测试环境:CentOS 6.4 64位
Cobbler是一个系统启动服务(boot server),可以通过网络启动(PXE) 的方式用来快速安装、重装物理服务器和虚拟机,支持安装不同的Linux发行版和Windows。
Cobbler是个轻量级Python程序,总共大概1.5万行代码,还可以用来管理DHCP、DNS、yum源等,Cobbler使用命令行方式管理,也提供了基于Web的界面管理工具(cobbler-web),不过命令行方式已经很方便了,实在没有必要为了web界面再添加一个web服务器。
Cobbler不在CentOS的基本源中,需要导入epel源升级软件包。当前最新版本是6-8
安装epel源
[root@centos Downloads]# wget http://dl.fedoraproject.org/pub/epel/6/x86_64/epel-release-6-8.noarch.rpm
[root@centos Downloads]# rpm -ivh epel-release-6-8.noarch.rpm
安装epel源的好处:
epel这个项目是由fedora维护的,这个源中包含很多开源软件,如nagios cacti之类的,即可以直接用yum install nagios来安装了,不过这个针对RHEL及其衍生发行版(如CentOS、Fedora)系统,Ubuntu这类的应该不行。
安装Cobbler及一些必要软件
[root@centos Downloads]# yum -y install cobbler httpd rsync tftp-server xinetd dhcp python-ctypes pykickstart cman
设置开机启动
[root@centos Downloads]# chkconfig httpd on [root@centos Downloads]# chkconfig cobblerd on [root@centos Downloads]# chkconfig dhcpd on [root@centos Downloads]# chkconfig xinetd on
关闭SELinux和iptables
# vim /etc/sysconfig/selinux
SELINUX=enforcing更改为SELINUX=disabled
关闭防火墙
service iptables stop
服务控制脚本:
[root@centos Downloads]# vim cobbler_all.sh
#!/bin/bash
case $1 in
start)
/etc/init.d/httpd start
/etc/init.d/xinetd start
/etc/init.d/dhcpd start
/etc/init.d/cobblerd start
;;
stop)
/etc/init.d/httpd stop
/etc/init.d/xinetd stop
/etc/init.d/dhcpd stop
/etc/init.d/cobblerd stop
;;
status)
/etc/init.d/httpd status
/etc/init.d/xinetd status
/etc/init.d/dhcpd status
/etc/init.d/cobblerd status
;;
sync)
cobbler sync
;;
*)
echo "Usage:./cobbler_all start|stop|status|sync"
exit 1
;;
esac[root@centos Downloads]# chmod a+x cobbler_all.sh [root@centos Downloads]# cp cobbler_all.sh /etc/init.d/cobbler_all
接下来用service来管理httpd、xinetd、dhcpd、cobblerd服务
[root@centos Downloads]# service cobbler_all status httpd (pid 2034) is running... xinetd (pid 1887) is running... dhcpd (pid 4966) is running... cobblerd (pid 2228) is running...
相关配置文件及目录:
cobbler相关配置文件: /etc/cobbler
cobbler数据存储目录: /var/www/cobbler
dhcp配置文件: /etc/dhcpd.conf
dhcp租期缓存文件: /var/lib/dhcpd/dhcpd.leases
pxe配置文件: /var/lib/tftpboot/pxelinux.cfg/default
ks模板文件: /var/lib/cobbler/kickstarts_*.ks
编辑vim /etc/cobbler/settings
[root@server1 ~]# vim /etc/cobbler/settings
next_server: 127.0.0.1 修改为:next_server: 192.168.0.45(是cobbler服务器的地址)
server: 127.0.0.1 修改为: server: 192.168.0.45(是cobbler服务器的地址)
manage_dhcp: 0 修改为 manage_dhcp: 1 (1意思就是由cobbler自动管理dhcpd)
manage_rsync: 0 修改为 manage_rsync: 1 (1意思就是由cobbler自动管理rsync)编辑/etc/xinetd.d/tftp
修改disable = no
编辑/etc/xinetd.d/rsync
修改disable = no
编辑/etc/cobbler/dhcp.template(修改DHCP模板,确保DHCP分配的地址和Cobbler在同一网段)
ddns-update-style interim;
allow booting;
allow bootp;
ignore client-updates;
set vendorclass = option vendor-class-identifier;
option pxe-system-type code 93 = unsigned integer 16;
#修改为自己网段
subnet 192.168.246.0 netmask 255.255.255.0 {
#修改为自己的路由 默认网关
option routers 192.168.246.254;
#DNS域名服务器地址
