现在都知道运维自动化的重要性,尤其是对于在服务器数量按几百台、几千台增加的公司而言,单单是装系统,如果不通过自动化来完成,根本是不可想象的。 运维自动化安装方面,早期一般使用人工配置pxe+dhcp+tftp配合kickstart,现在开源工具就多了,如cobbler,OpenQRM和Spacewalk。本文是我自己试验整理的Cobbler系统安装详解。
Cobbler是一个快速网络安装linux的服务,而且在经过调整也可以支持网络安装windows。该工具使用python开发,小巧轻便(才15k行代码),使用简单的命令即可完成PXE网络安装环境的配置,同时还可以管理DHCP,DNS,以及yum包镜像。Cobbler支持命令行管理,web界面管理,还提供了API接口,可以方便二次开发使用。
和Kickstart不同的是,使用cobbler不会因为在局域网中启动了dhcp而导致有些机器因为默认从pxe启动在重启服务器后加载tftp内容导致启动终止。
常用架构如下图:
1、安装epel源
rpm -ivh epel-release-6-8.noarch.rpm 报错a: You could try using --skip-broken to work around the problem You could try running: package-cleanup --problems package-cleanup --dupes rpm -Va --nofiles --nodigest The program package-cleanup is found in the yum-utils package. 解决: yum clean all rpm --rebuilddb yum update
2、安装一些必要的服务
yum -y install dhcp rsync xinetd httpd tftp bind
3、关闭防火墙和SELinux
/etc/init.d/iptables stop chkconfig iptables off
4、安装cobbler程序
yum -y install cobbler cobbler-web cman pykickstart 启动相应的服务 /etc/init.d/cobblerd start chkconfig cobblerd on /etc/init.d/httpd start chkconfig httpd on 检查配置 cobbler check 提示信息 1 : The 'server' field in /etc/cobbler/settings must be set to something other than localhost,or kickstarting features will not work. This should be a resolvable hostname or IP for the boot server as reachable by all machines that will use it. 2 : For PXE to be functional, the 'next_server' field in /etc/cobbler/settings must be set to something other than 127.0.0.1, and should match the IP of the boot server on the PXE network. 3 : you need to set some SELinux content rules to ensure cobbler works correctly in your SELinux environment, run the following: /usr/sbin/semanage fcontext -a -t public_content_t "/tftpboot/.*" && \ /usr/sbin/semanage fcontext -a -t public_content_t "/var/www/cobbler/p_w_picpaths/.*" 4 : some network boot-loaders are missing from /var/lib/cobbler/loaders, you may run 'cobbler get-loaders' to download them, or, if you only want to handle x86/x86_64 netbooting, you may ensure that you have installed a *recent* version of the syslinux package installed and can ignore this message entirely. Files in this directory, should you want to support all architectures, should include pxelinux.0, menu.c32, elilo.efi, and yaboot.The 'cobbler get-loaders' command is the easiest way to resolve these requirements. 5 : change 'disable' to 'no' in /etc/xinetd.d/tftp 6 : change 'disable' to 'no' in /etc/xinetd.d/rsync 7 : since iptables may be running, ensure 69, 80, and 25151 are unblocked 8 : debmirror package is not installed, it will be required to manage debian deployments and repositories 9 : The default password used by the sample templates for newly installed machines (default_password_crypted in /etc/cobbler/settings) is still set to 'cobbler' and should be changed, try: "openssl passwd -1 -salt 'random-phrase-here' 'your-password-here'" to generate new one Restart cobblerd and then run 'cobbler sync' to apply changes. 根据提示更改执行以下命令 sed -i '272,384s/127.0.0.1/192.168.80.134/g' /etc/cobbler/settings cobbler get-loaders sed -i 's/yes/no/g' /etc/xinetd.d/rsync sed -i '14 s/yes/no/g' /etc/xinetd.d/tftp chkconfig tftp on chkconfig rsync on /etc/init.d/xinetd restart