资源描述
软件包下载地址:http://centos.plnet.rs/mrepo/plc-rhel6b-i386/RPMS.all/
搭建步骤:
参考文章:
-----------------------------------------------------------------
Getting Started With Cobbler and "Cobbler Import"
About
Suppose you want to set up a network install server for several distributions. We'll show you how to do this, for a given distribution, really really quickly. For this example, we'll use Fedora as an example. What's the best way to do this? It's a command called "cobbler import", that can mirror content based on a DVD image, a tree on a mounted filesystem, or even an external rsync mirror or SSH location.
First you have to have cobbler installed and set up though, which is thankfully pretty easy to do.
Setting Up A Provisioning Server From Scratch
yum install cobbler
# Edit /etc/cobbler/settings for 'server' and 'next-server' addresses.
# Comments in the config file will explain what each setting does.
cobbler check
# Adjust things as necessary based on the output of cobbler check above
# Download the Fedora DVD image and mount it, either with a real CD or a
# loopback (mkdir /somedir; mount -o loop your.iso /somedir)
# import from inserted DVD
cobbler import --path=/media/dvd --name=Fedora12
# ...OR... import from the mounted ISO example c
obbler import --path=/somedir --name=Fedora12
cobbler sync
You're done. Really.
SElinux specific settings for F14 to keep in mind ?
For Fedora 14 you might want to amend the selinux policy settings.
/usr/sbin/semanage fcontext -a -t public_content_rw_t "/var/lib/tftpboot/.*"
/usr/sbin/semanage fcontext -a -t public_content_rw_t "/var/www/cobbler/images/.*"
restorecon -R -v "/var/lib/tftpboot/"
restorecon -R -v "/var/www/cobbler/images.*"
# Enables cobbler to read/write public_content_rw_t setsebool cobbler_anon_write on
# Enable httpd to connect to cobblerd (optional, depending on if web interface is installed)
# Notice: If you enable httpd_can_network_connect_cobbler and you should switch httpd_can_network_connect off
setsebool httpd_can_network_connect off
setsebool httpd_can_network_connect_cobbler on
#Enabled cobbler to use rsync etc.. (optional)
setsebool cobbler_can_network_connect on
#Enable cobbler to use CIFS based filesystems (optional)
setsebool cobbler_use_cifs on
# Enable cobbler to use NFS based filesystems (optional) setsebool cobbler_use_nfs on
# Double check your choices
getsebool -a|grep cobbler
Important: Once you enabled the SElinux booleans and checked that they work for you, make them permanent by using setsebool -P option on/off!!
This will save your booleans on reboot.
Alternatively, you could have also used:
cobbler import --path=rsync://servergoeshere/path/to/distro --name=F12
This would mirror from a public rsync server (for a list of public servers visit http://mirrors.fedoraproject.org/publiclist/) without needing the DVD image.
Kickstarts are answer files that script the installation of the OS. Well, for Fedora and Red Hat based distributions it is called kickstart. We also support other distributions that have similar answer files, but let's just use kickstart as an example for now. The kickstarts automatically assigned above will install physical machines (or virtual machines -- we'll get to that later) with a default password of "cobbler" (don't worry, you can change these defaults) and a really basic set of packages. For something more complicated, you may wish to edit the default kickstarts in /var/lib/cobbler/kickstarts. You could also use cobbler to assign them new kickstart files. These files are actually Kickstart Templates, a level beyond regular kickstarts that can make advanced customizations easier to achieve. We'll talk more about that later as well.
What if you don't want to mirror the install content on your install server? Say you already have the trees from all your DVDs and/or CDs extracted on a Filer mounted over NFS somewhere. This works too, with the addition of one more argument:
cobbler import --path=/path/where/filer/is/mounted --name=filer --available-as=nfs://nfsserver.example.org:/is/mounted/here
The above command will set up cobbler automatically using all of the above distros (stored on the remote filer) -- but will keep the trees on NFS. This saves disk space on the Cobbler server. As you add more distros over time to the filer, you can keep running the above commands to add them to Cobbler. So, whether using some data you already have on the network, or letting cobbler create an install mirror for you, there are lots of useful options. Similarly, if you just need to change the default path where Cobbler stores data it imports (which is /var/www/cobbler/) you can also change that -- this is covered elsewhere on the Wiki.
Using That Server For Reinstallation
Should you have a system you want to install that Fedora 12 on (instead of whatever it is running now), right now, you can do this:
yum install koan koan --server= --list=profiles koan --replace-self --server= --profile=F12-i386 /sbin/reboot
The system will install the new operating system after rebooting, hands off, no interaction required.
Notice in the above example "F12-i386" is just one of the boring default profiles cobbler created for you. You can also create your own, for instance "F12-webservers" or "F12-appserver" -- whatever you would like to automate.
