cobbler自动化系统安装详细.docx

1、cobbler自动化系统安装详细Cobbler 安装文档cobbler集成了PXE、DHCP、DNS、Kickstart服务管理和yum仓库管理工具，相对之前的 Kickstart 更加快捷、方便的批量布署redhat、centos类系统 cobbler 客户端koan支持虚拟机安装和操作系统重装 cobbler web界面可以更好的方便用户操作 具体安装如下：1、安装rpmforce源：Wget http:/apt.sw.be/redhat/el5/en/x86_64/rpmforge/RPMS/rpmforge-release-0.3.6-1.el5.rf.x86_64.rpmRpm -i

2、vh rpmforge-release-0.3.6-1.el5.rf.x86_64.rpm可能会报错需要安装python-netaddr相关依赖包wget rpm ivh ftp:/Rpm ivh python-netaddr-0.5.2-1.el5.noarch.rpmwget ftp:/rpm -ivh mod_wsgi-3.2-2.el5.x86_64.rpm2、安装semanage命令的包 policycoreutils-python yum -y install policycoreutils-python3、安装pykickstartyum -y install pykicksta

3、rt4、开始安装cobbler yum y install cobbler httpd rsync tftp-server xinetd dhcp/etc/init.d/cobblerd start/etc/init.d/httpd start启动apache的时候报Invalid command WSGIScriptAliasMatch, perhaps misspelled or defined by a module not included in the server configuration 需要手动开启wsgi模块vim /etc/httpd/conf.d/wsgi.confLo

4、adModule wsgi_module modules/mod_wsgi.so 前面#去掉即可3、检查cobbler配置cobbler check如果出现下面错误检查selinux 是否已被关闭httpd does not appear to be running and proxying cobbler setenforce 01 : The server field in /etc/cobbler/settings must be set to something other than localhost, or kickstarting features will not work.

5、This should be a resolvable hostname or IP for the boot server as reachable by all machines that will use it.2 : For PXE to be functional, the next_server field in /etc/cobbler/settings must be set to something other than 127.0.0.1, and should match the IP of the boot server on the PXE network.3 : s

6、ome network boot-loaders are missing from /var/lib/cobbler/loaders, you may run cobbler get-loaders to download them, or, if you only want to handle x86/x86_64 netbooting, you may ensure that you have installed a *recent* version of the syslinux package installed and can ignore this message entirely

7、. Files in this directory, should you want to support all architectures, should include pxelinux.0, menu.c32, elilo.efi, and yaboot. The cobbler get-loaders command is the easiest way to resolve these requirements.4 : debmirror package is not installed, it will be required to manage debian deploymen

8、ts and repositories安装依赖包yum install ed patch perl perl-Compress-Zlib perl-Cwd perl-Digest-MD5 perl-Digest-SHA1 perl-LockFile-Simple perl-libwww-perl rpm -ivh ftp:/需要注销这两行vim /etc/debmirror.conf#arches=i386#dists=sid5 : ksvalidator was not found, install pykickstart6 : The default password used by th

9、e sample templates for newly installed machines (default_password_crypted in /etc/cobbler/settings) is still set to cobbler and should be changed, try: openssl passwd -1 -salt random-phrase-here your-password-here to generate new one openssl passwd -1 -salt 任意字母 你的密码生成密码替换 /etc/cobbler/settings defa

10、ult_password_crypted: $1$icifbsa$GlSk4KZPpIscQsOpLkZh0/默认密码 7 : fencing tools were not found, and are required to use the (optional) power management features. install cman or fence-agents to use them 安装cmanwget ftp:/1）vim /etc/cobbler/settingsserver: 192.168.23.128 设置cobbler server的IPnext_server: 1

11、92.168.23.128 设置PXE server的IPmanage_dhcp: 1 开启管理DHCP服务default_kickstart: /var/lib/cobbler/kickstarts/default.ks 设置默认的kickstart配置文件2）关闭防火墙和selinux3)获取启动镜像cobbler get-loaders4）启动tftp和rsyncvim /etc/xinetd.d/tftp将disable=yes 改为disable=novim /etc/xinetd.d/rsync将disable=yes 改为disable=no然后重启xinetd5)修改DHCP模

