文章目录
- cobbler简介
- cobbler服务端部署
- 客户端安装
- cobbler的web方式管理
一. cobbler简介
Cobbler是一个Linux服务器安装的服务,可以通过网络启动(PXE)的方式来快速安装、重装物理服务器和虚拟机,同时还可以管理DHCP,DNS等。
Cobbler可以使用命令行方式管理,也提供了基于Web的界面管理工具(cobbler-web),还提供了API接口,可以方便二次开发使用。
Cobbler是较早前的kickstart的升级版,优点是比较容易配置,还自带web界面比较易于管理。
Cobbler内置了一个轻量级配置管理系统,但它也支持和其它配置管理系统集成,如Puppet,暂时不支持SaltStack。
cobbler集成的服务
PXE服务支持
DHCP服务管理
DNS服务管理(可选bind,dnsmasq)
电源管理
Kickstart服务支持
YUM仓库管理
TFTP(PXE启动时需要)
Apache(提供kickstart的安装源,并提供定制化的kickstart配置)
cobbler配置文件详解
cobbler配置文件目录在/etc/cobbler
配置文件 工作
/etc/cobbler/settings cobbler 主配置文件
/etc/cobbler/iso/ iso模板配置文件
/etc/cobbler/pxe pxe模板配置文件
/etc/cobbler/power 电源配置文件
/etc/cobbler/user.conf web服务授权配置文件
/etc/cobbler/users.digest web访问的用户名密码配置文件
/etc/cobbler/dhcp.template dhcp服务器的的配置模板
/etc/cobbler/dnsmasq.template dns服务器的配置模板
/etc/cobbler/tftpd.template tftp服务的配置模板
/etc/cobbler/modules.conf 模块的配置文件
cobbler数据目录
目录 作用
/var/lib/cobbler/config/ 用于存放distros,system,profiles等信息配置文件
/var/lib/cobbler/triggers/ 用于存放用户定义的cobbler命令
/var/lib/cobbler/kickstart/ 默认存放kickstart文件
/var/lib/cobbler/loaders/ 存放各种引导程序以及镜像目录
/var/www/cobbler/ks_mirror/ 导入的发行版系统的所有数据
/var/www/cobbler/images/ 导入发行版的kernel和initrd镜像用于远程网络启动
/var/www/cobbler/repo_mirror/ yum仓库存储目录
cobbler日志文件
日志文件路径 说明
/var/log/cobbler/installing 客户端安装日志
/var/log/cobbler/cobbler.log cobbler日志
镜像目录
/var/www/cobbler/ks_mirror/: 导入的发行版系统的所有数据
/var/www/cobbler/images/ : 导入发行版的kernel和initrd镜像用于远程网络启动
/var/www/cobbler/repo_mirror/: yum 仓库存储目录
cobbler命令详解
cobbler check //核对当前设置是否有问题
cobbler list //列出所有的cobbler元素
cobbler report //列出元素的详细信息
cobbler sync //同步配置到数据目录,更改配置最好都要执行下
cobbler reposync //同步yum仓库
cobbler distro //查看导入的发行版系统信息
cobbler system //查看添加的系统信息
cobbler profile //查看配置信息
二. cobbler服务端部署
1、安装cobbler、dhcp。
[root@centos7 network-scripts]# yum install cobbler dhcp
设为开机启动
[root@centos7 network-scripts]# systemctl enable cobblerd dhcpd httpd tftp
启动服务,因为dhcp刚安装,还没有配置,因此暂时无法启动,待配置后即可成功启动,dhcp详细配置请参考:如何配置DHCP服务
[root@centos7 ~]# systemctl start cobblerd httpd tftp.socket
因为cobbler继承了tftp等服务,因此在安装cobbler是也自动安装上了。
[root@centos7 ~]# cd /var/lib/tftpboot/
[root@centos7 tftpboot]# ls
boot etc grub images images2 initrd.img menu.c32 ppc pxelinux.0 pxelinux.cfg s390x vmlinuz
2、检查cobbler环境
执行cobbler check命令,会报如下异常,然后根据异常情况,采取相应的解决方式。
[root@centos7 tftpboot]# cobbler check
The following are potential configuration items that you may want to fix:
1 : The 'server' field in /etc/cobbler/settings must be set to something other than localhost, or kickstarting features will not work. This should be a resolvable hostname or IP for the boot server as reachable by all machines that will use it.
