cobbler实现自动安装

author：JevonWei

版权声明：原创作品

---

cobbler 配置目录

配置文件目录 /etc/cobbler
    /etc/cobbler/settings : cobbler  主配置文件
    /etc/cobbler/iso/: iso 模板配置文件
    /etc/cobbler/pxe: pxe 模板文件
    /etc/cobbler/power:  电源配置文件
    /etc/cobbler/user.conf: web 服务授权配置文件
    /etc/cobbler/users.digest: web 访问的用户名密码配置文件
    /etc/cobbler/dhcp.template : dhcp 服务器的的配置末班
    /etc/cobbler/dnsmasq.template : dns 服务器的配置模板
    /etc/cobbler/tftpd.template : tftp 服务的配置模板
    /etc/cobbler/modules.conf :  模块的配置文件
数据目录
    /var/lib/cobbler/config/:  用于存放distros，system，profiles 等信息配置文件
    /var/lib/cobbler/triggers/:  用于存放用户定义的cobbler 命令
    /var/lib/cobbler/kickstart/:  默认存放kickstart 文件
    /var/lib/cobbler/loaders/:  存放各种引导程序
镜像目录
    /var/www/cobbler/ks_mirror/:  导入的发行版系统的所有数据
    /var/www/cobbler/images/ :  导入发行版的kernel 和initrd 镜像用于远程网络启动
    /var/www/cobbler/repo_mirror/: yum  仓库存储目录
日志目录
    /var/log/cobbler/installing:  客户端安装日志
    /var/log/cobbler/cobbler.log : cobbler

配置cobbler

• cobbler需要从以下的epel源下载
  
  http://dl.fedoraproject.org/pub/epel/7/x86_64/

一、配置epel源yum仓库文件

cat service.repo
    [base]
    name=danran
    baseurl=file:///mnt
    enable=1
    gpgcheck=0

    [epel]
    name=epel
    baseurl=http://dl.fedoraproject.org/pub/epel/7/x86_64/
    gpgcheck=0

二、安装程序包并启动服务

yum -y install cobbler
yum -y install dhcp
yum -y install httpd
systemctl enable cobblerd.service
systemctl start cobblerd.service
systemctl enable dhcpd
systemctl enable tftp
systemctl start tftp
systemctl enable httpd
systemctl start httpd
systemctl enable tftp
systemctl start tftp
firewall-cmd --add-service=http --permanent
firewall-cmd --add-service=dhcp --permanent
firewall-cmd --reload   \\ 打开httpd的防火墙
setenforce 0
vim /etc/sysconfig/selinux

ss -ntlp | grep cobbler  \\查看cobbler服务的端口号
firewall-cmd --add-port=25151/tcp --permanent \\打开cobbler服务的端口号
firewall-cmd --reload

三、cobbler环境检查和配置

cobbler check  \\报错信息如下
    httpd does not appear to be running and proxying cobbler, or SELinux is in the way. Original traceback:
    Traceback (most recent call last):
        File "/usr/lib/python2.7/site-packages/cobbler/cli.py", line 251, in check_setup s.ping()
        File "/usr/lib64/python2.7/xmlrpclib.py", line 1233, in __call__
            return self.__send(self.__name, args)
        File "/usr/lib64/python2.7/xmlrpclib.py", line 1587, in __request
            verbose=self.__verbose
        File "/usr/lib64/python2.7/xmlrpclib.py", line 1273, in request return
            self.single_request(host, handler, request_body, verbose)
        File "/usr/lib64/python2.7/xmlrpclib.py", line 1301, in single_request
            self.send_content(h, request_body)
        File "/usr/lib64/python2.7/xmlrpclib.py", line 1448, in send_content
            connection.endheaders(request_body)
        File "/usr/lib64/python2.7/httplib.py", line 1013, in endheaders
            self._send_output(message_body)
        File "/usr/lib64/python2.7/httplib.py", line 864, in _send_output
            self.send(msg)
        File "/usr/lib64/python2.7/httplib.py", line 826, in send
            self.connect()
        File "/usr/lib64/python2.7/httplib.py", line 807, in connect
            self.timeout, self.source_address)
        File "/usr/lib64/python2.7/socket.py", line 571, in create_connection
            raise err
    error: [Errno 111] Connection refused

systemctl restart cobblerd.service   \\重新启动cobblerd.service
cobbler get-loaders   

cobbler check \\再次检查cobbler环境
    The following are potential configuration items that you may want to fix:

    1:The 'server' field in /etc/cobbler/settings must be set to something other than localhost, or kickstarting features will not work.  This should be a resolvable hostname or IP for the boot server as reachable by all machines that will use it.
    2:For PXE to be functional, the 'next_server' field in /etc/cobbler/settings must be set to something other than 127.0.0.1, and should match the IP of the boot server on the PXE network.
    3:SELinux is enabled. Please review the following wiki page for details on ensuring cobbler works correctly in your SELinux environment:
        https://github.com/cobbler/cobbler/wiki/Selinux
    4:change 'disable' to 'no' in /etc/xinetd.d/tftp
    5:some network boot-loaders are missing from /var/lib/cobbler/loaders, you may run 'cobbler get-loaders' to download them, or, if you only want to handle x86/x86_64 netbooting, you may ensure that you have installed a *recent* version of the syslinux package installed and can ignore this message entirely.  Files in this directory, should you want to support all architectures, should include pxelinux.0, menu.c32, elilo.efi, and yaboot. The 'cobbler get-loaders' command is the easiest way to resolve these requirements.
    6:enable and start rsyncd.service with systemctl
    7:debmirror package is not installed, it will be required to manage debian deployments and repositories
    8:The default password used by the sample templates for newly installed machines (default_password_crypted in /etc/cobbler/settings) is still set to 'cobbler' and should be changed, try: "openssl passwd -1 -salt 'random-phrase-here' 'your-password-here'" to generate new one
    9:fencing tools were not found, and are required to use the (optional) power management features. install cman or fence-agents to use them

    Restart cobblerd and then run 'cobbler sync' to apply changes.

