cobbler自动化系统安装详细.docx

cobbler自动化系统安装详细.docx

《cobbler自动化系统安装详细.docx》由会员分享，可在线阅读，更多相关《cobbler自动化系统安装详细.docx（15页珍藏版）》请在冰豆网上搜索。

cobbler自动化系统安装详细

Cobbler安装文档

cobbler集成了PXE、DHCP、DNS、Kickstart服务管理和yum仓库管理工具，相对之前的Kickstart更加快捷、方便的批量布署redhat、centos类系统

cobbler客户端koan支持虚拟机安装和操作系统重装

cobblerweb界面可以更好的方便用户操作

具体安装如下：

1、安装rpmforce源：

Wgethttp:

//apt.sw.be/redhat/el5/en/x86_64/rpmforge/RPMS/rpmforge-release-0.3.6-1.el5.rf.x86_64.rpm

Rpm-ivhrpmforge-release-0.3.6-1.el5.rf.x86_64.rpm

可能会报错需要安装python-netaddr相关依赖包

wgetrpm–ivhftp:

//

Rpm–ivhpython-netaddr-0.5.2-1.el5.noarch.rpm

wgetftp:

//

rpm-ivhmod_wsgi-3.2-2.el5.x86_64.rpm

2、安装semanage命令的包policycoreutils-python

yum-yinstallpolicycoreutils-python

3、安装pykickstart

yum-yinstallpykickstart

4、开始安装cobbler

yum–yinstallcobblerhttpdrsynctftp-serverxinetddhcp

/etc/init.d/cobblerdstart

/etc/init.d/httpdstart

启动apache的时候报

Invalidcommand'WSGIScriptAliasMatch',perhapsmisspelledordefinedbyamodulenotincludedintheserverconfiguration

需要手动开启wsgi模块

vim/etc/httpd/conf.d/wsgi.conf

LoadModulewsgi_modulemodules/mod_wsgi.so前面#去掉即可

3、检查cobbler配置

cobblercheck

如果出现下面错误检查selinux是否已被关闭

httpddoesnotappeartoberunningandproxyingcobbler

setenforce0

1:

The'server'fieldin/etc/cobbler/settingsmustbesettosomethingotherthanlocalhost,orkickstartingfeatureswillnotwork.ThisshouldbearesolvablehostnameorIPforthebootserverasreachablebyallmachinesthatwilluseit.

2:

ForPXEtobefunctional,the'next_server'fieldin/etc/cobbler/settingsmustbesettosomethingotherthan127.0.0.1,andshouldmatchtheIPofthebootserveronthePXEnetwork.

3:

somenetworkboot-loadersaremissingfrom/var/lib/cobbler/loaders,youmayrun'cobblerget-loaders'todownloadthem,or,ifyouonlywanttohandlex86/x86_64netbooting,youmayensurethatyouhaveinstalleda*recent*versionofthesyslinuxpackageinstalledandcanignorethismessageentirely.Filesinthisdirectory,shouldyouwanttosupportallarchitectures,shouldincludepxelinux.0,menu.c32,elilo.efi,andyaboot.The'cobblerget-loaders'commandistheeasiestwaytoresolvetheserequirements.

4:

debmirrorpackageisnotinstalled,itwillberequiredtomanagedebiandeploymentsandrepositories

安装依赖包

yuminstalledpatchperlperl-Compress-Zlibperl-Cwdperl-Digest-MD5perl-Digest-SHA1perl-LockFile-Simpleperl-libwww-perl

rpm-ivhftp:

//

需要注销这两行

vim/etc/debmirror.conf

#@arches="i386"

#@dists="sid"

5:

ksvalidatorwasnotfound,installpykickstart

6:

Thedefaultpasswordusedbythesampletemplatesfornewlyinstalledmachines（default_password_cryptedin/etc/cobbler/settings）isstillsetto'cobbler'andshouldbechanged,try:

"opensslpasswd-1-salt'random-phrase-here''your-password-here'"togeneratenewone

opensslpasswd-1-salt'任意字母''你的密码'生成密码替换/etc/cobbler/settingsdefault_password_crypted:

"$1$icifbsa$GlSk4KZPpIscQsOpLkZh0/"默认密码

7:

fencingtoolswerenotfound,andarerequiredtousethe（optional）powermanagementfeatures.installcmanorfence-agentstousethem安装cman

wgetftp:

//

1）vim/etc/cobbler/settings

server:

192.168.23.128设置cobblerserver的IP

next_server:

192.168.23.128设置PXEserver的IP

manage_dhcp:

1开启管理DHCP服务

default_kickstart:

/var/lib/cobbler/kickstarts/default.ks设置默认的kickstart配置文件

2）关闭防火墙和selinux

3）获取启动镜像

cobblerget-loaders

4）启动tftp和rsync

vim/etc/xinetd.d/tftp

将disable=yes改为disable=no

vim/etc/xinetd.d/rsync

将disable=yes改为disable=no

然后重启xinetd

5）修改DHCP模板，确保DHCP分配的地址和cobbler在同一网段

注：

编辑/etc/cobbler/dhcp.template在后面执行cobblersync时会自动同步到/etc/dhcp.conf

subnet192.168.23.0netmask255.255.255.0{

optionrouters192.168.1.5;

#optiondomain-name-servers192.168.1.1;

optionsubnet-mask255.255.255.0;

rangedynamic-bootp192.168.23.100192.168.23.254;

filename"/pxelinux.0";

default-lease-time21600;

max-lease-time43200;

next-server$next_server;

}

5、同步cobbler配置，使修改生效：

cobblersync

挂载linux光盘生成安装镜像

mount-oloop/dev/cdrom/mnt/

cobblerimport--path=/mnt/--name=Centos5.5-i386这个过程需要一定的时间

6、配置Cobbler_web

1）安装依赖组件Django和mod_ssl

yum-yinstallDjango

yum-yinstallmod_ssl

2）安装cobbler_web

yum-yinstallcobbler_web

3）重启httpd以让ssl服务生效

servicehttpdrestart

4）为Cobbler用户修改密码

htdigest/etc/cobbler/users.digest"Cobbler"cobbler

5）为CobblerWeb增加新用户

htdigest/etc/cobbler/users.digest"Cobbler"new_name

设置/etc/cobbler/modules如下：

[authentication] 

module=authn_configfile 这里不设置web页面无法登陆

[authorization] 

module=authz_allowall  

重启Cobbler服务：

servicecobblerdrestart 

7、然后使用http:

//ip/cobbler_web访问，登录后界面如下

8、编辑profile文件，修改kickstart启动文件名为CentOS5.5-i386.ks

cobblerprofileedit--name=CentOS6.2-i386--distro=CentOS6.2-i386--kickstart=/var/lib/cobbler/kickstarts/CentOS5.5-i386.ks

cobblersync执行同步配置文件

9、配置kickstart脚本，根据需求添加所需参数。

下面ks配置文件是我测试时候使用的，自动安装测试通过.

#platform=x86,AMD64,orIntelEM64T

#Systemauthorizationinformation

auth--useshadow--enablemd5

#Systembootloaderconfiguration

bootloader--location=mbr

#Partitionclearinginformation

clearpart--all--initlabel

#Usetextmodeinstall

text

#Firewallconfiguration

firewall--disable

#RuntheSetupAgentonfirstboot

firstboot--disable

#Systemkeyboard

keyboardus

#Systemlanguage

langen_US

#Usenetworkinstallation

url--url=$tree

#Ifanycobblerrepodefinitionswerereferencedinthekickstartprofile,includethemhere.

$yum_repo_stanza

#Networkinformation

$SNIPPET（'network_config'）

#Rebootafterinstallation

Reboot

#Rootpassword

rootpw--iscrypted$default_password_crypted

#SELinuxconfiguration

selinux--disabled

#DonotconfiguretheXWindowSystem

skipx

#Systemtimezone

timezone--utcAsia/Shanghai

#InstallOSinsteadofupgrade

install

#CleartheMasterBootRecord

zerombr

#Allowanacondatopartitionthesystemasneeded

autopart

clearpart--all--drives=sda--initlabel

%pre

$SNIPPET（'log_ks_pre'）

$kickstart_start

$SNIPPET（'pre_install_network_config'）

#Enableinstallationmonitoring

$SNIPPET（'pre_anamon'）

%packages

@admin-tools

@base

@chinese-support

@core

@development-libs

@development-tools

@editors

@system-tools

@text-internet

OpenIPMI-tools

hardlink

kernel-PAE

kernel-PAE-devel

kernel-devel

libpng-devel

lrzsz

minicom

net-snmp-utils

pcre-devel

sysstat

x86info

$SNIPPET（'func_install_if_enabled'）

%post

$SNIPPET（'log_ks_post'）

#Setdefaultlanguage

[-f/etc/sysconfig/i18n]&&cp/etc/sysconfig/i18n/etc/sysconfig/i18n.ksbak

cat</etc/sysconfig/i18n

LANG="en_US"

