本节我们来讲一讲系统自动化安装工具,大家应该还记得我在在前面的内容中曾经有讲过一个跟这个类似的PXE安装环境,而本节我们要讲的这个cobbler其实就是PEX的加强版,那么下面我们就来学习下如何部署安装吧。
cobbler的介绍
cobbler是一个部署和创建系统的工具,他的主要功能就是通过一些自动化的操作来简化系统管理员的操作,他也可以使虚拟化操作变的简化;其组成部分主要包括cobbler和cobbler_web两部分。
cobbler所依赖的服务
想要组件一个cobbler环境,还得有以下几个服务
?TFTP (在安装cobbler时会自动装上一个)
?rsync(一般系统自带,只需设置开机启动)
?DHCP(可以单独安装,也可以使用dnsmasq包安装,该包同时安装了DHCP以及DNS)
?DNS(这个其实也可以不用)
cobbler框架
大多数情况不需要system,只需要distribution,repository,profile
cobbler的命令
cobbler的安装配置
注意:cobbler由epel源提供,因此安装之前必须配置好yum源
需要安装的包有:cobbler pykickstart debmirror
[[email protected] ~]# yum install cobbler
可以看到安装过程中tftp也会自动安装
安装完成之后可以看到在下面路径下会产生cobbler目录
[[email protected] ~]#ls /var/www/
cgi-bin cobbler error html icons
可以使用tree命令看下这个目录
[[email protected] ~]# tree /var/www/cobbler
启动服务
[[email protected] ~]# service httpd start
[[email protected] ~]# service cobblerd start
启动cobblerd后监听在25151
检查存在的问题
[email protected] ~]# cobbler check
The following are potential configuration items that you may want to fix: 需要修复的问题
1 : The ‘server‘ field in /etc/cobbler/settings must be set to something other than localhost, or kickstarting features will not work. This should be a resolvable hostname or IP for the boot server as reachable by all machines that will use it.
2 : For PXE to be functional, the ‘next_server‘ field in /etc/cobbler/settings must be set to something other than 127.0.0.1, and should match the IP of the boot server on the PXE network.
3 : some network boot-loaders are missing from /var/lib/cobbler/loaders, you may run ‘cobbler get-loaders‘ to download them, or, if you only want to handle x86/x86_64 netbooting, you may ensure that you have installed a *recent* version of the syslinux package installed and can ignore this message entirely. Files in this directory, should you want to support all architectures, should include pxelinux.0, menu.c32, elilo.efi, and yaboot. The ‘cobbler get-loaders‘ command is the easiest way to resolve these requirements.
4 : change ‘disable‘ to ‘no‘ in /etc/xinetd.d/rsync
5 : comment ‘dists‘ on /etc/debmirror.conf for proper debian support
6 : comment ‘arches‘ on /etc/debmirror.conf for proper debian support
7 : The default password used by the sample templates for newly installed machines (default_password_crypted in /etc/cobbler/settings) is still set to ‘cobbler‘ and should be changed, try: "openssl passwd -1 -salt ‘random-phrase-here‘ ‘your-password-here‘" to generate new one
8 : fencing tools were not found, and are required to use the (optional) power management features. install cman or fence-agents to use them
Restart cobblerd and then run ‘cobbler sync‘ to apply changes.
