摘要:裝系統(tǒng)環(huán)境準(zhǔn)備關(guān)閉防火墻配置的源和阿里云的源安裝配置安裝查看安裝的文件,下面列出部分。系統(tǒng)磁盤默認(rèn)格式
博文參考 Cobbler簡(jiǎn)介
Cobbler是一個(gè)Linux服務(wù)器安裝的服務(wù),可以通過網(wǎng)絡(luò)啟動(dòng)(PXE)的方式來快速安裝、重裝物理服務(wù)器和虛擬機(jī),同時(shí)還可以管理DHCP,DNS等。 Cobbler可以使用命令行方式管理,也提供了基于Web的界面管理工具(cobbler-web),還提供了API接口,可以方便二次開發(fā)使用。 Cobbler是較早前的kickstart的升級(jí)版,優(yōu)點(diǎn)是比較容易配置,還自帶web界面比較易于管理。 Cobbler內(nèi)置了一個(gè)輕量級(jí)配置管理系統(tǒng),但它也支持和其它配置管理系統(tǒng)集成,如Puppet,暫時(shí)不支持SaltStack。裝系統(tǒng)環(huán)境準(zhǔn)備 關(guān)閉防火墻firewalld
[root@localhost ~]# getenforce Disabled [root@localhost ~]# systemctl status firewalld ● firewalld.service - firewalld - dynamic firewall daemon Loaded: loaded (/usr/lib/systemd/system/firewalld.service; disabled; vendor preset: enabled) Active: inactive (dead)配置163的yum源和阿里云的epel源
[root@localhost ~]# mv /etc/yum.repos.d/CentOS-Base.repo /etc/yum.repos.d/CentOS-Base.repo.backup [root@localhost ~]# wget -O /etc/yum.repos.d/163.repo http://mirrors.163.com/.help/CentOS7-Base-163.repo [root@localhost ~]# wget -O /etc/yum.repos.d/epel.repo http://mirrors.aliyun.com/repo/epel-7.repo安裝配置Cobbler 安裝Cobbler
[root@localhost ~]# yum -y install dhcp tftp tftp-server cobbler cobbler-web pykickstart httpd [root@localhost ~]# rpm -ql cobbler # 查看安裝的文件,下面列出部分。 /etc/cobbler # 配置文件目錄 /etc/cobbler/settings # cobbler主配置文件,這個(gè)文件是YAML格式,Cobbler是python寫的程序。 /etc/cobbler/dhcp.template # DHCP服務(wù)的配置模板 /etc/cobbler/tftpd.template # tftp服務(wù)的配置模板 /etc/cobbler/rsync.template # rsync服務(wù)的配置模板 /etc/cobbler/iso # iso模板配置文件目錄 /etc/cobbler/pxe # pxe模板文件目錄 /etc/cobbler/power # 電源的配置文件目錄 /etc/cobbler/users.conf # Web服務(wù)授權(quán)配置文件 /etc/cobbler/users.digest # 用于web訪問的用戶名密碼配置文件 /etc/cobbler/dnsmasq.template # DNS服務(wù)的配置模板 /etc/cobbler/modules.conf # Cobbler模塊配置文件 /var/lib/cobbler # Cobbler數(shù)據(jù)目錄 /var/lib/cobbler/config # 配置文件 /var/lib/cobbler/kickstarts # 默認(rèn)存放kickstart文件 /var/lib/cobbler/loaders # 存放的各種引導(dǎo)程序 /var/www/cobbler # 系統(tǒng)安裝鏡像目錄 /var/www/cobbler/ks_mirror # 導(dǎo)入的系統(tǒng)鏡像列表 /var/www/cobbler/images # 導(dǎo)入的系統(tǒng)鏡像啟動(dòng)文件 /var/www/cobbler/repo_mirror # yum源存儲(chǔ)目錄 /var/log/cobbler # 日志目錄 /var/log/cobbler/install.log # 客戶端系統(tǒng)安裝日志 /var/log/cobbler/cobbler.log # cobbler日志配置Cobbler
啟動(dòng)httpd和Cobbler并設(shè)置為自啟動(dòng) [root@localhost ~]# systemctl start httpd [root@localhost ~]# systemctl enable httpd.service [root@localhost ~]# systemctl start cobblerd.service [root@localhost ~]# systemctl enable cobblerd.service 檢查cobbler環(huán)境: [root@localhost cobbler]# cobbler check The following are potential configuration items that you may want to fix: 1 : The "server" field in /etc/cobbler/settings must be set to something other t han localhost, or kickstarting features will not work. This should be a resolva ble hostname or IP for the boot server as reachable by all machines that will us e it. 2 : For PXE to be functional, the "next_server" field in /etc/cobbler/settings m ust be set to something other than 127.0.0.1, and should match the IP of the boo t server on the PXE network. 