cobbler自动化系统安装详细.docx
《cobbler自动化系统安装详细.docx》由会员分享,可在线阅读,更多相关《cobbler自动化系统安装详细.docx(15页珍藏版)》请在冰豆网上搜索。
cobbler自动化系统安装详细
Cobbler安装文档
cobbler集成了PXE、DHCP、DNS、Kickstart服务管理和yum仓库管理工具,相对之前的Kickstart更加快捷、方便的批量布署redhat、centos类系统
cobbler客户端koan支持虚拟机安装和操作系统重装
cobblerweb界面可以更好的方便用户操作
具体安装如下:
1、安装rpmforce源:
Wgethttp:
//apt.sw.be/redhat/el5/en/x86_64/rpmforge/RPMS/rpmforge-release-0.3.6-1.el5.rf.x86_64.rpm
Rpm-ivhrpmforge-release-0.3.6-1.el5.rf.x86_64.rpm
可能会报错需要安装python-netaddr相关依赖包
wgetrpm–ivhftp:
//
Rpm–ivhpython-netaddr-0.5.2-1.el5.noarch.rpm
wgetftp:
//
rpm-ivhmod_wsgi-3.2-2.el5.x86_64.rpm
2、安装semanage命令的包policycoreutils-python
yum-yinstallpolicycoreutils-python
3、安装pykickstart
yum-yinstallpykickstart
4、开始安装cobbler
yum–yinstallcobblerhttpdrsynctftp-serverxinetddhcp
/etc/init.d/cobblerdstart
/etc/init.d/httpdstart
启动apache的时候报
Invalidcommand'WSGIScriptAliasMatch',perhapsmisspelledordefinedbyamodulenotincludedintheserverconfiguration
需要手动开启wsgi模块
vim/etc/httpd/conf.d/wsgi.conf
LoadModulewsgi_modulemodules/mod_wsgi.so前面#去掉即可
3、检查cobbler配置
cobblercheck
如果出现下面错误检查selinux是否已被关闭
httpddoesnotappeartoberunningandproxyingcobbler
setenforce0
1:
The'server'fieldin/etc/cobbler/settingsmustbesettosomethingotherthanlocalhost,orkickstartingfeatureswillnotwork.ThisshouldbearesolvablehostnameorIPforthebootserverasreachablebyallmachinesthatwilluseit.
2:
ForPXEtobefunctional,the'next_server'fieldin/etc/cobbler/settingsmustbesettosomethingotherthan127.0.0.1,andshouldmatchtheIPofthebootserveronthePXEnetwork.
3:
somenetworkboot-loadersaremissingfrom/var/lib/cobbler/loaders,youmayrun'cobblerget-loaders'todownloadthem,or,ifyouonlywanttohandlex86/x86_64netbooting,youmayensurethatyouhaveinstalleda*recent*versionofthesyslinuxpackageinstalledandcanignorethismessageentirely.Filesinthisdirectory,shouldyouwanttosupportallarchitectures,shouldincludepxelinux.0,menu.c32,elilo.efi,andyaboot.The'cobblerget-loaders'commandistheeasiestwaytoresolvetheserequirements.
4:
debmirrorpackageisnotinstalled,itwillberequiredtomanagedebiandeploymentsandrepositories
安装依赖包
yuminstalledpatchperlperl-Compress-Zlibperl-Cwdperl-Digest-MD5perl-Digest-SHA1perl-LockFile-Simpleperl-libwww-perl
rpm-ivhftp:
//
需要注销这两行
vim/etc/debmirror.conf
#@arches="i386"
#@dists="sid"
5:
ksvalidatorwasnotfound,installpykickstart
6:
Thedefaultpasswordusedbythesampletemplatesfornewlyinstalledmachines(default_password_cryptedin/etc/cobbler/settings)isstillsetto'cobbler'andshouldbechanged,try:
"opensslpasswd-1-salt'random-phrase-here''your-password-here'"togeneratenewone
opensslpasswd-1-salt'任意字母''你的密码'生成密码替换/etc/cobbler/settingsdefault_password_crypted:
"$1$icifbsa$GlSk4KZPpIscQsOpLkZh0/"默认密码
7:
fencingtoolswerenotfound,andarerequiredtousethe(optional)powermanagementfeatures.installcmanorfence-agentstousethem安装cman
wgetftp:
//
1)vim/etc/cobbler/settings
server:
192.168.23.128设置cobblerserver的IP
next_server:
192.168.23.128设置PXEserver的IP
manage_dhcp:
1开启管理DHCP服务
default_kickstart:
/var/lib/cobbler/kickstarts/default.ks设置默认的kickstart配置文件
2)关闭防火墙和selinux
3)获取启动镜像
cobblerget-loaders
4)启动tftp和rsync
vim/etc/xinetd.d/tftp
将disable=yes改为disable=no
vim/etc/xinetd.d/rsync
将disable=yes改为disable=no
然后重启xinetd
5)修改DHCP模板,确保DHCP分配的地址和cobbler在同一网段
注:
编辑/etc/cobbler/dhcp.template在后面执行cobblersync时会自动同步到/etc/dhcp.conf
subnet192.168.23.0netmask255.255.255.0{
optionrouters192.168.1.5;
#optiondomain-name-servers192.168.1.1;
