cobbler 批量安装linux.doc

软件包下载地址：http:/centos.plnet.rs/mrepo/plc-rhel6b-i386/RPMS.all/搭建步骤：参考文章：-Getting Started With Cobbler and Cobbler ImportAboutSuppose you want to set up a network install server for several distributions. Well show you how to do this, for a given distribution, really really quickly. For this example, well use Fedora as an example. Whats the best way to do this? Its a command called cobbler import, that can mirror content based on a DVD image, a tree on a mounted filesystem, or even an external rsync mirror or SSH location. First you have to have cobbler installed and set up though, which is thankfully pretty easy to do. Setting Up A Provisioning Server From Scratch yum install cobbler # Edit /etc/cobbler/settings for server and next-server addresses. # Comments in the config file will explain what each setting does. cobbler check # Adjust things as necessary based on the output of cobbler check above # Download the Fedora DVD image and mount it, either with a real CD or a # loopback (mkdir /somedir; mount -o loop your.iso /somedir) # import from inserted DVD cobbler import -path=/media/dvd -name=Fedora12 # .OR. import from the mounted ISO example cobbler import -path=/somedir -name=Fedora12 cobbler sync Youre done. Really. SElinux specific settings for F14 to keep in mind ?For Fedora 14 you might want to amend the selinux policy settings. /usr/sbin/semanage fcontext -a -t public_content_rw_t /var/lib/tftpboot/.* /usr/sbin/semanage fcontext -a -t public_content_rw_t /var/www/cobbler/images/.* restorecon -R -v /var/lib/tftpboot/ restorecon -R -v /var/www/cobbler/images.* # Enables cobbler to read/write public_content_rw_t setsebool cobbler_anon_write on # Enable httpd to connect to cobblerd (optional, depending on if web interface is installed) # Notice: If you enable httpd_can_network_connect_cobbler and you should switch httpd_can_network_connect off setsebool httpd_can_network_connect off setsebool httpd_can_network_connect_cobbler on #Enabled cobbler to use rsync etc. (optional) setsebool cobbler_can_network_connect on #Enable cobbler to use CIFS based filesystems (optional) setsebool cobbler_use_cifs on # Enable cobbler to use NFS based filesystems (optional) setsebool cobbler_use_nfs on # Double check your choices getsebool -a|grep cobbler Important: Once you enabled the SElinux booleans and checked that they work for you, make them permanent by using setsebool -P option on/off! This will save your booleans on reboot. Alternatively, you could have also used: cobbler import -path=rsync:/servergoeshere/path/to/distro -name=F12 This would mirror from a public rsync server (for a list of public servers visit /publiclist/) without needing the DVD image. Kickstarts are answer files that script the installation of the OS. Well, for Fedora and Red Hat based distributions it is called kickstart. We also support other distributions that have similar answer files, but lets just use kickstart as an example for now. The kickstarts automatically assigned above will install physical machines (or virtual machines - well get to that later) with a default password of cobbler (dont worry, you can change these defaults) and a really basic set of packages. For something more complicated, you may wish to edit the default kickstarts in /var/lib/cobbler/kickstarts. You could also use cobbler to assign them new kickstart files. These files are actually Kickstart Templates, a level beyond regular kickstarts that can make advanced customizations easier to achieve. Well talk more about that later as well. What if you dont want to mirror the install content on your install server? Say you already have the trees from all your DVDs and/or CDs extracted on a Filer mounted over NFS somewhere. This works too, with the addition of one more argument: cobbler import -path=/path/where/filer/is/mounted -name=filer -available-as=nfs:/:/is/mounted/here The above command will set up cobbler automatically using all of the above distros (stored on the remote