cobbler配置
借鉴了网上好多文章,但是因为是去年做的cobbler,忘记是哪些地址,故暂未附上,见谅。
[root@kingserver111 ~]# lsb_release -a
LSB Version: :core-4.0-amd64:core-4.0-noarch:graphics-4.0-amd64:graphics-4.0-noarch:printing-4.0-amd64:printing-4.0-noarch
Distributor ID: CentOS
Description: CentOS Linux release 6.0 (Final)
Release: 6.0
Codename: Final
[root@kingserver111 ~]# cat /etc/redhat-release
CentOS Linux release 6.0 (Final)
[root@kingserver111 ~]# df -h
Filesystem Size Used Avail Use% Mounted on
/dev/sda1 19G 7.6G 11G 43% /
tmpfs 497M 88K 497M 1% /dev/shm
/dev/sda3 194M 5.6M 179M 4% /boor
[root@kingserver111 ~]# free -m
total used free shared buffers cached
Mem: 993 408 584 0 28 227
-/+ buffers/cache: 152 841
Swap: 999 0 999
设置源
采用网易的源和EPEL的源
http://mirror.bjtu.edu.cn/fedora-epel/6/i386/repoview/epel-release.html
(根据版本号下载)
yum -y install wget vim-enhanced
mv /bin/vi /bin/vi.save
ln -s /usr/bin/vim /bin/vi
cd /etc/yum.repos.d/
mkdir backup
mv *.repo ./backup
wget http://mirrors.163.com/.help/CentOS6-Base-163.repo
rpm -ivh http://mirrors.ustc.edu.cn/fedora/epel/6/i386/epel-release-6-7.noarch.rpm
yum list
设置主机名
关闭iptables,ip6tables,selinux
如果希望cobbler可以管理dhcp,dns,需要把dns和dhcp都安装在同一台服务器上。如果你不管理dns,可以不需要安装bind.
yum -y install cman tftp-server dhcp cobbler cobbler-web bind pykickstart xinetd httpd rsync xinetd python-ctypes debmirror
安装debmirror
需要用debmirror来下载ubuntu 12.04的源,做本地源.目前debmirrors, 只能使用rpm包安装,
yum -y install debmirror
配置Cobbler
vim /etc/cobbler/settings #Cobbler主配置文件
cp -p /etc/cobbler/settings /etc/cobbler/settings.bak
sed -i 's/manage_dhcp: 0/manage_dhcp: 1/g' /etc/cobbler/settings
sed -i 's/manage_rsync: 0/manage_rsync: 1/g' /etc/cobbler/settings
1:tftp服务和rsync服务
sed -i '/disable/c\\tdisable\t\t\t=
no' /etc/xinetd.d/tftp
sed -i -e 's/\=\ yes/\=\ no/g' /etc/xinetd.d/rsync
service xinetd restart
2: web可以登陆
cp -p /etc/cobbler/modules.conf /etc/cobbler/modules.conf.bak
sed -i 's/authn_denyall/authn_configfile/g' /etc/cobbler/modules.conf
3: 设置cobbler web登陆,用户登陆密码
htdigest /etc/cobbler/users.digest "Cobbler" cobbler
4: 设置cobbler登陆服务器地址
sed -i 's/server: 127.0.0.1/server: 192.168.209.111/g' /etc/cobbler/settings
5:ks脚本关闭pxe,这样就不会重复安装
sed -i 's/pxe_just_once: 0/pxe_just_once: 1/g' /etc/cobbler/settings
6:TFTP服务器 IP地址
sed -i 's/next_server: 127.0.0.1/next_server: 192.168.209.111/g' /etc/cobbler/settings
7:cobbler管理rsync
sed -i 's/manage_rsync: 0/manage_rsync: 1/g' /etc/cobbler/settings
8:cobbler管理dhcp
sed -i 's/manage_dhcp: 0/manage_dhcp: 1/g' /etc/cobbler/settings
9:cobbler管理dns (可选)
sed -i 's/manage_dns: 0/manage_dns: 1/g' /etc/cobbler/settings
设置root默认密码
这个设置只针对centos有效。我默认的root密码是:fengyun299
# openssl passwd -1 -salt
'random-phrase-here' 'fengyun299'
$1$random-p$99lAzJZEl9uunSaThe9oM0
修改 /etc/cobbler/settings
#default_password_crypted:
"$1$mF86/UHC$WvcIcX2t6crBz2onWxyac."
