借鑒了網上好多文章,但是因為是去年做的cobbler,忘記是哪些地址,故暫未附上,見諒。
[root@kingserver111 ~]# lsb_release -a
LSB Version: :core-4.0-amd64:core-4.0-noarch:graphics-4.0-amd64:graphics-4.0-noarch:printing-4.0-amd64:printing-4.0-noarch
Distributor ID: CentOS
Description: CentOS Linux release 6.0 (Final)
Release: 6.0
Codename: Final
[root@kingserver111 ~]# cat /etc/redhat-release
CentOS Linux release 6.0 (Final)
[root@kingserver111 ~]# df -h
Filesystem Size Used Avail Use% Mounted on
/dev/sda1 19G 7.6G 11G 43% /
tmpfs 497M 88K 497M 1% /dev/shm
/dev/sda3 194M 5.6M 179M 4% /boor
[root@kingserver111 ~]# free -m
total used free shared buffers cached
Mem: 993 408 584 0 28 227
-/+ buffers/cache: 152 841
Swap: 999 0 999
設置源
采用網易的源和EPEL的源
http://mirror.bjtu.edu.cn/fedora-epel/6/i386/repoview/epel-release.html
(根據版本號下載)
yum -y install wget vim-enhanced
mv /bin/vi /bin/vi.save
ln -s /usr/bin/vim /bin/vi
cd /etc/yum.repos.d/
mkdir backup
mv *.repo ./backup
wget http://mirrors.163.com/.help/CentOS6-Base-163.repo
rpm -ivh http://mirrors.ustc.edu.cn/fedora/epel/6/i386/epel-release-6-7.noarch.rpm
yum list
設置主機名
關閉iptables,ip6tables,selinux
如果希望cobbler可以管理dhcp,dns,需要把dns和dhcp都安裝在同一台服務器上。如果你不管理dns,可以不需要安裝bind.
yum -y install cman tftp-server dhcp cobbler cobbler-web bind pykickstart xinetd httpd rsync xinetd python-ctypes debmirror
安裝debmirror
需要用debmirror來下載ubuntu 12.04的源,做本地源.目前debmirrors, 只能使用rpm包安裝,
yum -y install debmirror
配置Cobbler
vim /etc/cobbler/settings #Cobbler主配置文件
cp -p /etc/cobbler/settings /etc/cobbler/settings.bak
sed -i 's/manage_dhcp: 0/manage_dhcp: 1/g' /etc/cobbler/settings
sed -i 's/manage_rsync: 0/manage_rsync: 1/g' /etc/cobbler/settings
1:tftp服務和rsync服務
sed -i '/disable/c\\tdisable\t\t\t= no' /etc/xinetd.d/tftp
sed -i -e 's/\=\ yes/\=\ no/g' /etc/xinetd.d/rsync
service xinetd restart
2: web可以登陸
cp -p /etc/cobbler/modules.conf /etc/cobbler/modules.conf.bak
sed -i 's/authn_denyall/authn_configfile/g' /etc/cobbler/modules.conf
3: 設置cobbler web登陸,用戶登陸密碼
htdigest /etc/cobbler/users.digest "Cobbler" cobbler
4: 設置cobbler登陸服務器地址
sed -i 's/server: 127.0.0.1/server: 192.168.209.111/g' /etc/cobbler/settings
5:ks腳本關閉pxe,這樣就不會重復安裝
sed -i 's/pxe_just_once: 0/pxe_just_once: 1/g' /etc/cobbler/settings
6:TFTP服務器 IP地址
sed -i 's/next_server: 127.0.0.1/next_server: 192.168.209.111/g' /etc/cobbler/settings
7:cobbler管理rsync
sed -i 's/manage_rsync: 0/manage_rsync: 1/g' /etc/cobbler/settings
8:cobbler管理dhcp
sed -i 's/manage_dhcp: 0/manage_dhcp: 1/g' /etc/cobbler/settings
9:cobbler管理dns (可選)
sed -i 's/manage_dns: 0/manage_dns: 1/g' /etc/cobbler/settings
設置root默認密碼
這個設置只針對centos有效。我默認的root密碼是:fengyun299
# openssl passwd -1 -salt 'random-phrase-here' 'fengyun299'
$1$random-p$99lAzJZEl9uunSaThe9oM0
修改 /etc/cobbler/settings
#default_password_crypted: "$1$mF86/UHC$WvcIcX2t6crBz2onWxyac."
default_password_crypted: "$1$random-p$SBOoxFrHGWHpvzS8BeGQ5/"
11: 啟動相關服務
dhcp服務由於沒有設置,所以無法啟動。后面我們會對dhcp進行設置。另外啟動named的服務時候,需要等待1,2分鍾,生成一個key。
chkconfig httpd on
chkconfig cobblerd on
chkconfig named on
chkconfig dhcpd on
/etc/init.d/httpd restart
/etc/init.d/cobblerd restart
/etc/init.d/named restart
12:設置debmirror
sed -i -e 's|@dists=.*|#@dists=|' /etc/debmirror.conf
sed -i -e 's|@arches=.*|#@arches=|' /etc/debmirror.conf
13:啟動菜單
cobbler get-loaders
檢查cobbler
cobbler提供一個工具,檢查你的設置。看到提示,就表示全部工作都已經完成。
對cobbler所有修改,需要
cobbler sync
檢查
# cobbler check
No configuration problems found. All systems go.
