前言

Cobbler 是一个自动化和简化系统安装的工具,通过使用网络引导来控制和启动安装。Cobbler 的特性包括存储库镜像、Kickstart 模板和连接电源管理系统。使用 Cobbler 之前需要先了解下 PXE 和 Kickstart 的基本原理,文章包含了 Cobbler 工作原理和 Cobbler 部署实践两部分内容,交叉关联性的内容还是蛮多的,遇到报错也不要怕,都会一步一步解决的。

使用 Cobbler 轻松设置和管理网络安装环境

更新记录

2016 年 04 月 12 日 - 初稿

阅读原文 - https://liaojiaxin158.github.io/post/cobbler/

扩展阅读

Cobbler Manuals - http://cobbler.github.io/manuals/
自动化运维工具 Cobbler - http://cuchadanfan.blog.51cto.com/9940284/1698348

Cobbler 工作原理

Cobbler 由 Python 语言开发,是对 PXE 和 Kickstart 以及 DHCP 的封装。融合很多特性,提供了 CLI 和 Web 的管理形式。更加方便的实行网络安装。同时,Cobbler 也提供了 API 接口,使用其它语言也很容易做扩展。它不紧可以安装物理机,同时也支持 kvm、xen 虚拟化、Guest OS 的安装。更多的是它还能结合 Puppet 等集中化管理软件,实现自动化的管理。

Cobbler 支持众多的发行版:Red Hat、Fedora、CentOS、Debian、Ubuntu 和 SuSE。当添加一个操作系统(通常通过使用 ISO 文件)时,Cobbler 知道如何解压缩合适的文件并调整网络服务,以正确引导机器。Cobbler 使用命令行方式管理,也提供了基于 Web 的图形化配置管理工具(cobbler-web)。通过配置 cobbler 自动部署 DHCP、TFTP、HTTP,在安装过程中加载 kiskstart 无人值守安装应答文件实现无人值守。从客户端使用 PXE 引导启动安装。

Server 端
第一步,启动 Cobbler 服务
第二步,进行 Cobbler 错误检查,执行 cobbler check 命令
第三步,进行配置同步,执行 cobbler sync 命令
第四步,复制相关启动文件文件到 TFTP 目录中
第五步,启动 DHCP 服务,提供地址分配
第六步,DHCP 服务分配 IP 地址
第七步,TFTP 传输启动文件
第八步,Server 端接收安装信息
第九步,Server 端发送 ISO 镜像与 Kickstart 文件

Client 端
第一步,客户端以 PXE 模式启动
第二步,客户端获取 IP 地址
第三步,通过 TFTP 服务器获取启动文件
第四步,进入 Cobbler 安装选择界面
第五步,客户端确定加载信息
第六步,根据配置信息准备安装系统
第七步,加载 Kickstart 文件
第八步,传输系统安装的其它文件
第九步,进行安装系统

Cobbler 部署实践

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
# 设置 YUM 源 
cd /etc/yum.repo.d/
vi epel.repo

[epel]
name=Extra Packages for Enterprise Linux 6 - $basearch
baseurl=http://download.fedoraproject.org/pub/epel/6/$basearch
#mirrorlist=https://mirrors.fedoraproject.org/metalink?repo=epel-6&arch=$basearch
failovermethod=priority
enabled=1
gpgcheck=1
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-EPEL-6

[epel-debuginfo]
name=Extra Packages for Enterprise Linux 6 - $basearch - Debug
baseurl=http://download.fedoraproject.org/pub/epel/6/$basearch/debug
#mirrorlist=https://mirrors.fedoraproject.org/metalink?repo=epel-debug-6&arch=$basearch
failovermethod=priority
enabled=0
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-EPEL-6
gpgcheck=1

