Cobbler自动化系统服务器部署

时间:2022-09-17 09:19:59
Cobbler作为一个自动化系统工具,使部署RedHat/Centos/Fedora系统更容易,同时也支持Suse和Debian系统的部署。
它提供以下服务集成:

* PXE服务支持
* DHCP服务管理
* DNS服务管理
* Kickstart服务支持
* yum仓库管理

Cobbler客户端Koan支持虚拟机安装和操作系统重新安装。

Cobbler服务器部署:
1、确保EPEL仓库可用,如果不可用先安装epel包:
rpm -Uvh http://dl.fedoraproject.org/pub/epel/6/x86_64/epel-release-6-8.noarch.rpm

2、安装cobbler server需要的的所有包:
yum install cobbler httpd rsync tftp-server xinetd dhcp
yum install pykickstart debmirror python-ctypes cman fence-agents
 
3、启动httpd和cobblerd,并设置为开机自启动:
 
service httpd start
service cobblerd start
 
chkconfig httpd on
chkconfig dhcpd on
chkconfig xinetd on
chkconfig tftp on
chkconfig cobblerd on

4、检查cobbler相关配置:
 
执行报错
# cobbler check
Traceback (most recent call last):
  File "/usr/bin/cobbler", line 36, in <module>
    sys.exit(app.main())
  File "/usr/lib/python2.6/site-packages/cobbler/cli.py", line 657, in main
    rc = cli.run(sys.argv)
  File "/usr/lib/python2.6/site-packages/cobbler/cli.py", line 270, in run
    self.token         = self.remote.login("", self.shared_secret)
  File "/usr/lib64/python2.6/xmlrpclib.py", line 1199, in __call__
    return self.__send(self.__name, args)
  File "/usr/lib64/python2.6/xmlrpclib.py", line 1489, in __request
    verbose=self.__verbose
  File "/usr/lib64/python2.6/xmlrpclib.py", line 1253, in request
    return self._parse_response(h.getfile(), sock)
  File "/usr/lib64/python2.6/xmlrpclib.py", line 1392, in _parse_response
    return u.close()
  File "/usr/lib64/python2.6/xmlrpclib.py", line 838, in close
    raise Fault(**self._stack[0])
xmlrpclib.Fault: <Fault 1: "<class 'cobbler.cexceptions.CX'>:'login failed'">

这是cobbler的BUG,执行下面命令就解决了:
service cobblerd restart
cobbler get-loaders
service cobblerd restart

# cobbler check

The following are potential configuration items that you may want to fix:
 
1 : The 'server' field in /etc/cobbler/settings must be set to something other than localhost, or kickstarting features will not work. This

should be a resolvable hostname or IP for the boot server as reachable by all machines that will use it.
2 : For PXE to be functional, the 'next_server' field in /etc/cobbler/settings must be set to something other than 127.0.0.1, and should match

the IP of the boot server on the PXE network.
3 : you need to set some SELinux content rules to ensure cobbler works correctly in your SELinux environment, run the following:

/usr/sbin/semanage fcontext -a -t public_content_t "/tftpboot/.*" && \ /usr/sbin/semanage fcontext -a -t public_content_t

"/var/www/cobbler/images/.*"
4 : some network boot-loaders are missing from /var/lib/cobbler/loaders, you may run 'cobbler get-loaders' to download them, or, if you only

want to handle x86/x86_64 netbooting, you may ensure that you have installed a *recent* version of the syslinux package installed and can

ignore this message entirely. Files in this directory, should you want to support all architectures, should include pxelinux.0, menu.c32,

elilo.efi, and yaboot. The 'cobbler get-loaders' command is the easiest way to resolve these requirements.
5 : change 'disable' to 'no' in /etc/xinetd.d/tftp
6 : change 'disable' to 'no' in /etc/xinetd.d/rsync
7 : comment out 'dists' on /etc/debmirror.conf for proper debian support
8 : comment out 'arches' on /etc/debmirror.conf for proper debian support
9 : since iptables may be running, ensure 69, 80, and 25151 are unblocked
10 : debmirror package is not installed, it will be required to manage debian deployments and repositories
11 : The default password used by the sample templates for newly installed machines (default_password_crypted in /etc/cobbler/settings) is

still set to 'cobbler' and should be changed, try: "openssl passwd -1 -salt 'random-phrase-here' 'your-password-here'" to generate new one
 
Restart cobblerd and then run 'cobbler sync' to apply changes.