2 : For PXE to be functional, the 'next_server' field in /etc/cobbler/settings must be set to something other than 127.0.0.1, and should match the IP of the boot server on the PXE network.
3 : change 'disable' to 'no' in /etc/xinetd.d/tftp
4 : Some network boot-loaders are missing from /var/lib/cobbler/loaders, you may run 'cobbler get-loaders' to download them, or, if you only want to handle x86/x86_64 netbooting, you may ensure that you have installed a *recent* version of the syslinux package installed and can ignore this message entirely. Files in this directory, should you want to support all architectures, should include pxelinux.0, menu.c32, elilo.efi, and yaboot. The 'cobbler get-loaders' command is the easiest way to resolve these requirements.
5 : enable and start rsyncd.service with systemctl
6 : debmirror package is not installed, it will be required to manage debian deployments and repositories
7 : The default password used by the sample templates for newly installed machines (default_password_crypted in /etc/cobbler/settings) is still set to 'cobbler' and should be changed, try: "openssl passwd -1 -salt 'random-phrase-here' 'your-password-here'" to generate new one
8 : fencing tools were not found, and are required to use the (optional) power management features. install cman or fence-agents to use them
Restart cobblerd and then run 'cobbler sync' to apply changes.
执行Cobbler check报错解决方式
1 : The 'server' field in /etc/cobbler/settings must be set to something other than localhost, or kickstarting features will not work. This should be a resolvable hostname or IP for the boot server as reachable by all machines that will use it.
##解决方法:修改/etc/cobbler/settings文件中的server参数的值,为提供cobbler服务的主机配置相应的IP地址或主机名
[root@centos7 tftpboot]# vim /etc/cobbler/settings
...
server:192.168.147.129
...
修改完成后重新启动服务,然后再次执行cobbler check
[root@centos7 tftpboot]# systemctl restart cobblerd
[root@centos7 tftpboot]# cobbler check
解决方法
1 : For PXE to be functional, the 'next_server' field in /etc/cobbler/settings must be set to something other than 127.0.0.1, and should match the IP of the boot server on the PXE network.
##修改/etc/cobbler/settings文件中的next_server参数的值为提供PXE服务的主机相应的IP地址,(tftp服务器地址,一般和cobbler在同一台服务器)
[root@centos7 tftpboot]# vim /etc/cobbler/settings
...
next_server: 192.168.147.129
...
2 : change 'disable' to 'no' in /etc/xinetd.d/tftp
这项信息我们可以不用去管它,因为这里使用的是centos7的系统,且相应的tftp服务已经启动。
[root@centos7 tftpboot]# ss -ntlu |grep 69
udp UNCONN 0 0 :::69 :::*
3 : Some network boot-loaders are missing from /var/lib/cobbler/loaders, you may run 'cobbler get-loaders' to download them, or, if you only want to handle x86/x86_64 netbooting, you may ensure that you have installed a *recent* version of the syslinux package installed and can ignore this message entirely. Files in this directory, should you want to support all architectures, should include pxelinux.0, menu.c32, elilo.efi, and yaboot. The 'cobbler get-loaders' command is the easiest way to resolve these requirements.
