Nov 012013
 

以前整理的cobbler的安装文档,今天看来,其实问题不少,这次我就重新整理一遍,这次文档和以前主要区别是

  1. iptables打开端口,而不是关闭iptables,显得更加正规
  2. dns和dhcp的管理采用dnsmasq,这样更加简化
  3. 不考虑ubuntu,这样让文档更加简单。一篇文档就可以完成全部设置

参考文档:http://terrarum.net/administration/centos-6-cobbler-server.html

2014年1月17日:把文档更新了一下,在centos6.5进行重新安装,基本可以确保文档没有任何的错误,尤其在iptables的地方,已经反复测试。发现文档有一个地方遗漏,导致无法管理dhcp,比较惭愧。

2014年2月28日:更新了ks文件,把密钥注入的功能补上。这基本就是我目前使用的全部功能。关于对cobbler web的定制,我也让同事把所有的修改放到github上。https://github.com/niuzhenguo/cobbler_enhance

    初始化设置

    1. CentOS6.5,最小化安装,分区的时候,自己需要调整。
    2. 设置机器的hostname和FQDN名字,这是习惯,不是必须。http://www.chenshake.com/linux-foundation-set-fqdn-hostname/
    3. 设置使用源和epel源 http://mirrors.ustc.edu.cn/
    4. 关闭selinux http://www.chenshake.com/linux-foundation-closing-selnux/
    5. 设置网络,使用静态IP。

    我的eth0是内网,eth1,连接外网. 我需要设置iptable,实现NAT功能。

    /etc/sysconfig/network-scripts/ifcfg-eth0

    # cat /etc/sysconfig/network-scripts/ifcfg-eth0
    DEVICE=eth0
    TYPE=Ethernet
    ONBOOT=yes
    BOOTPROTO=static
    IPADDR=172.28.0.1
    NETMASK=255.255.0.0

     

    /etc/sysconfig/network-scripts/ifcfg-eth1

    # cat /etc/sysconfig/network-scripts/ifcfg-eth1
    DEVICE=eth1
    TYPE=Ethernet
    ONBOOT=yes
    BOOTPROTO=static
    IPADDR=172.31.114.28
    NETMASK=255.255.255.0
    GATEWAY=172.31.114.1
    DNS1=114.114.114.114
    DEFROUTE=yes

     

    安装Cobbler

    直接运行下面命令,把所有需要的包都装上

    yum -y install cman tftp-server cobbler cobbler-web pykickstart debmirror dnsmasq

    打开服务需要使用的端口,并且设置NAT

    • udp 69 tftp
    • udp 53  dns
    • tcp 80 443 web
    • dhcp 67.68

    设置iptables,直接修改/etc/sysconfig/iptables, 我的环境是eth0是内网,eth1是公网。照下面的例子,就可以实现nat上网。

    # Generated by iptables-save v1.4.7 on Fri Jan 17 08:14:40 2014
    *nat
    :PREROUTING ACCEPT [11:704]
    :POSTROUTING ACCEPT [0:0]
    :OUTPUT ACCEPT [0:0]
    -A POSTROUTING -s 172.18.0.0/16 -o eth1 -j MASQUERADE
    COMMIT
    # Completed on Fri Jan 17 08:14:40 2014
    # Generated by iptables-save v1.4.7 on Fri Jan 17 08:14:40 2014
    *filter
    :INPUT ACCEPT [0:0]
    :FORWARD ACCEPT [0:0]
    :OUTPUT ACCEPT [135:14768]
    -A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT
    -A INPUT -p icmp -j ACCEPT
    -A INPUT -i lo -j ACCEPT
    -A INPUT -p tcp -m state --state NEW -m tcp --dport 22 -j ACCEPT
    -A INPUT -p tcp -m state --state NEW -m tcp --dport 80 -j ACCEPT
    -A INPUT -p tcp -m state --state NEW -m tcp --dport 443 -j ACCEPT
    -A INPUT -p udp -m state --state NEW -m udp --dport 53 -j ACCEPT
    -A INPUT -p tcp -m state --state NEW -m tcp --dport 1194 -j ACCEPT
    -A INPUT -p udp -m state --state NEW -m udp --dport 69 -j ACCEPT
    -A INPUT -p udp -m state --state NEW -m udp --dport 67 -j ACCEPT
    -A INPUT -p udp -m state --state NEW -m udp --dport 68 -j ACCEPT
    -A INPUT -p udp -m state --state NEW -m udp --dport 123 -j ACCEPT
    -A INPUT -p udp -m state --state NEW -m udp --dport 25151 -j ACCEPT
    -A INPUT -p tcp -m state --state NEW -m tcp --dport 25151 -j ACCEPT
    -A INPUT -j REJECT --reject-with icmp-host-prohibited
    #-A FORWARD -j REJECT --reject-with icmp-host-prohibited
    COMMIT
    # Completed on Fri Jan 17 08:14:40 2014

     

    IP转发

    echo 1 > /proc/sys/net/ipv4/ip_forward
    sed -i 's/net.ipv4.ip_forward = 0/net.ipv4.ip_forward = 1/' /etc/sysctl.conf

