cobbler 批量安装linux.doc

1、软件包下载地址：http://centos.plnet.rs/mrepo/plc-rhel6b-i386/RPMS.all/  搭建步骤： 参考文章： ----------------------------------------------------------------- Getting Started With Cobbler and "Cobbler Import" About Suppose you want to set up a network install server for several distributions. We'll show you

2、how to do this, for a given distribution, really really quickly. For this example, we'll use Fedora as an example. What's the best way to do this? It's a command called "cobbler import", that can mirror content based on a DVD image, a tree on a mounted filesystem, or even an external rsync mirror or

3、 SSH location. First you have to have cobbler installed and set up though, which is thankfully pretty easy to do. Setting Up A Provisioning Server From Scratch yum install cobbler   # Edit /etc/cobbler/settings for 'server' and 'next-server' addresses.   # Comments in the config fi

4、le will explain what each setting does.   cobbler check   # Adjust things as necessary based on the output of cobbler check above   # Download the Fedora DVD image and mount it, either with a real CD or a   # loopback (mkdir /somedir; mount -o loop your.iso /somedir)   # impo

5、rt from inserted DVD   cobbler import --path=/media/dvd --name=Fedora12   # ...OR... import from the mounted ISO example c obbler import --path=/somedir --name=Fedora12   cobbler sync You're done. Really. SElinux specific settings for F14 to keep in mind ? For Fedora 14 you

6、 might want to amend the selinux policy settings. /usr/sbin/semanage fcontext -a -t public_content_rw_t "/var/lib/tftpboot/.*"   /usr/sbin/semanage fcontext -a -t public_content_rw_t "/var/www/cobbler/images/.*"   restorecon -R -v "/var/lib/tftpboot/"   restorecon -R -v "/var/www/cobbl

7、er/images.*"   # Enables cobbler to read/write public_content_rw_t setsebool cobbler_anon_write on   # Enable httpd to connect to cobblerd (optional, depending on if web interface is installed)   # Notice: If you enable httpd_can_network_connect_cobbler and you should switch httpd_can_ne

8、twork_connect off   setsebool httpd_can_network_connect off   setsebool httpd_can_network_connect_cobbler on   #Enabled cobbler to use rsync etc.. (optional)   setsebool cobbler_can_network_connect on   #Enable cobbler to use CIFS based filesystems (optional)   setsebool cobbler_us

9、e_cifs on   # Enable cobbler to use NFS based filesystems (optional) setsebool cobbler_use_nfs on   # Double check your choices   getsebool -a|grep cobbler Important: Once you enabled the SElinux booleans and checked that they work for you, make them permanent by using setsebool -P o

10、ption on/off!! This will save your booleans on reboot. Alternatively, you could have also used: cobbler import --path=rsync://servergoeshere/path/to/distro --name=F12 This would mirror from a public rsync server (for a list of public servers visit http://mirrors.fedoraproject.org/publicl

11、ist/) without needing the DVD image. Kickstarts are answer files that script the installation of the OS. Well, for Fedora and Red Hat based distributions it is called kickstart. We also support other distributions that have similar answer files, but let's just use kickstart as an example for now.

12、The kickstarts automatically assigned above will install physical machines (or virtual machines -- we'll get to that later) with a default password of "cobbler" (don't worry, you can change these defaults) and a really basic set of packages. For something more complicated, you may wish to edit the d

13、efault kickstarts in /var/lib/cobbler/kickstarts. You could also use cobbler to assign them new kickstart files. These files are actually Kickstart Templates, a level beyond regular kickstarts that can make advanced customizations easier to achieve. We'll talk more about that later as well. What i

14、f you don't want to mirror the install content on your install server? Say you already have the trees from all your DVDs and/or CDs extracted on a Filer mounted over NFS somewhere. This works too, with the addition of one more argument: cobbler import --path=/path/where/filer/is/mounted --name

15、filer --available-as=nfs://nfsserver.example.org:/is/mounted/here The above command will set up cobbler automatically using all of the above distros (stored on the remote filer) -- but will keep the trees on NFS. This saves disk space on the Cobbler server. As you add more distros over time to t

16、he filer, you can keep running the above commands to add them to Cobbler. So, whether using some data you already have on the network, or letting cobbler create an install mirror for you, there are lots of useful options. Similarly, if you just need to change the default path where Cobbler stores da

17、ta it imports (which is /var/www/cobbler/) you can also change that -- this is covered elsewhere on the Wiki. Using That Server For Reinstallation Should you have a system you want to install that Fedora 12 on (instead of whatever it is running now), right now, you can do this: yum install k

18、oan koan --server= --list=profiles koan --replace-self --server= --profile=F12-i386 /sbin/reboot The system will install the new operating system after rebooting, hands off, no interaction required. Notice in the above example "F12-i386" is just one of the boring default profiles cobble