default_password_crypted: "$1$random-p$SBOoxFrHGWHpvzS8BeGQ5/"
11: 启动相关服务
dhcp服务由于没有设置,所以无法启动。后面我们会对dhcp进行设置。另外启动named的服务时候,需要等待1,2分钟,生成一个key。
chkconfig httpd on
chkconfig cobblerd on
chkconfig named on
chkconfig dhcpd on
/etc/init.d/httpd restart
/etc/init.d/cobblerd restart
/etc/init.d/named restart
12:设置debmirror
sed -i -e
's|@dists=.*|#@dists=|'
/etc/debmirror.conf
sed -i -e 's|@arches=.*|#@arches=|'
/etc/debmirror.conf
13:启动菜单
cobbler get-loaders
检查cobbler
cobbler提供一个工具,检查你的设置。看到提示,就表示全部工作都已经完成。
对cobbler所有修改,需要
cobbler sync
检查
# cobbler check
No configuration problems found. All
systems go.
四:web登陆
https://192.168.209.111/cobbler_web/distro/list user:cobbler 密码就是上面设置的。
cobbler的使用,主要是集中在上面几个菜单里。这里简单解析一下。
Distros:这个其实就是发行版,类似Centos,ubuntu,suse。centos6.2和centos6.3,是不同的distros。假设我们导入一个centos6.3的iso,就是增加了一个Distros
Profiles:针对Distros的设置,一个distros,可以保护多个profiles,包括不同的kickstart文件。源的设置,都是在这里设置。
Systems:针对是每个节点,这里可以指定节点的ip地址,dns name,还有就是ipmi的用户名和密码,实现远程开机,关机。这是一个重点,日后对机器的操作,全部在sytem的菜单里操作。system里,会指定节点使用哪个profile。
Repos:这个主要是针对Redhat和Centos有效,可以管理源,并且这些源,可以在profile里添加。比较方便。需要注意的是,对于ubuntu的源,只能在kickstart 脚本里指定。
Images:这个我没用到,看说明主要是针对不能pxe的机器,采用iso启动。
Kicsstart Templates:这是核心,cobbler内置了几个ks文件,你如果导入一个centos,系统会默认关联一个ks文件,你不需要做任何设置,就可以把os自动装完。对于ubuntu,我们就需要单独创建一个preseed文件,这些文件可以通过web管理和修改。非常方便。
Snippets:这是cobbler的精华。一些常用的设置,写成一个模块,让ks文件调用。这样更加灵活。例如centos的网络固定IP地址的设置,就是通过这里实现。
配置管理Cobbler
4.1 Cobbler命令说明
命令名称 |
命令用途 |
cobbler check |
检查cobbler配置 |
cobbler list |
列出所有的cobbler元素 |
cobbler report |
列出元素的详细信息 |
cobbler distro |
查看导入的发行版系统信息 |
cobbler system |
查看添加的系统信息 |
cobbler profile |
查看配置信息 |
cobbler sync |
同步Cobbler配置,更改配置最好都要执行下 |
cobbler reposync |
同步yum仓库 |
命令参考
cobbler --help
cobbler distro --help
cobbler distro add --help
4.2 Cobbler配置文件说明
Cobbler配置文件存放在/etc/cobbler下
配置文件名称 |
作 用 |
/etc/cobbler/settings |
Cobbler主配置文件 |
/etc/cobbler/users.digest |
用于web访问的用户名密码配置文件 |
/etc/cobbler/modules.conf |
模块配置文件 |
/etc/cobbler/users.conf |
Cobbler WebUI/Web 服务授权配置文件 |
/etc/cobbler/iso/ |
Buildiso 模板配置文件 |
/etc/cobbler/power |
电源配置文件 |
/etc/cobbler/pxe |
Pxeprofile配置模板 |
/etc/cobbler |
此目录也包含rsync、dhcp、dns、pxe、dnsmasq等服务的模板配置文件 |
4.3 系统镜像数据目录/var/www/cobbler
导入的系统发行版,repos镜像和kickstart文件都放置在/var/www/cobbler目录下。确保/var目录有足够的空间来存储这些文件。
目录名称 |
作 用 |
/var/www/cobbler/images/ |
存储所有导入发行版的Kernel和initrd镜像用于远程网络启动 |
/var/www/cobbler/ks_mirror/ |
存储导入的发行版系统数据 |
/var/www/cobbler/repo_mirror/ |
仓库存储目录 |
/var/log/cobbler |
Cobbler日志文件 cobbler.log install.log |
4.4 Cobbler数据目录/var/lib/cobbler
此目录存储和Cobbler profiles、systems、distros相关的配置。
目录名称 |
作 用 |
/var/lib/cobbler/config/ |