    重启iptables服务就可以。这个时候,你应该就可以NAT可以上网。

    启动相关服务

    chkconfig httpd on 
    chkconfig cobblerd on
    chkconfig dnsmasq on
    /etc/init.d/httpd restart
    /etc/init.d/cobblerd restart
    /etc/init.d/dnsmasq restart

     

    配置Cobbler

    tftp服务和rsync服务

    sed -i '/disable/c\\tdisable\t\t\t= no' /etc/xinetd.d/tftp
    sed -i -e 's/\=\ yes/\=\ no/g' /etc/xinetd.d/rsync 
    service xinetd restart

    启动菜单

    cobbler get-loaders

     

    web登陆认证

    sed -i 's/authn_denyall/authn_configfile/g' /etc/cobbler/modules.conf

     

    设置cobbler  web登陆,用户登陆密码

    htdigest /etc/cobbler/users.digest "Cobbler" cobbler

     

    设置debmirror

    sed -i -e 's|@dists=.*|#@dists=|'  /etc/debmirror.conf
    sed -i -e 's|@arches=.*|#@arches=|'  /etc/debmirror.conf

     

    编辑dnsmasq.template 模板

    这是重点

    cat /etc/cobbler/dnsmasq.template 
    # Cobbler generated configuration file for dnsmasq
    # $date 
    #
    
    # resolve.conf .. ?
    #no-poll
    #enable-dbus
    read-ethers
    addn-hosts = /var/lib/cobbler/cobbler_hosts
    
    #dhcp-range=192.168.1.5,192.168.1.200
    dhcp-range=172.28.1.10,172.28.1.250
    dhcp-ignore=tag:!known
    dhcp-ignore=#known
    no-dhcp-interface=eth1
    server=114.114.114.114
    dhcp-option=3,$next_server
    dhcp-lease-max=1000
    dhcp-authoritative
    dhcp-boot=pxelinux.0
    dhcp-boot=net:normalarch,pxelinux.0
    dhcp-boot=net:ia64,$elilo
    
    $insert_cobbler_system_definitions

     

    dhcp-ignore,这个参数是为了如果不是我运行的mac地址,就忽略掉。http://www.ibm.com/developerworks/linux/library/l-cobbler/

    设置模块

    /etc/cobbler/modules.conf

    让cobbler去管理dnsmasq。默认他是使用bind管理dns,isc实现dhcp。

    [dns]
    #module = manage_bind
    module = manage_dnsmasq
    
    [dhcp]
    #module = manage_isc
    module = manage_dnsmasq

     

    动态更新设置

    对于Cobbler2.4来说,有一个重要的功能,就是让你可以不需要手工去编辑setting配置文件,直接使用命令去修改,默认这个功能是不启用,你需要启用。

    cd /etc/cobbler/
    cp settings settings.save
    sed -i 's/^[[:space:]]\+/ /' /etc/cobbler/settings
    sed -i 's/allow_dynamic_settings: 0/allow_dynamic_settings: 1/g' /etc/cobbler/settings

     

    重启cobbler服务

    /etc/init.d/cobblerd restart

    这个时候,你就可以通过命令行来编辑配置

    cobbler setting report
    cobbler setting report [--name=option]