四:web登陸
https://192.168.209.111/cobbler_web/distro/list user:cobbler 密碼就是上面設置的。
cobbler的使用,主要是集中在上面幾個菜單里。這里簡單解析一下。
Distros:這個其實就是發行版,類似Centos,ubuntu,suse。centos6.2和centos6.3,是不同的distros。假設我們導入一個centos6.3的iso,就是增加了一個Distros
Profiles:針對Distros的設置,一個distros,可以保護多個profiles,包括不同的kickstart文件。源的設置,都是在這里設置。
Systems:針對是每個節點,這里可以指定節點的ip地址,dns name,還有就是ipmi的用戶名和密碼,實現遠程開機,關機。這是一個重點,日后對機器的操作,全部在sytem的菜單里操作。system里,會指定節點使用哪個profile。
Repos:這個主要是針對Redhat和Centos有效,可以管理源,並且這些源,可以在profile里添加。比較方便。需要注意的是,對於ubuntu的源,只能在kickstart 腳本里指定。
Images:這個我沒用到,看說明主要是針對不能pxe的機器,采用iso啟動。
Kicsstart Templates:這是核心,cobbler內置了幾個ks文件,你如果導入一個centos,系統會默認關聯一個ks文件,你不需要做任何設置,就可以把os自動裝完。對於ubuntu,我們就需要單獨創建一個preseed文件,這些文件可以通過web管理和修改。非常方便。
Snippets:這是cobbler的精華。一些常用的設置,寫成一個模塊,讓ks文件調用。這樣更加靈活。例如centos的網絡固定IP地址的設置,就是通過這里實現。
配置管理Cobbler
4.1 Cobbler命令說明
| 命令名稱 |
命令用途 |
| cobbler check |
檢查cobbler配置 |
| cobbler list |
列出所有的cobbler元素 |
| cobbler report |
列出元素的詳細信息 |
| cobbler distro |
查看導入的發行版系統信息 |
| cobbler system |
查看添加的系統信息 |
| cobbler profile |
查看配置信息 |
| cobbler sync |
同步Cobbler配置,更改配置最好都要執行下 |
| cobbler reposync |
同步yum倉庫 |
命令參考
cobbler --help
cobbler distro --help
cobbler distro add --help
4.2 Cobbler配置文件說明
Cobbler配置文件存放在/etc/cobbler下
| 配置文件名稱 |
作 用 |
| /etc/cobbler/settings |
Cobbler主配置文件 |
| /etc/cobbler/users.digest |
用於web訪問的用戶名密碼配置文件 |
| /etc/cobbler/modules.conf |
模塊配置文件 |
| /etc/cobbler/users.conf |
Cobbler WebUI/Web 服務授權配置文件 |
| /etc/cobbler/iso/ |
Buildiso 模板配置文件 |
| /etc/cobbler/power |
電源配置文件 |
| /etc/cobbler/pxe |
Pxeprofile配置模板 |
| /etc/cobbler |
此目錄也包含rsync、dhcp、dns、pxe、dnsmasq等服務的模板配置文件 |
4.3 系統鏡像數據目錄/var/www/cobbler
導入的系統發行版,repos鏡像和kickstart文件都放置在/var/www/cobbler目錄下。確保/var目錄有足夠的空間來存儲這些文件。
| 目錄名稱 |
作 用 |
| /var/www/cobbler/images/ |
存儲所有導入發行版的Kernel和initrd鏡像用於遠程網絡啟動 |
| /var/www/cobbler/ks_mirror/ |
存儲導入的發行版系統數據 |
| /var/www/cobbler/repo_mirror/ |
倉庫存儲目錄 |
| /var/log/cobbler |
Cobbler日志文件 cobbler.log install.log |
4.4 Cobbler數據目錄/var/lib/cobbler
此目錄存儲和Cobbler profiles、systems、distros相關的配置。
| 目錄名稱 |
作 用 |
| /var/lib/cobbler/config/ |
存放distros、repos、systems和profiles等信息配置文件,一般都是json文件 |
| /var/lib/cobbler/snippets/ |
存放ks文件可以導入的腳本小片段,值得研究 |
| /var/lib/cobbler/triggers |
存放用戶定義的cobbler 命令 |
| /var/lib/cobbler/kickstarts/ |
存放kickstart配置文件 |
4.5 相關日志文件
web日志存放點
/var/log/httpd/access_log
/var/log/httpd/error_log