12、板，确保DHCP分配的地址和cobbler在同一网段 注：编辑/etc/cobbler/dhcp.template 在后面执行cobbler sync时会自动同步到/etc/dhcp.confsubnet 192.168.23.0 netmask 255.255.255.0 option routers 192.168.1.5; # option domain-name-servers 192.168.1.1; option subnet-mask 255.255.255.0; range dynamic-bootp 192.168.23.100 192.168.23.254; filenam

13、e /pxelinux.0; default-lease-time 21600; max-lease-time 43200; next-server $next_server;5、同步cobbler配置，使修改生效： cobbler sync挂载linux 光盘 生成安装镜像mount -o loop /dev/cdrom /mnt/cobbler import -path=/mnt/ -name=Centos5.5-i386 这个过程需要一定的时间6、配置Cobbler_web1）安装依赖组件Django和mod_ssl yum -y install Django yum -y instal

14、l mod_ssl2） 安装cobbler_web yum -y install cobbler_web3）重启httpd以让ssl服务生效 service httpd restart4）为Cobbler用户修改密码 htdigest /etc/cobbler/users.digest Cobbler cobbler5）为Cobbler Web增加新用户 htdigest /etc/cobbler/users.digest Cobbler new_name设置/etc/cobbler/modules如下：authentication module = authn_configfile 这里不设

15、置web页面无法登陆authorization module = authz_allowall 重启Cobbler服务：service cobblerd restart7、然后使用http:/ip/cobbler_web访问，登录后界面如下8、编辑profile文件，修改kickstart启动文件名为CentOS5.5-i386.kscobbler profile edit -name=CentOS6.2-i386 -distro=CentOS6.2-i386 -kickstart=/var/lib/cobbler/kickstarts/CentOS5.5-i386.ks cobbler sy

16、nc 执行同步配置文件9、配置kickstart 脚本，根据需求添加所需参数。 下面ks配置文件是我测试时候使用的，自动安装测试通过.#platform=x86, AMD64, or Intel EM64T# System authorization informationauth -useshadow -enablemd5# System bootloader configurationbootloader -location=mbr# Partition clearing informationclearpart -all -initlabel# Use text mode install

17、text# Firewall configurationfirewall -disable# Run the Setup Agent on first bootfirstboot -disable# System keyboardkeyboard us# System languagelang en_US# Use network installationurl -url=$tree# If any cobbler repo definitions were referenced in the kickstart profile, include them here.$yum_repo_sta

18、nza# Network information$SNIPPET(network_config)# Reboot after installationReboot#Root passwordrootpw -iscrypted $default_password_crypted# SELinux configurationselinux -disabled# Do not configure the X Window Systemskipx# System timezonetimezone -utc Asia/Shanghai# Install OS instead of upgradeinst

19、all# Clear the Master Boot Recordzerombr# Allow anaconda to partition the system as neededautopartclearpart -all -drives=sda -initlabel%pre$SNIPPET(log_ks_pre)$kickstart_start$SNIPPET(pre_install_network_config)# Enable installation monitoring$SNIPPET(pre_anamon)%packagesadmin-toolsbasechinese-suppo

20、rtcoredevelopment-libsdevelopment-toolseditorssystem-toolstext-internetOpenIPMI-toolshardlinkkernel-PAEkernel-PAE-develkernel-devellibpng-devellrzszminicomnet-snmp-utilspcre-develsysstatx86info$SNIPPET(func_install_if_enabled)%post$SNIPPET(log_ks_post)# Set default language -f /etc/sysconfig/i18n &

21、cp /etc/sysconfig/i18n /etc/sysconfig/i18n.ksbakcat /etc/sysconfig/i18nLANG=en_USSUPPORTED=en_US.UTF-8:en_US:enSYSFONT=latarcyrheb-sun16EOF# Set nameservercat /etc/resolv.confnameserver 8.8.8.8EOF# Set default run level to 3echo Set default run level to 3pushd /etc &/dev/nullmv inittab inittab.bakca