option domain-name-servers 218.85.157.99, 218.85.152.99 ;
#子网掩码
option subnet-mask 255.255.255.0;
#分配IP地址范围
range dynamic-bootp 192.168.246.1 192.168.246.250;
default-lease-time 21600;
max-lease-time 43200;
next-server $next_server;
filename "/pxelinux.0";
}启动httpd、xinetd、cobblerd、dhcpd服务(tftp、rsync服务由xinetd管理)
[root@centos Downloads]# service cobbler_all start
Starting httpd: httpd: Could not reliably determine the server's fully qualified domain name, using 218.85.148.250 for ServerName
[ OK ]
Starting xinetd: [ OK ]
Starting dhcpd: [ OK ]
Starting cobbler daemon: [ OK ]这里发现启动httpd服务的时候有个错误,
解决:
[root@centos Downloads]# vim /etc/httpd/conf/httpd.conf #在文件末尾添加 ServerName 218.85.148.250
重启httpd、xinetd、cobblerd、dhcpd服务
[root@centos Downloads]# service cobbler_all stop Stopping httpd: [ OK ] Stopping xinetd: [ OK ] Shutting down dhcpd: [ OK ] Stopping cobbler daemon: [ OK ] [root@centos Downloads]# service cobbler_all start Starting httpd: [ OK ] Starting xinetd: [ OK ] Starting dhcpd: [ OK ] Starting cobbler daemon: [ OK ] #发现都没错误了
加载部分缺失的网络boot-loaders
[root@server1 ~]# cobbler get-loaders task started: 2012-12-09_055900_get_loaders task started (id=Download Bootloader Content, time=Sun Dec 9 05:59:00 2012) downloading http://dgoodwin.fedorapeople.org/loaders/READMEto /var/lib/cobbler/loaders/README downloading http://dgoodwin.fedorapeople.org/loaders/COPYING.elilo to /var/lib/cobbler/loaders/COPYING.elilo downloading http://dgoodwin.fedorapeople.org/loaders/COPYING.yaboot to /var/lib/cobbler/loaders/COPYING.yaboot downloading http://dgoodwin.fedorapeople.org/loaders/COPYING.syslinux to /var/lib/cobbler/loaders/COPYING.syslinux downloading http://dgoodwin.fedorapeople.org/loaders/elilo-3.8-ia64.efi to /var/lib/cobbler/loaders/elilo-ia64.efi downloading http://dgoodwin.fedorapeople.org/loaders/yaboot-1.3.14-12 to /var/lib/cobbler/loaders/yaboot downloading http://dgoodwin.fedorapeople.org/loaders/pxelinux.0-3.61 to /var/lib/cobbler/loaders/pxelinux.0 downloading http://dgoodwin.fedorapeople.org/loaders/menu.c32-3.61 to /var/lib/cobbler/loaders/menu.c32 downloading http://dgoodwin.fedorapeople.org/loaders/grub-0.97-x86.efi to /var/lib/cobbler/loaders/grub-x86.efi downloading http://dgoodwin.fedorapeople.org/loaders/grub-0.97-x86_64.efi to /var/lib/cobbler/loaders/grub-x86_64.efi *** TASK COMPLETE *** <-看到这就代表成功完成
如果要部署Debian/ubuntu系统需要debmirror软件包
安装 debmirror-20090807-1.el5.noarch.rpm 前需要先安装依赖包,否则直接rpm debmirror的话会报依赖错误
yum -y install ed patch perl perl-Compress-Zlib perl-Cwd perl-Digest-MD5 \
perl-Digest-SHA1 perl-LockFile-Simple perl-libwww-perl
wget ftp://fr2.rpmfind.net/linux/epel/5/ppc/debmirror-20090807-1.el5.noarch.rpm
rpm -ivh debmirror-20090807-1.el5.noarch.rpm
修改/etc/debmirror.conf配置文件,注释掉@dists和@arches两行
... #@dists="sid"; @sections="main,main/debian-installer,contrib,non-free"; #@arches="i386"; ...