存放distros、repos、systems和profiles等信息配置文件,一般都是json文件 |
/var/lib/cobbler/snippets/ |
存放ks文件可以导入的脚本小片段,值得研究 |
/var/lib/cobbler/triggers |
存放用户定义的cobbler 命令 |
/var/lib/cobbler/kickstarts/ |
存放kickstart配置文件 |
4.5 相关日志文件
web日志存放点
/var/log/httpd/access_log
/var/log/httpd/error_log
/var/log/httpd/ssl_access_log
/var/log/httpd/ssl_error_log
Cobbler日志
/var/log/cobbler/cobbler.log
/var/log/cobbler/install.log
通过Cobbler日志可以获取系统的安装状态
4.6 导入系统镜像
4.6.1 上传ISO镜像至服务器
注意下载的ISO文件要核对文件的md5值,确保数据完整性
[root@hxinstall x86_64]# md5sum CentOS-5.8-x86_64-bin-DVD-1of2.iso
8a3bf0030f192022943f83fe6b2cf373 CentOS-5.8-x86_64-bin-DVD-1of2.iso
4.6.2 创建ISO目录
mkdir -p /var/iso/Linux/Centos/x86_64/
mkdir -p /var/os/Linux/Centos/x86_64/Centos5.8/dvd
mkdir -p /var/os/Linux/Centos/x86_64/Centos6.3/dvd
mkdir -p /var/os/Linux/Centos/x86_64/Centos6.4/dvd
4.6.3 挂载ISO镜像
mount -o loop /var/iso/Linux/Centos/x86_64/CentOS-5.8-x86_64-bin-DVD-1of2.iso /var/os/Linux/Centos/x86_64/Centos5.8/dvd
4.6.4 从DVD中导入OS数据
系统版本命名为centos5.8 架构x86_64,这时间长,耐性等待。可查看ls /var/www/cobbler/ks_mirror/centos5.8-x86_64/目录文件生成情况。
[root@kingserver111 opt]# cobbler import --path=/opt/CentOS_6.0 --name=CentOS6.0 --arch=x86_64
task started: 2014-03-05_165827_import
task started (id=Media import, time=Wed Mar 5 16:58:27 2014)
Found a candidate signature: breed=redhat, version=rhel6
Found a matching signature: breed=redhat, version=rhel6
Adding distros from path /var/www/cobbler/ks_mirror/CentOS6.0-x86_64:
creating new distro: CentOS6.0-x86_64
trying symlink: /var/www/cobbler/ks_mirror/CentOS6.0-x86_64 -> /var/www/cobbler/links/CentOS6.0-x86_64
creating new profile: CentOS6.0-x86_64
associating repos
checking for rsync repo(s)
checking for rhn repo(s)
checking for yum repo(s)
starting descent into /var/www/cobbler/ks_mirror/CentOS6.0-x86_64 for CentOS6.0-x86_64
processing repo at : /var/www/cobbler/ks_mirror/CentOS6.0-x86_64
need to process repo/comps: /var/www/cobbler/ks_mirror/CentOS6.0-x86_64
looking for /var/www/cobbler/ks_mirror/CentOS6.0-x86_64/repodata/*comps*.xml
running: createrepo -c cache -s sha --groupfile /var/www/cobbler/ks_mirror/CentOS6.0-x86_64/repodata/2a7e0c1da38a40e2961c0cec6acca8b8446d974b1fc055216ebde88bb4a19eb9-c6-x86_64-comps.xml /var/www/cobbler/ks_mirror/CentOS6.0-x86_64
received on stdout: Spawning worker 0 with 3689 pkgs
Workers Finished
Gathering worker results
Saving Primary metadata
Saving file lists metadata
Saving other metadata
Generating sqlite DBs
Sqlite DBs complete
received on stderr:
*** TASK COMPLETE ***
[root@kingserver111 opt]#
[root@kingserver111 opt]#
[root@kingserver111 opt]# echo $?