[epel-source]
name=Extra Packages for Enterprise Linux 6 - $basearch - Source
baseurl=http://download.fedoraproject.org/pub/epel/6/SRPMS
#mirrorlist=https://mirrors.fedoraproject.org/metalink?repo=epel-source-6&arch=$basearch
failovermethod=priority
enabled=0
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-EPEL-6
gpgcheck=1


# 导入 GPG key
sudo rpm --import http://mirrors.ustc.edu.cn/centos/RPM-GPG-KEY-CentOS-6

# 修改 repo 文件添加 CentOS 6.X 的 YUM 源
cd /etc/yum.repos.d/
cp rhel-source.repo rhel-source.repo.bak
vi rhel-source.repo

[base]
name=CentOS-$releasever-Base
baseurl=http://centos.ustc.edu.cn/centos/6/os/x86_64/
gpgcheck=1
gpgkey=http://mirrors.ustc.edu.cn/centos/RPM-GPG-KEY-CentOS-6

[updates]
name=CentOS-$releasever-Updates
baseurl=http://centos.ustc.edu.cn/centos/6/os/x86_64/
gpgcheck=1
gpgkey=http://mirrors.ustc.edu.cn/centos/RPM-GPG-KEY-CentOS-6

[extras]
name=CentOS-$releasever-Extras
baseurl=http://centos.ustc.edu.cn/centos/6/os/x86_64/
gpgcheck=1
gpgkey=http://mirrors.ustc.edu.cn/centos/RPM-GPG-KEY-CentOS-6

[centosplus]
name=CentOS-$releasever-Plus
baseurl=http://centos.ustc.edu.cn/centos/6/os/x86_64/
gpgcheck=1

# 清除缓存查看是否生效
yum clean all
yum makecache
yum repolist

# 直接 cobbler 关联依赖包
yum install cobbler cobbler-web httpd rsync tftp-server xinetd dhcp python-ctypes debmirror pykickstart cman fence-agents dnsmasq

# 使用 yum-plugin-downloadonly 插件
yum install -y yum-plugin-downloadonly
yum install --downloadonly --downloaddir=/tmp/cobbler cobbler cobbler-web httpd rsync tftp-server xinetd dhcp python-ctypes debmirror pykickstart cman fence-agents dnsmasq

# 必要服务
(1)cobbler (cobbler 的核心)
(2)httpd (提供 cobbler 的 web 界面)
(3)dhcpd (为自动安装系统分配 IP 地址)
(4)epel-release (为之提供 yum 源)
(5)rsync (cobbler 需要同步信息)
(6)cobbler-web (cobbler 的一个 web 插件)
(7)xinetd (为 rsync 和 tftp 的守护进程)
(8)tftp (传送安装的一些文件的类似 ftp)

# 检查 cobbler 配置,常见错误如下
cobbler check

1 : The 'server' field in /etc/cobbler/settings must be set to something other than localhost, or kickstarting features will not work. This should be a resolvable hostname or IP for the boot server as reachable by all machines that will use it.
2 : For PXE to be functional, the 'next_server' field in /etc/cobbler/settings must be set to something other than 127.0.0.1, and should match the IP of the boot server on the PXE network.
3 : change 'disable' to 'no' in /etc/xinetd.d/tftp
4 : some network boot-loaders are missing from /var/lib/cobbler/loaders, you may run 'cobbler get-loaders' to download them, or, if you only want to handle x86/x86_64 netbooting, you may ensure that you have installed a *recent* version of the syslinux package installed and can ignore this message entirely. Files in this directory, should you want to support all architectures, should include pxelinux.0, menu.c32, elilo.efi, and yaboot. The 'cobbler get-loaders' command is the easiest way to resolve these requirements.
5 : change 'disable' to 'no' in /etc/xinetd.d/rsync
6 : file /etc/xinetd.d/rsync does not exist
7 : debmirror package is not installed, it will be required to manage debian deployments and repositories
8 : ksvalidator was not found, install pykickstart
9 : The default password used by the sample templates for newly installed machines (default_password_crypted in /etc/cobbler/settings) is still set to 'cobbler' and should be changed, try: "openssl passwd -1 -salt'random-phrase-here''your-password-here'" to generate new one
10 : fencing tools were not found, and are required to use the (optional) power management features. install cman or fence-agents to use them