如上各问题的解决方法如下所示:
1、修改/etc/cobbler/settings文件中的server参数的值为提供cobbler服务的主机相应的IP地址或主机名;
2、修改/etc/cobbler/settings文件中的next_server参数的值为提供PXE服务的主机相应的IP地址;
3、如果当前节点可以访问互联网,执行“cobbler get-loaders”命令即可;否则,需要安装syslinux程序包,而后复制/usr/share/syslinux/{pxelinux.0,memu.c32}等文件至/var/lib/cobbler/loaders/目录中;
4、执行“chkconfig rsync on”命令即可;
5、注释/etc/debmirror.conf文件中的“@dists="sid";”一行;
6、注释/etc/debmirror.conf文件中的“@arches="i386";”一行;
7、执行“openssl passwd -1 -salt $(openssl rand -hex 4)”生成密码,并用其替换/etc/cobbler/settings文件中default_password_crypted参数的值;
8、执行“yum install cman fence-agents”命令安装相应的程序包即可;
接着重启cobblerd,而后执行“cobbler sync”同步新的配置至cobbler。
由于有些问题是可以忽略的,因此我们这里就给出了其中一些步骤
修改配置文件/etc/cobbler/settings
[[email protected] ~]# vim /etc/cobbler/settings
server参数
next_server参数
default_password_crypted参数
密码生成命令:openssl passwd -1 -salt ‘openssl rand -hex 4‘
安装syslinux包以及复制相应文件
由于syslinux以及安装所有这里我只需复制相应文件即可,是否安装的查看命令
[[email protected] ~]# yum list syslinux
Loaded plugins: fastestmirror, refresh-packagekit, security
Loading mirror speeds from cached hostfile
Installed Packages
syslinux.x86_64 4.02-8.el6 @base
[[email protected] ~]# cd /usr/share/syslinux/
[[email protected] syslinux]# ls
altmbr.bin cmd.c32 dmitest.c32 gptmbr.bin hdt.c32 int18.com isohdppx_c.bin linux.c32 mbr_c.bin menu.c32 pxechain.com sdi.c32 vesainfo.c32
altmbr_c.bin config.c32 dosutil gptmbr_c.bin host.c32 isohdpfx.bin isohdppx_f.bin ls.c32 mbr_f.bin pcitest.c32 pxelinux.0 sysdump.c32 vesamenu.c32
altmbr_f.bin cpuid.c32 elf.c32 gptmbr_f.bin ifcpu64.c32 isohdpfx_c.bin isolinux.bin lua.c32 memdisk pmload.c32 reboot.c32 syslinux64.exe vpdtest.c32
cat.c32 cpuidtest.c32 ethersel.c32 gpxecmd.c32 ifcpu.c32 isohdpfx_f.bin isolinux-debug.bin mboot.c32 memdump.com poweroff.com rosh.c32 syslinux.com whichsys.c32
chain.c32 disk.c32 gfxboot.c32 gpxelinux.0 ifplop.c32 isohdppx.bin kbdmap.c32 mbr.bin meminfo.c32 pwd.c32 sanboot.c32 syslinux.exe
[[email protected] syslinux]# cp -r * /var/lib/cobbler/loaders/ 复制文件
开机启动rsync
[[email protected] ~]#chkconfig rsync on
ok,其他几项暂时忽略,重启服务并同步
[[email protected] syslinux]# service cobblerd restart
Stopping cobbler daemon: [ OK ]
Starting cobbler daemon: [ OK ]
[[email protected] syslinux]# cobbler sync
配置及启动cobbler所依赖的各服务
cobbler的运行依赖于dhcp、tftp、rsync及dns服务。其中dhcp可由dhcpd(isc)提供,也可由dnsmasq提供;tftp可由tftp-server程序包提供,也可由cobbler自带的tftp功能提供;rsync由rsync程序包提供;dns可由bind提供,也可由dnsmasq提供。
安装配置dhcp
这里直接使用yum单独安装
[[email protected] ~]# yum install dhcp
安装好之后可以看下生成的文件
[[email protected] syslinux]# rpm -ql dhcp
其中/usr/share/doc/dhcp-4.1.1/dhcpd.conf.sample是一个配置示例,可以复制过来
[[email protected] syslinux]# cp /usr/share/doc/dhcp-4.1.1/dhcpd.conf.sample /etc/dhcp/dhcpd.conf