##执行cobbler get-loaders命令,自动从互联网上下载对应文件。
##如果当前节点可以访问互联网,执行“cobbler getloaders”命令即可;否则,需要安装syslinux程序包,
##而后复制/usr/share/syslinux/{pxelinux.0,memu.c32}等文件至/var/lib/cobbler/loaders/目录中
[root@centos7 tftpboot]# cobbler get-loaders
task started: 2020-08-03_173520_get_loaders
task started (id=Download Bootloader Content, time=Mon Aug 3 17:35:20 2020)
downloading https://cobbler.github.io/loaders/README to /var/lib/cobbler/loaders/README
downloading https://cobbler.github.io/loaders/COPYING.elilo to /var/lib/cobbler/loaders/COPYING.elilo
downloading https://cobbler.github.io/loaders/COPYING.yaboot to /var/lib/cobbler/loaders/COPYING.yaboot
downloading https://cobbler.github.io/loaders/COPYING.syslinux to /var/lib/cobbler/loaders/COPYING.syslinux
downloading https://cobbler.github.io/loaders/elilo-3.8-ia64.efi to /var/lib/cobbler/loaders/elilo-ia64.efi
downloading https://cobbler.github.io/loaders/yaboot-1.3.17 to /var/lib/cobbler/loaders/yaboot
downloading https://cobbler.github.io/loaders/pxelinux.0-3.86 to /var/lib/cobbler/loaders/pxelinux.0
downloading https://cobbler.github.io/loaders/menu.c32-3.86 to /var/lib/cobbler/loaders/menu.c32
downloading https://cobbler.github.io/loaders/grub-0.97-x86.efi to /var/lib/cobbler/loaders/grub-x86.efi
downloading https://cobbler.github.io/loaders/grub-0.97-x86_64.efi to /var/lib/cobbler/loaders/grub-x86_64.efi
*** TASK COMPLETE ***
下载完成后,执行“cobbler sync”命令。相当与把/var/lib/cobbler/loaders中的文件复制到/var/lib/tftpboot/目录下。
[root@centos7 tftpboot]# cobbler sync
task started: 2020-08-03_174134_sync
task started (id=Sync, time=Mon Aug 3 17:41:34 2020)
running pre-sync triggers
cleaning trees
removing: /var/lib/tftpboot/pxelinux.cfg/default
removing: /var/lib/tftpboot/grub/images
copying bootloaders
trying hardlink /var/lib/cobbler/loaders/pxelinux.0 -> /var/lib/tftpboot/pxelinux.0
copying: /var/lib/cobbler/loaders/pxelinux.0 -> /var/lib/tftpboot/pxelinux.0
trying hardlink /var/lib/cobbler/loaders/menu.c32 -> /var/lib/tftpboot/menu.c32
copying: /var/lib/cobbler/loaders/menu.c32 -> /var/lib/tftpboot/menu.c32
trying hardlink /var/lib/cobbler/loaders/yaboot -> /var/lib/tftpboot/yaboot
trying hardlink /usr/share/syslinux/memdisk -> /var/lib/tftpboot/memdisk
trying hardlink /var/lib/cobbler/loaders/grub-x86.efi -> /var/lib/tftpboot/grub/grub-x86.efi
trying hardlink /var/lib/cobbler/loaders/grub-x86_64.efi -> /var/lib/tftpboot/grub/grub-x86_64.efi
copying distros to tftpboot
copying images
generating PXE configuration files
generating PXE menu structure
rendering TFTPD files
generating /etc/xinetd.d/tftp
cleaning link caches
running post-sync triggers
running python triggers from /var/lib/cobbler/triggers/sync/post/*
running python trigger cobbler.modules.sync_post_restart_services
running shell triggers from /var/lib/cobbler/triggers/sync/post/*
running python triggers from /var/lib/cobbler/triggers/change/*
running python trigger cobbler.modules.manage_genders
running python trigger cobbler.modules.scm_track
running shell triggers from /var/lib/cobbler/triggers/change/*
*** TASK COMPLETE ***
4 : enable and start rsyncd.service with systemctl
这一项可以忽略,也可以启动,执行“chkconfig rsync on”即可。
5 : debmirror package is not installed, it will be required to manage debian deployments and repositories
这项是关于debian系统才启用的,因此可以忽略
6 : The default password used by the sample templates for newly installed machines (default_password_crypted in /etc/cobbler/settings) is still set to 'cobbler' and should be changed, try: "openssl passwd -1 -salt 'random-phrase-here' 'your-password-here'" to generate new one
##执行“openssl passwd -1 生成密码,并用其替换/etc/cobbler/settings文件中default_password_crypted参数的值
[root@centos7 tftpboot]# openssl passwd -1
Password:
Verifying - Password:
$1$7bZpBAQZ$Z9xU93BxsBcAVTKVHbDPV1
把生成的口令替换掉即可
vim /etc/cobbler/setting
...
default_password_crypted: "$1$7bZpBAQZ$Z9xU93BxsBcAVTKVHbDPV1"
...