    系统的默认设置

    # cobbler setting report
    allow_duplicate_hostnames               : 0
    allow_duplicate_ips                     : 0
    allow_duplicate_macs                    : 0
    allow_dynamic_settings                  : 1
    anamon_enabled                          : 0
    authn_pam_service                       : login
    bind_chroot_path                        : 
    bind_master                             : 127.0.0.1
    build_reporting_email                   : ['root@localhost']
    build_reporting_enabled                 : 0
    build_reporting_sender                  : 
    build_reporting_smtp_server             : localhost
    build_reporting_subject                 : 
    build_reporting_to_address              : 
    buildisodir                             : /var/cache/cobbler/buildiso
    cheetah_import_whitelist                : ['random', 're', 'time']
    client_use_https                        : 0
    client_use_localhost                    : 0
    cobbler_master                          : 
    consoles                                : /var/consoles
    createrepo_flags                        : -c cache -s sha
    default_deployment_method               : ssh
    default_kickstart                       : /var/lib/cobbler/kickstarts/default.ks
    default_name_servers                    : []
    default_name_servers_search             : []
    default_ownership                       : ['admin']
    default_password_crypted                : $1$mF86/UHC$WvcIcX2t6crBz2onWxyac.
    default_template_type                   : cheetah
    default_virt_bridge                     : xenbr0
    default_virt_disk_driver                : raw
    default_virt_file_size                  : 5
    default_virt_ram                        : 512
    default_virt_type                       : xenpv
    enable_gpxe                             : 0
    enable_menu                             : 1
    func_auto_setup                         : 0
    func_master                             : overlord.example.org
    http_port                               : 80
    isc_set_host_name                       : 0
    iso_template_dir                        : /etc/cobbler/iso
    kerberos_realm                          : EXAMPLE.COM
    kernel_options                          : {'ksdevice': 'bootif', 'lang': ' ', 'text': '~'}
    kernel_options_s390x                    : {'vnc': '~', 'ip': False, 'RUNKS': 1, 'ramdisk_size': 40000, 'ro': '~', 'root': '/dev/ram0'}
    ldap_anonymous_bind                     : 1
    ldap_base_dn                            : DC=example,DC=com
    ldap_management_default_type            : authconfig
    ldap_port                               : 389
    ldap_search_bind_dn                     : 
    ldap_search_passwd                      : 
    ldap_search_prefix                      : uid=
    ldap_server                             : ldap.example.com
    ldap_tls                                : 1
    ldap_tls_cacertfile                     : 
    ldap_tls_certfile                       : 
    ldap_tls_keyfile                        : 
    manage_dhcp                             : 0
    manage_dns                              : 0
    manage_forward_zones                    : []
    manage_reverse_zones                    : []
    manage_rsync                            : 0
    manage_tftp                             : 1
    manage_tftpd                            : 1
    mgmt_classes                            : []
    mgmt_parameters                         : {'from_cobbler': 1}
    next_server                             : 127.0.0.1
    power_management_default_type           : ipmitool
    power_template_dir                      : /etc/cobbler/power
    puppet_auto_setup                       : 0
    puppet_parameterized_classes            : 1
    puppet_server                           : puppet
    puppet_version                          : 2
    puppetca_path                           : /usr/bin/puppet
    pxe_just_once                           : 0
    pxe_template_dir                        : /etc/cobbler/pxe
    redhat_management_key                   : 
    redhat_management_permissive            : 0
    redhat_management_server                : xmlrpc.rhn.redhat.com
    redhat_management_type                  : off
    register_new_installs                   : 0
    remove_old_puppet_certs_automatically   : 0
    replicate_repo_rsync_options            : -avzH
    replicate_rsync_options                 : -avzH
    reposync_flags                          : -l -n -d
    restart_dhcp                            : 1
    restart_dns                             : 1
    restart_xinetd                          : 1
    run_install_triggers                    : 1
    scm_track_enabled                       : 0
    scm_track_mode                          : git
    serializer_pretty_json                  : 0
    server                                  : 127.0.0.1
    sign_puppet_certs_automatically         : 0
    signature_path                          : /var/lib/cobbler/distro_signatures.json
    signature_url                           : http://www.cobblerd.org/signatures/latest.json
    snippetsdir                             : /var/lib/cobbler/snippets
    template_remote_kickstarts              : 0
    virt_auto_boot                          : 1
    webdir                                  : /var/www/cobbler
    xmlrpc_port                             : 25151
    yum_distro_priority                     : 1
    yum_post_install_mirror                 : 1
    yumdownloader_flags                     : --resolve

     

    查看所有可编辑的参数

    cobbler setting edit --name=option --value=value

     

    修改seting文件

    cobbler登陆服务器地址

    cobbler setting edit --name=server --value=172.28.0.1

    ks脚本关闭pxe,这样就不会重复安装

    cobbler setting edit --name=pxe_just_once --value=1

    TFTP服务器 IP地址

    cobbler setting edit --name=next_server --value=172.28.0.1

    cobbler管理rsync,dhcp,dns

    cobbler setting edit --name=manage_rsync --value=1
    cobbler setting edit --name=manage_dhcp --value=1
    cobbler setting edit --name=manage_dns --value=1

     

    设置root默认密码

    这个设置只针对centos有效。我默认的root密码是:root123

    openssl passwd -1 -salt 'random-phrase-here' 'root123'
    $1$random-p$99lAzJZEl9uunSaThe9oM0

     

    修改配置

    这个地方不能用命令修改,应该是bug

    #default_password_crypted: $1$mF86/UHC$WvcIcX2t6crBz2onWxyac.
    default_password_crypted: $1$random-p$99lAzJZEl9uunSaThe9oM0

     

    设置apache目录访问

    # cat /etc/httpd/conf.d/welcome.conf
    <LocationMatch "^/+$">
     Options Indexes FollowSymLinks
        Order allow,deny
        Allow from all
    </LocationMatch>

     

    添加repo

    cobbler repo add --mirror=http://mirrors.ustc.edu.cn/epel/6/x86_64/ \
    --name=epel6-x86_64 --arch=x86_64 --breed=yum
    cobbler repo add --mirror=http://mirrors.ustc.edu.cn/epel/testing/6/x86_64/ \
    --name=epel6-x86_64-testing --arch=x86_64 --breed=yum
    cobbler repo add --name=Centos6-UPDATES \
    --mirror=http://mirrors.ustc.edu.cn/centos/6/updates/x86_64/ --arch=x86_64 --breed=yum

    导入iso

    这里目前的版本有一个bug,在导入iso前需要修正一下。目前cobbler官方已经修正。

    编辑

    /usr/lib/python2.6/site-packages/cobbler/modules/manage_import_signatures.py ,507行,添加一行

     for distro in distros_added:
                    if distro.kernel.find("ks_mirror") != -1:
                        repo_adder(distro)
                        self.distros.add(distro, save=True)
                    else:
                        self.logger.info("skipping distro %s since it isn't mirrored locally" % distro.name)

    self.distros.add(distro, save=True)  这行是添加上去的。

    DVD1

    把centos 6.5两个iso上传到 /var/www/html/iso目录下。

    mount -t auto -o loop /var/www/html/iso/CentOS-6.5-x86_64-bin-DVD1.iso /mnt
    cobbler import --path=/mnt --name=CentOS6.5 --arch=x86_64