/var/log/httpd/ssl_access_log
/var/log/httpd/ssl_error_log
Cobbler日志
/var/log/cobbler/cobbler.log
/var/log/cobbler/install.log
通過Cobbler日志可以獲取系統的安裝狀態
4.6 導入系統鏡像
4.6.1 上傳ISO鏡像至服務器
注意下載的ISO文件要核對文件的md5值,確保數據完整性
[root@hxinstall x86_64]# md5sum CentOS-5.8-x86_64-bin-DVD-1of2.iso
8a3bf0030f192022943f83fe6b2cf373 CentOS-5.8-x86_64-bin-DVD-1of2.iso
4.6.2 創建ISO目錄
mkdir -p /var/iso/Linux/Centos/x86_64/
mkdir -p /var/os/Linux/Centos/x86_64/Centos5.8/dvd
mkdir -p /var/os/Linux/Centos/x86_64/Centos6.3/dvd
mkdir -p /var/os/Linux/Centos/x86_64/Centos6.4/dvd
4.6.3 掛載ISO鏡像
mount -o loop /var/iso/Linux/Centos/x86_64/CentOS-5.8-x86_64-bin-DVD-1of2.iso /var/os/Linux/Centos/x86_64/Centos5.8/dvd
4.6.4 從DVD中導入OS數據
系統版本命名為centos5.8 架構x86_64,這時間長,耐性等待。可查看ls /var/www/cobbler/ks_mirror/centos5.8-x86_64/目錄文件生成情況。
[root@kingserver111 opt]# cobbler import --path=/opt/CentOS_6.0 --name=CentOS6.0 --arch=x86_64
task started: 2014-03-05_165827_import
task started (id=Media import, time=Wed Mar 5 16:58:27 2014)
Found a candidate signature: breed=redhat, version=rhel6
Found a matching signature: breed=redhat, version=rhel6
Adding distros from path /var/www/cobbler/ks_mirror/CentOS6.0-x86_64:
creating new distro: CentOS6.0-x86_64
trying symlink: /var/www/cobbler/ks_mirror/CentOS6.0-x86_64 -> /var/www/cobbler/links/CentOS6.0-x86_64
creating new profile: CentOS6.0-x86_64
associating repos
checking for rsync repo(s)
checking for rhn repo(s)
checking for yum repo(s)
starting descent into /var/www/cobbler/ks_mirror/CentOS6.0-x86_64 for CentOS6.0-x86_64
processing repo at : /var/www/cobbler/ks_mirror/CentOS6.0-x86_64
need to process repo/comps: /var/www/cobbler/ks_mirror/CentOS6.0-x86_64
looking for /var/www/cobbler/ks_mirror/CentOS6.0-x86_64/repodata/*comps*.xml
running: createrepo -c cache -s sha --groupfile /var/www/cobbler/ks_mirror/CentOS6.0-x86_64/repodata/2a7e0c1da38a40e2961c0cec6acca8b8446d974b1fc055216ebde88bb4a19eb9-c6-x86_64-comps.xml /var/www/cobbler/ks_mirror/CentOS6.0-x86_64
received on stdout: Spawning worker 0 with 3689 pkgs
Workers Finished
Gathering worker results
Saving Primary metadata
Saving file lists metadata
Saving other metadata
Generating sqlite DBs
Sqlite DBs complete
received on stderr:
*** TASK COMPLETE ***
[root@kingserver111 opt]#
[root@kingserver111 opt]#
[root@kingserver111 opt]# echo $?