7 : fencing tools were not found, and are required to use the (optional) power management features. install cman or fence-agents to use them
这一项和集群、电源有关可以忽略。
3、配置DHCP服务
之前通过PXE安装系统时还要手动配置DHCP服务,但通过cobbler安装,可以通过cobbler来管理DHCP服务
[root@centos7 cobbler]# vim /etc/cobbler/settings
...
# set to 1 to enable Cobbler's DHCP management features.
# the choice of DHCP management engine is in /etc/cobbler/modules.conf
manage_dhcp: 1
...
[root@centos7 cobbler]# systemctl restart cobblerd
修改/etc/cobbler/dhcp.template,配置DHCP服务
[root@centos7 cobbler]# vim /etc/cobbler/dhcp.template
# ******************************************************************
# Cobbler managed dhcpd.conf file
#
# generated from cobbler dhcp.conf template ($date)
# Do NOT make changes to /etc/dhcpd.conf. Instead, make your changes
# in /etc/cobbler/dhcp.template, as /etc/dhcpd.conf will be
# overwritten.
#
# ******************************************************************
ddns-update-style interim;
allow booting;
allow bootp;
ignore client-updates;
set vendorclass = option vendor-class-identifier;
option pxe-system-type code 93 = unsigned integer 16;
subnet 192.168.147.0 netmask 255.255.255.0 { ##subnet定义为自己所属的那个网段
option routers 192.168.147.254; ##定义网关
option domain-name-servers 114.114.114.114; ##定义DNS服务器
option subnet-mask 255.255.255.0; ##定义子网掩码
range dynamic-bootp 192.168.147.100 192.168.147.254;
default-lease-time 21600;
max-lease-time 43200;
next-server $next_server;
class "pxeclients" {
match if substring (option vendor-class-identifier, 0, 9) = "PXEClient";
if option pxe-system-type = 00:02 {
filename "ia64/elilo.efi";
} else if option pxe-system-type = 00:06 {
filename "grub/grub-x86.efi";
} else if option pxe-system-type = 00:07 {
filename "grub/grub-x86_64.efi";
} else if option pxe-system-type = 00:09 {
filename "grub/grub-x86_64.efi";
} else {
filename "pxelinux.0";
}
}
}
修改完成后同步配置,此时将把/etc/cobbler/dhcp.template中的内容覆盖至/etc/dhcpd.conf。
[root@centos7 cobbler]# cobbler sync
task started: 2020-08-04_153626_sync
task started (id=Sync, time=Tue Aug 4 15:36:26 2020)
running pre-sync triggers
cleaning trees
removing: /var/lib/tftpboot/pxelinux.cfg/default
removing: /var/lib/tftpboot/grub/images
removing: /var/lib/tftpboot/grub/grub-x86.efi
removing: /var/lib/tftpboot/grub/grub-x86_64.efi
removing: /var/lib/tftpboot/grub/efidefault
removing: /var/lib/tftpboot/s390x/profile_list
copying bootloaders
trying hardlink /var/lib/cobbler/loaders/pxelinux.0 -> /var/lib/tftpboot/pxelinux.0
copying: /var/lib/cobbler/loaders/pxelinux.0 -> /var/lib/tftpboot/pxelinux.0
trying hardlink /var/lib/cobbler/loaders/menu.c32 -> /var/lib/tftpboot/menu.c32
copying: /var/lib/cobbler/loaders/menu.c32 -> /var/lib/tftpboot/menu.c32
trying hardlink /var/lib/cobbler/loaders/grub-x86.efi -> /var/lib/tftpboot/grub/grub-x86.efi
trying hardlink /var/lib/cobbler/loaders/grub-x86_64.efi -> /var/lib/tftpboot/grub/grub-x86_64.efi
copying distros to tftpboot
copying images
generating PXE configuration files
generating PXE menu structure
rendering DHCP files
generating /etc/dhcp/dhcpd.conf