1. 编辑 / etc/cobbler/settings 文件,找到 server 选项,修改为本机 IP 即可
2. 编辑 / etc/cobbler/settings 文件,找到 next_server 选项,修改为本机 IP 即可
3.SELinux 的设置, 如果上面已经关闭了 SELinux 就不用管了
4. 执行 cobbler get-loaders,系统将自动下载 loader 程序,完成提示 4 的修复工作。
5. 编辑 / etc/xinetd.d/tftp 文件,将文件中的 < span class="built_in">disable 字段的配置由 yes 改为 no
6. 编辑 / etc/xinetd.d/rsync 文件,将文件中的 < span class="built_in">disable 字段的配置由 yes 改为 no
7. 在 iptables 中将 69,80,25151 端口打开。如果仅仅只是在内部环境中使用,建议直接将防火墙关掉
8. 提示说 debmirror 没安装。如果不是安装 debian 之类的系统,此提示可以忽略
9. 修改 cobbler 用户的默认密码,可以使用如下命令生成密码,并使用生成后的密码替换 / etc/cobbler/settings 中的密码。生成密码命令:openssl passwd -1 -salt 'random-phrase-here' 'your-password-here' 其中“random-phrase-here” 为任意字符
10. 安装 cman 或者 fence-agents


# 关闭 selinux/iptables
sed -i '/SELINUX/s/enforcing/disabled/' /etc/selinux/config
setenforce 0
chkconfig iptables off
service iptables stop

# 设置 tftp 服务和 rsync 服务
sed -i '/disable/c\\tdisable\t\t\t= no' /etc/xinetd.d/tftp
sed -i -e 's/\=\ yes/\=\ no/g' /etc/xinetd.d/rsync

# 设置 DHCP server 的 IP
sed -i 's/next_server: 127.0.0.1/next_server: 172.28.70.245/g' /etc/cobbler/settings

# 设置 cobbler 的 IP
sed -i 's/server: 127.0.0.1/server: 172.28.70.245/g' /etc/cobbler/settings

# 设置 Cobbler 管理 rsync
sed -i 's/manage_rsync: 0/manage_rsync: 1/g' /etc/cobbler/settings

# 设置 Cobbler 管理 DHCP
sed -i 's/manage_dhcp: 0/manage_dhcp: 1/g' /etc/cobbler/settings

# 设置 Cobbler 一次安装开关(可选)
sed -i 's/pxe_just_once: 0/pxe_just_once: 1/g' /etc/cobbler/settings

# 设置 Cobbler 管理 DNS(可选)
sed -i 's/manage_dns: 0/manage_dns: 1/g' /etc/cobbler/settings

# 开启动态更新(可选)
sed -i 's/allow_dynamic_settings: 0/allow_dynamic_settings: 1/g' /etc/cobbler/settings

# 设置 debmirror
sed -i -e 's/@dists=/#@dists=/g' /etc/debmirror.conf
sed -i -e 's/@arches=/#@arches=/g' /etc/debmirror.conf

# 编辑 dnsmasq.template 中 dhcp-range 部分
#vi /etc/cobbler/dnsmasq.template
vi /etc/dnsmasq.conf

# Cobbler generated configuration file for dnsmasq
# $date
#

# resolve.conf .. ?
#no-poll
#enable-dbus
read-ethers
addn-hosts = /var/lib/cobbler/cobbler_hosts

dhcp-range=172.28.70.246,172.28.70.250
dhcp-option=3,$next_server
dhcp-lease-max=1000
dhcp-authoritative
dhcp-boot=pxelinux.0
dhcp-boot=net:normalarch,pxelinux.0
dhcp-boot=net:ia64,$elilo