修改配置文件
[[email protected] syslinux]# vim /etc/dhcp/dhcpd.conf
# dhcpd.conf
#
# Sample configuration file for ISC dhcpd
#
# option definitions common to all supported networks...
option domain-name "mwj.com";
option domain-name-servers 172.16.6.20;
default-lease-time 600;
max-lease-time 7200;
log-facility local7;
subnet 172.16.0.0 netmask 255.255.0.0 {
range 172.16.6.100 172.16.6.120; # dhcp给定的地址段
option routers 172.16.6.20; # 路由器地址
}
next-server 172.16.6.20; # 指向tftp
filename="pxelinux.0";
配置好之后启动服务
[[email protected] ~]# service dhcpd start
Starting dhcpd: [ OK ]
dhcp监听在udp67号端口
[[email protected] syslinux]# ss -unl|grep 67
UNCONN 0 0 *:67 *:*
配置tftp服务
这里只须直接启动xinetd守护进程即可
[[email protected] ~]# chkconfig tftp on 开机启动
[[email protected] ~]# service xinetd start 启动下xinetd
tftp监听在udp69好端口
[[email protected] ~]# ss -unl|grep 69
UNCONN 0 0 *:69 *:*
配置cobbler
配置distro
这里我们使用cobbler import命令导入
来看下这个命令的使用格式
[[email protected] ~]# cobbler import --help
Usage: cobbler [options]
Options:
-h, –help show this help message and exit
--arch=ARCH OS architecture being imported
--breed=BREED the breed being imported
--os-version=OS_VERSION
the version being imported
--path=PATH local path or rsync location
--name=NAME name, ex ‘RHEL-5‘
--available-as=AVAILABLE_AS
tree is here, don‘t mirror
--kickstart=KICKSTART_FILE
assign this kickstart file
--rsync-flags=RSYNC_FLAGS
pass additional flags to rsync
这里的导入前提是光盘已经挂载
[[email protected] ~]# cobbler import --name=centos-6.5-x86_64 --path=/media/cdrom 后面的路径是光盘挂载的路径
创建的过程就是将光盘中的文件复制到这个目录下的过程,可能会比较慢需要等部件长的时间
创建好之后路径是在下面路径中
查看生成的distro
[[email protected] ks_mirror]# cobbler distro list
配置profile
我这里已经准备好了一个kickstart文件,你也可以根据自己的anaconda文件(anaconda-ks.cfg)进行修改
[[email protected] tmp]# ls
centos6.x86_64.cfg
编辑该文件
验证下是否有错误
[[email protected] tmp]# ksvalidator centos6.x86_64.cfg
没有出现错误就是最好的消息
创建profile
[[email protected] tmp]# cobbler profile add --name=centos-6.5-x86_64-basic --distro=centos-6.5-x86_64 --kickstart=/tmp/centos6.x86_64.cfg
[[email protected] tmp]# cobbler profile list
centos-6.5-x86_64 这个是创建distro的时候默认生成的
centos-6.5-x86_64-basic
创建好之后执行cobbler sync命令
ok,都好了之后我们就可以创建一个新的虚拟机进行测试了
cobbler_web
cobbler_web是一个可以配置的网络接口,通过网络远程来进行配置
直接yum安装
[[email protected] ~]# yum install cobbler-web
配置支持认证功能
[[email protected] ~]# vim /etc/cobbler/modules.conf
验证模式修改为pam
先创建一个测试用户
[[email protected] ~]# useradd cobadm
[[email protected] ~]# passwd cobadm
Changing password for user cobadm.
New password:
BAD PASSWORD: it is based on a dictionary word
BAD PASSWORD: is too simple
Retype new password:
passwd: all authentication tokens updated successfully.
修改配置文件将用户加进行
[[email protected] ~]# vim /etc/cobbler/users.conf
重启服务
[[email protected] ~]# service cobblerd restart
Stopping cobbler daemon: [ OK ]
Starting cobbler daemon: [ OK ]
[[email protected] ~]# service httpd restart
Stopping httpd: [ OK ]
Starting httpd: [ OK ]
然后看看是否能够访问了
OK,具体的配置希望大家自己去摸索吧,这里我就不再阐述了!
那么本节的内容就讲到这里,欢迎大家的批评指正,谢谢!