19、r created for you. You can also create your own, for instance "F12-webservers" or "F12-appserver" -- whatever you would like to automate. Using That Server For Virtualization Want to install a virtual guest instead (perhaps Xen or KVM)? No problem. yum install koan koan --server= --virt

20、 --virt-type=xenpv --profile=F12-i386-xen Done. You can also use KVM or other virtualization methods. These are covered elsewhere on the Wiki. Some distributions have Xen specific profiles you need to use, though this is merged back together starting with Fedora 12. Using That Server For PXE

21、Note that so far we've only mentioned reinstalling Linux systems and doing virtualized installs. PXE for network installation of "bare metal" machines is very easy too. If you want PXE, you have two options. If the DHCP server is somewhere else (not on the Cobbler server), you can get your dhcp

22、server admin to point at your box as a "next-server". Easy enough. If you want to run DHCP locally and have Cobbler manage it for you, just set manage_dhcp to 1 in /etc/cobbler/settings on the boot server,  edit /etc/cobbler/dhcp.template to change some defaults, and re run "cobbler sync".  Yo

23、u're good. Cobbler will keep track of your dhcp files for you, and you'll never have to hand edit them. (See ManageDhcp for more information on this). Once you get PXE set up, all of the bare-metal compatible profiles will, by name, show up in PXE menus when the machines network boot. Type "menu"

24、at the prompt and choose one from the list. Or just don't do anything and the machine will default through to local booting. (Some Xen paravirt profiles will not show up, because you cannot install these on physical machines -- this is intended) Should you want to pin a particular system to instal

25、l a particular profile the next time it reboots, just run: cobbler system add --name=example --mac=$mac-address --profile=$profile-name Then the above machine will boot directly to the profile of choice without bringing up the menu. Don't forget to read the manpage docs as there are more op

26、tions for customization and control available. There are also lots of useful settings described in /etc/cobbler/settings that you will want to read over. Firewall Depending on your usage, you will probably need to make sure iptables is configured to allow access to the right services. Here's an e

27、xample configuration: # Firewall configuration written by system-config-securitylevel # Manual customization of this file is not recommended. *filter :INPUT ACCEPT [0:0] :FORWARD ACCEPT [0:0] :OUTPUT ACCEPT [0:0] -A INPUT -p icmp --icmp-type any -j ACCEPT -A INPUT -m state --state ESTABLISHED,REL

28、ATED -j ACCEPT # LOCALHOST -A INPUT -i lo -j ACCEPT # SSH -A INPUT -m state --state NEW -m tcp -p tcp --dport 22 -j ACCEPT # DNS - TCP/UDP -A INPUT -m state --state NEW -m udp -p udp --dport 53 -j ACCEPT -A INPUT -m state --state NEW -m tcp -p tcp --dport 53 -j ACCEPT # DHCP -A INPUT -m state --st

29、ate NEW -m udp -p udp --dport 68 -j ACCEPT # TFTP - TCP/UDP -A INPUT -m state --state NEW -m tcp -p tcp --dport 69 -j ACCEPT -A INPUT -m state --state NEW -m udp -p udp --dport 69 -j ACCEPT # NTP -A INPUT -m state --state NEW -m udp -p udp --dport 123 -j ACCEPT # HTTP/HTTPS -A INPUT -m state --state

30、 NEW -m tcp -p tcp --dport 80 -j ACCEPT -A INPUT -m state --state NEW -m tcp -p tcp --dport 443 -j ACCEPT # Syslog for cobbler -A INPUT -m state --state NEW -m udp -p udp --dport 25150 -j ACCEPT # Koan XMLRPC ports -A INPUT -m state --state NEW -m tcp -p tcp --dport 25151 -j ACCEPT -A INPUT -m state

31、 --state NEW -m tcp -p tcp --dport 25152 -j ACCEPT #-A INPUT -j LOG -A INPUT -j REJECT --reject-with icmp-host-prohibited COMMIT Adapt this to your own environment. Services Depending on whether you are running DHCP and DNS on the same box, you will want to enable various services: /sbin/se

32、rvice httpd start /sbin/service dhcpd start /sbin/service xinetd start /sbin/service cobblerd start /sbin/chkconfig httpd on /sbin/chkconfig dhcpd on /sbin/chkconfig xinetd on /sbin/chkconfig tftp on /sbin/chkconfig cobblerd on "cobbler check", mentioned above, will mention most of this to you.