3 : change "disable" to "no" in /etc/xinetd.d/tftp 4 : some network boot-loaders are missing from /var/lib/cobbler/loaders, you may run "cobbler get-loaders" to download them, or, if you only want to handle x86/ x86_64 netbooting, you may ensure that you have installed a *recent* version of the syslinux package installed and can ignore this message entirely. Files in t his directory, should you want to support all architectures, should include pxel inux.0, menu.c32, elilo.efi, and yaboot. The "cobbler get-loaders" command is th e easiest way to resolve these requirements. 5 : enable and start rsyncd.service with systemctl 6 : debmirror package is not installed, it will be required to manage debian dep loyments and repositories 7 : The default password used by the sample templates for newly installed machin es (default_password_crypted in /etc/cobbler/settings) is still set to "cobbler" and should be changed, try: "openssl passwd -1 -salt "random-phrase-here" "your -password-here"" to generate new one 8 : fencing tools were not found, and are required to use the (optional) power m anagement features. install cman or fence-agents to use them Restart cobblerd and then run "cobbler sync" to apply changes. 逐個(gè)解決以上問題: [root@localhost ~]# cd /etc/cobbler/ [root@localhost cobbler]# vim settings 問題1: ip修改為cobber本機(jī)ip server: 172.16.0.11 問題2: next-server修改為tftp-server next_server: 172.16.0.11 問題3: [root@localhost cobbler]# vim /etc/xinetd.d/tftp disable = no 問題4: 準(zhǔn)備bootloader [root@localhost cobbler]# cp /usr/share/syslinux/{pxelinux.0,menu.c32} /var/lib/cobbler/loaders/ 問題5: 啟動(dòng)rsyncd [root@localhost cobbler]# systemctl start rsyncd.socket [root@localhost cobbler]# systemctl enable rsyncd.socket 問題6: 可忽略 問題7: 為系統(tǒng)設(shè)置復(fù)雜密碼 [root@localhost cobbler]# openssl passwd -1 -salt "han" "123456" $1$han$BtNvGZePxwQMW5gC6IUep1 [root@localhost cobbler]# vim /etc/cobbler/settings default_password_crypted: "$1$han$BtNvGZePxwQMW5gC6IUep1" 問題8: 可忽略 重新檢查: [root@localhost ~]# systemctl restart cobblerd.service [root@localhost ~]# cobbler check [root@localhost ~]# cobbler check The following are potential configuration items that you may want to fix: 1 : some network boot-loaders are missing from /var/lib/cobbler/loaders, you may run "cobbler get-loaders" to download them, or, if you only want to handle x86/x86_64 netbooting, you may ensure that you have installed a *recent* version of the syslinux package installed and can ignore this message entirely. Files in this directory, should you want to support all architectures, should include pxelinux.0, menu.c32, elilo.efi, and yaboot. The "cobbler get-loaders" command is the easiest way to resolve these requirements. 2 : enable and start rsyncd.service with systemctl 3 : debmirror package is not installed, it will be required to manage debian deployments and repositories 4 : fencing tools were not found, and are required to use the (optional) power management features. install cman or fence-agents to use them Restart cobblerd and then run "cobbler sync" to apply changes. 以上均已處理或可以忽略 cobbler配置同步 [root@localhost ~]# cobbler sync
