了對(duì)應(yīng)的profile齿椅,可以安裝使用了琉挖,默認(rèn)是最小化安裝。profile可執(zhí)行cobbler profile list查看涣脚。
如果要自定義profile示辈,可以用下面命令操作:
cobbler profile add --name="CentOS-7-x86_64-web" --distro=CentOS-7-x86_64-DVD-1611 --kickstart=/var/lib/cobbler/kickstarts/centos7-web.ks
cobbler sync
最后要特別注意,每次操作后都要執(zhí)行cobbler sync來(lái)同步操作生效遣蚀。上面要用到的centos7-web.ks文件制作矾麻,這里不再介紹纱耻,可以通過(guò)system-config-kickstart圖形化工具來(lái)生成和編輯,可以使用yum來(lái)安裝:
yum install system-config-kickstart
# 啟動(dòng)可執(zhí)行:
system-config-kickstart
關(guān)于profile险耀、ks文件制作弄喘、cobbler sync同步等,建議在cobbler_web界面上操作甩牺,比較方便蘑志。
個(gè)人同步博客地址。
