Cobbler:补鞋匠
Cobbler二次封装的PXE,只是 pxe更高级的封装方式
Cobbler,集成pxe,dhcp,kickstarter,yum仓库等,结合kickstarter能够完成centos,redhat系统安装的,并支持多个版本的并存,便于实现系统部署的一个环境。所以说cobbler是一个快速网络安装的服务,而且经过设定以后也可以实现网络安装windwos,这个工具使用python语言研发,使用命令行就能完成对PXE网络环境的配置,整个过程都不用手动实现,都可以使用cobbler来实现管理dhcp,dns等等!
Cobbler核心概念:
在cobbler当中,支持多个pxe环境并存:多安装树环境
Cobbler如何实现多系统安装,如何抽象出系统安装具备的同时选择多个,同时支持windows?
Profile:核心
profile通过repository和distribution合并起来后提供一个完整的发型版的安装环境,同时可以kiskstart文件来保证系统的安装可以自动化实现
PXE的实现首先需要reository,也就是yum 源,也可以成为yumreository,也一直称为安装树
其次需要dhcp,tftp环境。
Distribution:一般而言需要加载,Vmlinuz和initrd.img,一般而讲,它的安装程序和内核是匹配的。
如:使用ubuntu的文件来启动centos是不可以的,centos5和6也是不同的,为每个系统都需要提供单独的内核文件,这便成为distribution。
只有拥有distribution和vmlinuz和initrd.img以及匹配的yum源才能安装
在重申:
单个系统安装,需要特定系统的:pxeboot ,vmlinuz,ininrd.img,需要特定系统安装源:yum repository
Cobbler,需要组合与之系统匹配的pxeboot,vmlinuz,ininrd.img,需要组合与Distribution匹配的yum repository安装树
为了能组织处cobbler,不同的系统需要不同的各自的yum repo和pxeboot,是不可以组合的
Profile就是来指明不同的yum repo和pxeboot。
其次,profile可以理性的在相同匹配的版本外组合其他版本:
如:同样的版本不同的kickstart
1, centos 6 web
centos 6 pxeboot+cnetos 6 yum repo+kickstart_web
2, centos 5 databases
centos 6 pxeboot+cnetos 6 yum repo+kickstart_databases
如上图所示:
Repository:提供不同的yum 源 (提供安装树)
Distrbution:提供不同的kernel和initrd文件 (核心文件)
从repository和distribution中拿出一个有效的组合额外添加kickstart文件,根据组合安装处期望的环境来
然而这还不够(组合和定制)
我们需要为每个主机提供虚拟主机ip和mac定义,在profile中抽象出同一个组合下完成某个应用安装后划出每一个安装系统应用ip地址,从mac来定义
以上便是三个核心组件!
对于cobbler而言对repository是有要求的
1, 光盘镜像等,基于web服务器导入到/var/www/html
2, 网络Yum源 Fedora epel源
安装:
Fedora epel源
两个组件:cobbler cobbler_web:WEB GUI
[root@localhost pxeboot]# yum install cobbler cobbler-web pykickstart debmirror httpd syslinux
在这里确保dhcp和tftp-server已经安装并且配置完毕
[root@localhost pxeboot]# yum dhcp tftp-server
如果是基于cobbler,dhcp中的这一项可以注释
[root@localhost tftpboot]# vim/etc/dhcp/dhcpd.conf
# next-server 10.5.5.1;
这项别注释:filename "pxelinux.0";
我这里刚才安装了PXE,假设已经安装好了DHCP,所以需要将一些文件移走,cobbler会自动配置这些文件的
[root@localhost pxeboot]# cd/var/lib/tftpboot/
[root@localhost tftpboot]# ls
boot.msg default images initrd.img pxelinux.0 pxelinux.cfg splash.jpg vesamenu.c32 vmlinuz
[root@localhost tftpboot]# mkdir/root/pxebot
[root@localhost tftpboot]# mv ./*/root/pxebot
现在开始启动dhcpd,httpd.cobblerd
[root@localhost tftpboot]# service dhcpdrestart;service httpd restart;service cobblerd start;
Shutting down dhcpd: [ OK ]
Starting dhcpd: [ OK ]
Stopping httpd: [ OK ]
Starting httpd: httpd: Could not reliablydetermine the server's fully qualified domain name, using localhost.localdomainfor ServerName
[ OK ]
Starting cobbler daemon: [ OK ]
[root@localhost tftpboot]#
[root@localhost tftpboot]# cd /etc/cobbler/
[root@localhost cobbler]# vim settings
Server 172.0.0.1改为提供cobbler服务的地址,我这里使用的是10.5.5.1
[root@localhost cobbler]# service cobblerdrestart
Stopping cobbler daemon: [ OK ]
Starting cobbler daemon: [ OK ]
使用cobbler check 来查看潜在的配置,依次解决
[root@localhost cobbler]# cobbler check
The following are potential configurationitems that you may want to fix:
1 : For PXE to be functional, the'next_server' field in /etc/cobbler/settings must be set to something otherthan 127.0.0.1, and should match the IP of the boot server on the PXE network.