optionsubnet-mask255.255.255.0;
rangedynamic-bootp192.168.23.100192.168.23.254;
filename"/pxelinux.0";
default-lease-time21600;
max-lease-time43200;
next-server$next_server;
}
5、同步cobbler配置,使修改生效:
cobblersync
挂载linux光盘生成安装镜像
mount-oloop/dev/cdrom/mnt/
cobblerimport--path=/mnt/--name=Centos5.5-i386这个过程需要一定的时间
6、配置Cobbler_web
1)安装依赖组件Django和mod_ssl
yum-yinstallDjango
yum-yinstallmod_ssl
2)安装cobbler_web
yum-yinstallcobbler_web
3)重启httpd以让ssl服务生效
servicehttpdrestart
4)为Cobbler用户修改密码
htdigest/etc/cobbler/users.digest"Cobbler"cobbler
5)为CobblerWeb增加新用户
htdigest/etc/cobbler/users.digest"Cobbler"new_name
设置/etc/cobbler/modules如下:
[authentication]
module=authn_configfile 这里不设置web页面无法登陆
[authorization]
module=authz_allowall
重启Cobbler服务:
servicecobblerdrestart
7、然后使用http:
//ip/cobbler_web访问,登录后界面如下
8、编辑profile文件,修改kickstart启动文件名为CentOS5.5-i386.ks
cobblerprofileedit--name=CentOS6.2-i386--distro=CentOS6.2-i386--kickstart=/var/lib/cobbler/kickstarts/CentOS5.5-i386.ks
cobblersync执行同步配置文件
9、配置kickstart脚本,根据需求添加所需参数。
下面ks配置文件是我测试时候使用的,自动安装测试通过.
#platform=x86,AMD64,orIntelEM64T
#Systemauthorizationinformation
auth--useshadow--enablemd5
#Systembootloaderconfiguration
bootloader--location=mbr
#Partitionclearinginformation
clearpart--all--initlabel
#Usetextmodeinstall
text
#Firewallconfiguration
firewall--disable
#RuntheSetupAgentonfirstboot
firstboot--disable
#Systemkeyboard
keyboardus
#Systemlanguage
langen_US
#Usenetworkinstallation
url--url=$tree
#Ifanycobblerrepodefinitionswerereferencedinthekickstartprofile,includethemhere.
$yum_repo_stanza
#Networkinformation
$SNIPPET('network_config')
#Rebootafterinstallation
Reboot
#Rootpassword
rootpw--iscrypted$default_password_crypted
#SELinuxconfiguration
selinux--disabled
#DonotconfiguretheXWindowSystem
skipx
#Systemtimezone
timezone--utcAsia/Shanghai
#InstallOSinsteadofupgrade
install
#CleartheMasterBootRecord
zerombr
#Allowanacondatopartitionthesystemasneeded
autopart
clearpart--all--drives=sda--initlabel
%pre
$SNIPPET('log_ks_pre')
$kickstart_start
$SNIPPET('pre_install_network_config')
#Enableinstallationmonitoring
$SNIPPET('pre_anamon')
%packages
@admin-tools
@base
@chinese-support
@core
@development-libs
@development-tools
@editors
@system-tools
@text-internet
OpenIPMI-tools
hardlink
kernel-PAE
kernel-PAE-devel
kernel-devel
libpng-devel
lrzsz
minicom
net-snmp-utils
pcre-devel
sysstat
x86info
$SNIPPET('func_install_if_enabled')
%post
$SNIPPET('log_ks_post')
#Setdefaultlanguage
[-f/etc/sysconfig/i18n]&&cp/etc/sysconfig/i18n/etc/sysconfig/i18n.ksbak
cat</etc/sysconfig/i18n
LANG="en_US"
SUPPORTED="en_US.UTF-8:
en_US:
en"
SYSFONT="latarcyrheb-sun16"
EOF
#Setnameserver
cat</etc/resolv.conf
nameserver8.8.8.8
EOF
#Setdefaultrunlevelto3
echo"Setdefaultrunlevelto3"
pushd/etc&>/dev/null
mvinittabinittab.bak
catinittab.bak|sed's/^id\:
[0-5]\:
init/id\:
3\:
init/'>inittab
popd&>/dev/null
cat/etc/inittab|grep'^id:
'
#stopunusefulservices
#nsrvsisthelistforstop
nsrvs="\
kudzu
isdn
pcmcia
portmap
nfslock
rpcidmapd
rpcgssd
netfs
apmd
autofs
cups
xinetd
sendmail
smartd
gpm
xfs
rhnsd
avahi-daemon
avahi-dnsconfd
acpid
anacron
atd
auditd
cpuspeed
crond
haldaemon
ip6tables
irqbalance
lm_sensors
lvm2-monitor
mcstrans
messagebus
microcode_ctl
pcscd
bluetooth
hidd
mdmonitor
rawdevices
readahead_early
restorecond
setroubleshoot
sysstat
yum-updatesd
cups-config-daemon"
foritemin$nsrvs
do
if[!