修正上面错误:
1)vi /etc/cobbler/settings
server: 192.168.0.2   #设置cobbler server的IP地址
next_server: 192.168.0.2  #设置PXE server的IP地址
manage_dhcp: 1   #开启管理DHCP服务
default_kickstart: /var/lib/cobbler/kickstarts/default.ks  #设置默认的kickstart配置文件,此文件建议用system-config-kickstart(需要X环境)生成

cp /usr/share/doc/dhcp-4.1.1/dhcpd.conf.sample /etc/dhcp/dhcpd.conf

vi/etc/dhcp/dhcpd.conf
增加:(与下边的cobbler dhcp 一致)
subnet 192.168.0.0 netmask 255.255.255.0 {
  range 192.168.0.100 192.168.0.200;
  option routers 192.168.0.1;
  option subnet-mask 255.255.255.0;
}
如果dhcp启动失败,就是这个文件没有修改好。


2)关闭防火墙和SElinux

3)获取启动镜像
cobbler get-loaders

4)启动tftp和rsync
vi /etc/xinetd.d/tftp
将disable = yes改为:disable = no
vi /etc/xinetd.d/rsync
将disable = yes改为:disable = no

重启xinetd服务:
/etc/init.d/xinetd restart


5)debmmirror有错误;
 
vim /etc/debmirror.conf

#注释掉@dists="sid"与@arches="i386即可
#@dists="sid";
#@arches="i386";

5)、service dhcpd is not running 错误处理
vim /etc/cobbler/dhcp.template
修改DHCP模板,确保DHCP分配的地址和Cobbler在同一网段

# ******************************************************************
# Cobbler managed dhcpd.conf file
#
# generated from cobbler dhcp.conf template ($date)
# Do NOT make changes to /etc/dhcpd.conf. Instead, make your changes
# in /etc/cobbler/dhcp.template, as /etc/dhcpd.conf will be
# overwritten.
#
# ******************************************************************
 
ddns-update-style interim;
 
allow booting;
allow bootp;
 
ignore client-updates;
set vendorclass = option vendor-class-identifier;
 
subnet 192.168.0.0 netmask 255.255.255.0 {      #重要
     option routers             192.168.0.1;      #重要 #路由器地址
     option domain-name-servers 192.168.0.2;       #DNS地址 貌似只能有一个
     option subnet-mask         255.255.255.0;     #重要 子网掩码选项  
     range dynamic-bootp        192.168.0.100 192.168.0.200;   #动态IP范围
     filename                   "/pxelinux.0";
     default-lease-time         21600;    #缺省租约时间
     max-lease-time             43200;    #最大租约时间
     next-server                192.168.0.2;    #指定引导服务器
}
 
#for dhcp_tag in $dhcp_tags.keys():
    ## group could be subnet if your dhcp tags line up with your subnets
    ## or really any valid dhcpd.conf construct ... if you only use the
    ## default dhcp tag in cobbler, the group block can be deleted for a
    ## flat configuration
# group for Cobbler DHCP tag: $dhcp_tag
group {
        #for mac in $dhcp_tags[$dhcp_tag].keys():
            #set iface = $dhcp_tags[$dhcp_tag][$mac]
    host $iface.name {
        hardware ethernet $mac;
        #if $iface.ip_address:
        fixed-address $iface.ip_address;
        #end if
        #if $iface.hostname:
        option host-name "$iface.hostname";
        #end if
        #if $iface.subnet:
        option subnet-mask $iface.subnet;
        #end if
        #if $iface.gateway:
        option routers $iface.gateway;
        #end if
        filename "$iface.filename";
        ## Cobbler defaults to $next_server, but some users
        ## may like to use $iface.system.server for proxied setups
        next-server $next_server;
        ## next-server $iface.next_server;
    }
        #end for
}
#end for

6)修改cobbler用户的默认密码,可以使用如下命令生成密码,并使用生成后的密码替换/etc/cobbler/settings中的密码。生成密码命令: 其中“random-phrase-here”为干扰码

#openssl passwd -1 -salt 'random-phrase-here' 'your-password-here'  #我设置123456
$1$random-p$mzxQ/Sx848sXgvfwJCoZM0
#然后替换 /etc/cobbler/settings 中default_password_crypted选项双引号中的加密代码;

5、同步cobbler配置,使修改生效:
cobbler sync

netstat -ntulp  
 
6、挂载Linux安装盘,生成安装镜像:
 