# 重启 dnsmasq
/etc/init.d/dnsmasq restart

# 编辑 dhcp.template
cp /etc/cobbler/dhcp.template /etc/cobbler/dhcp.template.bak
vi /etc/cobbler/dhcp.template

# ******************************************************************
# Cobbler managed dhcpd.conf file
#
# generated from cobbler dhcp.conf template ($date)
# Do NOT make changes to /etc/dhcpd.conf. Instead, make your changes
# in /etc/cobbler/dhcp.template, as /etc/dhcpd.conf will be
# overwritten.
#
# ******************************************************************

ddns-update-style interim;

allow booting;
allow bootp;

ignore client-updates;
set vendorclass = option vendor-class-identifier;

option pxe-system-type code 93 = unsigned integer 16;

subnet 172.28.70.0 netmask 255.255.255.0 {
option routers 172.28.70.254;
option domain-name-servers 172.28.70.254;
option subnet-mask 255.255.255.0;
range dynamic-bootp 172.28.70.246 172.28.70.250;
default-lease-time 21600;
max-lease-time 43200;
next-server $next_server;
class "pxeclients" {
match if substring (option vendor-class-identifier, 0, 9) = "PXEClient";
if option pxe-system-type = 00:02 {
filename "ia64/elilo.efi";
} else if option pxe-system-type = 00:06 {
filename "grub/grub-x86.efi";
} else if option pxe-system-type = 00:07 {
filename "grub/grub-x86_64.efi";
} else {
filename "pxelinux.0";
}
}

}

#for dhcp_tag in $dhcp_tags.keys():
## group could be subnet if your dhcp tags line up with your subnets
## or really any valid dhcpd.conf construct ... if you only use the
## default dhcp tag in cobbler, the group block can be deleted for a
## flat configuration
# group for Cobbler DHCP tag: $dhcp_tag
group {
#for mac in $dhcp_tags[$dhcp_tag].keys():
#set iface = $dhcp_tags[$dhcp_tag][$mac]
host $iface.name {
hardware ethernet $mac;
#if $iface.ip_address:
fixed-address $iface.ip_address;
#end if
#if $iface.hostname:
option host-name "$iface.hostname";
#end if
#if $iface.netmask:
option subnet-mask $iface.netmask;
#end if
#if $iface.gateway:
option routers $iface.gateway;
#end if
#if $iface.enable_gpxe:
if exists user-class and option user-class = "gPXE" {
filename "http://$cobbler_server/cblr/svc/op/gpxe/system/$iface.owner";
} else if exists user-class and option user-class = "iPXE" {
filename "http://$cobbler_server/cblr/svc/op/gpxe/system/$iface.owner";
} else {
filename "undionly.kpxe";
}
#else
filename "$iface.filename";
#end if
## Cobbler defaults to $next_server, but some users
## may like to use $iface.system.server for proxied setups
next-server $next_server;
## next-server $iface.next_server;
}
#end for
}
#end for

# 将 dns 和 dhcp 的管理引擎都配置为 dnsmasq,修改 / etc/cobbler/modules.conf
vi /etc/cobbler/modules.conf

[authentication]
module = authn_configfile
[dns]
module = manage_dnsmasq
[dhcp]
module = manage_dnsmasq

# 修改 httpd 配置并启动
vi /etc/httpd/conf/httpd.conf

ServerName 127.0.0.1:80

/etc/init.d/httpd restart

# 设置目标系统 root 密码,这个设置只对 CentOS/RHEL 有效
PASSWORD="`echo"admin123"| openssl passwd -1 -salt'root'–stdin`"
sed -i s@"^default_password_crypted.*$"@"default_password_crypted: \"$PASSWORD\""@g /etc/cobbler/settings
***
default_password_crypted: "$1$cobbler$k/5ITeQUOffuOujzEvhjY."
***