rendering TFTPD files
generating /etc/xinetd.d/tftp
cleaning link caches
running post-sync triggers
running python triggers from /var/lib/cobbler/triggers/sync/post/*
running python trigger cobbler.modules.sync_post_restart_services
running: dhcpd -t -q
received on stdout:
received on stderr:
running: service dhcpd restart
received on stdout:
received on stderr: Redirecting to /bin/systemctl restart dhcpd.service
running shell triggers from /var/lib/cobbler/triggers/sync/post/*
running python triggers from /var/lib/cobbler/triggers/change/*
running python trigger cobbler.modules.manage_genders
running python trigger cobbler.modules.scm_track
running shell triggers from /var/lib/cobbler/triggers/change/*
*** TASK COMPLETE ***
同步完成重启服务
[root@centos7 dhcp]# systemctl restart cobblerd
查看/etc/dhcp/dhcpd.conf,可以验证其文件被/etc/cobbler/dhcp.template覆盖。
[root@centos7 dhcp]# cat /etc/dhcp/dhcpd.conf
# ******************************************************************
# Cobbler managed dhcpd.conf file
# generated from cobbler dhcp.conf template (Tue Aug 4 07:36:27 2020)
# Do NOT make changes to /etc/dhcpd.conf. Instead, make your changes
# in /etc/cobbler/dhcp.template, as /etc/dhcpd.conf will be
# overwritten.
# ******************************************************************
ddns-update-style interim;
allow booting;
allow bootp;
ignore client-updates;
set vendorclass = option vendor-class-identifier;
option pxe-system-type code 93 = unsigned integer 16;
subnet 192.168.147.0 netmask 255.255.255.0 {
option routers 192.168.147.254;
option domain-name-servers 114.114.114.114;
option subnet-mask 255.255.255.0;
range dynamic-bootp 192.168.147.100 192.168.147.254;
default-lease-time 21600;
max-lease-time 43200;
next-server 192.168.147.129;
class "pxeclients" {
match if substring (option vendor-class-identifier, 0, 9) = "PXEClient";
if option pxe-system-type = 00:02 {
filename "ia64/elilo.efi";
} else if option pxe-system-type = 00:06 {
filename "grub/grub-x86.efi";
} else if option pxe-system-type = 00:07 {
filename "grub/grub-x86_64.efi";
} else if option pxe-system-type = 00:09 {
filename "grub/grub-x86_64.efi";
} else {
filename "pxelinux.0";
}
}
}
# group for Cobbler DHCP tag: default
group {
}
验证DHCP服务是否启动
[root@centos7 dhcp]# ss -ntlu | grep 67
udp UNCONN 0 0 *:67 *:*
udp UNCONN 0 0 * %virbr0:67 *:*
4、挂载光盘,准备安装源。
分别添加centos6、centos7系统的光盘镜像。
[root@centos7 dhcp]# echo '- - -'> /sys/class/scsi_host/host2/scan
[root@centos7 dhcp]# lsblk
NAME MAJ:MIN RM SIZE RO TYPE MOUNTPOINT
sda 8:0 0 200G 0 disk
├─sda1 8:1 0 1G 0 part /boot
├─sda2 8:2 0 50G 0 part /
├─sda3 8:3 0 30G 0 part /data
├─sda4 8:4 0 1K 0 part
└─sda5 8:5 0 2G 0 part [SWAP]
sr0 11:0 1 8.1G 0 rom /mnt/cdrom
sr1 11:1 1 5.8G 0 rom
建立挂载目录
[root@centos7 dhcp]# mkdir /mnt/cdrom6
[root@centos7 dhcp]# mount /dev/sr1 /mnt/cdrom6
mount: /dev/sr1 写保护,将以只读方式挂载
[root@centos7 dhcp]# lsblk
NAME MAJ:MIN RM SIZE RO TYPE MOUNTPOINT
sda 8:0 0 200G 0 disk
├─sda1 8:1 0 1G 0 part /boot
├─sda2 8:2 0 50G 0 part /
├─sda3 8:3 0 30G 0 part /data
├─sda4 8:4 0 1K 0 part