     

    DVD2

    umount /mnt
    mount -t auto -o loop /var/www/html/iso/CentOS-6.5-x86_64-bin-DVD2.iso /mnt
    cp -rf /mnt/Packages/ /var/www/cobbler/ks_mirror/CentOS6.5-x86_64/
    cp: overwrite `/var/www/cobbler/ks_mirror/CentOS6.5-x86_64/Packages/TRANS.TBL'? y

     

    创建索引

    cd /var/www/cobbler/ks_mirror/CentOS6.5-x86_64/
     createrepo -g repodata/44ceb745de23f966cf80f8255a8\
    512f628b25144-b4e0b9342ef85d3059ff095fa7f140f654c2\
    cb492837de689a58c581207d9632-c6-x86_64-comps.xml .

     

    添加节点

    cobbler system  add \
    --name=node13 \
    --hostname=node13 \
    --dns-name=node13.test.com \
    --profile=CentOS6.5-x86_64 \
    --interface=eth0 \
    --mac=00:e0:81:de:20:9e \
    --ip-address=172.18.1.13 \
    --subnet=255.255.0.0 \
    --gateway=172.18.0.1 \
    --static=1 \
    --power-type=ipmilan \
    --power-user=root \
    --power-pass=superuser \
    --power-address=172.18.200.13

    cobbler是不能支持你同时给两块网卡设置ip地址.所以你只能分两步

    cobbler system edit \
    --name=node13 \
    --interface=eth1 \
    --mac=00:e0:81:de:20:9f \
    --ip-address=10.200.1.13 \
    --subnet=255.255.0.0 \
    --static=1

     

     

    排错

    cobbler check
    cobbler sync

     

    通过上面两个命令,基本就可以看到你的设置有啥问题。

     

    附录

    我目前使用的kitstart文件,里面有两个有点技术含量的内容

    1. swap分区和内存一样大小,我尝试过使用swap recomand,不过好像不行,让运维帮忙,实现了内存和机器的内存一样的大小。
    2. 利用Kickstart Metadata,你可以在profile或者在system里进行设置,我的例子里是如果你设置了diskcfg=cinder,就会产生一个200G的分区,如果没设置就不创建。
    # kickstart template for Fedora 8 and later.
    # (includes %end blocks)
    # do not use with earlier distros
    
    #platform=x86, AMD64, or Intel EM64T
    # System authorization information
    auth  --useshadow  --enablemd5
    # System bootloader configuration
    bootloader --location=mbr
    # Partition clearing information
    clearpart --all --initlabel
    # Use text mode install
    text
    # Firewall configuration
    firewall --enabled
    # Run the Setup Agent on first boot
    firstboot --disable
    # System keyboard
    keyboard us
    # System language
    lang en_US
    # Use network installation
    url --url=$tree
    # If any cobbler repo definitions were referenced in the kickstart profile, include them here.
    $yum_repo_stanza
    # Network information
    $SNIPPET('network_config')
    # Reboot after installation
    reboot
    
    #Root password
    rootpw --iscrypted $default_password_crypted
    # SELinux configuration
    selinux --disabled
    # Do not configure the X Window System
    skipx
    # System timezone
    timezone  Asia/Chongqing
    # Install OS instead of upgrade
    install
    # Clear the Master Boot Record
    zerombr
    # Allow anaconda to partition the system as needed
    %include /tmp/partition.ks
    
    %pre
    $SNIPPET('log_ks_pre')
    $SNIPPET('kickstart_start')
    $SNIPPET('pre_install_network_config')
    # Enable installation monitoring
    $SNIPPET('pre_anamon')
    
    #!/bin/sh
    act_mem=`cat /proc/meminfo | grep MemTotal | awk '{printf("%d",$2/1024)}'`
    echo "" > /tmp/partition.ks
    echo "clearpart --all --initlabel" >> /tmp/partition.ks
    echo "part /boot --fstype=ext4 --asprimary --size=200" >> /tmp/partition.ks
    if [ ${diskcfg} = 'cinder' ]; then
    echo "part //cinder-volumes --fstype=ext4 --size=900000" >> /tmp/partition.ks
    fi
    echo "part swap --fstype=swap --size=${act_mem}" >> /tmp/partition.ks
    echo "part / --fstype=ext4 --grow --size=1" >> /tmp/partition.ks
    %end
    
    #%packages
    %packages --nobase
    wget
    vim
    $SNIPPET('func_install_if_enabled')
    %end
    
    
    %post
    $SNIPPET('log_ks_post')
    # Start yum configuration
    $yum_config_stanza
    # End yum configuration
    $SNIPPET('post_install_kernel_options')
    $SNIPPET('post_install_network_config')
    $SNIPPET('func_register_if_enabled')
    $SNIPPET('download_config_files')
    $SNIPPET('koan_environment')
    $SNIPPET('redhat_register')
    $SNIPPET('cobbler_register')
    # Enable post-install boot notification
    $SNIPPET('post_anamon')
    
