Cobbler 和 koan 的安装源:
ubuntu(12.04)的源:
注: Ubuntu的可用源可从这里查询:http://wiki.ubuntu.org.cn/Template:12.04source
cat /etc/apt/source.list
deb http://mirrors.163.com/ubuntu/ precise main restricted universe multiverse
deb http://mirrors.163.com/ubuntu/ precise-security main restricted universe multiverse
deb http://mirrors.163.com/ubuntu/ precise-updates main restricted universe multiverse
deb http://mirrors.163.com/ubuntu/ precise-proposed main restricted universe multiverse
deb http://mirrors.163.com/ubuntu/ precise-backports main restricted universe multiverse
deb http://mirrors.sohu.com/ubuntu/ precise main restricted universe multiverse
deb http://mirrors.sohu.com/ubuntu/ precise-backports main restricted universe multiverse
deb http://mirrors.sohu.com/ubuntu/ precise-proposed main restricted universe multiverse
deb http://mirrors.sohu.com/ubuntu/ precise-security main restricted universe multiverse
deb http://mirrors.sohu.com/ubuntu/ precise-updates main restricted universe multiverse
apt-get install koan
RHEL(6.4)需要以下两个源:
Centos源: http://mirror.centos.org/centos/6/os/x86_64/
Epel源: http://download.fedoraproject.org/pub/epel/6/$basearch
下面主要以RHEL6.4上部署Cobbler为例:
rpm -ivh ftp://ftp.muug.mb.ca/mirror/fedora/epel/6/x86_64/Django14-1.4.21-1.el6.noarch.rpm //cobbler-web需要Django支持. yum install cobbler cobbler-web tftp-server dhcp xinetd rsync httpd yum install koan //此在需要借助Cobbler自动重装系统的Client上安装.可通过它来修改Client 的grub.conf,从而让Client从网络启动,来重装系统.
部署前:
1. cobbler check //让Cobbler自行判断,正常启动你还需要做哪些工作.
2. 根据提示修改:
(1)修linux的Selinux为禁用。
vim /etc/selinux/config 【SELINUX=disabled //修改后需reboot(重启)】
(2)修改tftp、rsync服务为启动
vim /etc/xinet.d/tftp 和 /etc/xinet.d/rsync 【disable = no】 chkconfig xinetd on
(3)安装缺少的包
yum install syslinux-nonlinux debmirror ---》对debian linux的镜像源的支持,若需要做本地apt源时,需要安装。 pykickstart
(4)修改cobbler的主配置文件【注: cobbler的主配置文件修改后,必须重启才能生效.】
cp -a /etc/cobbler/settings{,.bak}
vim /etc/cobbler/settings
【
allow_dynamic_settings: 1 //开启不重启cobbler,也可动态载入修改的主配置信息.
注: 此项,仅在使用cobbler setting edit --name=配置项名 --value=值时才有效,
但此命令会清除配置文件中所有注释内容.
manage_dhcp: 1 //若需要cobbler管理DHCP,则需要将其设置为1
注: 若要使用dhcpd 来提供DHCP服务,则修改dhcp.template
若要使用dnsmasq来提供DHCP服务,则修改 dnsmasq.template但无论使用谁,都需要将其设置为1.。
另注:modules.conf中默认设置Cobbler使用 dhcpd来提供DHCP服务.
server: 192.168.137.203 //指定cobbler监听的地址
next_server: 192.168.137.203 //指定tftp server的地址
pxe_just_once: 1 //避免循环从网络启动;当PXE客户端安装完成后,会通知cobbler,
cobbler将设置netboot标志为false,强制PXE客户端从本地磁盘引导。
】
(5)复制PXE启动所需的引导文件
cd /usr/share/syslinux //此为syslinux-nonlinux的安装文件存储位置。 cp pxelinux.0 menu.c32 vesamenu.c32 memdisk /var/lib/cobbler/loaders/ 注: menu.c32 :此为文本模式背景 vesamenu.c32 : 此为图形模式背景 memdisk :引导IMG、IMA、ISO映像,所必须加载的文件,它也可用来加载WinPE.ISO来提供网络PE.