SUPPORTED="en_US.UTF-8:

en_US:

en"

SYSFONT="latarcyrheb-sun16"

EOF

#Setnameserver

cat</etc/resolv.conf

nameserver8.8.8.8

EOF

#Setdefaultrunlevelto3

echo"Setdefaultrunlevelto3"

pushd/etc&>/dev/null

mvinittabinittab.bak

catinittab.bak|sed's/^id\:

[0-5]\:

init/id\:

3\:

init/'>inittab

popd&>/dev/null

cat/etc/inittab|grep'^id:

'

#stopunusefulservices

#nsrvsisthelistforstop

nsrvs="\

kudzu

isdn

pcmcia

portmap

nfslock

rpcidmapd

rpcgssd

netfs

apmd

autofs

cups

xinetd

sendmail

smartd

gpm

xfs

rhnsd

avahi-daemon

avahi-dnsconfd

acpid

anacron

atd

auditd

cpuspeed

crond

haldaemon

ip6tables

irqbalance

lm_sensors

lvm2-monitor

mcstrans

messagebus

microcode_ctl

pcscd

bluetooth

hidd

mdmonitor

rawdevices

readahead_early

restorecond

setroubleshoot

sysstat

yum-updatesd

cups-config-daemon"

foritemin$nsrvs

do

if[!

-f/etc/init.d/$item];then

echo"Thereisno$itemexist!

"

else

chkconfig$itemoff

fi

done

#kerneloptimize

cat<>/etc/sysctl.conf

net.ipv4.tcp_fin_timeout=30

net.ipv4.tcp_keepalive_time=1200

net.ipv4.tcp_syncookies=1

net.ipv4.tcp_tw_reuse=1

net.ipv4.tcp_tw_recycle=1

net.ipv4.tcp_max_syn_backlog=8192

net.ipv4.tcp_max_tw_buckets=100000

EOF

cat</etc/rc.d/rc.tune

echo0>/proc/sys/net/ipv4/tcp_sack

echo0>/proc/sys/net/ipv4/tcp_timestamps

echo0>/proc/sys/net/ipv4/tcp_window_scaling

echo"102465000">/proc/sys/net/ipv4/ip_local_port_range

echo1>/proc/sys/net/ipv4/tcp_syncookies

echo"4096655368388608">/proc/sys/net/ipv4/tcp_wmem

echo"4096873808388608">/proc/sys/net/ipv4/tcp_rmem

echo5>/proc/sys/kernel/panic

echo8192>/proc/sys/net/ipv4/tcp_max_syn_backlog

echo8388608>/proc/sys/net/core/rmem_max

echo8388608>/proc/sys/net/core/wmem_max

echo"409600">/proc/sys/net/ipv4/ip_conntrack_max

echo"3600">/proc/sys/net/ipv4/netfilter/ip_conntrack_tcp_timeout_established

EOF

#somethingin/etc/sysctl.conf

echo"net.ipv4.tcp_retrans_collapse=0">>/etc/sysctl.conf

echo"UseDNSno">>/etc/ssh/sshd_config

[-d/etc/snmp]||mkdir/etc/snmp

if[-f/etc/snmp/snmpd.conf];then

cp/etc/snmp/snmpd.conf/etc/snmp/snmpd.conf.ksbak

fi

cat</etc/snmp/snmpd.conf

smuxsocket127.0.0.1

com2seclocallocalhostpublic

com2secmynet10.88.1.77public

groupmygroupv1mynet

groupmygroupv2cmynet

viewallincluded.180

viewsystemviewincluded.1.3.6.1.2.1.1

viewsystemviewincluded.1.3.6.1.2.1.25.1.1

accessmygroup""anynoauthexactallnonenone

viewmib2included.iso.org.dod.internet.mgmt.mib-2fc

syslocationUnknown（edit/etc/snmp/snmpd.conf）

syscontactRoot（configure/etc/snmp/snmp.local.conf）

pass.1.3.6.1.4.1.4413.4.1/usr/bin/ucd5820stat

proxy-v2c-cpublic127.0.0.1:

3401.1.3.6.1.4.1.3495.1

EOF

chkconfigsnmpdon

#Startyumconfiguration

$yum_config_stanza

#Endyumconfiguration

$SNIPPET（'post_install_kernel_options'）

$SNIPPET（'post_install_network_config'）

$SNIPPET（'func_register_if_enabled'）

$SNIPPET（'download_config_files'）

$SNIPPET（'koan_environment'）

$SNIPPET（'redhat_register'）