挂载 ISO
mkdir /mnt/Centos6.5
mount -o loop CentOS-6.5-x86_64-bin-DVD1.iso /mnt/Centos6.5/

#cobbler import --path=/mnt/Centos6.5 --name=CentOS6.5 --arch=x86_64
task started: 2015-08-31_234036_import
task started (id=Media import, time=Mon Aug 31 23:40:36 2015)
Found a candidate signature: breed=redhat, version=rhel6
Found a matching signature: breed=redhat, version=rhel6
Adding distros from path /var/www/cobbler/ks_mirror/CentOS6.5-x86_64:
creating new distro: CentOS6.5-x86_64
trying symlink: /var/www/cobbler/ks_mirror/CentOS6.5-x86_64 -> /var/www/cobbler/links/CentOS6.5-x86_64
creating new profile: CentOS6.5-x86_64
associating repos
checking for rsync repo(s)
checking for rhn repo(s)
checking for yum repo(s)
starting descent into /var/www/cobbler/ks_mirror/CentOS6.5-x86_64 for CentOS6.5-x86_64
processing repo at : /var/www/cobbler/ks_mirror/CentOS6.5-x86_64
need to process repo/comps: /var/www/cobbler/ks_mirror/CentOS6.5-x86_64
looking for /var/www/cobbler/ks_mirror/CentOS6.5-x86_64/repodata/*comps*.xml
Keeping repodata as-is :/var/www/cobbler/ks_mirror/CentOS6.5-x86_64/repodata
*** TASK COMPLETE ***

查看导入结果
cobbler distro list
cobbler list

查看一下导入镜像的详细信息
cobbler report 

指定ks文件 到对应的name(cobbler report 获取name名字,cobbler会默认增加 -x86_64后缀)
cobbler profile edit --name=CentOS6.5-x86_64 --distro=CentOS6.5-x86_64 --kickstart=/var/lib/cobbler/kickstarts/Centos6.ks

7、同步cobbler配置
#cobbler sync

task started: 2015-08-31_235902_sync
task started (id=Sync, time=Mon Aug 31 23:59:02 2015)
running pre-sync triggers
cleaning trees
removing: /var/www/cobbler/images/CentOS6.5-x86_64
removing: /var/lib/tftpboot/pxelinux.cfg/default
removing: /var/lib/tftpboot/grub/grub-x86_64.efi
removing: /var/lib/tftpboot/grub/grub-x86.efi
removing: /var/lib/tftpboot/grub/efidefault
removing: /var/lib/tftpboot/grub/images
removing: /var/lib/tftpboot/images/CentOS6.5-x86_64
removing: /var/lib/tftpboot/s390x/profile_list
copying bootloaders
trying hardlink /var/lib/cobbler/loaders/grub-x86_64.efi -> /var/lib/tftpboot/grub/grub-x86_64.efi
trying hardlink /var/lib/cobbler/loaders/grub-x86.efi -> /var/lib/tftpboot/grub/grub-x86.efi
copying distros to tftpboot
copying files for distro: CentOS6.5-x86_64
trying hardlink /var/www/cobbler/ks_mirror/CentOS6.5-x86_64/images/pxeboot/vmlinuz -> /var/lib/tftpboot/images/CentOS6.5-x86_64/vmlinuz
trying hardlink /var/www/cobbler/ks_mirror/CentOS6.5-x86_64/images/pxeboot/initrd.img -> /var/lib/tftpboot/images/CentOS6.5-x86_64/initrd.img
copying images
generating PXE configuration files
generating PXE menu structure
copying files for distro: CentOS6.5-x86_64
trying hardlink /var/www/cobbler/ks_mirror/CentOS6.5-x86_64/images/pxeboot/vmlinuz -> /var/www/cobbler/images/CentOS6.5-x86_64/vmlinuz
trying hardlink /var/www/cobbler/ks_mirror/CentOS6.5-x86_64/images/pxeboot/initrd.img -> /var/www/cobbler/images/CentOS6.5-x86_64/initrd.img
Writing template files for CentOS6.5-x86_64
rendering DHCP files
generating /etc/dhcp/dhcpd.conf
rendering TFTPD files
generating /etc/xinetd.d/tftp
processing boot_files for distro: CentOS6.5-x86_64
cleaning link caches
running post-sync triggers
running python triggers from /var/lib/cobbler/triggers/sync/post/*
running python trigger cobbler.modules.sync_post_restart_services
running: dhcpd -t -q
received on stdout:
received on stderr:
running: service dhcpd restart
received on stdout: Shutting down dhcpd: [  OK  ]
Starting dhcpd: [  OK  ]

received on stderr:
running shell triggers from /var/lib/cobbler/triggers/sync/post/*
running python triggers from /var/lib/cobbler/triggers/change/*
running python trigger cobbler.modules.scm_track
running shell triggers from /var/lib/cobbler/triggers/change/*
*** TASK COMPLETE ***


