Cobbler由浅入深
1. cobbler安装
1. Epel源:https://mirrors.aliyun.com/centos/6.10/extras/i386/Packages/epel-release-6-8.noarch.rpm centos6
https://mirrors.aliyun.com/centos/7.9.2009/extras/x86_64/Packages/epel-release-7-11.noarch.rpm centos7
2. rpm -ivh epel-release-6-8.noarch.rpm
3. yum安装cobbler
yum install -y httpd dhcp tftp cobbler cobbler-web pykickstart
4. 启动httpd和cobblerd
/etc/init.d/httpd start
/etc/init.d/cobblerd start
systemctl start httpd
systemctl start cobblerd
5. 执行命令:cobbler check
6. 修改cobbler配置文件, /etc/cobbler/setting
next_server: 192.168.1.54 272行
server: 192.168.1.54 384行
7. 修改/etc/xined.d/tftp
disable = no
8. yum install rsync -y
/etc/init.d/rsyncd start
9. openssl passwd -1 -salt 'openssl rand -hex 5' ‘*******’ 设置root的密码,生成md5
10. 修改/etc/cobbler/setting配置文件
default_password_crypted: "$1$f28bb447$dl//DvTort0BF2LvvRAlT1"
11. 重启一下/etc/init.d cobblerd restart
2. cobbler管理DHCP
1. 修改/etc/cobbler/settings
manage_dhcp: 1
2. 修改DHCP模板文件
vi /etc/cobbler/dhcp.template
subnet 192.168.1.0 netmask 255.255.255.0 {
option routers 192.168.1.55;
option domain-name-servers 202.106.0.20;
option subnet-mask 255.255.255.0;
range dynamic-bootp 192.168.1.136 192.168.1.160;
default-lease-time 21600;
max-lease-time 43200;
next-server 192.168.1.54;
filename "/pxelinux.0";ZZ
}
主要修改这部分内容。
3. 重启/etc/init.d/cobblerd restart
4. 执行命令:cobbler sync
3. 导入镜像
1. 导入centos6.5sys
mount /dev/cdrom /mnt
cobbler import --path=/mnt/ --name=centos6.5 --arch=x86_64
2. 导入的镜像的位置
/var/www/cobbler/ks_mirror/centos6.5
3. 查看导入的镜像的信息
cobbler profile list
4. 查看导入的镜像的详细信息
cobbler profile report
5. kickstart配置文件所在目录
/var/lib/cobbler/kickstarts/
6. 查看centos6.5.ks文件
#platform=x86, AMD64, or Intel EM64T
#version=DEVEL
# Firewall configuration
firewall --disabled
# Install OS instead of upgrade
install
# Use network installation
url --url="http://192.168.1.54/cobbler/ks_mirror/centos6.5/"
# Root password
rootpw --iscrypted $6$DB4Tu6P75svc5xSs$eCZCKkzV2KVzym4TdyxrKqfladEjuVCAH9/I31Yko.nuA9kIRch69mwezZTUgRpjDf3dMSidmLNLAqmzta2T10
# System authorization information
auth --useshadow --passalgo=sha512
# Use graphical install
text
firstboot --disable
# System keyboard
keyboard us
# System language
lang en_US
# SELinux configuration
selinux --disabled
# Installation logging level
logging --level=info
# Reboot after installation
reboot# System timezone
timezone --utc Asia/Shanghai
# System bootloader configuration
bootloader --location=mbr --md5pass="$1$ipBQVdC5$.8/AhDSGAzf10urvR6rcm."