└─sda5 8:5 0 2G 0 part [SWAP]
sr0 11:0 1 8.1G 0 rom /mnt/cdrom
sr1 11:1 1 5.8G 0 rom /mnt/cdrom6
5、管理distro(发行版本)导入光盘资源,以centos7的光盘为例(centos6的步骤一样,只不过centos6导入后会多出一个i386的发行版本,到时删除即可)
[root@centos7 dhcp]# cobbler import --path=/mnt/cdrom/ --name=CentOS-7.4-x86_64 --arch=x86_64
task started: 2020-08-04_165624_import
task started (id=Media import, time=Tue Aug 4 16:56:24 2020)
Found a candidate signature: breed=redhat, version=rhel6
Found a candidate signature: breed=redhat, version=rhel7
Found a matching signature: breed=redhat, version=rhel7
Adding distros from path /var/www/cobbler/ks_mirror/CentOS-7.4-x86_64:
creating new distro: CentOS-7.4-x86_64
trying symlink: /var/www/cobbler/ks_mirror/CentOS-7.4-x86_64 -> /var/www/cobbler/links/CentOS-7.4-x86_64
creating new profile: CentOS-7.4-x86_64
associating repos
checking for rsync repo(s)
checking for rhn repo(s)
checking for yum repo(s)
starting descent into /var/www/cobbler/ks_mirror/CentOS-7.4-x86_64 for CentOS-7.4-x86_64
processing repo at : /var/www/cobbler/ks_mirror/CentOS-7.4-x86_64
need to process repo/comps: /var/www/cobbler/ks_mirror/CentOS-7.4-x86_64
looking for /var/www/cobbler/ks_mirror/CentOS-7.4-x86_64/repodata/*comps*.xml
Keeping repodata as-is :/var/www/cobbler/ks_mirror/CentOS-7.4-x86_64/repodata
*** TASK COMPLETE ***
导入的资源会放置到/var/www/cobbler这个目录下,在导入的过程中该目录会不断变大。导入后系统会默认生成一个应答文件,而且是最小化安装的应答文件。
[root@centos7 cobbler]# du -sh /var/www/cobbler
du: 无法访问"/var/www/cobbler/ks_mirror/CentOS-7.4-x86_64/Packages/.texlive-pst-fill-svn15878.1.01-38.el7.noarch.rpm.EralKv": 没有那个文件或目录
7.4G /var/www/cobbler
[root@centos7 cobbler]# du -sh /var/www/cobbler
du: 无法访问"/var/www/cobbler/ks_mirror/CentOS-7.4-x86_64/Packages/.webkitgtk4-devel-2.14.7-2.el7.x86_64.rpm.Y936gf": 没有那个文件或目录
7.8G /var/www/cobbler
[root@centos7 cobbler]# du -sh /var/www/
8.0G /var/www/
[root@centos7 cobbler]# du -sh /var/www/
8.2G /var/www/
[root@centos7 cobbler]# du -sh /var/www/
8.2G /var/www/
导入完成后,通过cobbler distro list查看发行版本
[root@centos7 cobbler]# cobbler distro list
CentOS-7.4-x86_64
cobbler profile list查看配置文件,profile相当于一个kickstart文件。(注意:要删除发行版本之前先删除其对应的配置文件)
[root@centos7 ~]# cobbler profile list
CentOS-7.4-x86_64
/var/lib/tftpboot目录下也会自动生成相关文件
自动生成的安装目录文件
[root@centos7 cobbler]# cat /var/lib/tftpboot/pxelinux.cfg/default
DEFAULT menu
PROMPT 0
MENU TITLE Cobbler | http://cobbler.github.io/
TIMEOUT 200
TOTALTIMEOUT 6000
ONTIMEOUT local
LABEL local
MENU LABEL (local)
MENU DEFAULT
LOCALBOOT -1
LABEL CentOS-7.4-x86_64
kernel /images/CentOS-7.4-x86_64/vmlinuz
MENU LABEL CentOS-7.4-x86_64
append initrd=/images/CentOS-7.4-x86_64/initrd.img ksdevice=bootif lang= kssendmac text ks=http://192.168.147.129/cblr/svc/op/ks/profile/CentOS-7.4-x86_64
ipappend 2
MENU end
由于cobbler默认的kickstart文件是最小化安装的,可能无法满足需求,因此我们这里可以在上传一个自定义的kickstart文件
把URL用$tree变量代替
[root@centos7 ~]# vim ks7_desktop.cfg
#version=DEVEL
# System authorization information
auth --enableshadow --passalgo=sha512
# Use CDROM installation media
#url --url="http://192.168.147.129/centos/7"
url --url=$tree ##把URL用$tree变量代替,会自动替换为cobbler的安装源路径
....