0
[root@kingserver111 opt]# cobbler list
distros:
CentOS6.0-x86_64
profiles:
CentOS6.0-x86_64
systems:
repos:
images:
mgmtclasses:
packages:
files:
4.7 删除导入的系统
cobbler profile find --distro=centos6.3-x64-x86_64 #查看配置是否存在
centos6.3-x64-x86_64
cobbler profile remove --name=centos6.3-x64-x86_64 #删除配置文件
cobbler distro remove --name=centos6.3-x64-x86_64 #删除distro
cobbler profile find --distro=centos6.3-x64-x86_64 #再查看配置已无
4.8 自定义ks
更改kickstart文件,可为http等,具体cobbler --help查看,这里采用我们自定制ks文件
ks目录位置
/var/lib/cobbler/kickstarts/
默认的ks位置
/var/lib/cobbler/kickstarts/sample.ks
更改指定系统版本对应的ks配置文件
cobbler profile edit --name=centos5.8-x86_64 --kickstart=/var/lib/cobbler/kickstarts/centos5u8-x64.cfg
cobbler profile edit --name=centos6.3-x86_64 --kickstart=/var/lib/cobbler/kickstarts/centos6u3-x64.cfg
cobbler profile edit --name=centos6.4-x86_64 --kickstart=/var/lib/cobbler/kickstarts/centos6u4-x64.cfg
4.9 配置信息查看
cobbler report
distros:
==========
Name : centos5.8-xen-x86_64
Architecture : x86_64
TFTP Boot Files : {}
Breed : redhat
Comment : rhel5.8
Fetchable Files : {}
Initrd : /var/www/cobbler/ks_mirror/centos5.8-x86_64/images/xen/initrd.img
Kernel : /var/www/cobbler/ks_mirror/centos5.8-x86_64/images/xen/vmlinuz
Kernel Options : {}
Kernel Options (Post Install) : {}
Kickstart Metadata : {'tree': 'http://@@http_server@@/cblr/links/centos5.8-xen-x86_64'}
Management Classes : []
OS Version : rhel5
Owners : ['admin']
Red Hat Management Key : <<inherit>>
Red Hat Management Server : <<inherit>>
Template Files : {}
Name : centos6.4-x86_64
Architecture : x86_64
TFTP Boot Files : {}
Breed : redhat
Comment : rhel6.4
Fetchable Files : {}
Initrd : /var/www/cobbler/ks_mirror/centos6.4-x86_64/images/pxeboot/initrd.img
Kernel : /var/www/cobbler/ks_mirror/centos6.4-x86_64/images/pxeboot/vmlinuz
Kernel Options : {}
Kernel Options (Post Install) : {}
Kickstart Metadata : {'tree': 'http://@@http_server@@/cblr/links/centos6.4-x86_64'}
Management Classes : []
OS Version : rhel6
Owners : ['admin']
Red Hat Management Key : <<inherit>>
Red Hat Management Server : <<inherit>>
Template Files : {}
……略……
systems:
==========
repos:
==========
images:
==========
mgmtclasses:
==========
packages:
==========
files:
==========
4.10 系统版本列表
cobbler distro list
centos5.8-x86_64
centos5.8-xen-x86_64
centos6.3-x86_64
centos6.4-x86_64
4.11 同步Cobbler配置
建议先执行cobbler check进行配置检查再执行cobbler sync,修改cobbler配置后都需要执行此步骤
cobbler check
No configuration problems found. All systems go.
cobbler sync
task started: 2013-03-12_171702_sync
task started (id=Sync, time=Tue Mar 12 17:17:02 2013)
running pre-sync triggers
cleaning trees
……略……
rendering Rsync files
running post-sync triggers
running python triggers from /var/lib/cobbler/triggers/sync/post/*
running python trigger cobbler.modules.sync_post_restart_services
running: dhcpd -t -q
received on stdout:
received on stderr:
running: service dhcpd restart
received on stdout: Shutting down dhcpd: [ OK ]
Starting dhcpd: [ OK ]
received on stderr:
running shell triggers from /var/lib/cobbler/triggers/sync/post/*
running python triggers from /var/lib/cobbler/triggers/change/*
running python trigger cobbler.modules.scm_track
running shell triggers from /var/lib/cobbler/triggers/change/*
*** TASK COMPLETE ***
4.12 创建PXE菜单密码
增加装机安全设置菜单密码
生成hash密码
支持两种不同类型的密码:
sha1pass mypassword
或
openssl passwd -1 -salt sXiKzkus mypassword
我这里选择后者
# openssl passwd -1 -salt sXiKzkus hexun
$1$sXiKzkus$2DoZ6pfTe8rrc0Si60ecB/
编辑配置文件pxedefault,添加如下蓝色部分
vim /etc/cobbler/pxe/pxedefault.template
DEFAULT menu
PROMPT 0
MENU TITLE Cobbler | http://fedorahosted.org/cobbler
MENU MASTER PASSWD $1$sXiKzkus$2DoZ6pfTe8rrc0Si60ecB/
TIMEOUT 200
TOTALTIMEOUT 6000
ONTIMEOUT $pxe_timeout_profile
LABEL local
MENU LABEL (local)
MENU DEFAULT
LOCALBOOT -1
$pxe_menu_items
MENU end
配置pxeprofile,增加蓝色部分
vim /etc/cobbler/pxe/pxeprofile.template
LABEL $profile_name
MENU PASSWD
kernel $kernel_path
$menu_label
$append_line
ipappend 2
修改完毕注意检查、同步配置使其生效
cobbler check
No configuration problems found. All systems go.