0
[root@kingserver111 opt]# cobbler list
distros:
CentOS6.0-x86_64
profiles:
CentOS6.0-x86_64
systems:
repos:
images:
mgmtclasses:
packages:
files:
4.7 刪除導入的系統
cobbler profile find --distro=centos6.3-x64-x86_64 #查看配置是否存在
centos6.3-x64-x86_64
cobbler profile remove --name=centos6.3-x64-x86_64 #刪除配置文件
cobbler distro remove --name=centos6.3-x64-x86_64 #刪除distro
cobbler profile find --distro=centos6.3-x64-x86_64 #再查看配置已無
4.8 自定義ks
更改kickstart文件,可為http等,具體cobbler --help查看,這里采用我們自定制ks文件
ks目錄位置
/var/lib/cobbler/kickstarts/
默認的ks位置
/var/lib/cobbler/kickstarts/sample.ks
更改指定系統版本對應的ks配置文件
cobbler profile edit --name=centos5.8-x86_64 --kickstart=/var/lib/cobbler/kickstarts/centos5u8-x64.cfg
cobbler profile edit --name=centos6.3-x86_64 --kickstart=/var/lib/cobbler/kickstarts/centos6u3-x64.cfg
cobbler profile edit --name=centos6.4-x86_64 --kickstart=/var/lib/cobbler/kickstarts/centos6u4-x64.cfg
4.9 配置信息查看
cobbler report
distros:
==========
Name : centos5.8-xen-x86_64
Architecture : x86_64
TFTP Boot Files : {}
Breed : redhat
Comment : rhel5.8
Fetchable Files : {}
Initrd : /var/www/cobbler/ks_mirror/centos5.8-x86_64/images/xen/initrd.img
Kernel : /var/www/cobbler/ks_mirror/centos5.8-x86_64/images/xen/vmlinuz
Kernel Options : {}
Kernel Options (Post Install) : {}
Kickstart Metadata : {'tree': 'http://@@http_server@@/cblr/links/centos5.8-xen-x86_64'}
Management Classes : []
OS Version : rhel5
Owners : ['admin']
Red Hat Management Key : <<inherit>>
Red Hat Management Server : <<inherit>>
Template Files : {}
Name : centos6.4-x86_64
Architecture : x86_64
TFTP Boot Files : {}
Breed : redhat
Comment : rhel6.4
Fetchable Files : {}
Initrd : /var/www/cobbler/ks_mirror/centos6.4-x86_64/images/pxeboot/initrd.img
Kernel : /var/www/cobbler/ks_mirror/centos6.4-x86_64/images/pxeboot/vmlinuz
Kernel Options : {}
Kernel Options (Post Install) : {}
Kickstart Metadata : {'tree': 'http://@@http_server@@/cblr/links/centos6.4-x86_64'}
Management Classes : []
OS Version : rhel6
Owners : ['admin']
Red Hat Management Key : <<inherit>>
Red Hat Management Server : <<inherit>>
Template Files : {}
……略……
systems:
==========
repos:
==========
images:
==========
mgmtclasses:
==========
packages:
==========
files:
==========
4.10 系統版本列表
cobbler distro list
centos5.8-x86_64
centos5.8-xen-x86_64
centos6.3-x86_64
centos6.4-x86_64
4.11 同步Cobbler配置
建議先執行cobbler check進行配置檢查再執行cobbler sync,修改cobbler配置后都需要執行此步驟
cobbler check
No configuration problems found. All systems go.
cobbler sync
task started: 2013-03-12_171702_sync
task started (id=Sync, time=Tue Mar 12 17:17:02 2013)
running pre-sync triggers
cleaning trees
……略……
rendering Rsync files
running post-sync triggers
running python triggers from /var/lib/cobbler/triggers/sync/post/*
running python trigger cobbler.modules.sync_post_restart_services
running: dhcpd -t -q
received on stdout:
received on stderr:
running: service dhcpd restart
received on stdout: Shutting down dhcpd: [ OK ]
Starting dhcpd: [ OK ]
received on stderr:
running shell triggers from /var/lib/cobbler/triggers/sync/post/*
running python triggers from /var/lib/cobbler/triggers/change/*
running python trigger cobbler.modules.scm_track
running shell triggers from /var/lib/cobbler/triggers/change/*
*** TASK COMPLETE ***
4.12 創建PXE菜單密碼
增加裝機安全設置菜單密碼
生成hash密碼
支持兩種不同類型的密碼:
sha1pass mypassword
或
openssl passwd -1 -salt sXiKzkus mypassword
我這里選擇后者
# openssl passwd -1 -salt sXiKzkus hexun
$1$sXiKzkus$2DoZ6pfTe8rrc0Si60ecB/
編輯配置文件pxedefault,添加如下藍色部分
vim /etc/cobbler/pxe/pxedefault.template
DEFAULT menu
PROMPT 0
MENU TITLE Cobbler | http://fedorahosted.org/cobbler
MENU MASTER PASSWD $1$sXiKzkus$2DoZ6pfTe8rrc0Si60ecB/
TIMEOUT 200
TOTALTIMEOUT 6000
ONTIMEOUT $pxe_timeout_profile
LABEL local
MENU LABEL (local)
MENU DEFAULT
LOCALBOOT -1
$pxe_menu_items
MENU end
配置pxeprofile,增加藍色部分
vim /etc/cobbler/pxe/pxeprofile.template
LABEL $profile_name
MENU PASSWD
kernel $kernel_path
$menu_label
$append_line
ipappend 2
修改完畢注意檢查、同步配置使其生效
cobbler check
No configuration problems found. All systems go.