接着把应答文件复制到/var/lib/cobbler/kickstarts/目录下(此目录专门用于存放cobbler的应答文件)
[root@centos7 ~]# cp ks7_desktop.cfg /var/lib/cobbler/kickstarts/
[root@centos7 ~]# ls /var/lib/cobbler/kickstarts/
default.ks esxi5-ks.cfg ks7_desktop.cfg pxerescue.ks sample_end.ks sample_esxi4.ks sample_esxi6.ks sample_old.seed sample.seed.28
esxi4-ks.cfg install_profiles legacy.ks sample_autoyast.xml sample_esx4.ks sample_esxi5.ks sample.ks sample.seed
把自定义的应答文件添加这profile中,使其与发行版本关联。
[root@centos7 ~]# cobbler distro list
CentOS-7.4-x86_64
[root@centos7 ~]# cobbler profile add --name=CentOS-7.4-x86_64_Desktop --distro=CentOS-7.4-x86_64 --kickstart=/var/lib/cobbler/kickstarts/ks7_desktop.cfg
添加之后,可以看到default安装菜单中多了一项
[root@centos7 ~]# cobbler profile list
CentOS-7.4-x86_64
CentOS-7.4-x86_64_Desktop
[root@centos7 ~]# cat /var/lib/tftpboot/pxelinux.cfg/default
DEFAULT menu
PROMPT 0
MENU TITLE Cobbler | http://cobbler.github.io/
TIMEOUT 200
TOTALTIMEOUT 6000
ONTIMEOUT local
LABEL local
MENU LABEL (local)
MENU DEFAULT
LOCALBOOT -1
LABEL CentOS-7.4-x86_64
kernel /images/CentOS-7.4-x86_64/vmlinuz
MENU LABEL CentOS-7.4-x86_64
append initrd=/images/CentOS-7.4-x86_64/initrd.img ksdevice=bootif lang= kssendmac text ks=http://192.168.147.129/cblr/svc/op/ks/profile/CentOS-7.4-x86_64
ipappend 2
LABEL CentOS-7.4-x86_64_Desktop
kernel /images/CentOS-7.4-x86_64/vmlinuz
MENU LABEL CentOS-7.4-x86_64_Desktop
append initrd=/images/CentOS-7.4-x86_64/initrd.img ksdevice=bootif lang= kssendmac text ks=http://192.168.147.129/cblr/svc/op/ks/profile/CentOS-7.4-x86_64_Desktop
ipappend 2
MENU end
[root@centos7 tftpboot]# pwd
/var/lib/tftpboot
[root@centos7 tftpboot]# tree images
images
└── CentOS-7.4-x86_64
├── initrd.img
└── vmlinuz
三、客户端安装
创建新虚拟机
选择稍后安装操作系统
选择linux版本,cnetos64位
网络选择“仅主机模式”,因为上面配置的cobbler网络服务是仅主机模式的。
开机后按“Esc”键,进入Boot Menu,然后选择第4项网络安装
等待几分钟后,会弹出如下提示框,这里我们选择第二项,即最小化安装。
接下来等待自动安装即可。
通过安装提示,可以看出默认的最小化安装使用的是逻辑卷的方式。
安装完成后,登录验证即可。
至此系统安装正式完成。
四、cobbler的web管理
1、要实现cobbler的基于web的管理界面,需安装cobbler-web软件包,该软件包在epel源中
[root@centos7 ~]# yum install cobbler-web
[root@centos7 ~]# rpm -ql cobbler-web
/etc/httpd/conf.d/cobbler_web.conf
/usr/share/cobbler/web
/usr/share/cobbler/web/__init__.py
/usr/share/cobbler/web/__init__.pyc
/usr/share/cobbler/web/__init__.pyo
/usr/share/cobbler/web/cobbler.wsgi
/usr/share/cobbler/web/cobbler_web
/usr/share/cobbler/web/cobbler_web/__init__.py
/usr/share/cobbler/web/cobbler_web/__init__.pyc
/usr/share/cobbler/web/cobbler_web/__init__.pyo
/usr/share/cobbler/web/cobbler_web/templates
/usr/share/cobbler/web/cobbler_web/templates/blank.tmpl