    ### Repo Setup ###
    rm -f /etc/yum.repos.d/CentOS*
    yum -y install yum-plugin-priorities
    sed -i "s/enabled = 1/enabled = 0/"  /etc/yum/pluginconf.d/priorities.conf
    
    #clean root directory
    mkdir /root/backup
    mv /root/* /root/backup/
    
    ### Sync Time ###
    chkconfig ntpd on
    ntpdate $http_server
    sed -i "s/0\.centos\.pool\.ntp\.org/$http_server/" /etc/ntp.conf
    
    ###ssh config###########
    sed -i "s/#UseDNS yes/UseDNS no/"  /etc/ssh/sshd_config
    sed -i 's/^GSSAPIAuthentication yes$/GSSAPIAuthentication no/' /etc/ssh/sshd_config
    
    #vim setting
    sed -i "8 s/^/alias vi='vim'/" /root/.bashrc
    echo 'syntax on' > /root/.vimrc
    
    
    #lvm making
    if [ 1 -eq `grep -c cinder /etc/fstab` ]
    then
    yum -y install lvm2
    umount /dev/sda2
    pvcreate /dev/sda2
    vgcreate cinder-volumes /dev/sda2
    sed -i '/cinder-volumes/s/^/#/' /etc/fstab
    else
    echo 'lalala' > /root/testmake
    fi
    
    
    #lrzsz and git
    yum -y install git lrzsz
    
    # Start final steps
    $SNIPPET('publickey_root_robin')
    $SNIPPET('kickstart_done')
    # End final steps
    %end

    上面的ks文件,实现了一个公钥注入的功能,需要创建一个自己的snippet publickey_root_robin

    你替换成你自己的公钥就可以。

    # Install Robin's public key for root user
    cd /root
    mkdir --mode=700 .ssh
    cat >> .ssh/authorized_keys << "PUBLIC_KEY"
    ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAuEuVfLvGcFacaRhMopt3lqIxsz2qKKZa5eW/4RBi5GYPETkVFOPlNAEG1LJoRBwQYG1wuYQUNGj+Qorozt/By/WNrk3A27jq7IWJfWKLTXgF9i30BYeBXfQOVEDaaQT+i1uN1KTp4isfnrRxmwFQC53+3rnQeEeLa+GHSOekqWhcG7URuV95sqbOxwSBx0Yj5f2oV05KzOhYYRoNwtqLfzPod/PlOmut4/qQpXhHJkxfEJnEpgbTIuO1Wc5vTs/cMuPmaJ7x6dAX2vg84LkRyX1dDzvQ8nD/tYpFYnSjzrh72N7tMm76GAaRHzMxg3uNMGVk+wXCBU/Ffm1vE1A5uQ== root@node12
    PUBLIC_KEY
    chmod 600 .ssh/authorized_keys
    cat >> .ssh/config <<EOF
    StrictHostKeyChecking no
    UserKnownHostsFile /dev/null
    EOF

     

    cobbler setting文件

     cat /etc/cobbler/settings
    allow_duplicate_hostnames: 0
    allow_duplicate_ips: 0
    allow_duplicate_macs: 0
    allow_dynamic_settings: 1
    anamon_enabled: 0
    authn_pam_service: login
    bind_chroot_path: ''
    bind_master: 127.0.0.1
    build_reporting_email: [root@localhost]
    build_reporting_enabled: 0
    build_reporting_sender: ''
    build_reporting_smtp_server: localhost
    build_reporting_subject: ''
    build_reporting_to_address: ''
    buildisodir: /var/cache/cobbler/buildiso
    cheetah_import_whitelist: [random, re, time]
    client_use_https: 0
    client_use_localhost: 0
    cobbler_master: ''
    consoles: /var/consoles
    createrepo_flags: -c cache -s sha
    default_deployment_method: ssh
    default_kickstart: /var/lib/cobbler/kickstarts/default.ks
    default_name_servers: []
    default_name_servers_search: []
    default_ownership: [admin]
    default_password_crypted: $1$random-p$99lAzJZEl9uunSaThe9oM0
    default_template_type: cheetah
    default_virt_bridge: xenbr0
    default_virt_disk_driver: raw
    default_virt_file_size: 5
    default_virt_ram: 512
    default_virt_type: xenpv
    enable_gpxe: 0
    enable_menu: 1
    func_auto_setup: 0
    func_master: overlord.example.org
    http_port: 80
    isc_set_host_name: 0
    iso_template_dir: /etc/cobbler/iso
    kerberos_realm: EXAMPLE.COM
    kernel_options: {ksdevice: bootif, lang: ' ', text: null}
    kernel_options_s390x: {RUNKS: 1, ip: false, ramdisk_size: 40000, ro: null, root: /dev/ram0,
      vnc: null}
    ldap_anonymous_bind: 1
    ldap_base_dn: DC=example,DC=com
    ldap_management_default_type: authconfig
    ldap_port: 389
    ldap_search_bind_dn: ''
    ldap_search_passwd: ''
    ldap_search_prefix: uid=
    ldap_server: ldap.example.com
    ldap_tls: 1
    ldap_tls_cacertfile: ''
    ldap_tls_certfile: ''
    ldap_tls_keyfile: ''
    manage_dhcp: 1
    manage_dns: 1
    manage_forward_zones: []
    manage_reverse_zones: []
    manage_rsync: 1
    manage_tftp: 1
    manage_tftpd: 1
    mgmt_classes: []
    mgmt_parameters: {from_cobbler: 1}
    next_server: 172.28.0.1
    power_management_default_type: ipmitool
    power_template_dir: /etc/cobbler/power
    puppet_auto_setup: 0
    puppet_parameterized_classes: 1
    puppet_server: puppet
    puppet_version: 2
    puppetca_path: /usr/bin/puppet
    pxe_just_once: 1
    pxe_template_dir: /etc/cobbler/pxe
    redhat_management_key: ''
    redhat_management_permissive: 0
    redhat_management_server: xmlrpc.rhn.redhat.com
    redhat_management_type: 'off'
    register_new_installs: 0
    remove_old_puppet_certs_automatically: 0
    replicate_repo_rsync_options: -avzH
    replicate_rsync_options: -avzH
    reposync_flags: -l -n -d
    restart_dhcp: 1
    restart_dns: 1
    restart_xinetd: 1
    run_install_triggers: 1
    scm_track_enabled: 0
    scm_track_mode: git
    serializer_pretty_json: 0
    server: 172.28.0.1
    sign_puppet_certs_automatically: 0
    signature_path: /var/lib/cobbler/distro_signatures.json
    signature_url: http://www.cobblerd.org/signatures/latest.json
    snippetsdir: /var/lib/cobbler/snippets
    template_remote_kickstarts: 0
    virt_auto_boot: 1
    webdir: /var/www/cobbler
    xmlrpc_port: 25151
    yum_distro_priority: 1
    yum_post_install_mirror: 1
    yumdownloader_flags: --resolve