或直接执行:
cobbler get-loaders //若联网则直接执行它即可,自动下载 [root@cobbler etc]# ls /var/lib/cobbler/loaders/ COPYING.elilo COPYING.yaboot grub-x86_64.efi memdisk pxelinux.0 vesamenu.c32 COPYING.syslinux elilo-ia64.efi grub-x86.efi menu.c32 README yaboot
(6)修改Cobbler的默认两个的密码
1> 修改所安装系统的默认root密码:
ROOTPWD=$(openssl -1 -salt `openssl rand -hex 4` 'Root_Password') vim /etc/cobbler/settings 【default_password_crypted: $ROOTPWD】
2>修改Cobbler_Web登录的用户名和密码:
vim /etc/cobbler/users.digest 【格式: 用户名:Cobbler:密码 //Cobbler的含义不明, 用户名和密码默认为cobbler,可修改. admin:Cobbler:密码部分必须用htdigest修改 】 修改admin的密码: htdigest /etc/cobbler/users.digest "Cobbler" admin
注:
要登录Web管理.需要注意httpd服务必须启动.
且cobbler出现"error: [Errno 111] Connection refused",httpd没有启动的原因也比较大.
Cobbler的http源: http://IP/cobbler
登录CobblerWeb界面: http:// IP /cobbler_web
另注:
默认 Cobbler的Web登录认证方式在modules.conf中定义为: authn_configfile, 即采用user.digest中定义的
用户名和密码来认证,即cobbler自身提供的认证方式. 若需修改为使用系统用户认证,即PAM方式。
则需修改:
1. sed -i '/\[authentication\]/{N;s,\(module\).*,\1=authn_pam,}' /etc/cobbler/modules.conf
2. echo 'Test_User_PWD' | passwd --stdin user1
3. sed -i '/^\(admin\).*/s,,\1="user1",' /etc/cobbler/users.conf //注意:PAM使用的用户配置文件为:users.conf
(7)启动服务:
/etc/init.d/xinetd restart /etc/init.d/httpd restart /etc/init.d/cobbler restart cobbler sync cobbler check
注:
执行cobbler sync后,需要注意以下信息:
….. 省略
rendering DHCP files
rendering TFTPD files
generating /etc/xinetd.d/tftp
processing boot_files for distro: Redhat-6.4-x86_64
cleaning link caches
rendering Rsync files
running post-sync triggers
running python triggers from /var/lib/cobbler/triggers/sync/post/*
running python trigger cobbler.modules.sync_post_restart_services
running: service dnsmasq restart
received on stdout:
Starting dnsmasq: [ OK ] ——–》若使用的dhcpd,则这里将启动dhcpd.
(8)导入Redhat ISO镜像:
mount /dev/cdrom /mnt/cdrom cobbler import --name=RedHat-6.4-x86_64 --path=/mnt/cdrom
查看导入结果:
cobbler report <==> cobbler distro report && cobbler profile report cobbler profile edit --name=Redhat-6.4-x86_64 \ --distro=Redhat-6.4-x86_64 \ --kickstart=/var/lib/cobbler/kickstarts/RedHat-6.4-x86_64.ks //修改使用指定的ks文件。
注:手工导入ISO镜像的方法:
1. 先挂载光盘,如mount /dev/cdrom /mnt/cdrom
2. 挂载并同步
cd /var/www/cobbler/ks_mirror mkdir Ubuntu12.04-x86_64 rsync -a /mnt/cdrom/* Ubuntu12.04-x86_64/
3. 创建连接
ln -s /var/www/cobbler/ks_mirror/Ubuntu12.04-x86_64 /var/www/cobbler/links/
4. 将其添加到Cobbler中.
cobbler distro add \ --name=Ubuntu12.04-x86_64 \ --kernel=/var/www/cobbler/ks_mirror/Ubuntu12.04-x86_64/install/netboot/ubuntu-installer/amd64/linux \ --initrd=/var/www/cobbler/ks_mirror/Ubuntu12.04-x86_64/install/netboot/ubuntu-installer/amd64/initrd.gz
5. 指定其使用的preseed自动应答文件:【注: Ubuntu也可使用RHEL类似的ks文件.】
cobbler profile add --name=Ubuntu12.04-x86_64 --kickstart=/var/lib/cobbler/kickstarts/Ubuntu12.04-x86_64.seed //附件1有详情.
