測試環境:CentOS 6.4 64位
Cobbler是一個系統啓動服務(boot server),可以通過網絡啓動(PXE) 的方式用來快速安裝、重裝物理服務器和虛擬機,支持安裝不同的Linux發行版和Windows。
Cobbler是個輕量級Python程序,總共大概1.5萬行代碼,還可以用來管理DHCP、DNS、yum源等,Cobbler使用命令行方式管理,也提供了基於Web的界面管理工具(cobbler-web),不過命令行方式已經很方便了,實在沒有必要爲了web界面再添加一個web服務器。
Cobbler不在CentOS的基本源中,需要導入epel源升級軟件包。當前最新版本是6-8
安裝epel源
[root@centos Downloads]# wget http://dl.fedoraproject.org/pub/epel/6/x86_64/epel-release-6-8.noarch.rpm
[root@centos Downloads]# rpm -ivh epel-release-6-8.noarch.rpm
安裝epel源的好處:
epel這個項目是由fedora維護的,這個源中包含很多開源軟件,如nagios cacti之類的,即可以直接用yum install nagios來安裝了,不過這個針對RHEL及其衍生髮行版(如CentOS、Fedora)系統,Ubuntu這類的應該不行。
安裝Cobbler及一些必要軟件
[root@centos Downloads]# yum -y install cobbler httpd rsync tftp-server xinetd dhcp python-ctypes pykickstart cman
設置開機啓動
[root@centos Downloads]# chkconfig httpd on [root@centos Downloads]# chkconfig cobblerd on [root@centos Downloads]# chkconfig dhcpd on [root@centos Downloads]# chkconfig xinetd on
關閉SELinux和iptables
# vim /etc/sysconfig/selinux
SELINUX=enforcing更改爲SELINUX=disabled
關閉防火牆
service iptables stop
服務控制腳本:
[root@centos Downloads]# vim cobbler_all.sh
#!/bin/bash
case $1 in
start)
/etc/init.d/httpd start
/etc/init.d/xinetd start
/etc/init.d/dhcpd start
/etc/init.d/cobblerd start
;;
stop)
/etc/init.d/httpd stop
/etc/init.d/xinetd stop
/etc/init.d/dhcpd stop
/etc/init.d/cobblerd stop
;;
status)
/etc/init.d/httpd status
/etc/init.d/xinetd status
/etc/init.d/dhcpd status
/etc/init.d/cobblerd status
;;
sync)
cobbler sync
;;
*)
echo "Usage:./cobbler_all start|stop|status|sync"
exit 1
;;
esac[root@centos Downloads]# chmod a+x cobbler_all.sh [root@centos Downloads]# cp cobbler_all.sh /etc/init.d/cobbler_all
接下來用service來管理httpd、xinetd、dhcpd、cobblerd服務
[root@centos Downloads]# service cobbler_all status httpd (pid 2034) is running... xinetd (pid 1887) is running... dhcpd (pid 4966) is running... cobblerd (pid 2228) is running...
相關配置文件及目錄:
cobbler相關配置文件: /etc/cobbler
cobbler數據存儲目錄: /var/www/cobbler
dhcp配置文件: /etc/dhcpd.conf
dhcp租期緩存文件: /var/lib/dhcpd/dhcpd.leases
pxe配置文件: /var/lib/tftpboot/pxelinux.cfg/default
ks模板文件: /var/lib/cobbler/kickstarts_*.ks
編輯vim /etc/cobbler/settings
[root@server1 ~]# vim /etc/cobbler/settings
next_server: 127.0.0.1 修改爲:next_server: 192.168.0.45(是cobbler服務器的地址)
server: 127.0.0.1 修改爲: server: 192.168.0.45(是cobbler服務器的地址)
manage_dhcp: 0 修改爲 manage_dhcp: 1 (1意思就是由cobbler自動管理dhcpd)
manage_rsync: 0 修改爲 manage_rsync: 1 (1意思就是由cobbler自動管理rsync)編輯/etc/xinetd.d/tftp
修改disable = no
編輯/etc/xinetd.d/rsync
修改disable = no
編輯/etc/cobbler/dhcp.template(修改DHCP模板,確保DHCP分配的地址和Cobbler在同一網段)
ddns-update-style interim;
allow booting;
allow bootp;
ignore client-updates;
set vendorclass = option vendor-class-identifier;
option pxe-system-type code 93 = unsigned integer 16;
#修改爲自己網段
subnet 192.168.246.0 netmask 255.255.255.0 {
#修改爲自己的路由 默認網關
option routers 192.168.246.254;
#DNS域名服務器地址