cobbler sync
4.13 定制PXE菜单TITLE
编辑pxedefault文件,
vim /etc/cobbler/pxe/pxedefault.template
MENU TITLE Cobbler | http://fedorahosted.org/cobbler
将原文上面的内容根据自定义进行修改
MENU TITLE Hexun Automation Install System
修改后的文件
DEFAULT menu
PROMPT 0
MENU TITLE Hexun Automation Install System
MENU MASTER PASSWD $1$sXiKzkus$2DoZ6pfTe8rrc0Si60ecB/
TIMEOUT 200
TOTALTIMEOUT 6000
ONTIMEOUT $pxe_timeout_profile
LABEL local
MENU LABEL (local)
MENU DEFAULT
LOCALBOOT -1
$pxe_menu_items
MENU end
修改完毕执行如下两条命令
cobbler check
cobbler sync
4.14 添加指定客户机系统配置到Cobbler
4.14.1 指定一个网段使用特定的装机配置
cobbler system add --name=networktest --ip-address=192.168.209.0 --subnet=255.255.255.0 --profile=CentOS6.0-x86_64
4.14.2 添加一个指定服务器的装机配置
指定服务器就是绑定它的mac地址,并设置好ip、dns、hostname
定义系统
cobbler system add --name=kingserver230 --hostname=kingserver230 --mac=00:50:56:2E:96:D2 --interface=eth0 --ip-address=192.168.209.230 --subnet=255.255.255.0 --gateway=192.168.209.1 --static=1 --profile=CentOS6.0-x86_64
查看定义的系统列表
[root@kingserver110 kickstarts]# cobbler system list
kingserver220
kingserver230
networktest
更多参数见cobbler system add --help
五、Cobbler Web管理
Cobbler web界面是一个很好的前端,非常容易管理Cobbler
可以添加和删除 system distro profile
可以查看、编辑distros, profiles, subprofiles, systems, repos 、 kickstart文件
5.1 安装cobbler_web
yum -y install cobbler-web
5.2 设置用户名密码
为已存在的用户cobbler重置密码
htdigest /etc/cobbler/users.digest "Cobbler" cobbler
添加新用户
htdigest /etc/cobbler/users.digest "Cobbler" your_newname
5.3 配置cobbler web可以登录
sed -i 's/authn_denyall/authn_configfile/g' /etc/cobbler/modules.conf
5.4 重启Cobbler与http
/etc/init.d/cobblerd restart
/etc/init.d/httpd restart
三、Cobbler 常用命令汇总
1.导入镜像文件
命令:cobbler import --path=镜像路径 -- name=安装引导名 --arch=32位或64位
参数:
- path 是镜像所挂载的目录
- name 是导入到cobbler里面显示的名字
- arch 是32位系统还是64位系统
2.导入kickstart文件
命令:cobbler profile add --name=list名 --distro=镜像 --kickstart=路径
参数:
- name是表示添加的ks 的名字,用cobbler report可以看到这个名字
- distro 是用哪个镜像,list的distros里面选择一个,需要版本相对应
- kickstart 是具体的 ks 文件路径
3.同步DHCP、HTTPD
命令:cobbler sync
注,每次修改完dhcp.template之类的配置文件需要执行一次使其生效。
4.查看Cobbler列表
命令:cobbler list
注,列出Cobbler所有的元素。
5.删除相关列表
命令:cobbler distro/profile remove --name=要删除的引导文件名
- 删除指定 distro , 也就是镜像
- 删除指定的 profile 文件,也就是 ks
四、Cobbler 各种目录说明(注,这里只介绍重点的文件或目录 )
1.cobbler配置文件目录/etc/cobbler
|
[root@node2 cobbler]# ls /etc/cobbler/ auth.conf cobblerd.service dnsmasq.template mongodb.conf rsync.exclude users.conf cheetah_macros cobbler_web.conf import_rsync_whitelist named.template rsync.template users.digest cobbler_bash completions iso power secondary.template version cobbler.conf dhcp.template ldap pxe settings zone.template cobblerd_rotate distro_signatures.json modules.conf reporting tftpd.template zone_templates |
- /etc/cobbler/settings cobbler主配置文件
- /etc/cobbler/iso/ iso模板配置文件
- /etc/cobbler/pxe pxe模板文件
- /etc/cobbler/power 电源的配置文件
- /etc/cobbler/users.conf Web 服务授权配置文件
- /etc/cobbler/users.digest 用于web访问的用户名密码配置文件
- /etc/cobbler/dhcp.template DHCP服务的配置模板
- /etc/cobbler/dnsmasq.template DNS服务的配置模板
- /etc/cobbler/tftpd.template tftp服务的配置模板
- /etc/cobbler/modules.conf Cobbler模块配置文件
2.cobbler数据目录/var/lib/cobbler
1 2 3 4 5 6 7 |