2 : some network boot-loaders are missingfrom /var/lib/cobbler/loaders, you may run 'cobbler get-loaders' to downloadthem, or, if you only want to handle x86/x86_64 netbooting, you may ensure thatyou have installed a *recent* version of the syslinux package installed and canignore this message entirely. Files inthis directory, should you want to support all architectures, should includepxelinux.0, menu.c32, elilo.efi, and yaboot. The 'cobbler get-loaders' commandis the easiest way to resolve these requirements.
3 : change 'disable' to 'no' in/etc/xinetd.d/rsync
4 : comment out 'dists' on/etc/debmirror.conf for proper debian support
5 : comment out 'arches' on/etc/debmirror.conf for proper debian support
6 : The default password used by the sampletemplates for newly installed machines (default_password_crypted in/etc/cobbler/settings) is still set to 'cobbler' and should be changed, try:"openssl passwd -1 -salt 'random-phrase-here' 'your-password-here'"to generate new one
7 : fencing tools were not found, and arerequired to use the (optional) power management features. install cman orfence-agents to use them
Restart cobblerd and then run 'cobblersync' to apply changes.
[root@localhost cobbler]#
1,
[root@localhost cobbler]# vim/etc/cobblersettings
next_server: 10.5.5.1
2,
安装syslinux,忽略它,
3,
[root@localhost cobbler]# chkconfig rsync on
Service xinetd restart
4,
service iptables stop
5,
[root@localhost cobbler]# vim/etc/debmirror.conf
注释
#@dists="sid";
#@arches="i386";
5,
[root@localhost cobbler]# openssl passwd -1-salt `openssl rand -hex 4`
Password:
$1$8e2de5c5$/uvg4oZbcUogoHqWaiYju/
[root@localhost cobbler]#
将生成的密码进行替换到配置文件default_password_crypted
[root@localhost cobbler]# vim /etc/cobblersettings
default_password_crypted:"$1$8e2de5c5$/uvg4oZbcUogoHqWaiYju/"
而后在使用cobbler sync同步
[root@localhost cobbler]# cobbler sync
在使用cobbler check查看
[root@localhost cobbler]# cobbler check
The following are potential configurationitems that you may want to fix:
1 : For PXE to be functional, the'next_server' field in /etc/cobbler/settings must be set to something otherthan 127.0.0.1, and should match the IP of the boot server on the PXE network.
2 : some network boot-loaders are missingfrom /var/lib/cobbler/loaders, you may run 'cobbler get-loaders' to downloadthem, or, if you only want to handle x86/x86_64 netbooting, you may ensure thatyou have installed a *recent* version of the syslinux package installed and canignore this message entirely. Files inthis directory, should you want to support all architectures, should includepxelinux.0, menu.c32, elilo.efi, and yaboot. The 'cobbler get-loaders' commandis the easiest way to resolve these requirements.
3 : The default password used by the sampletemplates for newly installed machines (default_password_crypted in/etc/cobbler/settings) is still set to 'cobbler' and should be changed, try:"openssl passwd -1 -salt 'random-phrase-here' 'your-password-here'"to generate new one
4 : fencing tools were not found, and arerequired to use the (optional) power management features. install cman orfence-agents to use them
Restart cobblerd and then run 'cobblersync' to apply changes.
[root@localhost cobbler]#
OK,上面的着4项问题不大,可以忽略,我们继续
[root@localhost cobbler]# cd/var/lib/tftpboot/
[root@localhost tftpboot]# ls
boot etc grub images memdisk menu.c32 ppc pxelinux.0 pxelinux.cfg s390x
到这里请去报httpd,tftp,dhcp,是启动的
到此为止cobbler已经搭建好
现在开始命令操作!!!!
挂载光盘让cobbler自动导入!