修改cobbler的默认密码(也就是安装的系统的root密码)
用 openssl 生成一串密码后加入到 cobbler 的配置文件(/etc/cobbler/settings)里,替换 default_password_crypted 字段:
[root@server1 ~]# openssl passwd -1 -salt 'thinkpad' '123456' $1$thinkpad$NIq68XbeN51UgdtXiSOAE.
# thinkpad 这个是随机的数字或字母用来干扰以免被人看到 123456为root密码
然后再次编辑/etc/cobbler/settings,把以上生成的密码替换原有的密码(下面红色部分)
default_password_crypted: "$1$thinkpad$NIq68XbeN51UgdtXiSOAE."服务重启
[root@centos Downloads]# service cobbler_all stop Stopping httpd: [ OK ] Stopping xinetd: [ OK ] Shutting down dhcpd: [ OK ] Stopping cobbler daemon: [ OK ] [root@centos Downloads]# service cobbler_all start Starting httpd: [ OK ] Starting xinetd: [ OK ] Starting dhcpd: [ OK ] Starting cobbler daemon: [ OK ]
检查Cobbler安装环境
# cobbler check
No configuration problems found. All systems go.
注意,一定要修复完全部的configuration problems,否则tftp会出现连接超时,cobbler无法通过PXE进行系统批量安装的操作。
文件同步
# cobbler sync
导入镜像文件
镜像文件会存在/var/www/cobbler/ks_mirror/ 这个目录下
mkdir -p /mnt/centos6.4 mount -o loop /root/CentOS-6.3-x86_64-bin-DVD1.iso /mnt/centos6.4
然后导入 cobbler import --path=/mnt/centos6.4 --name=centos6.4 此时耗时会比较长,会输出一大片信息,其中最后有个"*** TASK COMPLETE ***",那就说明ok了
# cobbler sync
[root@centos Downloads]# cobbler list distros: centos6.4-x86_64 profiles: centos6.4-x86_64 systems: repos: p_w_picpaths: mgmtclasses: packages: files:
注:用cobbler安装操作系统时,cobbler真正执行的kickstart文件其实不是 /var/lib/cobbler/kickstarts/default.ks,而是 /var/lib/cobbler/kickstarts/sample.ks,当然,这是在默认没有手动指定profile的情况下。
为导入的CentOS 6.4镜像文件使用新的配置文件
[root@centos Downloads]# cobbler profile edit --name=centos6.4-x86_64 --distro=centos6.4-x86_64 --kickstart=/var/lib/cobbler/kickstarts/centos6.4-x86_64.ks
name:profiles的名称 distro:distros的名称
[root@centos Downloads]# cobbler list distros: centos6.4-x86_64 profiles: centos6.4-x86_64 systems: repos: p_w_picpaths: mgmtclasses: packages: files:
/var/lib/cobbler/kickstart/centos6.4-x86_64.ks内容如下:
#platform=x86, AMD64, or Intel EM64T
# System authorization information
auth --useshadow --enablemd5
# System bootloader configuration
bootloader --location=mbr
# Partition clearing information
clearpart --all --initlabel
# Use text mode install
text
# Firewall configuration
firewall --disable
# Run the Setup Agent on first boot
firstboot --disable
# System keyboard
keyboard us
# System language
lang zh_CN.UTF-8
# Use network installation
url --url=$tree
# If any cobbler repo definitions were referenced in the kickstart profile, include them here.
$yum_repo_stanza
# Network information
$SNIPPET('network_config')
# Reboot after installation
reboot
#Root password
rootpw --iscrypted $default_password_crypted
# SELinux configuration
selinux --disabled
# Do not configure the X Window System
skipx
# System timezone
timezone Asia/Shanghai
# Install OS instead of upgrade
install
# Clear the Master Boot Record
zerombr
# Allow anaconda to partition the system as needed
# autopart
#NO LVM 这里的分区没有配置LVM
part /boot --bytes-per-inode=4096 --fstype="ext3" --size=200
part swap --bytes-per-inode=4096 --fstype="swap" --size=800
part / --bytes-per-inode=4096 --fstype="ext3" --size=5000
part /data --bytes-per-inode=4096 --fstype="ext3" --grow --size=1
#LVM Setting 这的分区有配置LVM
#part /boot --bytes-per-inode=4096 --fstype="ext3" --size=200
#part swap --bytes-per-inode=4096 --fstype="swap" --size=800
#part pv.01 --size=1 --grow
#volgroup myvg pv.01
#logvol / --vgname=myvg --size=5000 --name=rootvol --bytes-per-inode=4096 --fstype="ext3"
#logvol /data --vgname=myvg --size=1 --grow --name=datavol --bytes-per-inode=4096 --fstype="ext3"
# network configure
network --bootproto=dhcp --device=eth0 --noipv6 --onboot=on --hostname=
# network --bootproto=static --device=eth1 --ip=192.168.1.2 --netmask=255.255.255.0 --gateway=192.168.1.1 --noipv6 --onboot=on
%pre
$SNIPPET('log_ks_pre')
$SNIPPET('kickstart_start')
$SNIPPET('pre_install_network_config')
# Enable installation monitoring
$SNIPPET('pre_anamon')
%packages
#$SNIPPET('func_install_if_enabled')
#$SNIPPET('puppet_install_if_enabled')
@base
@editors
@development-libs
@development-tools
@x-software-development
@system-tools
@text-internet
@chinese-support
imake
expect
%post
$SNIPPET('log_ks_post')
# Start yum configuration
$yum_config_stanza
# End yum configuration
$SNIPPET('post_install_kernel_options')
$SNIPPET('post_install_network_config')
$SNIPPET('func_register_if_enabled')
$SNIPPET('puppet_register_if_enabled')
$SNIPPET('download_config_files')
$SNIPPET('koan_environment')
$SNIPPET('redhat_register')
$SNIPPET('cobbler_register')
# Enable post-install boot notification
$SNIPPET('post_anamon')
# Start final steps
$SNIPPET('kickstart_done')
# End final steps
%post
echo "ulimit -SHn 102400" >> /etc/rc.local
sed -i 's/HISTSIZE\=1000/HISTSIZE\=50/' /etc/profile
sed -i "s/ca::ctrlaltdel:\/sbin\/shutdown -t3 -r now/#ca::ctrlaltdel:\/sbin\/shutdown -t3 -r now/" /etc/inittab
sed -i '48,50 s/^/#/' /etc/inittab
/sbin/init q
sed -i "8 s/^/alias vi='vim'/" /root/.bashrc
cat >> /root/.vimrc << EOF
syntax on
set number
set autoindent
set shiftwidth=4
set encoding=utf-8 fileencodings=ucs-bom,utf-8,cp936
EOF
sed -i -e '74 s/^/#/' -i -e '76 s/^/#/' /etc/ssh/sshd_config
sed -i "s/#UseDNS yes/UseDNS no/" /etc/ssh/sshd_config
sed -i -e '44 s/^/#/' -i -e '48 s/^/#/' /etc/ssh/sshd_config
for i in `ls /etc/rc3.d/S*`
do
CURSRV=`echo $i|cut -c 15-`
echo $CURSRV
case $CURSRV in
crond | irqbalance | microcode_ctl | network | random | sshd | syslog | local )
echo "Base services, Skip!"