-f/etc/init.d/$item];then
echo"Thereisno$itemexist!
"
else
chkconfig$itemoff
fi
done
#kerneloptimize
cat<>/etc/sysctl.conf
net.ipv4.tcp_fin_timeout=30
net.ipv4.tcp_keepalive_time=1200
net.ipv4.tcp_syncookies=1
net.ipv4.tcp_tw_reuse=1
net.ipv4.tcp_tw_recycle=1
net.ipv4.tcp_max_syn_backlog=8192
net.ipv4.tcp_max_tw_buckets=100000
EOF
cat</etc/rc.d/rc.tune
echo0>/proc/sys/net/ipv4/tcp_sack
echo0>/proc/sys/net/ipv4/tcp_timestamps
echo0>/proc/sys/net/ipv4/tcp_window_scaling
echo"102465000">/proc/sys/net/ipv4/ip_local_port_range
echo1>/proc/sys/net/ipv4/tcp_syncookies
echo"4096655368388608">/proc/sys/net/ipv4/tcp_wmem
echo"4096873808388608">/proc/sys/net/ipv4/tcp_rmem
echo5>/proc/sys/kernel/panic
echo8192>/proc/sys/net/ipv4/tcp_max_syn_backlog
echo8388608>/proc/sys/net/core/rmem_max
echo8388608>/proc/sys/net/core/wmem_max
echo"409600">/proc/sys/net/ipv4/ip_conntrack_max
echo"3600">/proc/sys/net/ipv4/netfilter/ip_conntrack_tcp_timeout_established
EOF
#somethingin/etc/sysctl.conf
echo"net.ipv4.tcp_retrans_collapse=0">>/etc/sysctl.conf
echo"UseDNSno">>/etc/ssh/sshd_config
[-d/etc/snmp]||mkdir/etc/snmp
if[-f/etc/snmp/snmpd.conf];then
cp/etc/snmp/snmpd.conf/etc/snmp/snmpd.conf.ksbak
fi
cat</etc/snmp/snmpd.conf
smuxsocket127.0.0.1
com2seclocallocalhostpublic
com2secmynet10.88.1.77public
groupmygroupv1mynet
groupmygroupv2cmynet
viewallincluded.180
viewsystemviewincluded.1.3.6.1.2.1.1
viewsystemviewincluded.1.3.6.1.2.1.25.1.1
accessmygroup""anynoauthexactallnonenone
viewmib2included.iso.org.dod.internet.mgmt.mib-2fc
syslocationUnknown(edit/etc/snmp/snmpd.conf)
syscontactRoot(configure/etc/snmp/snmp.local.conf)
pass.1.3.6.1.4.1.4413.4.1/usr/bin/ucd5820stat
proxy-v2c-cpublic127.0.0.1:
3401.1.3.6.1.4.1.3495.1
EOF
chkconfigsnmpdon
#Startyumconfiguration
$yum_config_stanza
#Endyumconfiguration
$SNIPPET('post_install_kernel_options')
$SNIPPET('post_install_network_config')
$SNIPPET('func_register_if_enabled')
$SNIPPET('download_config_files')
$SNIPPET('koan_environment')
$SNIPPET('redhat_register')