/usr/share/cobbler/web/cobbler_web/templates/check.tmpl
/usr/share/cobbler/web/cobbler_web/templates/empty.tmpl
/usr/share/cobbler/web/cobbler_web/templates/enoaccess.tmpl
/usr/share/cobbler/web/cobbler_web/templates/error_page.tmpl
/usr/share/cobbler/web/cobbler_web/templates/eventlog.tmpl
....
安装完成后需要重启http服务才能生效。
[root@centos7 ~]# systemctl restart httpd
重启后访问测试,访问的是https://192.168.147.129/cobbler_web
2、配置cobbler web认证方式,创建cobbler管理员账号
认证方法配置文件: /etc/cobbler/modules.conf
cobbler支持多种认证方法:
authn_configfile(默认的认证方法)
authn_pam
authn_denyall -- no one (default)
authn_configfile -- use /etc/cobbler/users.digest (for basic setups)
authn_passthru -- ask Apache to handle it (used for kerberos)
authn_ldap -- authenticate against LDAP
authn_spacewalk -- ask Spacewalk/Satellite (experimental)
authn_pam -- use PAM facilities
authn_testing -- username/password is always testing/testing (debug)
(user supplied) -- you may write your own module
[root@centos7 cobbler]# vim modules.conf
# cobbler module configuration file
# =================================
# authentication:
# what users can log into the WebUI and Read-Write XMLRPC?
# choices:
# authn_denyall -- no one (default)
# authn_configfile -- use /etc/cobbler/users.digest (for basic setups)
# authn_passthru -- ask Apache to handle it (used for kerberos)
# authn_ldap -- authenticate against LDAP
# authn_spacewalk -- ask Spacewalk/Satellite (experimental)
# authn_pam -- use PAM facilities
# authn_testing -- username/password is always testing/testing (debug)
# (user supplied) -- you may write your own module
# WARNING: this is a security setting, do not choose an option blindly.
# for more information:
# https://github.com/cobbler/cobbler/wiki/Cobbler-web-interface
# https://github.com/cobbler/cobbler/wiki/Security-overview
# https://github.com/cobbler/cobbler/wiki/Kerberos
# https://github.com/cobbler/cobbler/wiki/Ldap
[authentication]
module = authn_configfile
这里我们就使用authn_configfile模块认证cobbler web用户
vim /etc/cobbler/modules.conf
[authentication]
module=authn_configfile
查看authn_configfile模块的认证文件/etc/cobbler/users.digest,并添加所需的用户
[root@centos7 cobbler]# cat /etc/cobbler/users.digest
cobbler:Cobbler:a2d6bae81669d707b72c0bd9806e01f3
[root@centos7 cobbler]# htdigest -c /etc/cobbler/users.digest Cobbler admin
Adding password for admin in realm Cobbler.
New password:
Re-type new password:
[root@centos7 cobbler]# cat /etc/cobbler/users.digest
admin:Cobbler:38a2b8b1b63ae825e30c892e13a200f5
3
注意:添加第一个用户时,使用“-c”选项,后续添加其他用户时不要再使用, cobbler_web的realm只能为Cobbler
登录验证
506
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