[root@localhost tftpboot]#mount /dev/cdrom /media/
[root@localhost tftpboot]# cobbler import--path=/media/ --name=centos6.6-x86_64
这样cobbler可以把挂载的modia光盘中所有文件导入到/var/www/cobbler/ks_mirror/centos6.6-x86_64中生成一个yum源
[root@localhost ks_mirror]# cd /var/www/cobbler/ks_mirror/centos6.6-x86_64/
同时在/etc/httpd/conf.d/下的cobbler.conf中定义了repo_mirror,文件导入完成后,需要重启httpd服务
复制的过程是漫长而孤独的。我们等待
复制完成后cobbler sync
[root@localhost tftpboot]# cobbler list
distros:
centos6.6-x86_64
profiles:
centos6.6-x86_64
systems:
repos:
images:
mgmtclasses:
packages:
files:
[root@localhost tftpboot]#
[root@localhost tftpboot]# cobbler profilelist
centos6.6-x86_64
[root@localhost tftpboot]# cobbler distrolist
centos6.6-x86_64
[root@localhost tftpboot]#
配置文件解释
[root@localhost cobbler]# vim /etc/cobbler/settings
manage_dhcp: 0 不需要管理
而后打开机器测试!OK
这里并没有添加kickstart,并没有kickstart文件,自动化安装是无法实现的。
我们使用帮助,
[root@localhost cobbler]# cobbler profileadd –help
手动创建kickstart,已便于完成自动,这里将不演示如何创建。
PS:就算没有创建kickstart文件,系统默认会最笑话安装kickstart
假设我这里已经做好了kickstart,直接复制到/var/lib/cobbler/kickstarts/
[root@localhost html]# cpcentos6.x86_64.cfg /var/lib/cobbler/kickstarts/
PS:我这里使用的是从服务器复制而来的文件,修改了URL而已:url --url=http://10.5.5.1/cobbler/ks_mirror/centos6.6-x86_64/
而后来添加cobbler kickstart
[root@localhost html]# cobbler profile add--name="centos6.6-x86_64-web" --distro=centos6.6-x86_64--kickstart=/var/lib/cobbler/kickstarts/centos6.x86_64.cfg
Cobbler profile add --name=指定centos版本类型,--distro=必须存在的distro,使用cobbler distro list查看,--kickstart=kickstart文件对应distro的
我们在查看,便出现一个新的!
[root@localhost html]# cobbler profile list
centos6.6-x86_64
centos6.6-x86_64-web
[root@localhost html]#
但是,这并不是说就可以使用了,需要使用cobbler sync同步
[root@localhost html]# cobbler sync
Cobbler sync做了哪些操作
[root@localhost pxelinux.cfg]# vim/var/lib/tftpboot/pxelinux.cfg/default
每一次创建都会产生一个LABEL
在来测试
已经开始启动!并且安装!
Cobbler web使用!
我们修改下密码
/etc/cobbler/ auth.conf 认证模式/etc/cobbler/users.digest认证文件
/etc/cobbler/ users.conf
我们创建一个linuxea的用户名,密码为admin
[root@localhost cobbler]# htdigest/etc/cobbler/users.digest "Cobbler" linuxea
重新同步
[root@localhost cobbler]#cobbler sync
重启httpd
[root@localhost cobbler]#service httpd restart
这里也可以通过adding a profile添加
点击create New Priofile
这里便可以看到默认是有default.ks
当在前端执行后,在后端需要执行cobbler sync
[root@localhost ~]#cobbler sync
[root@localhost ~]# cobbler profile list
centos6.6-x86_64
centos6.6-x86_64-web
centos6.6-x86_64_db_linuxea
[root@localhost ~]#
在现实生产中cobbler的出现绝对是昙花一现,除了服务器刚刚上架时使用,其他时间不管天地变换,海枯石烂,你侬她侬,它一直都默默存在某个角落!
注意:
1, 每次变更配置使用cobbler cync重读
2, Dhcp: Filenamepxelinux.0文件
3,/etc/cobbler/settings
Manager_dhcp:0
Manage_tftpd:0
3, 使用cobbler import可直接导致光盘中安装树,会自动生成相应的distro及profile
生成的profile会使用默认的ks文件/var/lib/cobbler/kickstarts/default.ks文件
4, 可自定义kickstart文件,而后新建profile
5, Cobbler_web2.6中使用htdigest认证方式,添加用户
htdigest /etc/cobbler/users.digest "Cobbler" cobbler
/etc/cobbler/users.digest认证文件,“Cobbler”认证提示,cobbler认证用户,回车后输入密码