filer) - but will keep the trees on NFS. This saves disk space on the Cobbler server. As you add more distros over time to the filer, you can keep running the above commands to add them to Cobbler. So, whether using some data you already have on the network, or letting cobbler create an install mirror for you, there are lots of useful options. Similarly, if you just need to change the default path where Cobbler stores data it imports (which is /var/www/cobbler/) you can also change that - this is covered elsewhere on the Wiki. Using That Server For ReinstallationShould you have a system you want to install that Fedora 12 on (instead of whatever it is running now), right now, you can do this: yum install koan koan -server= -list=profiles koan -replace-self -server= -profile=F12-i386 /sbin/reboot The system will install the new operating system after rebooting, hands off, no interaction required. Notice in the above example F12-i386 is just one of the boring default profiles cobbler created for you. You can also create your own, for instance F12-webservers or F12-appserver - whatever you would like to automate. Using That Server For VirtualizationWant to install a virtual guest instead (perhaps Xen or KVM)? No problem. yum install koan koan -server= -virt -virt-type=xenpv -profile=F12-i386-xen Done. You can also use KVM or other virtualization methods. These are covered elsewhere on the Wiki. Some distributions have Xen specific profiles you need to use, though this is merged back together starting with Fedora 12. Using That Server For PXENote that so far weve only mentioned reinstalling Linux systems and doing virtualized installs. PXE for network installation of bare metal machines is very easy too. If you want PXE, you have two options. If the DHCP server is somewhere else (not on the Cobbler server), you can get your dhcp server admin to point at your box as a next-server. Easy enough. If you want to run DHCP locally and have Cobbler manage it for you, just set manage_dhcp to 1 in /etc/cobbler/settings on the boot server,edit /etc/cobbler/dhcp.template to change some defaults, and re run cobbler sync.Youre good. Cobbler will keep track of your dhcp files for you, and youll never have to hand edit them. (See ManageDhcp for more information on this). Once you get PXE set up, all of the bare-metal compatible profiles will, by name, show up in PXE menus when the machines network boot. Type menu at the prompt and choose one from the list. Or just dont do anything and the machine will default through to local booting. (Some Xen paravirt profiles will not show up, because you cannot install these on physical machines - this is intended) Should you want to pin a particular system to install a particular profile the next time it reboots, just run: cobbler system add -name=example -mac=$mac-address -profile=$profile-name Then the above machine will boot directly to the profile of choice without bringing up the menu. Dont forget to read the manpage docs as there are more options for customization and control available. There are also lots of useful settings described in /etc/cobbler/settings that you will want to read over. FirewallDepending on your usage, you will probably need to make sure iptables is configured to allow access to the right services. Heres an example configuration: # Firewall configuration written by system-config-securitylevel # Manual customization of this file is not recommended. *filter :INPUT ACCEPT 0:0 :FORWARD ACCEPT 0:0 :OUTPUT ACCEPT 0:0 -A INPUT -p icmp -icmp-type any -j ACCEPT -A INPUT -m state -state ESTABLISHED,RELATED -j ACCEPT # LOCALHOST -A INPUT -i lo -j ACCEPT # SSH -A INPUT -m state -state NEW -m tcp -p tcp -dport 22 -j ACCEPT # DNS - TCP/UDP -A INPUT -m state -state NEW -m udp -p udp -dport 53 -j ACCEPT -A INPUT -m state -state NEW -m tcp -p tcp -dport 53 -j ACCEPT # DHCP -A INPUT -m state -state NEW -m udp -p udp -dport 68 -j ACCEPT # TFTP - TCP/UDP -A INPUT -m state -state NEW -m tcp -p tcp -dport 69 -j ACCEPT -A INPUT -m state -state NEW -m udp -p udp -dport 69 -j ACCEPT # NTP -A INPUT -m state -state NEW -m udp -p udp -dport 123 -j ACCEPT # HTTP/HTTPS -A INPUT -m state -state NEW -m tcp -p tcp -dport 80 -j ACCEPT -A INPUT -m state -state NEW -m tcp -p tcp -dport 443 -j ACCEPT # Syslog for cobbler -A INPUT -m state -state NEW -m udp -p udp -dport 25150 -j ACCEPT # Koan XMLRPC ports -A INPUT -m state -state NEW -m tcp -p tcp -dport 25151 -j ACCEPT -A INPUT -m state -state NEW -m tcp -p tcp -dport 25152 -j ACCEPT #-A INPUT -j LOG -A INPUT -j REJECT -reject-with icmp-host-prohibited COMMIT Adapt this to your own environment. ServicesDepending on whether you are running DHCP and DNS on the same box, you will want to enable various services: /sbin/service httpd start /sbin/service dhcpd start /sbin/service xinetd start /sbin/service cobblerd start /sbin/chkconfig httpd on /sbin/chkconfig dhcpd on /sbin/chkconfig xinetd on /sbin/chkconfig tftp on /sbin/chkconfig cobblerd on cobbler check, mentioned above, will mention most of this to you. Notes About Other Distributions The above example covered Fedora, though things work exactly the same for RHEL and CentOS. Read SupportForOtherDistros for additional information if you are not running a Fedora or Red Hat based distribution. Support for other distributions is important to the Cobbler project, though they may require slightly different instructions. Read More There are lots of other topics as well as expansions on the above material on the rest of the Wiki, under UserDocs. This is only scratching the surface! -一、安装环境centos 5.4关掉iptables 关掉 selinux selinux 导致tftp的目录无法访问 pxe停止在引导界面二、cobbler使用目录及文件cobbler相关配置文件 /etc/cobblercobbler数据存储目录 /var/www/cobblerdhcp配置文件 /etc/dhcpd.confdhcp租期缓存文件 /var/lib/dhcpd/dhcpd.leasespxe配置文件 /tftpboot/pxelinux.cfg/default三、安装cobbler# rpm -ivh /pub/epel/5/i386/epel-release-5-4.noarch.rpm# rpm -ivh http:/apt.sw.be/redhat/el5/en/i386/rpmforge/RPMS/rpmforge-release-0.3.6-1.el5.rf.i386.rpm# yum -y install tftp-server httpd dhcp yum-utils# yum -y install cobbler# yum -y install cmanyum-utils 编译安装 make & make install四、修改配置文件1.修改cobbler配置文件# vi /etc/cobbler/settingscodeserver: #cobbler服务器地址next_server: manage_dhcp: 1/code2.更改tftp启动方式# vi /etc/xinetd.d/tftpcodedisable = no #默认开启tftp/code3.编辑dhcp配置模板# vi /etc/cobbler/dhcp.template 改为相应的网段和ipsubnet netmask option routers ; option domain-name-servers ; option subnet-mask ; range dynamic-bootp 00 54; filename /pxelinux.0; default-lease-time 21600; max-lease-time 43200; next-server $next_server;五、导入CentOS 光盘映像文件# mkdir /home/CentOS# mount /home/src/CentOS-5.2-i386-bin-DVD.iso /home/CentOS/ -o loop# cobbler import -mirror=/home/CentOS -name=CentOS-5.2# cobbler sync 应用配置模板六、cobbler check 根据提示解决问题例如：#2: Must enable selinux boolean to enable Apache and web services components, run: setsebool -P httpd_can_network_connect trueNice to see that it has good instructions for selinux#3: you need to set some SELinux content rules to ensure cobbler works correctly in your SELinux environment, run the following: /usr/sbin/semanage fcontext -a -t public_content_t /var/lib/tftpboot/.* & /usr/sbin/semanage fcontext -a -t public_content_t /var/www/cobbler/images/.*Detailed command to enable http server to reed content from /var/www/cobbler and have tfpboot find its files#4: service cobblerd is not runningObviously this isnt running because we did not start it yet#5: change disable to no in /etc/xinetd.d/tftp#6: service httpd is not running#7: since iptables may be running, ensure 69 (dhcp), 80(http), 25150(cobbler api), and 25151(cobbler api R/W) are unblocked 关闭防火墙#8: reposync is not installed, need for cobbler reposync, install/upgrade yum-utils?Easy to solve with: yum install yum-utils#9: yumdownloader is not installed, needed for cobbler repo add with -rpm-list parameter, install/upgrade yum-utils? 