# Clear the Master Boot Record
zerombr
# Partition clearing information
clearpart --all --initlabel
# Disk partitioning information
part /boot --fstype=ext4 --size=200
part swap --size=8000
part / --fstype=ext4 --grow --size=200
%packages --nobase
@core
%end
%post
yum -y install vim lrzsz ntp
echo '* 4 * * * /usr/sbin/ntpdate us.pool.ntp.org > /dev/null 2>&1' >> /var/spool/cron/root
rpm -ivh http://dl.fedoraproject.org/pub/epel/6Server/x86_64/epel-release-6-8.noarch.rpm
yum -y install salt-minion
sed -i "16 a\master: 192.168.1.130" /etc/salt/minion
sed -i "70 a\id: `ifconfig |grep 192|awk '{print $2}'|awk -F : '{print $2}'`" /etc/salt/minion
/etc/init.d/salt-minion start
sed -i 's/#Port 22/Port 11984/' /etc/ssh/sshd_config
sed -i "s/#ListenAddress 0.0.0.0/ListenAddress `ifconfig |grep 192|awk '{print $2}'|awk -F : '{print $2}'`/" /etc/ssh/sshd_config
sed -i 's/#PermitRootLogin yes/PermitRootLogin no/' /etc/ssh/sshd_config
/etc/init.d/sshd restart
sed '1a\domain zhen.net' /etc/resolv.conf
sed '1a\nameserver 192.168.1.130' /etc/resolv.conf
sed '1a\nameserver 192.168.1.68' /etc/resolv.conf
ulimit -HSn 65535 echo -ne " * soft nofile 65536 * hard nofile 65536 " >>/etc/security/limits.conf sed -i 's/1024/65535/' /etc/security/limits.d/90-nproc.conf true > /etc/sysctl.conf cat >> /etc/sysctl.conf << EOF net.ipv4.ip_forward = 0 net.ipv4.conf.default.rp_filter = 1 net.ipv4.conf.default.accept_source_route = 0 kernel.sysrq = 0 kernel.core_uses_pid = 1 net.ipv4.tcp_syncookies = 1 kernel.msgmnb = 65536 kernel.msgmax = 65536 kernel.shmmax = 68719476736 kernel.shmall = 4294967296 net.ipv4.tcp_max_tw_buckets = 6000 net.ipv4.tcp_sack = 1 net.ipv4.tcp_window_scaling = 1 net.ipv4.tcp_rmem = 4096 87380 4194304 net.ipv4.tcp_wmem = 4096 16384 4194304 net.core.wmem_default = 8388608 net.core.rmem_default = 8388608 net.core.rmem_max = 16777216 net.core.wmem_max = 16777216 net.core.netdev_max_backlog = 262144 net.core.somaxconn = 262144 net.ipv4.tcp_max_orphans = 3276800 net.ipv4.tcp_max_syn_backlog = 262144 net.ipv4.tcp_timestamps = 0 net.ipv4.tcp_synack_retries = 1 net.ipv4.tcp_syn_retries = 1 net.ipv4.tcp_tw_recycle = 1 net.ipv4.tcp_tw_reuse = 1 net.ipv4.tcp_mem = 94500000 915000000 927000000 net.ipv4.tcp_fin_timeout = 1 net.ipv4.tcp_keepalive_time = 1200 net.ipv4.ip_local_port_range = 1024 65535 EOF /sbin/sysctl -p useradd zhangshaohua1510;echo '****************' | passwd --stdin zhangshaohua1510
7. 建立关联
cobbler profile edit --name=centos6.5 --kickstart=/var/lib/cobbler/kickstarts/centos6.5.ks
8. 执行命令:cobbler sync
4. 配置客户端
启动要安装系统的服务器,选择从网卡启动,选择要安装的操作系统。
5. 客户端启动报错
nodhcp
解决方法:
启动dhcp服务,/etc/init.d/dhcpd start
6. cobbler服务sync check报错
1 : file /etc/xinetd.d/rsync does not exist
但是实际这个文件,我是存在的,该错误可以忽略。
7. cobbler修改root密码
1. 修改为新的密码:
openssl passwd -1 -salt 'openssl rand -hex 5' ‘*******’
2. 修改配置文件/etc/cobbler/settting
3. 修改/var/lib/cobbler/kickstarts/centos6.5.ks
4. 执行命令:cobbler sync
5. 客户端安装系统
8. cobbler重装系统
1. 在客户端安装koan开源工具
yum -y install epel-release
yum install koan -y
2. 在客户端查看可以重装的系统
koan --server=192.168.1.54 --list=profiles
3. 客户端重装系统
koan --replace-self --server=192.168.1.54 --profile=centos6.5-x86_64
4. 重启客户端
reboot
9. cobbler-web界面管理
1. 安装cobbler-web
yum install cobbler-web -y
启动httpd服务
2. 默认登录的账号密码为cobbler
3. 修改用户名和密码
users.conf 定义用户名
users.digest 定义用户密码
htdigest /etc/cobbler/users.digest "cobbler" cobbler
按回车,会出现新的密码输入窗口
4. 修改cobbler提示选单
/etc/cobbler/pxe/pxedefault.template
修改完以后,执行命令cobbler sync
10. 配置cobbler自动化安装centos7.4
1. 在/var/lib/cobbler/kickstarts目录下,创建ks文件,内容如下:
#version=DEVEL
# System authorization information
auth --enableshadow --passalgo=sha512
# Install OS instead of upgrade
install
# Use network installation
url --url="http://192.168.1.54/cobbler/ks_mirror/centos7.4-x86_64/"
# Use text mode install
text
# Firewall configuration
firewall --disabled
firstboot --disable
# ignoredisk --only-use=sda
keyboard --vckeymap=us --xlayouts='us'
lang en_US.UTF-8