6. 执行同步:
cobbler sync cobbler check cobbler report
(9)非必须的配置
1. 给RHEL的ks文件中加入默认需要安装的RPM包列表
》先在/var/lib/cobbler/snippets目录中创建一个文件,名字任意.
vim /var/lib/cobbler/snippets/package_select 【@组包名 单个RPM包名 】
》修改 RHEL的ks文件:
vim /var/lib/cobbler/kickstarts/Redhat6.4_x86_64.ks
【
%packages
$SNIPPET('package_select')
%end
】
2. Server: 此配置是为专门定制一个服务器配置,给特定的服务器安装系统使用。
》先在Cobbler 服务端添加以下信息:
cobbler system add --name=Test_Server1 --profile=Redhat6.4_x86_64 \ --hostname=tsrv1.test.com \ --interface=eth0 \ --static=1 \ --netboot-enabled=true \ --ip-address=1.1.1.1 \ --subnet=255.255.255.0 \ --gateway=1.1.1.2 \ --name-server='8.8.8.8' cobbler sync
》到需要安装OS的服务器上执行:
1. 保证安装了koan(kickstart-over-a-network) .
RHEL: 需要Centos官方源 和 Epel源(前文中提到的两个)
Ubuntu:可使用 163 和 sohu的源.
2. 执行以下命令进行服务器系统的重新安装:
》执行下面语句,将修改grub.conf从网络启动
koan –server=Cobbler_SRV_IP –port=80 –replace-self –system=Test_Server1
另注: 查看命令
koan --server=Cobbler_SRV_IP --port=80 --list=profile //查看有哪些配置可用. koan --server=Cobbler_SRV_IP --port=80 --list=server //查看有哪些server配置可用. koan --server=Cobbler_SRV_IP --port=80 --dispaly --profile=Redhat6.4_x86_64 //查看详细配置.
附件1:Ubuntu和Debian的Preseed自动应答文件示例:
【注:seed自动应答文件与ks文件类似,ubuntu支持ks也支持seed,用其一即可.】
# 语言设置
d-i debconf/language string en
d-i debian-installer/locale string en_US.UTF-8
d-i debian-installer/language string en
d-i debian-installer/country string US
d-i localechooser/supported-locales en_US.UTF-8, zh_CN.UTF-8
# 键盘设置
d-i console-setup/ask_detect boolean false
d-i keyboard-configuration/modelcode string pc105
d-i keyboard-configuration/layoutcode string us
d-i keyboard-configuration/variantcode string
d-i console-keymaps-at/keymaps select us
# 网络设置
d-i netcfg/enable boolean true
d-i netcfg/choose_interface select auto
d-i netcfg/disable_dhcp boolean false
d-i netcfg/dhcp_timeout string 5
d-i netcfg/disable_autoconfig boolean false
d-i netcfg/dhcp_failed note
# d-i netcfg/dhcp_options select Configure network manually
# d-i netcfg/dhcp_hostname string none
# d-i netcfg/get_nameservers string 8.8.8.8
# d-i netcfg/get_ipaddress string 192.168.1.10
# d-i netcfg/get_netmask string 255.255.255.0
# d-i netcfg/get_gateway string 192.168.1.1
# d-i netcfg/confirm_static boolean true
d-i netcfg/get_hostname string $myhostname//设置主机名
d-i netcfg/get_domain string none//设置域名
# 安装源设置
d-i mirror/country string manual
d-i mirror/
http/hostname
string $
http_server
d-i mirror/
http/directory
string $install_source_directory
d-i mirror/
http/proxy
string
# 在Ubuntu12.10以上版本自动安装时,若ISO中提供的是squashfs文件系统格式,会采用此方式安装。
d-i live-installer/net-image string
http://$http_server/cobbler/links/$distro_name/install/filesystem.squashfs
d-i hw-detect/load_firmware boolean true//发现新硬件时,不提示自动载入.
# NTP/Time Setup
d-i time/zone string Asia/Shanghai
d-i clock-setup/utc boolean true
#d-i clock-setup/ntp boolean true
#d-i clock-setup/ntp-server string ntp.ubuntu.com
# 分区设置
d-i partman-auto/disk string /dev/sda//无论系统中有几块盘,仅使用/dev/sda。
d-i partman-auto/method string regular//采用普通方式分区,即不使用LVM、软RAID
d-i partman-lvm/device_remove_lvm boolean true//清除磁盘中找到的LVM分区
d-i partman-md/device_remove_md boolean true//清除磁盘中找到的RAID分区
#这是可选的预定义分区方式: 【注:下面这些我没测试】
# - atomic: all files in one partition
# - home: separate /home partition
# - multi: separate /home, /usr, /var, and /tmp partitions
d-i partman-auto/expert_recipe string \//使用专家模式分区
boot-root :: \//这是专家模式采用的预定义分区方式; 此分区方式也可分多个分区.