配置dhcpcobbler的運(yùn)行依賴于dhcp、tftp、rsync及dns服務(wù)。其中dhcp可由dhcpd(isc)提供,也可由dnsmasq提供;tftp可由tftp-server程序包提供,也可由cobbler自帶的tftp功能提供;rsync由rsync程序包提供;dns可由bind提供,也可由dnsmasq提供。
cobbler可自行管理這些服務(wù)中的部分甚至是全部,但需要配置/etc/cobbler/settings文件中的“manage_dhcp”、“manage_tftpd”、“manage_rsync”和“manage_dns”分別進(jìn)行定義。另外,由于每種服務(wù)都有著不同的實(shí)現(xiàn)方式,如若需要進(jìn)行自定義,需要通過修改/etc/cobbler/modules.conf配置文件中各服務(wù)的模塊參數(shù)的值來實(shí)現(xiàn)。
本文采用了獨(dú)立管理的方式,即不通過cobbler來管理這些服務(wù)。
[root@localhost ~]# cd /etc/dhcp/ [root@localhost dhcp]# cp /usr/share/doc/dhcp*/dhcpd.conf.example dhcpd.conf [root@localhost dhcp]# grep -v "^#" dhcpd.conf option domain-name "magedu.com"; option routers 172.16.0.1; option domain-name-servers 202.106.0.20, 114.114.114.114; default-lease-time 600; max-lease-time 7200; log-facility local7; subnet 172.16.0.0 netmask 255.255.0.0 { range 172.16.100.200 172.16.100.230; filename "pxelinux.0"; next-server 172.16.0.11; } [root@localhost dhcp]# systemctl start dhcpd.service [root@localhost dhcp]# systemctl enable dhcpd.service[root@localhost ~]# cd /etc/dhcp/ [root@localhost dhcp]# cp /usr/share/doc/dhcp*/dhcpd.conf.example dhcpd.conf [root@localhost dhcp]# grep -v "^#" dhcpd.conf option domain-name "magedu.com"; option routers 172.16.0.1; option domain-name-servers 202.106.0.20, 114.114.114.114; default-lease-time 600; max-lease-time 7200; log-facility local7; subnet 172.16.0.0 netmask 255.255.0.0 { range 172.16.100.200 172.16.100.230; filename "pxelinux.0"; next-server 172.16.0.11; } [root@localhost dhcp]# systemctl start dhcpd.service [root@localhost dhcp]# systemctl enable dhcpd.service配置tftp
[root@localhost dhcp]# systemctl start tftp.socket [root@localhost dhcp]# systemctl enable tftp.socket [root@localhost dhcp]# ss -unl | grep 69 UNCONN 0 0 :::69 :::*Cobbler命令管理 查看命令幫助
[root@localhost ~]# cobbler usage ===== cobbler導(dǎo)入鏡像定義distro... [add|edit|copy|getks*|list|remove|rename|report] [options|--help] cobbler [options|--help] [root@localhost ~]# cobbler import --help #導(dǎo)入鏡像定義distro Usage: cobbler import [options] Options: -h, --help show this help message and exit --arch=ARCH OS architecture being imported --breed=BREED the breed being imported --os-version=OS_VERSION the version being imported --path=PATH local path or rsync location --name=NAME name, ex "RHEL-5" --available-as=AVAILABLE_AS tree is here, don"t mirror --kickstart=KICKSTART_FILE assign this kickstart file --rsync-flags=RSYNC_FLAGS pass additional flags to rsync cobbler check 核對(duì)當(dāng)前設(shè)置是否有問題 cobbler list 列出所有的cobbler元素 cobbler report 列出元素的詳細(xì)信息 cobbler sync 同步配置到數(shù)據(jù)目錄,更改配置最好都要執(zhí)行下 cobbler reposync 同步y(tǒng)um倉(cāng)庫(kù) cobbler distro 查看導(dǎo)入的發(fā)行版系統(tǒng)信息 cobbler system 查看添加的系統(tǒng)信息 cobbler profile 查看配置信息