cobbler sync
4.13 定制PXE菜單TITLE
編輯pxedefault文件,
vim /etc/cobbler/pxe/pxedefault.template
MENU TITLE Cobbler | http://fedorahosted.org/cobbler
將原文上面的內容根據自定義進行修改
MENU TITLE Hexun Automation Install System
修改后的文件
DEFAULT menu
PROMPT 0
MENU TITLE Hexun Automation Install System
MENU MASTER PASSWD $1$sXiKzkus$2DoZ6pfTe8rrc0Si60ecB/
TIMEOUT 200
TOTALTIMEOUT 6000
ONTIMEOUT $pxe_timeout_profile
LABEL local
MENU LABEL (local)
MENU DEFAULT
LOCALBOOT -1
$pxe_menu_items
MENU end
修改完畢執行如下兩條命令
cobbler check
cobbler sync
4.14 添加指定客戶機系統配置到Cobbler
4.14.1 指定一個網段使用特定的裝機配置
cobbler system add --name=networktest --ip-address=192.168.209.0 --subnet=255.255.255.0 --profile=CentOS6.0-x86_64
4.14.2 添加一個指定服務器的裝機配置
指定服務器就是綁定它的mac地址,並設置好ip、dns、hostname
定義系統
cobbler system add --name=kingserver230 --hostname=kingserver230 --mac=00:50:56:2E:96:D2 --interface=eth0 --ip-address=192.168.209.230 --subnet=255.255.255.0 --gateway=192.168.209.1 --static=1 --profile=CentOS6.0-x86_64
查看定義的系統列表
[root@kingserver110 kickstarts]# cobbler system list
kingserver220
kingserver230
networktest
更多參數見cobbler system add --help
五、Cobbler Web管理
Cobbler web界面是一個很好的前端,非常容易管理Cobbler
可以添加和刪除 system distro profile
可以查看、編輯distros, profiles, subprofiles, systems, repos 、 kickstart文件
5.1 安裝cobbler_web
yum -y install cobbler-web
5.2 設置用戶名密碼
為已存在的用戶cobbler重置密碼
htdigest /etc/cobbler/users.digest "Cobbler" cobbler
添加新用戶
htdigest /etc/cobbler/users.digest "Cobbler" your_newname
5.3 配置cobbler web可以登錄
sed -i 's/authn_denyall/authn_configfile/g' /etc/cobbler/modules.conf
5.4 重啟Cobbler與http
/etc/init.d/cobblerd restart
/etc/init.d/httpd restart
三、Cobbler 常用命令匯總
1.導入鏡像文件
命令:cobbler import --path=鏡像路徑 -- name=安裝引導名 --arch=32位或64位
參數:
- path 是鏡像所掛載的目錄
- name 是導入到cobbler里面顯示的名字
- arch 是32位系統還是64位系統
2.導入kickstart文件
命令:cobbler profile add --name=list名 --distro=鏡像 --kickstart=路徑
參數:
- name是表示添加的ks 的名字,用cobbler report可以看到這個名字
- distro 是用哪個鏡像,list的distros里面選擇一個,需要版本相對應
- kickstart 是具體的 ks 文件路徑
3.同步DHCP、HTTPD
命令:cobbler sync
注,每次修改完dhcp.template之類的配置文件需要執行一次使其生效。
4.查看Cobbler列表
命令:cobbler list
注,列出Cobbler所有的元素。
5.刪除相關列表
命令:cobbler distro/profile remove --name=要刪除的引導文件名
- 刪除指定 distro , 也就是鏡像
- 刪除指定的 profile 文件,也就是 ks
四、Cobbler 各種目錄說明(注,這里只介紹重點的文件或目錄 )
1.cobbler配置文件目錄/etc/cobbler
|
|
[root@node2 cobbler]# ls /etc/cobbler/ auth.conf cobblerd.service dnsmasq.template mongodb.conf rsync.exclude users.conf cheetah_macros cobbler_web.conf import_rsync_whitelist named.template rsync.template users.digest cobbler_bash completions iso power secondary.template version cobbler.conf dhcp.template ldap pxe settings zone.template cobblerd_rotate distro_signatures.json modules.conf reporting tftpd.template zone_templates |
- /etc/cobbler/settings cobbler主配置文件
- /etc/cobbler/iso/ iso模板配置文件
- /etc/cobbler/pxe pxe模板文件
- /etc/cobbler/power 電源的配置文件
- /etc/cobbler/users.conf Web 服務授權配置文件
- /etc/cobbler/users.digest 用於web訪問的用戶名密碼配置文件
- /etc/cobbler/dhcp.template DHCP服務的配置模板
- /etc/cobbler/dnsmasq.template DNS服務的配置模板
- /etc/cobbler/tftpd.template tftp服務的配置模板
- /etc/cobbler/modules.conf Cobbler模塊配置文件
2.cobbler數據目錄/var/lib/cobbler
| 1 2 3 4 5 6 7 |