network --onboot=yes --bootproto=dhcp --device=eth0 --noipv6
network --hostname=yangjianbo
reboot
rootpw --iscrypted "$1$openssl $JeZQQ/HbK0aLlolY6grw31"
selinux --disabled
skipx
timezone Asia/Shanghai
bootloader --append="quiet crashkernel=auto" --location=mbr --boot-drive=sda
zerombr
clearpart --all --initlabel
part /boot --asprimary --fstype="xfs" --size=250
part swap --fstype="swap" --size=2000
part / --asprimary --fstype="xfs" --grow --size=5000
%post
sed -i "s/rhgb //" /boot/grub2/grub.cfg
sed -i "/UUID/d" /etc/sysconfig/network-scripts/ifcfg-eth0
echo "DNS1=192.168.1.68" >> /etc/sysconfig/network-scripts/ifcfg-eth0
echo "DNS2=192.168.1.130" >> /etc/sysconfig/network-scripts/ifcfg-eth0
echo "UseDNS no" >> /etc/ssh/sshd_config
echo "Port 11984" >> /etc/ssh/sshd_config
sed -i "s/GSSAPIAuthentication yes/GSSAPIAuthentication no/" /etc/ssh/ssh_config
sed -i "s/^SELINUX=.*$/SELINUX=disabled/" /etc/sysconfig/selinux
systemctl disable firewalld
useradd *******;echo '*********' | passwd --stdin ************
echo "*********** ALL=(ALL) NOPASSWD:ALL " >>/etc/sudoers
mv /etc/yum.repos.d/CentOS-Base.repo /etc/yum.repos.d/CentOS-Base.repo.backup
wget -O /etc/yum.repos.d/CentOS-Base.repo http://pub.mirrors.aliyun.com/repo/Centos-7.repo
echo "* soft nofile 65535" >> /etc/security/limits.conf
echo "* hard nofile 65535" >> /etc/security/limits.conf
echo "* 4 * * * /usr/sbin/ntpdate us.pool.ntp.org > /dev/null 2>&1" >> /var/spool/cron/root
%end
%packages
@base
@core
@development
@platform-devel
kexec-tools
lftp
tree
lrzsz
ntpdate
nmap
nc
lsof
sysstat
%end
11. Cobbler核心术语
distro: 发行版: centos6.7,centos7.1,ubuntu 14
profile: 框架 distro+kickstart
system: 在profile的基础上,根据不同业务配置不同的系统
12. Cobbler安装系统采用LVM分区格式
1. 在/var/lib/cobbler/kickstarts目录下,创建ks文件
#version=DEVEL # System authorization information auth --enableshadow --passalgo=sha512 # Install OS instead of upgrade install # Use network installation url --url="http://192.168.1.54/cobbler/ks_mirror/centos7.4-x86_64/" # Use text mode install text # Firewall configuration firewall --disabled firstboot --disable # ignoredisk --only-use=sda keyboard --vckeymap=us --xlayouts='us' lang en_US.UTF-8 network --onboot=yes --bootproto=dhcp --device=eth0 --noipv6 network --hostname=yangjianbo reboot rootpw --iscrypted "$1$openssl $JeZQQ/HbK0aLlolY6grw31" selinux --disabled skipx timezone Asia/Shanghai bootloader --append="quiet crashkernel=auto" --location=mbr --boot-drive=sda zerombr clearpart --all --initlabel part /boot --asprimary --fstype="xfs" --size=250 part swap --fstype="swap" --size=2000 part pv.01 --size=1 --grow volgroup zhenpin pv.01 logvol / --vgname=zhenpin --size=1 --grow --name=root #part / --asprimary --fstype="xfs" --grow --size=5000 %post sed -i "s/rhgb //" /boot/grub2/grub.cfg sed -i "/UUID/d" /etc/sysconfig/network-scripts/ifcfg-eth0 echo "DNS1=192.168.1.68" >> /etc/sysconfig/network-scripts/ifcfg-eth0 echo "DNS2=192.168.1.130" >> /etc/sysconfig/network-scripts/ifcfg-eth0 echo "UseDNS no" >> /etc/ssh/sshd_config echo "Port 11984" >> /etc/ssh/sshd_config sed -i "s/GSSAPIAuthentication yes/GSSAPIAuthentication no/" /etc/ssh/ssh_config sed -i "s/^SELINUX=.*$/SELINUX=disabled/" /etc/sysconfig/selinux systemctl disable firewalld useradd *******;echo '*********' | passwd --stdin ******* echo "********* ALL=(ALL) NOPASSWD:ALL " >>/etc/sudoers mv /etc/yum.repos.d/CentOS-Base.repo /etc/yum.repos.d/CentOS-Base.repo.backup wget -O /etc/yum.repos.d/CentOS-Base.repo http://pub.mirrors.aliyun.com/repo/Centos-7.repo echo "* soft nofile 65535" >> /etc/security/limits.conf echo "* hard nofile 65535" >> /etc/security/limits.conf echo "* 4 * * * /usr/sbin/ntpdate us.pool.ntp.org > /dev/null 2>&1" >> /var/spool/cron/root %end %packages @base @core @development @platform-devel kexec-tools lftp tree lrzsz ntpdate nmap nc lsof sysstat %end
13. Cobbler部署centos系统修改网卡地址为eth0
cobbler profile edit --name=CentOS-7.2-x86_64 --kopts='net.ifnames=0 biosdevname=0'
cobbler sync
浙公网安备 33010602011771号