33、 Notes About Other Distributions The above example covered Fedora, though things work exactly the same for RHEL and CentOS. Read SupportForOtherDistros for additional information if you are not running a Fedora or Red Hat based distribution. Support for other distributions is important to the Co

34、bbler project, though they may require slightly different instructions. Read More There are lots of other topics as well as expansions on the above material on the rest of the Wiki, under UserDocs. This is only scratching the surface! -------------------------------------------------------

35、 一、安装环境 centos 5.4 关掉iptables 关掉 selinux selinux 导致tftp的目录无法访问 pxe停止在引导界面 二、cobbler使用目录及文件 cobbler相关配置文件 /etc/cobbler cobbler数据存储目录 /var/www/cobbler dhcp配置文件 /etc/dhcpd.conf dhcp租期缓存文件 /var/lib/dhcpd/dhcpd.leases pxe配置文件 /tftpboot/pxelinux.cfg/default 三、安装cobbler # rpm -ivh

36、 # rpm -ivh http://apt.sw.be/redhat/el5/en/i386/rpmforge/RPMS/rpmforge-release-0.3.6-1.el5.rf.i386.rpm # yum -y install tftp-server httpd dhcp yum-utils # yum -y install cobbler # yum -y install cman  yum-utils  编译安装  make && make install 四、修改配置文件 1.修改cobbler配置文件 # vi /etc/cobbler/sett

37、ings [code] server: '192.168.1.3'        #cobbler服务器地址 next_server: '192.168.1.3'    manage_dhcp: 1 [/code] 2.更改tftp启动方式 # vi /etc/xinetd.d/tftp [code] disable = no                #默认开启tftp [/code] 3.编辑dhcp配置模板 # vi /etc/cobbler/dhcp.template 改为相应的网段和ip subnet 192.168.2.0 netmask 25

38、5.255.255.0 {      option routers             192.168.2.5;      option domain-name-servers 192.168.2.1;      option subnet-mask         255.255.255.0;      range dynamic-bootp        192.168.2.100 192.168.2.254;      filename                   "/pxelinux.0";      default-lease-time         216

39、00;      max-lease-time             43200;      next-server                $next_server; } 五、导入CentOS 光盘映像文件 # mkdir /home/CentOS # mount /home/src/CentOS-5.2-i386-bin-DVD.iso /home/CentOS/ -o loop # cobbler import --mirror=/home/CentOS --name=CentOS-5.2 # cobbler sync    应用配置模板 六

40、cobbler check 根据提示解决问题  例如： #2: Must enable selinux boolean to enable Apache and web services components, run: setsebool -P httpd_can_network_connect true Nice to see that it has good instructions for selinux #3: you need to set some SELinux content rules to ensure cobbler works correctly in yo

41、ur SELinux environment, run the following: /usr/sbin/semanage fcontext -a -t public_content_t "/var/lib/tftpboot/.*" && /usr/sbin/semanage fcontext -a -t public_content_t "/var/www/cobbler/images/.*" Detailed command to enable http server to reed content from /var/www/cobbler and have tfpboot find

42、its files #4: service cobblerd is not running Obviously this isn't running because we did not start it yet #5: change 'disable' to 'no' in /etc/xinetd.d/tftp #6: service httpd is not running #7: since iptables may be running, ensure 69 (dhcp), 80(http), 25150(cobbler api), and 25151(cobbler api

43、 R/W) are unblocked 关闭防火墙 #8: reposync is not installed, need for cobbler reposync, install/upgrade yum-utils? Easy to solve with:  yum install yum-utils #9: yumdownloader is not installed, needed for cobbler repo add with --rpm-list parameter, install/upgrade yum-utils? 安装yum-utils #10: fencing

44、 tools were not found, and are required to use the (optional) power management features. install cman to use them 安装cman 七、启动cobbler服务 service dhcpd start service httpd start service xinetd restart service cobbler start 八、kickstart配置文件实例 # vi /etc/cobbler/sample.ks #platform=x86,

45、 AMD64, or Intel EM64T # System authorization information auth --useshadow --enablemd5 # System bootloader configuration bootloader --location=mbr # Partition clearing information clearpart --all --initlabel # Use text mode install text # Firewall configuration firewall --disable # Run th

46、e Setup Agent on first boot firstboot --enabled # System keyboard keyboard us # System language lang en_US # Use network installation url --url=$tree # If any cobbler repo definitions were referenced in the kickstart profile, include them here. $yum_repo_stanza # Network information net

47、work --bootproto=dhcp --device=eth0 --onboot=on # Reboot after installation reboot #Root password rootpw --iscrypted $1$65XOJkdK$SA2J.kVLiTZ6V1GAhFl/Z1 # SELinux configuration selinux --disabled # Do not configure the X Window System skipx # System timezone timezone Asia/Shanghai # Inst

48、all OS instead of upgrade install # Clear the Master Boot Record zerombr # Magically figure out how to partition this thing #SNIPPET::main_partition_select part / --asprimary --bytes-per-inode=4096 --fstype="ext3" --grow --size=1 part swap --asprimary --bytes-per-inode=4096 --fstype="swap"

49、size=2048 part /boot --asprimary --bytes-per-inode=4096 --fstype="ext3" --size=100 %pre $kickstart_start #SNIPPET::pre_partition_select %packages @server-cfg @development-tools @base @development-libs @system-tools @admin-tools certmaster func %post chkconfig NetworkManager off chkconfig NetworkManagerDispatcher off chkconfig acpid off chkconfig anacron off chkconfig atd off chkconfig autofs off chkconfig avahi-daemon off c