掛載系統(tǒng)鏡像 [root@localhost ~]# mkdir /media/cdrom [root@localhost ~]# mount -r /dev/cdrom /media/cdrom 從光盤導(dǎo)入文件定義distro [root@localhost ~]# cobbler import --name="CentOS-7.2-x86_64" --path=/media/cdrom # --path 鏡像路徑 # --name 為安裝源定義一個(gè)名字,distro名字 # --arch 指定安裝源是32位、64位、ia64, 目前支持的選項(xiàng)有: x86│x86_64│ia64 # 安裝源的唯一標(biāo)示就是根據(jù)name參數(shù)來定義,本例導(dǎo)入成功后,安裝源的唯一標(biāo)示就是:CentOS-7.1-x86_64,如果重復(fù),系統(tǒng)會(huì)提示導(dǎo)入失敗。 注意: import自動(dòng)為導(dǎo)入的distro自動(dòng)生成一個(gè)同名的profile, 并同時(shí)提供了一個(gè)最小化安裝的kickstart文件,可以實(shí)現(xiàn)自動(dòng)化安裝,但可能并不符合需求 列出當(dāng)前的distro [root@localhost ~]# cobbler distro list CentOS-7.2-x86_64 # 鏡像存放目錄,cobbler會(huì)將鏡像中的所有安裝文件拷貝到本地一份,放在/var/www/cobbler/ks_mirror下的CentOS-7.2-x86_64目錄下。因此/var/www/cobbler目錄必須具有足夠容納安裝文件的空間。 [root@localhost ~]# cd /var/www/cobbler/ks_mirror/ [root@localhost ks_mirror]# ls CentOS-7.2-x86_64 config [root@localhost ks_mirror]# ls CentOS-7.2-x86_64/ CentOS_BuildTag GPL LiveOS RPM-GPG-KEY-CentOS-7 EFI images Packages RPM-GPG-KEY-CentOS-Testing-7 EULA isolinux repodata TRANS.TBL 列出當(dāng)前的profile [root@localhost ~]# cobbler profile list CentOS-7.2-x86_64自定義ks.cfg
# Cobbler的ks.cfg文件存放位置 [root@localhost ks_mirror]# cd /var/lib/cobbler/kickstarts/ [root@localhost kickstarts]# ls default.ks install_profiles sample_autoyast.xml sample_esxi4.ks sample_old.seed esxi4-ks.cfg legacy.ks sample_end.ks(默認(rèn)使用的ks文件) sample_esxi5.ks sample.seed esxi5-ks.cfg pxerescue.ks sample_esx4.ks sample.ks 使用pxe的kickstart文件,并修改 [root@localhost kickstarts]# vim centos7.cfg url --url="http://172.16.0.11/cobbler/ks_mirror/CentOS-7.2-x86_64/" 注意: 自定義的ks文件和模版的ks文件稍有不同, 某些變量無法從配置文件中獲取,如 url --url=$tree, rootpw --iscrypted $default_password_crypted [root@localhost kickstarts]# cat centos7.cfg #platform=x86, AMD64, or Intel EM64T #version=DEVEL # Install OS instead of upgrade install # Keyboard layouts # old format: keyboard us # new format: keyboard --vckeymap=us --xlayouts="us" # Root password rootpw --iscrypted $1$hgfvQffN$tXNj5mQldgQt4ziW1QhNF0 # Use network installation url --url="http://172.16.0.11/cobbler/ks_mirror/CentOS-7.2-x86_64/" # System language lang en_US # Firewall configuration firewall --disabled # System authorization information auth --useshadow --passalgo=sha512 # Use graphical install graphical # Run the Setup Agent on first boot firstboot --enable # SELinux configuration selinux --disabled # Do not configure the X Window System skipx # System services services --disabled="chronyd" ignoredisk --only-use=sda # Network information network --bootproto=dhcp --device=eno16777984 # Reboot after installation reboot # System timezone timezone Asia/Shanghai --ntpservers=3.centos.pool.ntp.org,0.centos.pool.ntp.org,2.centos.pool.ntp.org,1.centos.pool.ntp.org # System bootloader configuration bootloader --location=mbr --boot-drive=sda # Clear the Master Boot Record zerombr # Partition clearing information clearpart --all --initlabel # Disk partitioning information part /boot --asprimary --fstype="xfs" --size=1000 part swap --fstype="swap" --size=8000 part / --fstype="xfs" --grow --size=1 %packages @^minimal @core %end # 查看指定的profile設(shè)置 [root@localhost kickstarts]# cobbler profile report --name=CentOS-7.2-x86_64 Name : CentOS-7.2-x86_64 TFTP Boot Files : {} Comment : DHCP Tag : default Distribution : CentOS-7.2-x86_64 Enable gPXE? : 0 Enable PXE Menu? : 1 Fetchable Files : {} Kernel Options : {} Kernel Options (Post Install) : {} Kickstart : /var/lib/cobbler/kickstarts/sample_end.ks 默認(rèn)ks文件 Kickstart Metadata : {} Management Classes : [] Management Parameters : <安裝CentOS 7系統(tǒng)> Name Servers : [] Name Servers Search Path : [] Owners : ["admin"] Parent Profile : Internal proxy : Red Hat Management Key : < > Red Hat Management Server : < > Repos : [] Server Override : < > Template Files : {} Virt Auto Boot : 1 Virt Bridge : xenbr0 Virt CPUs : 1 Virt Disk Driver Type : raw Virt File Size(GB) : 5 Virt Path : Virt RAM (MB) : 512 Virt Type : kvm # 編輯profile,修改關(guān)聯(lián)的ks文件 [root@localhost kickstarts]# cobbler profile edit --name=CentOS-7.2-x86_64 --kickstart=/var/lib/cobbler/kickstarts/centos7.cfg [root@localhost kickstarts]# cobbler profile report --name=CentOS-7.2-x86_64 Name : CentOS-7.2-x86_64 TFTP Boot Files : {} Comment : DHCP Tag : default Distribution : CentOS-7.2-x86_64 Enable gPXE? : 0 Enable PXE Menu? : 1 Fetchable Files : {} Kernel Options : {} Kernel Options (Post Install) : {} Kickstart : /var/lib/cobbler/kickstarts/centos7.cfg Kickstart Metadata : {} Management Classes : [] Management Parameters : < > Name Servers : [] Name Servers Search Path : [] Owners : ["admin"] Parent Profile : Internal proxy : Red Hat Management Key : < > Red Hat Management Server : < > Repos : [] Server Override : < > Template Files : {} Virt Auto Boot : 1 Virt Bridge : xenbr0 Virt CPUs : 1 Virt Disk Driver Type : raw Virt File Size(GB) : 5 Virt Path : Virt RAM (MB) : 512 Virt Type : kvm 每次修改完都要同步一次 [root@localhost kickstarts]# cobbler sync
新建一臺(tái)虛擬機(jī),啟動(dòng)
local: 本地硬盤啟動(dòng)
CentOS-7-x86_64 : profile名字
[root@localhost ~]# cd /etc/cobbler/ [root@localhost cobbler]# cp modules.conf{,.bak} [root@localhost cobbler]# vim modules.conf module = authn_configfile 創(chuàng)建認(rèn)證文件 [root@localhost cobbler]# htdigest -c /etc/cobbler/users.digest Cobbler cblradmin Adding password for cblradmin in realm Cobbler. New password: Re-type new password: 輸入密碼: 123456 賬號(hào): cdlradmin [root@localhost cobbler]# systemctl restart cobblerd.service
問題:
訪問http://172.16.0.12/cobbler_web提示沒有權(quán)限
Forbidden
You don"t have permission to access /cobbler_web on this server.