     

      36 Responses to “CentOS6.5安装和配置Cobbler 2.4”

    1. 陈老师:
      我用OPENSTACK时真机和虚拟机之间可以用PING,SCP这些命令,但是我用JAVA写的网络程序却无法在虚拟机上和真机进行通讯。
      (a.已经关闭IPTABLES:chkconfig iptables off b.真机与真机进行JAVA网络通讯没有问题)

      不知您有何建议,麻烦您了。

      • 你要在Openstack 上加规则,如果你是按文档做的,按就是打开了ICMP和SSH,所以你的ping、scp是可以的。但其他规则(default组)中是关闭的,需要手动创建。
        即使你关闭iptables,也仅仅是控制了实例自己的规则,Openstack的规则并没有调整的。

    2. 写的不错 之前用cobbler试验性的装了次系统 好多地方也是稀里糊涂的 学习了

    3. 我用cobbler 安装了SUSE11 SP3,DHCP 和文件下发都是OK的,但是到安装的界面的时候出现了
      Could not find the SUSE 11 Linux Enterprise Server 11 Repository
      Activating manual setup program
      的一个蓝底红色错误的界面
      同样我试着安装 CentOS 6.5 和 SUSE11 SP1都是没问题的,导入和安装都成功的,
      cobbler版本,我用源码升级到了2.4.2,尝试了下,还是不行
      请指教

      • 我看2.4.2发行说明,就是修了好几个suse安装的bug。估计还是bug。

        • 谢谢了,我做了好多遍,版本也从2.4.0升级到2.4.2, 试了试还是不行,估计是bug了,
          SUSE11 SP3就不能cobbler安装了,别的版本应该没问题,呵呵

    4. 在cobbler上怎么才能把sohu的镜像和DVD的distro一起结合起来?
      依赖重写安装机器的yum repo 吗?
      distro如何添加多个源?

    5. 添加节点
      cobbler system add \
      –name=node13 \
      –hostname=node13 \
      –dns-name=node13.test.com \
      –profile=CentOS6.5-x86_64 \
      –interface=eth0 \
      –mac=00:e0:81:de:20:9e \
      –ip-address=172.18.1.13 \
      –subnet=255.255.0.0 \
      –gateway=172.18.0.1 \
      –static=1 \
      –power-type=ipmilan \
      –power-user=root \
      –power-pass=superuser \
      –power-address=172.18.200.13
      cobbler是不能支持你同时给两块网卡设置ip地址.所以你只能分两步

      cobbler system edit \
      –name=node13 \
      –interface=eth1 \
      –mac=00:e0:81:de:20:9f \
      –ip-address=10.200.1.13 \
      –subnet=255.255.0.0 \
      –static=1

      hi, 陈老师,请教个问题,我在批量安装centos的时候 想设置静态ip,按照上面的命令添加了两块网卡eth0, eth1, 但最后只有eth0配置了静态ip,eth1没有。
      测试只配置一块网卡时,不论是配置eth0, 还是eth1, 最后centos都只是配置到eth0

      所以想向您请教下:有遇到过类似问题没,或者有其他需要注意的地方?