;;
*)
echo "change $CURSRV to off"
chkconfig --level 235 $CURSRV off
service $CURSRV stop
;;
esac
done
true > /etc/sysctl.conf
cat >> /etc/sysctl.conf << EOF
kernel.sysrq = 0
kernel.core_uses_pid = 1
kernel.msgmnb = 65536
kernel.msgmax = 65536
kernel.shmmax = 68719476736
kernel.shmall = 4294967296
net.core.wmem_default = 8388608
net.core.rmem_default = 8388608
net.core.rmem_max = 16777216
net.core.wmem_max = 16777216
net.core.netdev_max_backlog = 262144
net.core.somaxconn = 262144
net.ipv4.ip_forward = 0
net.ipv4.conf.default.rp_filter = 1
net.ipv4.conf.default.accept_source_route = 0
net.ipv4.tcp_syncookies = 1
net.ipv4.tcp_max_tw_buckets = 6000
net.ipv4.tcp_sack = 1
net.ipv4.tcp_window_scaling = 1
net.ipv4.tcp_rmem = 4096 87380 4194304
net.ipv4.tcp_wmem = 4096 16384 4194304
net.ipv4.tcp_max_orphans = 3276800
net.ipv4.tcp_max_syn_backlog = 262144
net.ipv4.tcp_timestamps = 0
net.ipv4.tcp_synack_retries = 1
net.ipv4.tcp_syn_retries = 1
net.ipv4.tcp_tw_recycle = 1
net.ipv4.tcp_tw_reuse = 1
net.ipv4.tcp_mem = 94500000 915000000 927000000
net.ipv4.tcp_fin_timeout = 1
net.ipv4.tcp_keepalive_time = 1200
net.ipv4.ip_local_port_range = 1024 65535
EOF
/sbin/sysctl -p部署测试
设置客户端的BIOS启动项,改为从网卡启动,即PXE。
接下来就让它自己安装。
安装完毕后,登录客户端,查看安装日志。
[root@localhost ~]# cat cobbler.ks | grep -v "#" | sed '/^$/d'
auth --useshadow --enablemd5
bootloader --location=mbr
clearpart --all --initlabel
text
firewall --enabled
firstboot --disable
keyboard us
lang en_US
url --url=http://192.168.246.22/cblr/links/centos6.4-x86_64
network --bootproto=dhcp --device=eth0 --onboot=on
reboot
rootpw --iscrypted $1$random-p$vIgDAuXog7BZbQi9H2JCA1
selinux --disabled
skipx
timezone America/New_York
install
zerombr
autopart
%pre
set -x -v
exec 1>/tmp/ks-pre.log 2>&1
while : ; do
sleep 10
if [ -d /mnt/sysp_w_picpath/root ]; then
cp /tmp/ks-pre.log /mnt/sysp_w_picpath/root/
logger "Copied %pre section log to system"
break
fi
done &
wget "http://192.168.246.22/cblr/svc/op/trig/mode/pre/profile/centos6.4-x86_64" -O /dev/null
%end
%packages
%end
%post
set -x -v
exec 1>/root/ks-post.log 2>&1
wget "http://192.168.246.22/cblr/svc/op/yum/profile/centos6.4-x86_64" --output-document=/etc/yum.repos.d/cobbler-config.repo
echo "export COBBLER_SERVER=192.168.246.22" > /etc/profile.d/
echo "setenv COBBLER_SERVER 192.168.246.22" > /etc/profile.d/cobbler.csh
wget "http://192.168.246.22/cblr/svc/op/ks/profile/centos6.4-x86_64" -O /root/cobbler.ks
wget "http://192.168.246.22/cblr/svc/op/trig/mode/post/profile/centos6.4-x86_64" -O /dev/null
%end常见错误:
较验cobbler check出错
Traceback (most recent call last):
File "/usr/bin/cobbler", line 35, in ?
sys.exit(app.main())
File "/usr/lib/python2.4/site-packages/cobbler/cli.py", line 558, in main
rc = cli.run(sys.argv)
File "/usr/lib/python2.4/site-packages/cobbler/cli.py", line 202, in run
self.token = self.remote.login("", self.shared_secret)
File "/usr/lib64/python2.4/xmlrpclib.py", line 1096, in __call__
return self.__send(self.__name, args)
File "/usr/lib64/python2.4/xmlrpclib.py", line 1383, in __request
verbose=self.__verbose
File "/usr/lib64/python2.4/xmlrpclib.py", line 1147, in request
return self._parse_response(h.getfile(), sock)
File "/usr/lib64/python2.4/xmlrpclib.py", line 1286, in _parse_response
return u.close()
File "/usr/lib64/python2.4/xmlrpclib.py", line 744, in close
raise Fault(**self._stack[0])
xmlrpclib.Fault: <Fault 1: ":'login failed'">个人测试的环境中已经有一台DHCP服务器,导致在客户端安装的时候TFTP一直连接不上
解决:
先停止同一网段内的其它DHCP服务
解决方法:
service cobblerd restart
cobbler get-loaders
参考文献:
http://my.oschina.net/alanlqc/blog/14704
http://linux5588.blog.51cto.com/65280/1085345
http://inbank2012.blog.51cto.com/6302802/12555