安装yum-utils#10: fencing tools were not found, and are required to use the (optional) power management features. install cman to use them 安装cman七、启动cobbler服务service dhcpd startservice httpd startservice xinetd restartservice cobbler start八、kickstart配置文件实例# vi /etc/cobbler/sample.ks#platform=x86, AMD64, or Intel EM64T# System authorization informationauth -useshadow -enablemd5# System bootloader configurationbootloader -location=mbr# Partition clearing informationclearpart -all -initlabel# Use text mode installtext# Firewall configurationfirewall -disable# Run the Setup Agent on first bootfirstboot -enabled# System keyboardkeyboard us# System languagelang en_US# Use network installationurl -url=$tree# If any cobbler repo definitions were referenced in the kickstart profile, include them here.$yum_repo_stanza# Network informationnetwork -bootproto=dhcp -device=eth0 -onboot=on# Reboot after installationreboot#Root passwordrootpw -iscrypted $1$65XOJkdK$SA2J.kVLiTZ6V1GAhFl/Z1# SELinux configurationselinux -disabled# Do not configure the X Window Systemskipx# System timezonetimezone Asia/Shanghai# Install OS instead of upgradeinstall# Clear the Master Boot Recordzerombr# Magically figure out how to partition this thing#SNIPPET:main_partition_selectpart / -asprimary -bytes-per-inode=4096 -fstype=ext3 -grow -size=1part swap -asprimary -bytes-per-inode=4096 -fstype=swap -size=2048part /boot -asprimary -bytes-per-inode=4096 -fstype=ext3 -size=100%pre$kickstart_start#SNIPPET:pre_partition_select%packagesserver-cfgdevelopment-toolsbasedevelopment-libssystem-toolsadmin-toolscertmasterfunc%postchkconfig NetworkManager offchkconfig NetworkManagerDispatcher offchkconfig acpid offchkconfig anacron offchkconfig atd offchkconfig autofs offchkconfig avahi-daemon offchkconfig avahi-dnsconfd offchkconfig bluetooth offchkconfig conman offchkconfig cups offchkconfig dhcdbd offchkconfig dund offchkconfig firstboot offchkconfig funcd onchkconfig gpm offchkconfig haldaemon offchkconfig hidd offchkconfig httpd offchkconfig ibmasm offchkconfig ip6tables offchkconfig ipmi offchkconfig iptables offchkconfig irda offchkconfig irqbalance offchkconfig kdump offchkconfig kudzu offchkconfig lvm2-monitor offchkconfig mcstrans offchkconfig mdmpd offchkconfig microcode_ctl offchkconfig multipathd offchkconfig netconsole offchkconfig netfs offchkconfig netplugd offchkconfig nfs offchkconfig nfslock offchkconfig nscd offchkconfig ntpd offchkconfig oddjobd offchkconfig pand offchkconfig pcscd offchkconfig portmap offchkconfig psacct offchkconfig rdisc offchkconfig restorecond offchkconfig rpcgssd offchkconfig rpcidmapd offchkconfig rpcsvcgssd offchkconfig saslauthd offchkconfig sendmail offchkconfig setroubleshoot offchkconfig winbind offchkconfig wpa_supplicant offchkconfig xfs offchkconfig ypbind offchkconfig yum-updatesd offchkconfig certmaster onchkconfig funcd oncat EOFM /etc/func/minion.confmainlog_level = INFOacl_dir = /etc/func/minion-acl.dEOFMcat EOCM /etc/certmaster/minion.confmaincertmaster = log_level = DEBUGcert_dir = /etc/pki/certmasterEOCMcat EODM /etc/hosts EODM$yum_config_stanzaSNIPPET:post_install_kernel_options$kickstart_done/code九、利用cobbler重装系统# rpm -Uhv koan-1.2.5-1.el5.noarch.rpm# koan -server= -list-profiles# koan -replace-self -server= -profile=CentOS_5.2-i386# reboot-前面一篇介绍了使用Kickstart批量部署redhat，但是这种方法配置起来比较麻烦。现在，我们有了更好的选择。那就是：Cobbler。在看以下内容时最好先看下：Kickstart批量部署redhat。系统环境：CentOS 5CentOS5.4默认的Repository里找不到Cobbler，先安装rpmforce这个Repository。很全很强大，近10000个软件包。Java代码#32位： wgethttp:/packages.sw.be/rpmforge-release/rpmforge-release-0.5.1-1.el5.rf.i386.rpm rpm-ivhrpmforge-release-0.5.1-1.el5.rf.i386.rpm #64位： wgethttp:/packages.sw.be/rpmforge-release/rpmforge-release-0.5.1-1.el5.rf.x86_64.rpm rpm-ivhrpmforge-release-0.5.1-1.el5.rf.x86_64.rpm1. 安装相关软件：Java代码yum-yinstallcobblerdhcphttpdxinetdtftp-server# cobbler的配置文件在/var/lib/cobbler/和/etc/cobbler下（不同版本可能不同）# xinetd tftp-server用来做tftp服务器，pxe启动需要。# httpd服务器主要存放ks文件和安装光盘。注意 /var/www/cobbler 目录必须具有足够容纳 Linux 安装文件的空间（移动，建软链接）2. 检查 cobbler 配置：Java代码cobblercheck#0: The server field in /var/lib/cobbler/settings must be set to something other than localhost, or kickstarting fea