[root@node2 cobbler]# ls /var/lib/cobbler/ config distro_signatures.json kickstarts loaders lock scripts snippets triggers web.ss [root@node2 config]# ls distros.d files.d images.d mgmtclasses.d packages.d profiles.d repos.d systems.d [root@node2 loaders]# ls COPYING.elilo COPYING.yaboot grub-x86_64.efi menu.c32 README COPYING.syslinux elilo-ia64.efi grub-x86.efi pxelinux.0 yaboot |
- /var/lib/cobbler/config/ 用于存放distros、systems、profiles等信息配置文件
- /var/lib/cobbler/triggers 用于存放用户定义的cobbler 命令
- /var/lib/cobbler/kickstarts/ 默认存放kickstart文件
- /var/lib/cobbler/loaders 存放的各种引导程序
3.镜像数据目录/var/www/cobbler
1 2 |
[root@node2 cobbler]# ls aux images ks_mirror links localmirror pub rendered repo_mirror svc |
- /var/www/cobbler/ks_mirror/ 导入的发行版系统的所有数据
- /var/www/cobbler/images/ 导入发行版的Kernel和initrd镜像用于远程网络启动
- /var/www/cobbler/repo_mirror/ yum仓库存储目录
4.日志目录 /var/log/cobbler/
1 2 3 4 5 |
[root@node2 cobbler]# ls anamon cobbler.log install.log kicklog syslog tasks [root@node2 cobbler]# cat install.log profile CentOS-5.5-x86_64 192.168.18.222 start 1384219313.49 profile CentOS-5.5-x86_64 192.168.18.222 stop 1384219512.05 |
- /var/log/cobbler/install.log 客户端的安装系统日志
- /var/log/cobbler/cobbler.log cobbler日志
下面我们来具体看一下sample.ks的内容。
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 |
[root@node2 ~]# cat /var/lib/cobbler/kickstarts/sample.ks #platform=x86, AMD64, or Intel EM64T # System authorization information auth --useshadow --enablemd5 #用户登录认证 # System bootloader configuration bootloader --location=mbr #mbr引导 # Partition clearing information clearpart --all --initlabel #默认清除所以分区 # Use text mode install text #默认以文本模式安装 # Firewall configuration firewall --enabled #防火墙默认开启 # Run the Setup Agent on first boot firstboot --disable #禁用启动代理 # System keyboard keyboard us #默认英文键盘 # System language lang en_US #默认语言英文 # Use network installation url --url=$tree #网络安装路径 # If any cobbler repo definitions were referenced in the kickstart profile, include them here. $yum_repo_stanza #默认的yum仓库 # Network information $SNIPPET('network_config') # Reboot after installation reboot #安装完成后重启 #Root password rootpw --iscrypted $default_password_crypted #密码是我们/etc/cobbler/settings设置密码 # SELinux configuration selinux --disabled #默认关闭selinux # Do not configure the X Window System skipx #默认没有安装图形界面 # System timezone timezone America/New_York #默认时区是美国/纽约 # Install OS instead of upgrade install #定义的是安装系统而不是升级系统 # Clear the Master Boot Record zerombr #默认清空所有的mbr # Allow anaconda to partition the system as needed autopart #默认自动分区 #下面就是Cobbler自定执行的一些脚本,我就不解释了。 %pre $SNIPPET('log_ks_pre') $SNIPPET('kickstart_start') $SNIPPET('pre_install_network_config') # Enable installation monitoring $SNIPPET('pre_anamon') %packages $SNIPPET('func_install_if_enabled') $SNIPPET('puppet_install_if_enabled') %post $SNIPPET('log_ks_post') # Start yum configuration $yum_config_stanza # End yum configuration $SNIPPET('post_install_kernel_options') $SNIPPET('post_install_network_config') $SNIPPET('func_register_if_enabled') $SNIPPET('puppet_register_if_enabled') $SNIPPET('download_config_files') $SNIPPET('koan_environment') $SNIPPET('redhat_register') $SNIPPET('cobbler_register') # Enable post-install boot notification $SNIPPET('post_anamon') # Start final steps $SNIPPET('kickstart_done') # End final steps |