option domain-name-servers 218.85.157.99, 218.85.152.99 ;
#子網掩碼
option subnet-mask 255.255.255.0;
#分配IP地址範圍
range dynamic-bootp 192.168.246.1 192.168.246.250;
default-lease-time 21600;
max-lease-time 43200;
next-server $next_server;
filename "/pxelinux.0";
}啓動httpd、xinetd、cobblerd、dhcpd服務(tftp、rsync服務由xinetd管理)
[root@centos Downloads]# service cobbler_all start
Starting httpd: httpd: Could not reliably determine the server's fully qualified domain name, using 218.85.148.250 for ServerName
[ OK ]
Starting xinetd: [ OK ]
Starting dhcpd: [ OK ]
Starting cobbler daemon: [ OK ]這裏發現啓動httpd服務的時候有個錯誤,
解決:
[root@centos Downloads]# vim /etc/httpd/conf/httpd.conf #在文件末尾添加 ServerName 218.85.148.250
重啓httpd、xinetd、cobblerd、dhcpd服務
[root@centos Downloads]# service cobbler_all stop Stopping httpd: [ OK ] Stopping xinetd: [ OK ] Shutting down dhcpd: [ OK ] Stopping cobbler daemon: [ OK ] [root@centos Downloads]# service cobbler_all start Starting httpd: [ OK ] Starting xinetd: [ OK ] Starting dhcpd: [ OK ] Starting cobbler daemon: [ OK ] #發現都沒錯誤了
加載部分缺失的網絡boot-loaders
[root@server1 ~]# cobbler get-loaders task started: 2012-12-09_055900_get_loaders task started (id=Download Bootloader Content, time=Sun Dec 9 05:59:00 2012) downloading http://dgoodwin.fedorapeople.org/loaders/READMEto /var/lib/cobbler/loaders/README downloading http://dgoodwin.fedorapeople.org/loaders/COPYING.elilo to /var/lib/cobbler/loaders/COPYING.elilo downloading http://dgoodwin.fedorapeople.org/loaders/COPYING.yaboot to /var/lib/cobbler/loaders/COPYING.yaboot downloading http://dgoodwin.fedorapeople.org/loaders/COPYING.syslinux to /var/lib/cobbler/loaders/COPYING.syslinux downloading http://dgoodwin.fedorapeople.org/loaders/elilo-3.8-ia64.efi to /var/lib/cobbler/loaders/elilo-ia64.efi downloading http://dgoodwin.fedorapeople.org/loaders/yaboot-1.3.14-12 to /var/lib/cobbler/loaders/yaboot downloading http://dgoodwin.fedorapeople.org/loaders/pxelinux.0-3.61 to /var/lib/cobbler/loaders/pxelinux.0 downloading http://dgoodwin.fedorapeople.org/loaders/menu.c32-3.61 to /var/lib/cobbler/loaders/menu.c32 downloading http://dgoodwin.fedorapeople.org/loaders/grub-0.97-x86.efi to /var/lib/cobbler/loaders/grub-x86.efi downloading http://dgoodwin.fedorapeople.org/loaders/grub-0.97-x86_64.efi to /var/lib/cobbler/loaders/grub-x86_64.efi *** TASK COMPLETE *** <-看到這就代表成功完成
如果要部署Debian/ubuntu系統需要debmirror軟件包
安裝 debmirror-20090807-1.el5.noarch.rpm 前需要先安裝依賴包,否則直接rpm debmirror的話會報依賴錯誤
yum -y install ed patch perl perl-Compress-Zlib perl-Cwd perl-Digest-MD5 \
perl-Digest-SHA1 perl-LockFile-Simple perl-libwww-perl
wget ftp://fr2.rpmfind.net/linux/epel/5/ppc/debmirror-20090807-1.el5.noarch.rpm
rpm -ivh debmirror-20090807-1.el5.noarch.rpm
修改/etc/debmirror.conf配置文件,註釋掉@dists和@arches兩行
... #@dists="sid"; @sections="main,main/debian-installer,contrib,non-free"; #@arches="i386"; ...