[root@node2 cobbler]# ls /var/lib/cobbler/ config distro_signatures.json kickstarts loaders lock scripts snippets triggers web.ss [root@node2 config]# ls distros.d files.d images.d mgmtclasses.d packages.d profiles.d repos.d systems.d [root@node2 loaders]# ls COPYING.elilo COPYING.yaboot grub-x86_64.efi menu.c32 README COPYING.syslinux elilo-ia64.efi grub-x86.efi pxelinux.0 yaboot |
- /var/lib/cobbler/config/ 用於存放distros、systems、profiles等信息配置文件
- /var/lib/cobbler/triggers 用於存放用戶定義的cobbler 命令
- /var/lib/cobbler/kickstarts/ 默認存放kickstart文件
- /var/lib/cobbler/loaders 存放的各種引導程序
3.鏡像數據目錄/var/www/cobbler
| 1 2 |
[root@node2 cobbler]# ls aux images ks_mirror links localmirror pub rendered repo_mirror svc |
- /var/www/cobbler/ks_mirror/ 導入的發行版系統的所有數據
- /var/www/cobbler/images/ 導入發行版的Kernel和initrd鏡像用於遠程網絡啟動
- /var/www/cobbler/repo_mirror/ yum倉庫存儲目錄
4.日志目錄 /var/log/cobbler/
| 1 2 3 4 5 |
[root@node2 cobbler]# ls anamon cobbler.log install.log kicklog syslog tasks [root@node2 cobbler]# cat install.log profile CentOS-5.5-x86_64 192.168.18.222 start 1384219313.49 profile CentOS-5.5-x86_64 192.168.18.222 stop 1384219512.05 |
- /var/log/cobbler/install.log 客戶端的安裝系統日志
- /var/log/cobbler/cobbler.log cobbler日志
下面我們來具體看一下sample.ks的內容。
| 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 |
[root@node2 ~]# cat /var/lib/cobbler/kickstarts/sample.ks #platform=x86, AMD64, or Intel EM64T # System authorization information auth --useshadow --enablemd5 #用戶登錄認證 # System bootloader configuration bootloader --location=mbr #mbr引導 # Partition clearing information clearpart --all --initlabel #默認清除所以分區 # Use text mode install text #默認以文本模式安裝 # Firewall configuration firewall --enabled #防火牆默認開啟 # Run the Setup Agent on first boot firstboot --disable #禁用啟動代理 # System keyboard keyboard us #默認英文鍵盤 # System language lang en_US #默認語言英文 # Use network installation url --url=$tree #網絡安裝路徑 # If any cobbler repo definitions were referenced in the kickstart profile, include them here. $yum_repo_stanza #默認的yum倉庫 # Network information $SNIPPET('network_config') # Reboot after installation reboot #安裝完成后重啟 #Root password rootpw --iscrypted $default_password_crypted #密碼是我們/etc/cobbler/settings設置密碼 # SELinux configuration selinux --disabled #默認關閉selinux # Do not configure the X Window System skipx #默認沒有安裝圖形界面 # System timezone timezone America/New_York #默認時區是美國/紐約 # Install OS instead of upgrade install #定義的是安裝系統而不是升級系統 # Clear the Master Boot Record zerombr #默認清空所有的mbr # Allow anaconda to partition the system as needed autopart #默認自動分區 #下面就是Cobbler自定執行的一些腳本,我就不解釋了。 %pre $SNIPPET('log_ks_pre') $SNIPPET('kickstart_start') $SNIPPET('pre_install_network_config') # Enable installation monitoring $SNIPPET('pre_anamon') %packages $SNIPPET('func_install_if_enabled') $SNIPPET('puppet_install_if_enabled') %post $SNIPPET('log_ks_post') # Start yum configuration $yum_config_stanza # End yum configuration $SNIPPET('post_install_kernel_options') $SNIPPET('post_install_network_config') $SNIPPET('func_register_if_enabled') $SNIPPET('puppet_register_if_enabled') $SNIPPET('download_config_files') $SNIPPET('koan_environment') $SNIPPET('redhat_register') $SNIPPET('cobbler_register') # Enable post-install boot notification $SNIPPET('post_anamon') # Start final steps $SNIPPET('kickstart_done') # End final steps |