8、至此,就可以使用虚拟机来测试cobbler安装了。

OK开启真机或者虚拟机来测试注意开启网络引导 网卡要开启PXE  引导程序

如果客户端出现这样的错误 http://192.168.*.*/cblr/svc/op/ks/profile/centos6.5
需要修改如下这个文件的内容
vi /var/lib/tftpboot/pxelinux.cfg/default


 
9、重新安装
# 在要重装的机器安装koan  
yum install koan
#查看cobbler服务器有哪些安装盘  
koan --server=192.168.0.2 --list=profiles
#选择要重装的系统并重启  
koan --replace-self --server=192.168.0.2 --profile=CentOS-6.5-x86-64
reboot



10、自定义kickstart文件

# cd /var/lib/cobbler/kickstarts/
# cp sample_end.ks centos6.ks
# vim centos6.ks

将自定义的kickstart文件与镜像相关联
cobbler profile edit --name=CentOS-6.4-x86_64 --distro=CentOS-6.4-x86_64 --kickstart=/var/lib/cobbler/kickstarts/centos6.ks
cobbler report  

同步一下
# cobbler sync  



扩展操作
11、设置Cobbler web界面
 
Cobbler web界面是一个很好的前端,非常容易管理很多Cobbler操作。可以用它列出和编辑distros, profiles, subprofiles, systems, repos and kickstart文件。
 
安装Cobbler web:
yum install cobbler-web
 
Cobbler web界面访问地址:
http://192.168.0.2/cobbler_web/
  (192.168.0.2为Cobbler web server地址)
 
设置用户名密码:
为已存在的用户重置密码:
htdigest /etc/cobbler/users.digest "Cobbler" cobbler
添加新用户:
htdigest /etc/cobbler/users.digest "Cobbler" yourname
 
设置/etc/cobbler/modules如下:
[authentication]  
module = authn_configfile  
[authorization]  
module = authz_allowall   
 
重启Cobbler服务:
service cobblerd restart
 

12、Cobbler命令说明
 
cobbler check - 核对当前设置是否有问题
cobbler list - 列出所有的cobbler元素
cobbler report - 详细的列出个元素
cobbler sync - 同步配置到dhcp/pxe和数据目录
cobbler reposync - 同步yum仓库
 
13、Cobbler配置文件说明
 
Cobbler配置文件存放在/etc/cobbler下。/etc/cobbler/settings为主配置文件;在/etc/cobbler下你还 能看到dhcp、dns、pxe、dnsmasq的模板配置文

件;/etc/cobbler/users.digest为用于web访问的用户名密码配置 文件;/etc/cobbler/modules.conf 为模块配置文件;/etc/cobbler/users.conf为Cobbler

WebUI/Web service授权配置文件。
 
Repo数据目录/var/www/cobbler
导入的发行版,repos镜像和kickstart文件都放置在/var/www/cobbler目录下。确保/var目录有足够的空间来存储这些文件。
images/ - 存储所有导入发行版的Kernel和initrd镜像用于远程网络启动  
ks_mirror/ - 存储导入的发行版  
repo_mirror/ - yum repos存储目录
 
/var/log/cobbler用于存放日志文件/var/log/cobbler/cobbler.log
 
Cobbler数据目录/var/lib/cobbler,此目录存储和Cobbler profiles、systems、distros相关的配置。
configs/ - 此目录用于存储distros、repos、systems和profiles相关信息
backup/ - 备份目录
snippets/  - 用于放置一些可以在kickstarts导入的脚本小片段
triggers/  - 此目录用来放置一些可执行脚本
kickstarts/  - 此目录用来放置kickstart模板文件


如果在虚拟机测试网卡模式不要选仅主机模式。


参考文献:
http://dngood.blog.51cto.com/446195/656988
http://kerry.blog.51cto.com/172631/648430/
http://blog.csdn.net/liangliangdetianxia/article/details/37605787
http://my.oschina.net/kcw/blog/336630
http://www.it165.net/os/html/201311/6703.html