修改cobbler的默認密碼(也就是安裝的系統的root密碼)
用 openssl 生成一串密碼後加入到 cobbler 的配置文件(/etc/cobbler/settings)裏,替換 default_password_crypted 字段:
[root@server1 ~]# openssl passwd -1 -salt 'thinkpad' '123456' $1$thinkpad$NIq68XbeN51UgdtXiSOAE.
# thinkpad 這個是隨機的數字或字母用來干擾以免被人看到 123456爲root密碼
然後再次編輯/etc/cobbler/settings,把以上生成的密碼替換原有的密碼(下面紅色部分)
default_password_crypted: "$1$thinkpad$NIq68XbeN51UgdtXiSOAE."服務重啓
[root@centos Downloads]# service cobbler_all stop Stopping httpd: [ OK ] Stopping xinetd: [ OK ] Shutting down dhcpd: [ OK ] Stopping cobbler daemon: [ OK ] [root@centos Downloads]# service cobbler_all start Starting httpd: [ OK ] Starting xinetd: [ OK ] Starting dhcpd: [ OK ] Starting cobbler daemon: [ OK ]
檢查Cobbler安裝環境
# cobbler check
No configuration problems found. All systems go.
注意,一定要修復完全部的configuration problems,否則tftp會出現連接超時,cobbler無法通過PXE進行系統批量安裝的操作。
文件同步
# cobbler sync
導入鏡像文件
鏡像文件會存在/var/www/cobbler/ks_mirror/ 這個目錄下
mkdir -p /mnt/centos6.4 mount -o loop /root/CentOS-6.3-x86_64-bin-DVD1.iso /mnt/centos6.4
然後導入 cobbler import --path=/mnt/centos6.4 --name=centos6.4 此時耗時會比較長,會輸出一大片信息,其中最後有個"*** TASK COMPLETE ***",那就說明ok了
# cobbler sync
[root@centos Downloads]# cobbler list distros: centos6.4-x86_64 profiles: centos6.4-x86_64 systems: repos: images: mgmtclasses: packages: files:
注:用cobbler安裝操作系統時,cobbler真正執行的kickstart文件其實不是 /var/lib/cobbler/kickstarts/default.ks,而是 /var/lib/cobbler/kickstarts/sample.ks,當然,這是在默認沒有手動指定profile的情況下。
爲導入的CentOS 6.4鏡像文件使用新的配置文件
[root@centos Downloads]# cobbler profile edit --name=centos6.4-x86_64 --distro=centos6.4-x86_64 --kickstart=/var/lib/cobbler/kickstarts/centos6.4-x86_64.ks
name:profiles的名稱 distro:distros的名稱
[root@centos Downloads]# cobbler list distros: centos6.4-x86_64 profiles: centos6.4-x86_64 systems: repos: images: mgmtclasses: packages: files:
/var/lib/cobbler/kickstart/centos6.4-x86_64.ks內容如下:
#platform=x86, AMD64, or Intel EM64T
# System authorization information
auth --useshadow --enablemd5
# System bootloader configuration
bootloader --location=mbr
# Partition clearing information
clearpart --all --initlabel
# Use text mode install
text
# Firewall configuration
firewall --disable
# Run the Setup Agent on first boot
firstboot --disable
# System keyboard
keyboard us
# System language
lang zh_CN.UTF-8
# Use network installation
url --url=$tree
# If any cobbler repo definitions were referenced in the kickstart profile, include them here.
$yum_repo_stanza
# Network information
$SNIPPET('network_config')
# Reboot after installation
reboot
#Root password
rootpw --iscrypted $default_password_crypted
# SELinux configuration
selinux --disabled
# Do not configure the X Window System
skipx
# System timezone
timezone Asia/Shanghai
# Install OS instead of upgrade
install
# Clear the Master Boot Record
zerombr
# Allow anaconda to partition the system as needed
# autopart
#NO LVM 這裏的分區沒有配置LVM
part /boot --bytes-per-inode=4096 --fstype="ext3" --size=200
part swap --bytes-per-inode=4096 --fstype="swap" --size=800
part / --bytes-per-inode=4096 --fstype="ext3" --size=5000
part /data --bytes-per-inode=4096 --fstype="ext3" --grow --size=1
#LVM Setting 這的分區有配置LVM
#part /boot --bytes-per-inode=4096 --fstype="ext3" --size=200
#part swap --bytes-per-inode=4096 --fstype="swap" --size=800
#part pv.01 --size=1 --grow
#volgroup myvg pv.01
#logvol / --vgname=myvg --size=5000 --name=rootvol --bytes-per-inode=4096 --fstype="ext3"
#logvol /data --vgname=myvg --size=1 --grow --name=datavol --bytes-per-inode=4096 --fstype="ext3"
# network configure
network --bootproto=dhcp --device=eth0 --noipv6 --onboot=on --hostname=test.com
# network --bootproto=static --device=eth1 --ip=192.168.1.2 --netmask=255.255.255.0 --gateway=192.168.1.1 --noipv6 --onboot=on
%pre
$SNIPPET('log_ks_pre')
$SNIPPET('kickstart_start')
$SNIPPET('pre_install_network_config')
# Enable installation monitoring
$SNIPPET('pre_anamon')
%packages
#$SNIPPET('func_install_if_enabled')
#$SNIPPET('puppet_install_if_enabled')
@base
@editors
@development-libs
@development-tools
@x-software-development
@system-tools
@text-internet
@chinese-support
imake
expect
%post
$SNIPPET('log_ks_post')
# Start yum configuration
$yum_config_stanza
# End yum configuration
$SNIPPET('post_install_kernel_options')
$SNIPPET('post_install_network_config')
$SNIPPET('func_register_if_enabled')
$SNIPPET('puppet_register_if_enabled')
$SNIPPET('download_config_files')
$SNIPPET('koan_environment')
$SNIPPET('redhat_register')
$SNIPPET('cobbler_register')
# Enable post-install boot notification
$SNIPPET('post_anamon')
# Start final steps
$SNIPPET('kickstart_done')
# End final steps
%post
echo "ulimit -SHn 102400" >> /etc/rc.local
sed -i 's/HISTSIZE\=1000/HISTSIZE\=50/' /etc/profile
sed -i "s/ca::ctrlaltdel:\/sbin\/shutdown -t3 -r now/#ca::ctrlaltdel:\/sbin\/shutdown -t3 -r now/" /etc/inittab
sed -i '48,50 s/^/#/' /etc/inittab
/sbin/init q
sed -i "8 s/^/alias vi='vim'/" /root/.bashrc
cat >> /root/.vimrc << EOF
syntax on
set number
set autoindent
set shiftwidth=4
set encoding=utf-8 fileencodings=ucs-bom,utf-8,cp936
EOF
sed -i -e '74 s/^/#/' -i -e '76 s/^/#/' /etc/ssh/sshd_config
sed -i "s/#UseDNS yes/UseDNS no/" /etc/ssh/sshd_config
sed -i -e '44 s/^/#/' -i -e '48 s/^/#/' /etc/ssh/sshd_config
for i in `ls /etc/rc3.d/S*`
do
CURSRV=`echo $i|cut -c 15-`
echo $CURSRV
case $CURSRV in
crond | irqbalance | microcode_ctl | network | random | sshd | syslog | local )
echo "Base services, Skip!"