22、t inittab.bak | sed s/id:0-5:init/id:3:init/ inittabpopd &/dev/nullcat /etc/inittab | grep id:# stop unuseful services # nsrvs is the list for stopnsrvs=kudzuisdnpcmciaportmapnfslockrpcidmapdrpcgssdnetfsapmdautofscupsxinetdsendmailsmartdgpmxfsrhnsdavahi-daemonavahi-dnsconfdacpidanacronatdauditdcpusp

23、eedcrondhaldaemonip6tablesirqbalancelm_sensorslvm2-monitormcstransmessagebusmicrocode_ctlpcscdbluetoothhiddmdmonitorrawdevicesreadahead_earlyrestorecondsetroubleshootsysstatyum-updatesdcups-config-daemonfor item in $nsrvsdoif ! -f /etc/init.d/$item ; then echo There is no $item exist!else chkconfig

24、$item offfidone#kernel optimizecat /etc/sysctl.conf net.ipv4.tcp_fin_timeout = 30net.ipv4.tcp_keepalive_time = 1200net.ipv4.tcp_syncookies = 1net.ipv4.tcp_tw_reuse = 1net.ipv4.tcp_tw_recycle = 1net.ipv4.tcp_max_syn_backlog = 8192net.ipv4.tcp_max_tw_buckets = 100000EOFcat /etc/rc.d/rc.tuneecho 0 /pro

25、c/sys/net/ipv4/tcp_sackecho 0 /proc/sys/net/ipv4/tcp_timestampsecho 0 /proc/sys/net/ipv4/tcp_window_scalingecho 1024 65000 /proc/sys/net/ipv4/ip_local_port_rangeecho 1 /proc/sys/net/ipv4/tcp_syncookiesecho 4096 65536 8388608 /proc/sys/net/ipv4/tcp_wmemecho 4096 87380 8388608 /proc/sys/net/ipv4/tcp_r

26、memecho 5 /proc/sys/kernel/panicecho 8192 /proc/sys/net/ipv4/tcp_max_syn_backlogecho 8388608 /proc/sys/net/core/rmem_maxecho 8388608 /proc/sys/net/core/wmem_maxecho 409600 /proc/sys/net/ipv4/ip_conntrack_maxecho 3600 /proc/sys/net/ipv4/netfilter/ip_conntrack_tcp_timeout_establishedEOF# something in

27、/etc/sysctl.confecho net.ipv4.tcp_retrans_collapse = 0 /etc/sysctl.confecho UseDNS no /etc/ssh/sshd_config -d /etc/snmp | mkdir /etc/snmpif -f /etc/snmp/snmpd.conf ; then cp /etc/snmp/snmpd.conf /etc/snmp/snmpd.conf.ksbakficat /etc/snmp/snmpd.confsmuxsocket 127.0.0.1com2sec local localhost publiccom

28、2sec mynet 10.88.1.77 publicgroup mygroup v1 mynetgroup mygroup v2c mynetview all included .1 80view systemview included .1.3.6.1.2.1.1view systemview included .1.3.6.1.2.1.25.1.1access mygroup any noauth exact all none noneview mib2 included .iso.org.dod.internet.mgmt.mib-2 fcsyslocation Unknown (e

29、dit /etc/snmp/snmpd.conf)syscontact Root (configure /etc/snmp/snmp.local.conf)pass .1.3.6.1.4.1.4413.4.1 /usr/bin/ucd5820statproxy -v 2c -c public 127.0.0.1:3401 .1.3.6.1.4.1.3495.1EOFchkconfig snmpd on# Start yum configuration$yum_config_stanza# End yum configuration$SNIPPET(post_install_kernel_options)$SNIPPET(post_install_network_config)$SNIPPET(func_register_if_enabled)$SNIPPET(download_config_files)$SNIPPET(koan_environment)$SNIPPET(redhat_register)