7、 RPM 仓库管理 (根据需要自己决定吧)
相关阅读:https://fedorahosted.org/cobbler/wiki/ManageYumRepos
我们可以为cobbler 添加 RPM 仓库:
cobbler repo add --name= RHEL5.6-x86-64 --mirror= http://mirrors.163.com/centos/5/os/x86_64/
cobbler repo add --name= EPEL5.-x86-64 --mirror= http://mirrors.ustc.edu.cn/fedora/epel/5/x86_64/
同步仓库到本地:
cobbler reposync
也可以通过设置--mirror-locally=0 不下载到本地,而通过 kickstart server 去仓库下载 rpm 包。
添加计划任务,每天凌晨两点进行一次同步:
crontab -e
0 2 * * * cobbler reposync --tries=3 --no-fail
8、设置 profile 和 system (这个功能比较牛 P。需要深入研究哈)
profile可以理解为按角色进行分类。
cobbler profile add --name=webserver --distro=CentOS-5-i386 --repos=EPEL-5-i386 --kickstart=/var/lib/cobbler/kickstarts/webserver.ks
system是对待安装机器做具体设置,如设置主机名、 IP 地址、 hostname 等,这些设置根据 MAC 应用到具体机器上。
# cobbler system add --name=webserver1 --ip=192.168.0.110 --mac=00:0C:29:77:89:c7 --profile=webserver --kickstart=/var/lib/cobbler/kickstarts/webserver.ks --static=1
# cobbler system edit --name=webserver1 --dns-name=webserver1.grid.house.sina.com.cn --hostname=webserver1.grid.house.sina.com.cn
cobbler system edit --name=webserver1 --gateway=192.168.0.1 --subnet=255.255.255.0
cobbler system edit --name=webserver1 --interface=eth1 --static=0
可以通过访问http://192.168.0.2/cblr/svc/op/ks/system/webserver1 来查看真正的 kickstart 配置。
12、 Cobbler 命令说明
cobbler check - 核对当前设置是否有问题
cobbler list - 列出所有的 cobbler 元素
cobbler report - 详细的列出个元素
cobbler sync - 同步配置到 dhcp/pxe 和数据目录
cobbler reposync - 同步 yum 仓库
13、 Cobbler 配置文件说明
Cobbler配置文件存放在 /etc/cobbler 下。 /etc/cobbler/settings 为主配置文件;在 /etc/cobbler 下你还能看到 dhcp 、 dns 、 pxe 、 dnsmasq 的模板配置文件; /etc/cobbler/users.digest 为用于 web 访问的用户名密码配置文件; /etc/cobbler/modules.conf 为模块配置文件;/etc/cobbler/users.conf 为 Cobbler WebUI/Web service 授权配置文件。
Repo数据目录 /var/www/cobbler
导入的发行版,repos 镜像和 kickstart 文件都放置在 /var/www/cobbler 目录下。确保 /var 目录有足够的空间来存储这些文件。
images/ - 存储所有导入发行版的 Kernel 和 initrd 镜像用于远程网络启动
ks_mirror/ - 存储导入的发行版
repo_mirror/ - yum repos存储目录
/var/log/cobbler用于存放日志文件 /var/log/cobbler/cobbler.log
Cobbler数据目录 /var/lib/cobbler ,此目录存储和 Cobbler profiles 、 systems 、 distros 相关的配置。
configs/ - 此目录用于存储 distros 、 repos 、 systems 和 profiles 相关信息
backup/ - 备份目录
snippets/ - 用于放置一些可以在 kickstarts 导入的脚本小片段
triggers/ - 此目录用来放置一些可执行脚本
kickstarts/ - 此目录用来放置 kickstart 模板文件
与Puppet 整合进行配置管理: 这个功能后续在研究吧。先写到这里。感谢你的支持。
一个ks.cfg
- # Kickstart file automatically generated by anaconda.
- #Install OS instead of upgrade
- install
- #Use text mode install
- text
- #Use CDROM installation media
- cdrom
- lang en_US.UTF-8
- keyboard us
- #Skip the X Configuration
- skipx
- #Use network installation
- url --url=http://192.168.9.230/cobbler/ks_mirror/kerryOS-1.0-i386
- #Network information
- #network --device eth0 --bootproto static --ip 192.168.9.226 --netmask 255.255.255.0 --gateway 192.168.9.1 --nameserver 192.168.9.1 --noipv6 --onboot=yes --hostname kerry-web-001
- network --device eth0 --bootproto dhcp --noipv6 --hostname kerry-web-001
- #root -- 1q2w3e
- rootpw --iscrypted $1$n07CbCot$GP.VBeICPHj.QkJb5Y2C2.