# 下载启动菜单, 启动报错请尝试 service cobblerd restart
cobbler get-loaders

cobbler@root#cobbler get-loaders
task started: 2016-04-11_092911_get_loaders
task started (id=Download Bootloader Content, time=Mon Apr 11 09:29:11 2016)
downloading http://cobbler.github.io/loaders/README to /var/lib/cobbler/loaders/README
downloading http://cobbler.github.io/loaders/COPYING.elilo to /var/lib/cobbler/loaders/COPYING.elilo
downloading http://cobbler.github.io/loaders/COPYING.yaboot to /var/lib/cobbler/loaders/COPYING.yaboot
downloading http://cobbler.github.io/loaders/COPYING.syslinux to /var/lib/cobbler/loaders/COPYING.syslinux
downloading http://cobbler.github.io/loaders/elilo-3.8-ia64.efi to /var/lib/cobbler/loaders/elilo-ia64.efi
downloading http://cobbler.github.io/loaders/yaboot-1.3.17 to /var/lib/cobbler/loaders/yaboot
downloading http://cobbler.github.io/loaders/pxelinux.0-3.86 to /var/lib/cobbler/loaders/pxelinux.0
downloading http://cobbler.github.io/loaders/menu.c32-3.86 to /var/lib/cobbler/loaders/menu.c32
downloading http://cobbler.github.io/loaders/grub-0.97-x86.efi to /var/lib/cobbler/loaders/grub-x86.efi
downloading http://cobbler.github.io/loaders/grub-0.97-x86_64.efi to /var/lib/cobbler/loaders/grub-x86_64.efi
*** TASK COMPLETE ***

# 重启相关服务并配置自动启动
chkconfig cobblerd on
chkconfig httpd on
chkconfig xinetd on
chkconfig dnsmasq on

service httpd restart
service xinetd restart
service dnsmasq restart
service cobblerd restart


# 检查并同步 cobbler 配置,如果有如下报错确认文件存在可以忽略
cobbler@ZJ/etc/cobbler#cobbler check
The following are potential configuration items that you may want to fix:

1 : file /etc/xinetd.d/rsync does not exist

Restart cobblerd and then run 'cobbler sync' to apply changes.

cobbler@ZJ/etc/cobbler#cobbler sync
task started: 2016-04-11_170138_sync
task started (id=Sync, time=Mon Apr 11 17:01:38 2016)
running pre-sync triggers
cleaning trees
removing: /var/lib/tftpboot/grub/images
copying bootloaders
trying hardlink /var/lib/cobbler/loaders/pxelinux.0 -> /var/lib/tftpboot/pxelinux.0
trying hardlink /var/lib/cobbler/loaders/menu.c32 -> /var/lib/tftpboot/menu.c32
trying hardlink /var/lib/cobbler/loaders/yaboot -> /var/lib/tftpboot/yaboot
trying hardlink /usr/share/syslinux/memdisk -> /var/lib/tftpboot/memdisk
trying hardlink /var/lib/cobbler/loaders/grub-x86_64.efi -> /var/lib/tftpboot/grub/grub-x86_64.efi
trying hardlink /var/lib/cobbler/loaders/grub-x86.efi -> /var/lib/tftpboot/grub/grub-x86.efi
copying distros to tftpboot
copying images
generating PXE configuration files
generating PXE menu structure
rendering DHCP files
rendering DNS files
rendering TFTPD files
generating /etc/xinetd.d/tftp
cleaning link caches
rendering Rsync files
running post-sync triggers
running python triggers from /var/lib/cobbler/triggers/sync/post/*
running python trigger cobbler.modules.sync_post_restart_services
running: service dnsmasq restart
received on stdout: Shutting down dnsmasq: [ OK ]
Starting dnsmasq: [ OK ]

received on stderr:
running shell triggers from /var/lib/cobbler/triggers/sync/post/*
running python triggers from /var/lib/cobbler/triggers/change/*
running python trigger cobbler.modules.scm_track
running shell triggers from /var/lib/cobbler/triggers/change/*
*** TASK COMPLETE ***