解决报错1
vim /etc/cobbler/settings
    server: 192.168.198.131 \\383行左右
systemctl restart cobblerd.service

解决报错2(TFTP服务器)
vim /etc/cobbler/settings \\272行左右
    next_server:192.168.198.131

解决报错3(禁用selinux)
    setenforce 0
    vim /etc/sysconfig/selinux
    SELINUX=permissive

解决报错4(tftp服务开启)
    systemctl enable tftp
    systemctl start tftp
    ss -utln \\查看tftp服务的端口是否打开

解决报错5(下载boot-loaders)
    cobbler get-loaders
    cobbler sync

解决报错8(增加用户口令)
    openssl passwd -1   \\成为md5加密的口令

vim /etc/cobbler/settings
    default_password_crypted: "$1$wzkQF.fE$CHpWUkntQxo3XHZ5bRsDI." \\将openssl passwd -1生成的密码口令粘贴到此处

systemctl restart cobblerd
cobbler check

四、配置dhcp

vim /etc/cobbler/settings
    manage_dhcp: 1 \\1表示由cobbers自动配置dhcp配置文件

systemctl restart cobblerd
vim /etc/cobbler/dhcp.template\\配置相应的网段和IP范围
    subnet 192.168.198.0 netmask 255.255.255.0 {
    option subnet-mask         255.255.255.0;
     range dynamic-bootp        192.168.198.10 192.168.198.100;
    default-lease-time         21600;
    max-lease-time             43200;
    next-server                $next_server;

systemctl restart cobblerd
cobbler sync   \\同步cobber数据
cat /etc/dhcp/dhcpd.conf  \\查看dhcp的配置文件是否更改
systemctl restart dhcpd \\重启dhcp服务

五、导入系统光盘文件到cobbler

cobbler import --path=/mnt --name=centos7.3  \\centos7的光盘挂载在/mnt目录下，-name为指定光盘文件导入/vae/www/cobbler/ks_mirror后的名称
cobbler import --path=/mnt --name=centos6.9  \\将centos6.9的系统光盘文件导入到cobbler中，并存放在/vae/www/cobbler/ks_mirror

六、制作kickstart应答文件(/var/lib/cobbler/kickstarts/)

system-config-kickstart   \\制作kickstart应答文件
cp /root/centos7.cfg  /var/lib/cobbler/kickstarts/  \\或复制应答文件到指定目录下
vim /var/lib/cobbler/kickstarts/ centos7.cfg
    url --url==$tree  \\$tree意为使用cobbler本身定义的根文件路径变量

cobbler distro list   \\显示导入系统版本信息
cobbler profile list  \\显示导入系统时自动生成的应答文件
cobbler distro report --name=centos7.3-x86_64 显示指定版本的具体设置信息

cobbler profile add --name=centos7.3-custom --kickstart=/var/lib/cobbler/kickstarts/centos7.cfg --distro=centos7.3-x86_64 \\将*.cfg应答文件与系统版本关联起来，--name为关联后的ks应答文件名称，--distro指定操作系统版本
cobbler profile add --name=centos6.9-custom --kickstart=/var/lib/cobbler/kickstarts/centos7.cfg --distro=centos6.9-x86_64
 cobbler profile del --name=centos6.9-custom  \\删除centos6.9-custom的应答文件关联

cobbler profile report \\显示版本与cfg应答文件的详细信息
cobbler distro list
cobbler profile list

cat /var/lib/tftpboot/pxelinux.cfg/default   \\查看启动菜单是否自动更新

七、显示目录文件

pree /var/lib/tftpboot

八、客户端安装测试

cobbler的web管理

定义认证方法的配置文件：

/etc/cobbler/modules.conf  \\默认使用模块验证
    module = authn_configfile \\默认配置文件验证
    module = authn_pam \\使用pam模块认证

一、安装程序包

yum -y install cobbler-web.noarch
systemctl restart httpd
systemctl restart cobblerd

二、使用配置文件认证

创建cobbler用户
    htdigest -c /etc/cobbler/users.digest Cobbler danran  \\新建用户danran,添加第一个用户时，使用'-c'选项，后续添加其他用户时不需要再使用，cobbler-web的realm只能为Cobbler   

cat /etc/cobbler/users.digest  \\记录了用户的账号

三、使用pam模块认证(读取的为linux系统本身的账号)

vim /etc/cobbler/users.conf
    [admins]
    admin = "jevon"
systemctl restart cobblerd.service

四、登录管理

https://192.168.198.131/cobbler_web
键入用户名和密码登录