      • 你在cobbler的命令行下,如果看设置没问题,应该是可以的,我现在的环境就是这样。有时候web设置不生效。

        • 就是在命令行下的,cobbler的配置 有没有跟这个有关联,需要特别配置的?

    6. 陈老师,我有个问题。centos6.5版本得系统安装后网卡名称叫em1.并非是eth0.改驱动名字得话需要重启。我写在kickstrt中也不支持。

    7. 陈老师,您好 我遇到一个问题{ProtocolError for 192.168.2.1:80/cobbler_api: 503 Service Temporarily Unavailable}。按照在网上找到的解决方案处理了还是没有解决这个问题。不知道该怎么办了!

    8. 陈老师 我在交换机层面做了dhcp中继,但是还是无法进行跨网段的操作

      • 不错的尝试。我一直都想看看cobbler的dhcp是否能做到跨网段。是无法获得ip,还是什么原因无法进行啊?

    9. 陈老师,想请教一下,cobbler部署成功以后,批量安装操作系统,cobbler服务器能否知道这些机器的安装是否出错或者已经完成?

      • 有一个服务,你看一下,是a开头的服务,启动这个服务后,安装的时候,就会把进度的log传到cobbler机器里。

      • 同问,现在正在对cobbler进行二次开发,我使用的是cobbler2.6的版本;还有我想问一下陈老师,cobbler的那个电源管理是做的安装系统后的电源管理还是未安装系统之前就可以管理?

    10. 陈老师,我现在cobbler system add 以后,是能够自动完成安装的。但是不设置system add,要安装操作系统的机器,dhcp分配ip后,从cobbler服务器去ping这个分配的ip能ping通,然后在客户机上采用界面手工选择要安装的操作系统镜像后,开始安装能够加载initrd和img,加载完以后,这时反而ping不通了,导致后续加载镜像和ks文件都无法通过http访问,这是哪里的问题呢?

    11. 陈老师,我cobbler import镜像时报错:
      #cobbler import –path=/var/os/linux/centos-6.4-x86_64/ –name=CentOS6.4 –arch=x86_64
      task started: 2015-07-13_164225_import
      task started (id=Media import, time=Mon Jul 13 16:42:25 2015)
      Exception occured:
      Exception value: ‘Command failed’
      Exception Info:
      File “/usr/lib/python2.6/site-packages/cobbler/remote.py”, line 87, in run
      rc = self._run(self)
      File “/usr/lib/python2.6/site-packages/cobbler/remote.py”, line 231, in runner
      self.logger
      File “/usr/lib/python2.6/site-packages/cobbler/api.py”, line 890, in import_tree
      utils.run_this(rsync_cmd, (spacer, mirror_url, path), self.logger)
      File “/usr/lib/python2.6/site-packages/cobbler/utils.py”, line 917, in run_this
      die(logger,”Command failed”)
      File “/usr/lib/python2.6/site-packages/cobbler/utils.py”, line 134, in die
      raise CX(msg)

      !!! TASK FAILED !!!
      —————————————-
      cobbler日志如下:
      rsync error: some files/attrs were not transferred (see previous errors) (code 23) at main.c(1039) [sender=3.0.6]

      Mon Jul 13 16:42:54 2015 – INFO | Exception occured:
      Mon Jul 13 16:42:54 2015 – INFO | Exception value: ‘Command failed’
      Mon Jul 13 16:42:54 2015 – INFO | Exception Info:
      File “/usr/lib/python2.6/site-packages/cobbler/utils.py”, line 126, in die
      raise CX(msg)
      请问,这是什么原因导致的。可以帮我看看嘛。

    12. 陈老师,我cobbler import镜像时报错:
      #cobbler import –path=/var/os/linux/centos-6.4-x86_64/ –name=CentOS6.4 –arch=x86_64
      task started: 2015-07-13_164225_import
      task started (id=Media import, time=Mon Jul 13 16:42:25 2015)
      Exception occured:
      Exception value: ‘Command failed’
      Exception Info:
      File “/usr/lib/python2.6/site-packages/cobbler/remote.py”, line 87, in run
      rc = self._run(self)
      File “/usr/lib/python2.6/site-packages/cobbler/remote.py”, line 231, in runner
      self.logger
      File “/usr/lib/python2.6/site-packages/cobbler/api.py”, line 890, in import_tree
      utils.run_this(rsync_cmd, (spacer, mirror_url, path), self.logger)
      File “/usr/lib/python2.6/site-packages/cobbler/utils.py”, line 917, in run_this
      die(logger,”Command failed”)
      File “/usr/lib/python2.6/site-packages/cobbler/utils.py”, line 134, in die
      raise CX(msg)

      !!! TASK FAILED !!!
      —————————————-
      cobbler日志如下:
      rsync error: some files/attrs were not transferred (see previous errors) (code 23) at main.c(1039) [sender=3.0.6]

      Mon Jul 13 16:42:54 2015 – INFO | Exception occured:
      Mon Jul 13 16:42:54 2015 – INFO | Exception value: ‘Command failed’
      Mon Jul 13 16:42:54 2015 – INFO | Exception Info:
      File “/usr/lib/python2.6/site-packages/cobbler/utils.py”, line 126, in die
      raise CX(msg)
      请问,这是什么原因导致的。求解答。