100 50 100 ext3 \//下面每个分区配置都是在一行的,它们以"."做为分隔。
$primary{ } $bootable{ } \
method{ format } format{ } \
use_filesystem{ } filesystem{ ext3 } \
mountpoint{ /boot } \
. \
2048 512 2048 linux-swap \//每组分区中三个数字的含义为:分区最小多少MB, 优先级(越小越优先), 分区最大多少MB
method{ swap } format{ } \
. \
10240 1000 10240 ext3 \
method{ format } format{ } \
use_filesystem{ } filesystem{ ext3 } \
mountpoint{ / } \
.
d-i partman/confirm_write_new_label boolean true//不提示写入分区信息到磁盘.
d-i partman-partitioning/confirm_write_new_label boolean true//再次确认将分区信息写入磁盘
d-i partman/confirm_nooverwrite boolean true//不提示覆盖磁盘中已有数据
d-i partman/confirm boolean true//确认
d-i partman/choose_partition select Finish partitioning and write changes to disk//完成确认
# 用户账号
d-i passwd/root-login boolean true
d-i passwd/root-password-crypted password $default_password_crypted
# 跳过创建普通用户
d-i passwd/make-user boolean false
# APT配置
# You can choose to install restricted and universe software, or to install
# software from the backports repository.
# d-i apt-setup/restricted boolean true
# d-i apt-setup/universe boolean true
# d-i apt-setup/backports boolean true
#
# Uncomment this if you don't want to use a network mirror.
# d-i apt-setup/use_mirror boolean false
#
# Select which update services to use; define the mirrors to be used.
# Values shown below are the normal defaults.
# d-i apt-setup/services-select multiselect security
# d-i apt-setup/security_host string security.ubuntu.com
# d-i apt-setup/security_path string /ubuntu
#
$SNIPPET('preseed_apt_repo_config')
#
# Enable deb-src lines
# d-i apt-setup/local0/source boolean true
#
# URL to the public key of the local repository; you must provide a key or
# apt will complain about the unauthenticated repository and so the
# sources.list line will be left commented out
# d-i apt-setup/local0/key string
http://local.server/key
# 定制安装包
tasksel tasksel/first multiselect none//安装指定的软件集
d-i pkgsel/include string vim ntp ssh wget openssh-server build-essential//安装指定的软件包,build-essential:此为编译工具包(包含C++等编译器)
d-i pkgsel/upgrade select full-upgrade
d-i pkgsel/install-language-support boolean true
d-i pkgsel/language-packs multiselect en, zh
d-i pkgsel/update-policy select none
# popularity-contest popularity-contest/participate boolean false
d-i pkgsel/updatedb boolean true
# 安装Grub
d-i grub-installer/skip boolean false
d-i lilo-installer/skip boolean false
d-i grub-installer/only_debian boolean true
d-i grub-installer/with_other_os boolean true
d-i debian-installer/add-kernel-opts string $kernel_options_post//给Kernal添加启动参数
# 完成设置
d-i finish-install/reboot_in_progress note//安装完成后,提示重启
d-i finish-install/keep-consoles boolean true
# This first command is run as early as possible, just after preseeding is read.
# d-i preseed/early_command string [command]
d-i preseed/early_command string wget -O- \
http://$http_server/cblr/svc/op/script/$what/$name/?script=preseed_early_default
| \
/bin/sh -s
# This command is run immediately before the partitioner starts. It may be
# useful to apply dynamic partitioner preseeding that depends on the state
# of the disks (which may not be visible when preseed/early_command runs).
# d-i partman/early_command \
# string debconf-set partman-auto/disk "\$(list-devices disk | head -n1)"
# This command is run just before the install finishes, but when there is
# still a usable /target directory. You can chroot to /target and use it
# directly, or use the apt-install and in-target commands to easily install
# packages and run commands in the target system.
# d-i preseed/late_command string [command]
d-i preseed/late_command string wget -O- \
http://$http_server/cblr/svc/op/script/$what/$name/?script=preseed_late_default
| \
chroot /target /bin/sh -s
附件2: 部署遇到的错误.
错误1: xmlrpclib.Fault: <Fault 1: "<class 'cobbler.cexceptions.CX'>:'login failed'">
尝试重启cobblerd
错误2: error: [Errno 111] Connection refused
检查: cobblerd 是否启动了25151,netstat -tnlp |grep '25151'
httpd 是否启动了
原创文章,作者:Wn1m,如若转载,请注明出处:http://www.178linux.com/12822
评论列表(1条)
看出来的认真,但文章少了层次感,