7、 RPM 倉庫管理 (根據需要自己決定吧)
相關閱讀:https://fedorahosted.org/cobbler/wiki/ManageYumRepos
我們可以為cobbler 添加 RPM 倉庫:
cobbler repo add --name= RHEL5.6-x86-64 --mirror= http://mirrors.163.com/centos/5/os/x86_64/
cobbler repo add --name= EPEL5.-x86-64 --mirror= http://mirrors.ustc.edu.cn/fedora/epel/5/x86_64/
同步倉庫到本地:
cobbler reposync
也可以通過設置--mirror-locally=0 不下載到本地,而通過 kickstart server 去倉庫下載 rpm 包。
添加計划任務,每天凌晨兩點進行一次同步:
crontab -e
0 2 * * * cobbler reposync --tries=3 --no-fail
8、設置 profile 和 system (這個功能比較牛 P。需要深入研究哈)
profile可以理解為按角色進行分類。
cobbler profile add --name=webserver --distro=CentOS-5-i386 --repos=EPEL-5-i386 --kickstart=/var/lib/cobbler/kickstarts/webserver.ks
system是對待安裝機器做具體設置,如設置主機名、 IP 地址、 hostname 等,這些設置根據 MAC 應用到具體機器上。
# cobbler system add --name=webserver1 --ip=192.168.0.110 --mac=00:0C:29:77:89:c7 --profile=webserver --kickstart=/var/lib/cobbler/kickstarts/webserver.ks --static=1
# cobbler system edit --name=webserver1 --dns-name=webserver1.grid.house.sina.com.cn --hostname=webserver1.grid.house.sina.com.cn
cobbler system edit --name=webserver1 --gateway=192.168.0.1 --subnet=255.255.255.0
cobbler system edit --name=webserver1 --interface=eth1 --static=0
可以通過訪問http://192.168.0.2/cblr/svc/op/ks/system/webserver1 來查看真正的 kickstart 配置。
12、 Cobbler 命令說明
cobbler check - 核對當前設置是否有問題
cobbler list - 列出所有的 cobbler 元素
cobbler report - 詳細的列出個元素
cobbler sync - 同步配置到 dhcp/pxe 和數據目錄
cobbler reposync - 同步 yum 倉庫
13、 Cobbler 配置文件說明
Cobbler配置文件存放在 /etc/cobbler 下。 /etc/cobbler/settings 為主配置文件;在 /etc/cobbler 下你還能看到 dhcp 、 dns 、 pxe 、 dnsmasq 的模板配置文件; /etc/cobbler/users.digest 為用於 web 訪問的用戶名密碼配置文件; /etc/cobbler/modules.conf 為模塊配置文件;/etc/cobbler/users.conf 為 Cobbler WebUI/Web service 授權配置文件。
Repo數據目錄 /var/www/cobbler
導入的發行版,repos 鏡像和 kickstart 文件都放置在 /var/www/cobbler 目錄下。確保 /var 目錄有足夠的空間來存儲這些文件。
images/ - 存儲所有導入發行版的 Kernel 和 initrd 鏡像用於遠程網絡啟動
ks_mirror/ - 存儲導入的發行版
repo_mirror/ - yum repos存儲目錄
/var/log/cobbler用於存放日志文件 /var/log/cobbler/cobbler.log
Cobbler數據目錄 /var/lib/cobbler ,此目錄存儲和 Cobbler profiles 、 systems 、 distros 相關的配置。
configs/ - 此目錄用於存儲 distros 、 repos 、 systems 和 profiles 相關信息
backup/ - 備份目錄
snippets/ - 用於放置一些可以在 kickstarts 導入的腳本小片段
triggers/ - 此目錄用來放置一些可執行腳本
kickstarts/ - 此目錄用來放置 kickstart 模板文件
與Puppet 整合進行配置管理: 這個功能后續在研究吧。先寫到這里。感謝你的支持。
一個ks.cfg
- # Kickstart file automatically generated by anaconda.
- #Install OS instead of upgrade
- install
- #Use text mode install
- text
- #Use CDROM installation media
- cdrom
- lang en_US.UTF-8
- keyboard us
- #Skip the X Configuration
- skipx
- #Use network installation
- url --url=http://192.168.9.230/cobbler/ks_mirror/kerryOS-1.0-i386
- #Network information
- #network --device eth0 --bootproto static --ip 192.168.9.226 --netmask 255.255.255.0 --gateway 192.168.9.1 --nameserver 192.168.9.1 --noipv6 --onboot=yes --hostname kerry-web-001
- network --device eth0 --bootproto dhcp --noipv6 --hostname kerry-web-001
- #root -- 1q2w3e
- rootpw --iscrypted $1$n07CbCot$GP.VBeICPHj.QkJb5Y2C2.