png](/img/bVRu9O)
分析日志
[Sun Jun 04 01:26:31.669590 2017] [ssl:error] [pid 5536] [client 172.16.0.10:52276] AH02219: access to /usr/share/cobbler/web/cobbler.wsgi failed, reason: SSL connection required
解決方法:
使用https地址訪問: https://172.16.0.12/cobbler_web
在瀏覽器上添加例外
卸載centos7鏡像
[root@localhost ~]# umount /media/cdrom
[root@localhost ~]# mount -r /dev/cdrom /media/cdrom
[root@localhost ~]# cat centos6.cfg #platform=x86, AMD64, or Intel EM64T #version=DEVEL # Firewall configuration firewall --disabled # Install OS instead of upgrade install # Use network installation url --url="http://172.16.0.11/cobbler/ks_mirror/CentOS-6.6-x86_64/" #repo --name="CentOS" --baseurl=cdrom:sr0 --cost=100 # Root password rootpw --iscrypted $1$cVdlAuSw$5tYu9Bx6iwKTgGvxTlarJ1 # System authorization information auth --useshadow --passalgo=sha512 # Use graphical install graphical # System keyboard keyboard us # System language lang en_US # SELinux configuration selinux --disabled # Do not configure the X Window System skipx # Installation logging level #logging --level=info # Reboot after installation reboot # System timezone timezone Asia/Shanghai # Network information network --bootproto=dhcp --device=eth0 --onboot=on #network --bootproto=dhcp --device=eth1 --onboot=on # System bootloader configuration bootloader --append="crashkernel=auto rhgb quiet" --location=mbr --driveorder="sda" # Clear the Master Boot Record zerombr # Partition clearing information clearpart --all --initlabel # Disk partitioning information part /boot --asprimary --fstype="ext4" --size=100 part swap --fstype="swap" --size=8000 part / --fstype="ext4" --grow --size=1 %packages --nobase @core %end配置同步 安裝centos 6系統(tǒng)
新建虛擬機(jī),啟動(dòng)
文件大部分參數(shù)含義見kickstart文章,此處只講一些不同的地方。同時(shí)可以參考模板文件
[root@linux-node1 kickstarts]# cat CentOS-7.1-x86_64.cfg # Cobbler for Kickstart Configurator for CentOS 7.1 by yao zhang install url --url=$tree # 這些$開頭的變量都是調(diào)用配置文件里的值。 text lang en_US.UTF-8 keyboard us zerombr bootloader --location=mbr --driveorder=sda --append="crashkernel=auto rhgb quiet" # Network information $SNIPPET("network_config") timezone --utc Asia/Shanghai authconfig --enableshadow --passalgo=sha512 rootpw --iscrypted $default_password_crypted clearpart --all --initlabel part /boot --fstype xfs --size 1024 # CentOS7系統(tǒng)磁盤默認(rèn)格式xfs part swap --size 1024 part / --fstype xfs --size 1 --grow firstboot --disable selinux --disabled firewall --disabled logging --level=info reboot %pre $SNIPPET("log_ks_pre") $SNIPPET("kickstart_start") $SNIPPET("pre_install_network_config") # Enable installation monitoring $SNIPPET("pre_anamon") %end %packages @base @compat-libraries @debugging @development tree nmap sysstat lrzsz dos2unix telnet iptraf ncurses-devel openssl-devel zlib-devel OpenIPMI-tools screen %end %post systemctl disable postfix.service %end
文章版權(quán)歸作者所有,未經(jīng)允許請(qǐng)勿轉(zhuǎn)載,若此文章存在違規(guī)行為,您可以聯(lián)系管理員刪除。
轉(zhuǎn)載請(qǐng)注明本文地址:http://systransis.cn/yun/40652.html
摘要:裝系統(tǒng)環(huán)境準(zhǔn)備關(guān)閉防火墻配置的源和阿里云的源安裝配置安裝查看安裝的文件,下面列出部分。系統(tǒng)磁盤默認(rèn)格式 博文參考 Cobbler簡(jiǎn)介 Cobbler是一個(gè)Linux服務(wù)器安裝的服務(wù),可以通過網(wǎng)絡(luò)啟動(dòng)(PXE)的方式來快速安裝、重裝物理服務(wù)器和虛擬機(jī),同時(shí)還可以管理DHCP,DNS等。 Cobbler可以使用命令行方式管理,也提供了基于Web的界面管理工具(cobbler-web),...
閱讀 1880·2021-11-25 09:43
閱讀 2155·2021-11-19 09:40
閱讀 3434·2021-11-18 13:12
閱讀 1748·2021-09-29 09:35
閱讀 670·2021-08-24 10:00
閱讀 2516·2019-08-30 15:55
閱讀 1720·2019-08-30 12:56
閱讀 1826·2019-08-28 17:59