- firewall --disabled
- #System authorization information
- authconfig --enableshadow --enablemd5
- selinux --disabled
- timezone --utc Asia/Shanghai
- #System bootloader configuration
- bootloader --location=mbr
- #Clear the Master Boot Record
- zerombr yes
- # Set the Mouse
- mouse generic3ps/2
- # The following is the partition information you requested
- # Note that any partitions you deleted are not expressed
- # here so unless you clear all partitions first, this is
- # not guaranteed to work
- #Partition clearing information
- clearpart --all --initlabel
- part /boot --fstype ext3 --size=200 --asprimary
- part / --fstype ext3 --size=10000
- part swap --size=2048
- part /data --fstype ext3 --size=1 --grow
- #--- Reboot the host after installation is done
- reboot
- %packages
- %packages
- @base
- @core
- @development-libs
- @development-tools
- @editors
- @text-internet
- keyutils
- trousers
- fipscheck
- device-mapper-multipath
- imake
- %post --nochroot
- # Mount CDROM
- mkdir -p /mnt/cdrom
- mount -r -t iso9660 /tmp/cdrom /mnt/cdrom
- cp /mnt/cdrom/ipmod /mnt/sysimage/root/ipmod > /dev/null
- umount /mnt/cdrom
- %post
- #vim syntax on
- sed -i "8 s/^/alias vi='vim'/" /root/.bashrc 2>/dev/null
- echo 'syntax on' > /root/.vimrc 2>/dev/null
- #init_ssh
- ssh_cf="/etc/ssh/sshd_config"
- sed -i -e '74 s/^/#/' -i -e '76 s/^/#/' $ssh_cf
- sed -i "s/#UseDNS yes/UseDNS no/" $ssh_cf
- #client
- sed -i -e '44 s/^/#/' -i -e '48 s/^/#/' $ssh_cf
- # Remove the ISO File translation files
- find / -name TRANS.TBL -exec rm {} \; /dev/null 2>/dev/null
- # Remove some unneeded services
- #--------------------------------------------------------------------------------
- cat << EOF
- +--------------------------------------------------------------+
- | === Welcome to Tunoff services === |
- +--------------------------------------------------------------+
- EOF
- #---------------------------------------------------------------------------------
- for i in `ls /etc/rc3.d/S*`
- do
- CURSRV=`echo $i|cut -c 15-`
- echo $CURSRV
- case $CURSRV in
- crond | irqbalance | microcode_ctl | network | random | sshd | syslog | local )
- echo "Base services, Skip!"
- ;;
- *)
- echo "change $CURSRV to off"
- chkconfig --level 235 $CURSRV off
- service $CURSRV stop
- ;;
- esac
- done
- # file descriptors
- ulimit -HSn 65535
- echo -ne "
- * soft nofile 65536
- * hard nofile 65536
- " >>/etc/security/limits.conf
- #set sysctl
- true > /etc/sysctl.conf
- cat >> /etc/sysctl.conf << EOF
- net.ipv4.ip_forward = 0
- net.ipv4.conf.default.rp_filter = 1
- net.ipv4.conf.default.accept_source_route = 0
- kernel.sysrq = 0
- kernel.core_uses_pid = 1
- net.ipv4.tcp_syncookies = 1
- kernel.msgmnb = 65536
- kernel.msgmax = 65536
- kernel.shmmax = 68719476736
- kernel.shmall = 4294967296
- net.ipv4.tcp_max_tw_buckets = 6000
- net.ipv4.tcp_sack = 1
- net.ipv4.tcp_window_scaling = 1
- net.ipv4.tcp_rmem = 4096 87380 4194304
- net.ipv4.tcp_wmem = 4096 16384 4194304
- net.core.wmem_default = 8388608
- net.core.rmem_default = 8388608
- net.core.rmem_max = 16777216
- net.core.wmem_max = 16777216
- net.core.netdev_max_backlog = 262144
- net.core.somaxconn = 262144
- net.ipv4.tcp_max_orphans = 3276800
- net.ipv4.tcp_max_syn_backlog = 262144
- net.ipv4.tcp_timestamps = 0
- net.ipv4.tcp_synack_retries = 1
- net.ipv4.tcp_syn_retries = 1
- net.ipv4.tcp_tw_recycle = 1
- net.ipv4.tcp_tw_reuse = 1
- net.ipv4.tcp_mem = 94500000 915000000 927000000
- net.ipv4.tcp_fin_timeout = 1
- net.ipv4.tcp_keepalive_time = 1200
- net.ipv4.ip_local_port_range = 1024 65535
- EOF
- /sbin/sysctl -p
- #close ctrl+alt+del
- sed -i "s/ca::ctrlaltdel:\/sbin\/shutdown -t3 -r now/#ca::ctrlaltdel:\/sbin\/shutdown -t3 -r now/" /etc/inittab
- #set purview
- chmod 600 /etc/passwd
- chmod 600 /etc/shadow
- chmod 600 /etc/group
- chmod 600 /etc/gshadow