;;
*)
echo "change $CURSRV to off"
chkconfig --level 235 $CURSRV off
service $CURSRV stop
;;
esac
done
true > /etc/sysctl.conf
cat >> /etc/sysctl.conf << EOF
kernel.sysrq = 0
kernel.core_uses_pid = 1
kernel.msgmnb = 65536
kernel.msgmax = 65536
kernel.shmmax = 68719476736
kernel.shmall = 4294967296
net.core.wmem_default = 8388608
net.core.rmem_default = 8388608
net.core.rmem_max = 16777216
net.core.wmem_max = 16777216
net.core.netdev_max_backlog = 262144
net.core.somaxconn = 262144
net.ipv4.ip_forward = 0
net.ipv4.conf.default.rp_filter = 1
net.ipv4.conf.default.accept_source_route = 0
net.ipv4.tcp_syncookies = 1
net.ipv4.tcp_max_tw_buckets = 6000
net.ipv4.tcp_sack = 1
net.ipv4.tcp_window_scaling = 1
net.ipv4.tcp_rmem = 4096 87380 4194304
net.ipv4.tcp_wmem = 4096 16384 4194304
net.ipv4.tcp_max_orphans = 3276800
net.ipv4.tcp_max_syn_backlog = 262144
net.ipv4.tcp_timestamps = 0
net.ipv4.tcp_synack_retries = 1
net.ipv4.tcp_syn_retries = 1
net.ipv4.tcp_tw_recycle = 1
net.ipv4.tcp_tw_reuse = 1
net.ipv4.tcp_mem = 94500000 915000000 927000000
net.ipv4.tcp_fin_timeout = 1
net.ipv4.tcp_keepalive_time = 1200
net.ipv4.ip_local_port_range = 1024 65535
EOF
/sbin/sysctl -p部署測試
設置客戶端的BIOS啓動項,改爲從網卡啓動,即PXE。
接下來就讓它自己安裝。
安裝完畢後,登錄客戶端,查看安裝日誌。
[root@localhost ~]# cat cobbler.ks | grep -v "#" | sed '/^$/d'
auth --useshadow --enablemd5
bootloader --location=mbr
clearpart --all --initlabel
text
firewall --enabled
firstboot --disable
keyboard us
lang en_US
url --url=http://192.168.246.22/cblr/links/centos6.4-x86_64
network --bootproto=dhcp --device=eth0 --onboot=on
reboot
rootpw --iscrypted $1$random-p$vIgDAuXog7BZbQi9H2JCA1
selinux --disabled
skipx
timezone America/New_York
install
zerombr
autopart
%pre
set -x -v
exec 1>/tmp/ks-pre.log 2>&1
while : ; do
sleep 10
if [ -d /mnt/sysimage/root ]; then
cp /tmp/ks-pre.log /mnt/sysimage/root/
logger "Copied %pre section log to system"
break
fi
done &
wget "http://192.168.246.22/cblr/svc/op/trig/mode/pre/profile/centos6.4-x86_64" -O /dev/null
%end
%packages
%end
%post
set -x -v
exec 1>/root/ks-post.log 2>&1
wget "http://192.168.246.22/cblr/svc/op/yum/profile/centos6.4-x86_64" --output-document=/etc/yum.repos.d/cobbler-config.repo
echo "export COBBLER_SERVER=192.168.246.22" > /etc/profile.d/cobbler.sh
echo "setenv COBBLER_SERVER 192.168.246.22" > /etc/profile.d/cobbler.csh
wget "http://192.168.246.22/cblr/svc/op/ks/profile/centos6.4-x86_64" -O /root/cobbler.ks
wget "http://192.168.246.22/cblr/svc/op/trig/mode/post/profile/centos6.4-x86_64" -O /dev/null
%end常見錯誤:
較驗cobbler check出錯
Traceback (most recent call last):
File "/usr/bin/cobbler", line 35, in ?
sys.exit(app.main())
File "/usr/lib/python2.4/site-packages/cobbler/cli.py", line 558, in main
rc = cli.run(sys.argv)
File "/usr/lib/python2.4/site-packages/cobbler/cli.py", line 202, in run
self.token = self.remote.login("", self.shared_secret)
File "/usr/lib64/python2.4/xmlrpclib.py", line 1096, in __call__
return self.__send(self.__name, args)
File "/usr/lib64/python2.4/xmlrpclib.py", line 1383, in __request
verbose=self.__verbose
File "/usr/lib64/python2.4/xmlrpclib.py", line 1147, in request
return self._parse_response(h.getfile(), sock)
File "/usr/lib64/python2.4/xmlrpclib.py", line 1286, in _parse_response
return u.close()
File "/usr/lib64/python2.4/xmlrpclib.py", line 744, in close
raise Fault(**self._stack[0])
xmlrpclib.Fault: <Fault 1: "cobbler.cexceptions.CX:'login failed'">個人測試的環境中已經有一臺DHCP服務器,導致在客戶端安裝的時候TFTP一直連接不上
解決:
先停止同一網段內的其它DHCP服務
解決方法:
service cobblerd restart
cobbler get-loaders
參考文獻:
http://my.oschina.net/alanlqc/blog/14704
http://linux5588.blog.51cto.com/65280/1085345
http://inbank2012.blog.51cto.com/6302802/12555