- firewall --disabled
- #System authorization information
- authconfig --enableshadow --enablemd5
- selinux --disabled
- timezone --utc Asia/Shanghai
- #System bootloader configuration
- bootloader --location=mbr
- #Clear the Master Boot Record
- zerombr yes
- # Set the Mouse
- mouse generic3ps/2
- # The following is the partition information you requested
- # Note that any partitions you deleted are not expressed
- # here so unless you clear all partitions first, this is
- # not guaranteed to work
- #Partition clearing information
- clearpart --all --initlabel
- part /boot --fstype ext3 --size=200 --asprimary
- part / --fstype ext3 --size=10000
- part swap --size=2048
- part /data --fstype ext3 --size=1 --grow
- #--- Reboot the host after installation is done
- reboot
- %packages
- %packages
- @base
- @core
- @development-libs
- @development-tools
- @editors
- @text-internet
- keyutils
- trousers
- fipscheck
- device-mapper-multipath
- imake
- %post --nochroot
- # Mount CDROM
- mkdir -p /mnt/cdrom
- mount -r -t iso9660 /tmp/cdrom /mnt/cdrom
- cp /mnt/cdrom/ipmod /mnt/sysimage/root/ipmod > /dev/null
- umount /mnt/cdrom
- %post
- #vim syntax on
- sed -i "8 s/^/alias vi='vim'/" /root/.bashrc 2>/dev/null
- echo 'syntax on' > /root/.vimrc 2>/dev/null
- #init_ssh
- ssh_cf="/etc/ssh/sshd_config"
- sed -i -e '74 s/^/#/' -i -e '76 s/^/#/' $ssh_cf
- sed -i "s/#UseDNS yes/UseDNS no/" $ssh_cf
- #client
- sed -i -e '44 s/^/#/' -i -e '48 s/^/#/' $ssh_cf
- # Remove the ISO File translation files
- find / -name TRANS.TBL -exec rm {} \; /dev/null 2>/dev/null
- # Remove some unneeded services
- #--------------------------------------------------------------------------------
- cat << EOF
- +--------------------------------------------------------------+
- | === Welcome to Tunoff services === |
- +--------------------------------------------------------------+
- EOF
- #---------------------------------------------------------------------------------
- for i in `ls /etc/rc3.d/S*`
- do
- CURSRV=`echo $i|cut -c 15-`
- echo $CURSRV
- case $CURSRV in
- crond | irqbalance | microcode_ctl | network | random | sshd | syslog | local )
- echo "Base services, Skip!"
- ;;
- *)
- echo "change $CURSRV to off"
- chkconfig --level 235 $CURSRV off
- service $CURSRV stop
- ;;
- esac
- done
- # file descriptors
- ulimit -HSn 65535
- echo -ne "
- * soft nofile 65536
- * hard nofile 65536
- " >>/etc/security/limits.conf
- #set sysctl
- true > /etc/sysctl.conf
- cat >> /etc/sysctl.conf << EOF
- net.ipv4.ip_forward = 0
- net.ipv4.conf.default.rp_filter = 1
- net.ipv4.conf.default.accept_source_route = 0
- kernel.sysrq = 0
- kernel.core_uses_pid = 1
- net.ipv4.tcp_syncookies = 1
- kernel.msgmnb = 65536
- kernel.msgmax = 65536
- kernel.shmmax = 68719476736
- kernel.shmall = 4294967296
- net.ipv4.tcp_max_tw_buckets = 6000
- net.ipv4.tcp_sack = 1
- net.ipv4.tcp_window_scaling = 1
- net.ipv4.tcp_rmem = 4096 87380 4194304
- net.ipv4.tcp_wmem = 4096 16384 4194304
- net.core.wmem_default = 8388608
- net.core.rmem_default = 8388608
- net.core.rmem_max = 16777216
- net.core.wmem_max = 16777216
- net.core.netdev_max_backlog = 262144
- net.core.somaxconn = 262144
- net.ipv4.tcp_max_orphans = 3276800
- net.ipv4.tcp_max_syn_backlog = 262144
- net.ipv4.tcp_timestamps = 0
- net.ipv4.tcp_synack_retries = 1
- net.ipv4.tcp_syn_retries = 1
- net.ipv4.tcp_tw_recycle = 1
- net.ipv4.tcp_tw_reuse = 1
- net.ipv4.tcp_mem = 94500000 915000000 927000000
- net.ipv4.tcp_fin_timeout = 1
- net.ipv4.tcp_keepalive_time = 1200
- net.ipv4.ip_local_port_range = 1024 65535
- EOF
- /sbin/sysctl -p
- #close ctrl+alt+del
- sed -i "s/ca::ctrlaltdel:\/sbin\/shutdown -t3 -r now/#ca::ctrlaltdel:\/sbin\/shutdown -t3 -r now/" /etc/inittab
- #set purview
- chmod 600 /etc/passwd
- chmod 600 /etc/shadow
- chmod 600 /etc/group
- chmod 600 /etc/gshadow