    13. 陈老师好,不用dns可以吗?还有在一个局域网内,不写dhcp的网关可以吗?我导完镜像后。到引到界面获取的ip后就没有反应了。希望陈老师指导啊

      • 不用dns是可以的。不写dhcp网关,应该也是没啥问题的。

        • 陈老师。我用kvm虚拟机可以安装cobbler吗?还是需要实体机?我想通过下次安装kvm虚拟机时直接从pxe启动安装。以后就不用那么麻烦,但我这样做似乎在客户端获取不ip.但我cobbler虚拟机都已经桥接到同一网段。我现在用的是centos6.5源epl默认是yum安装是cobbler2.6。我是不是把镜像导入进去以后,就可以进行批量安装操作系统了?或者还需要自己定义ks安装文件才能安装呢? 这几天我都郁闷死了。kvm虚拟机总是提示 dhcp连接超时。但我试着把相同网段其他虚拟机,网卡改为dchp时,都可以正常获取dhcp地址。

          • 我是用实体机做实验,不过我相信虚拟机肯定是没问题的。而且应该是用虚拟机来做。

    14. 陈老师,您好!

      感谢您这篇cobbler搭建经验总结,我现在的cobbler服务器环境已经搭建完毕并且测试通信成功,客户端能正常从pex启动并接收数据。但在安装过程中系统提示ks文件中语句错误,貌似是第四行,并且–size处语句有错误。小弟看了半天也看不出是哪里错了,请陈老师帮忙指点下,谢谢!

      #platform=x86, AMD64, or Intel EM64T
      # System authorization information
      auth –useshadow –enablemd5
      # System bootloader configuration
      bootloader –location=mbr
      # Partition clearing information
      clearpart –all –initlabel
      # Use text mode install
      text
      # Firewall configuration
      firewall –enabled
      # Run the Setup Agent on first boot
      firstboot –disable
      # System keyboard
      keyboard us
      # System language
      lang en_US
      # Use network installation
      url –url=$tree
      # If any cobbler repo definitions were referenced in the kickstart profile, include them here.
      $yum_repo_stanza
      # Network information
      $SNIPPET(‘network_config’)
      # Reboot after installation
      reboot

      #Root password
      rootpw –iscrypted $default_password_crypted
      # SELinux configuration
      selinux –disabled
      # Do not configure the X Window System
      skipx
      # System timezone
      timezone America/New_York
      # Install OS instead of upgrade
      install
      # Clear the Master Boot Record
      zerombr
      # Allow anaconda to partition the system as needed
      %include /tmp/partition.ks

      %pre
      $SNIPPET(‘log_ks_pre’)
      $SNIPPET(‘kickstart_start’)
      $SNIPPET(‘pre_install_network_config’)
      # Enable installation monitoring
      $SNIPPET(‘pre_anamon’)

      #!/bin/sh
      act_mem=`free -m | awk ‘NR==2{print $2}’`
      echo “” > /tmp/partition.ks
      echo “clearpart –all –initlabel” >> /tmp/partition.ks
      echo “part /boot –fstype=ext4 –asprimary –size=400” >> /tmp/partition.ks
      echo “part swap –fstype=swap –size=${act_mem}” >> /tmp/partition.ks
      echo “part pv.01 –grow –size=1” >> /tmp/partition.ks
      echo “volgroup vg_gamexx pv.01” >> /tmp/partition.ks
      echo “logvol / –vgname=vg_gamexx –size=10000 –name=lv_root” >> /tmp/partition.ks
      echo “logvol / –vgname=vg_gamexx –size=5000 –name=lv_data” >> /tmp/partition.ks
      %end

      %packages
      @base
      @chinese-support
      @console-internet
      @debugging
      @directory-client
      @hardware-monitoring
      @large-systems
      @network-file-system-client
      @performance
      @server-platform
      $SNIPPET(‘func_install_if_enabled’)
      %end

      %post
      $SNIPPET(‘log_ks_post’)
      # Start yum configuration
      $yum_config_stanza
      # End yum configuration
      $SNIPPET(‘post_install_kernel_options’)
      $SNIPPET(‘post_install_network_config’)
      $SNIPPET(‘func_register_if_enabled’)
      $SNIPPET(‘puppet_register_if_enabled’)
      $SNIPPET(‘download_config_files’)
      $SNIPPET(‘koan_environment’)
      $SNIPPET(‘redhat_register’)
      $SNIPPET(‘cobbler_register’)
      # Enable post-install boot notification
      $SNIPPET(‘post_anamon’)
      # Start final steps
      $SNIPPET(‘kickstart_done’)
      # End final steps

    15. 陈老师,好。我想问一下,如果机房有自己的yum镜像服务器,有提供http和rsync服务。那么cobbler的distro这里可以不做import吗?repos这里我找到方法可以不同步repo到本地。我最终的目的就是想直接使用我的内部yum服务器上的文件,不想在cobbler server上再次保存镜像。有没有什么好的方法呢?谢谢。

     Leave a Reply

    (required)

    (required)