Using That Server For Virtualization
Want to install a virtual guest instead (perhaps Xen or KVM)? No problem.
yum install koan koan --server= --virt --virt-type=xenpv --profile=F12-i386-xen
Done.
You can also use KVM or other virtualization methods. These are covered elsewhere on the Wiki. Some distributions have Xen specific profiles you need to use, though this is merged back together starting with Fedora 12.
Using That Server For PXE
Note that so far we've only mentioned reinstalling Linux systems and doing virtualized installs. PXE for network installation of "bare metal" machines is very easy too.
If you want PXE, you have two options.
If the DHCP server is somewhere else (not on the Cobbler server), you can get your dhcp server admin to point at your box as a "next-server". Easy enough.
If you want to run DHCP locally and have Cobbler manage it for you, just set manage_dhcp to 1 in /etc/cobbler/settings on the boot server,
edit /etc/cobbler/dhcp.template to change some defaults, and re run "cobbler sync".
You're good. Cobbler will keep track of your dhcp files for you, and you'll never have to hand edit them. (See ManageDhcp for more information on this).
Once you get PXE set up, all of the bare-metal compatible profiles will, by name, show up in PXE menus when the machines network boot. Type "menu" at the prompt and choose one from the list. Or just don't do anything and the machine will default through to local booting. (Some Xen paravirt profiles will not show up, because you cannot install these on physical machines -- this is intended)
Should you want to pin a particular system to install a particular profile the next time it reboots, just run:
cobbler system add --name=example --mac=$mac-address --profile=$profile-name
Then the above machine will boot directly to the profile of choice without bringing up the menu. Don't forget to read the manpage docs as there are more options for customization and control available. There are also lots of useful settings described in /etc/cobbler/settings that you will want to read over.
Firewall
Depending on your usage, you will probably need to make sure iptables is configured to allow access to the right services. Here's an example configuration:
# Firewall configuration written by system-config-securitylevel # Manual customization of this file is not recommended. *filter :INPUT ACCEPT [0:0] :FORWARD ACCEPT [0:0] :OUTPUT ACCEPT [0:0] -A INPUT -p icmp --icmp-type any -j ACCEPT -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT # LOCALHOST -A INPUT -i lo -j ACCEPT # SSH -A INPUT -m state --state NEW -m tcp -p tcp --dport 22 -j ACCEPT # DNS - TCP/UDP -A INPUT -m state --state NEW -m udp -p udp --dport 53 -j ACCEPT -A INPUT -m state --state NEW -m tcp -p tcp --dport 53 -j ACCEPT # DHCP -A INPUT -m state --state NEW -m udp -p udp --dport 68 -j ACCEPT # TFTP - TCP/UDP -A INPUT -m state --state NEW -m tcp -p tcp --dport 69 -j ACCEPT -A INPUT -m state --state NEW -m udp -p udp --dport 69 -j ACCEPT # NTP -A INPUT -m state --state NEW -m udp -p udp --dport 123 -j ACCEPT # HTTP/HTTPS -A INPUT -m state --state NEW -m tcp -p tcp --dport 80 -j ACCEPT -A INPUT -m state --state NEW -m tcp -p tcp --dport 443 -j ACCEPT # Syslog for cobbler -A INPUT -m state --state NEW -m udp -p udp --dport 25150 -j ACCEPT # Koan XMLRPC ports -A INPUT -m state --state NEW -m tcp -p tcp --dport 25151 -j ACCEPT -A INPUT -m state --state NEW -m tcp -p tcp --dport 25152 -j ACCEPT #-A INPUT -j LOG -A INPUT -j REJECT --reject-with icmp-host-prohibited COMMIT
Adapt this to your own environment.
Services
Depending on whether you are running DHCP and DNS on the same box, you will want to enable various services:
/sbin/service httpd start /sbin/service dhcpd start /sbin/service xinetd start /sbin/service cobblerd start /sbin/chkconfig httpd on /sbin/chkconfig dhcpd on /sbin/chkconfig xinetd on /sbin/chkconfig tftp on /sbin/chkconfig cobblerd on
"cobbler check", mentioned above, will mention most of this to you.
Notes About Other Distributions
The above example covered Fedora, though things work exactly the same for RHEL and CentOS. Read SupportForOtherDistros for additional information if you are not running a Fedora or Red Hat based distribution. Support for other distributions is important to the Cobbler project, though they may require slightly different instructions.
Read More
There are lots of other topics as well as expansions on the above material on the rest of the Wiki, under UserDocs. This is only scratching the surface!
-----------------------------------------------------------------
一、安装环境
centos 5.4
关掉iptables 关掉 selinux selinux 导致tftp的目录无法访问 pxe停止在引导界面
二、cobbler使用目录及文件
cobbler相关配置文件 /etc/cobbler
cobbler数据存储目录 /var/www/cobbler
dhcp配置文件 /etc/dhcpd.conf
dhcp租期缓存文件 /var/lib/dhcpd/dhcpd.leases
pxe配置文件 /tftpboot/pxelinux.cfg/default
三、安装cobbler
# rpm -ivh
# rpm -ivh http://apt.sw.be/redhat/el5/en/i386/rpmforge/RPMS/rpmforge-release-0.3.6-1.el5.rf.i386.rpm
# yum -y install tftp-server httpd dhcp yum-utils
# yum -y install cobbler
# yum -y install cman
yum-utils 编译安装 make && make install
四、修改配置文件
1.修改cobbler配置文件
# vi /etc/cobbler/settings
[code]
server: '192.168.1.3' #cobbler服务器地址
next_server: '192.168.1.3'
manage_dhcp: 1
[/code]
2.更改tftp启动方式
# vi /etc/xinetd.d/tftp
[code]
disable = no #默认开启tftp
[/code]
3.编辑dhcp配置模板
# vi /etc/cobbler/dhcp.template 改为相应的网段和ip
subnet 192.168.2.0 netmask 255.255.255.0 {
option routers 192.168.2.5;
option domain-name-servers 192.168.2.1;
option subnet-mask 255.255.255.0;
range dynamic-bootp 192.168.2.100 192.168.2.254;
filename "/pxelinux.0";
default-lease-time 21600;
max-lease-time 43200;
next-server $next_server;
}
五、导入CentOS 光盘映像文件
# mkdir /home/CentOS
# mount /home/src/CentOS-5.2-i386-bin-DVD.iso /home/CentOS/ -o loop
# cobbler import --mirror=/home/CentOS --name=CentOS-5.2
# cobbler sync 应用配置模板
六、cobbler check 根据提示解决问题
例如:
#2: Must enable selinux boolean to enable Apache and web services components, run: setsebool -P httpd_can_network_connect true
Nice to see that it has good instructions for selinux
#3: you need to set some SELinux content rules to ensure cobbler works correctly in your SELinux environment, run the following: /usr/sbin/semanage fcontext -a -t public_content_t "/var/lib/tftpboot/.*" && /usr/sbin/semanage fcontext -a -t public_content_t "/var/www/cobbler/images/.*"
Detailed command to enable http server to reed content from /var/www/cobbler and have tfpboot find its files
#4: service cobblerd is not running
Obviously this isn't running because we did not start it yet
#5: change 'disable' to 'no' in /etc/xinetd.d/tftp
#6: service httpd is not running
#7: since iptables may be running, ensure 69 (dhcp), 80(http), 25150(cobbler api), and 25151(cobbler api R/W) are unblocked 关闭防火墙
#8: reposync is not installed, need for cobbler reposync, install/upgrade yum-utils?
Easy to solve with: yum install yum-utils
#9: yumdownloader is not installed, needed for cobbler repo add with --rpm-list parameter, install/upgrade yum-utils? 安装yum-utils
#10: fencing tools were not found, and are required to use the (optional) power management features. install cman to use them 安装cman
七、启动cobbler服务
service dhcpd start
service httpd start
service xinetd restart
service cobbler start
八、kickstart配置文件实例
# vi /etc/cobbler/sample.ks
#platform=x86, AMD64, or Intel EM64T
# System authorization information
auth --useshadow --enablemd5
# System bootloader configuration
bootloader --location=mbr
# Partition clearing information
clearpart --all --initlabel
# Use text mode install
text
# Firewall configuration
firewall --disable
# Run the Setup Agent on first boot
firstboot --enabled
# System keyboard
keyboard us
# System language
lang en_US
# Use network installation
url --url=$tree
# If any cobbler repo definitions were referenced in the kickstart profile, include them here.
$yum_repo_stanza
# Network information
network --bootproto=dhcp --device=eth0 --onboot=on
# Reboot after installation
reboot
#Root password
rootpw --iscrypted $1$65XOJkdK$SA2J.kVLiTZ6V1GAhFl/Z1
# SELinux configuration
selinux --disabled
# Do not configure the X Window System
skipx
# System timezone
timezone Asia/Shanghai
# Install OS instead of upgrade
install
# Clear the Master Boot Record
zerombr
# Magically figure out how to partition this thing
#SNIPPET::main_partition_select
part / --asprimary --bytes-per-inode=4096 --fstype="ext3" --grow --size=1
part swap --asprimary --bytes-per-inode=4096 --fstype="swap" --size=2048
part /boot --asprimary --bytes-per-inode=4096 --fstype="ext3" --size=100
%pre
$kickstart_start
#SNIPPET::pre_partition_select
%packages
@server-cfg
@development-tools
@base
@development-libs
@system-tools
@admin-tools
certmaster
func
%post
chkconfig NetworkManager off
chkconfig NetworkManagerDispatcher off
chkconfig acpid off
chkconfig anacron off
chkconfig atd off
chkconfig autofs off
chkconfig avahi-daemon off
c
展开阅读全文
浙ICP备2021020529号-1 | 浙B2-20240490 