# 开启动态编辑后的效果
cobbler setting report
cobbler setting report [--name=option]

allow_duplicate_hostnames : 0
allow_duplicate_ips : 0
allow_duplicate_macs : 0
allow_dynamic_settings : 1
always_write_dhcp_entries : 0
anamon_enabled : 0
auth_token_expiration : 3600
authn_pam_service : login
bind_chroot_path :
bind_master : 127.0.0.1
build_reporting_email : ['root@localhost']
build_reporting_enabled : 0
build_reporting_ignorelist : ['']
build_reporting_sender :
build_reporting_smtp_server : localhost
build_reporting_subject :
build_reporting_to_address :
buildisodir : /var/cache/cobbler/buildiso
cheetah_import_whitelist : ['random', 're', 'time']
client_use_https : 0
client_use_localhost : 0
cobbler_master :
consoles : /var/consoles
createrepo_flags : -c cache -s sha
default_deployment_method : ssh
default_kickstart : /var/lib/cobbler/kickstarts/default.ks
default_name_servers : []
default_name_servers_search : []
default_ownership : ['admin']
default_password_crypted : $1$root$JX8M6OcOn.pjk0pHdnG0y0
default_template_type : cheetah
default_virt_bridge : xenbr0
default_virt_disk_driver : raw
default_virt_file_size : 5
default_virt_ram : 512
default_virt_type : xenpv
enable_gpxe : 0
enable_menu : 1
func_auto_setup : 0
func_master : overlord.example.org
http_port : 80
isc_set_host_name : 0
iso_template_dir : /etc/cobbler/iso
kerberos_realm : EXAMPLE.COM
kernel_options : {'ksdevice': 'bootif', 'lang': '', 'text': '~'}
kernel_options_s390x : {'vnc': '~', 'ip': False, 'RUNKS': 1, 'ramdisk_size': 40000, 'ro': '~', 'root': '/dev/ram0'}
ldap_anonymous_bind : 1
ldap_base_dn : DC=example,DC=com
ldap_management_default_type : authconfig
ldap_port : 389
ldap_search_bind_dn :
ldap_search_passwd :
ldap_search_prefix : uid=
ldap_server : ldap.example.com
ldap_tls : 1
ldap_tls_cacertfile :
ldap_tls_certfile :
ldap_tls_keyfile :
manage_dhcp : 1
manage_dns : 1
manage_forward_zones : []
manage_reverse_zones : []
manage_rsync : 1
manage_tftp : 1
manage_tftpd : 1
mgmt_classes : []
mgmt_parameters : {'from_cobbler': 1}
next_server : 172.28.70.245
power_management_default_type : ipmitool
power_template_dir : /etc/cobbler/power
proxy_url_ext :
proxy_url_int :
puppet_auto_setup : 0
puppet_parameterized_classes : 1
puppet_server : puppet
puppet_version : 2
puppetca_path : /usr/bin/puppet
pxe_just_once : 1
pxe_template_dir : /etc/cobbler/pxe
redhat_management_key :
redhat_management_permissive : 0
redhat_management_server : xmlrpc.rhn.redhat.com
redhat_management_type : off
register_new_installs : 0
remove_old_puppet_certs_automatically : 0
replicate_repo_rsync_options : -avzH
replicate_rsync_options : -avzH
reposync_flags : -l -n -d
restart_dhcp : 1
restart_dns : 1
restart_xinetd : 1
run_install_triggers : 1
scm_track_enabled : 0
scm_track_mode : git
serializer_pretty_json : 0
server : 172.28.70.245
sign_puppet_certs_automatically : 0
signature_path : /var/lib/cobbler/distro_signatures.json
signature_url : http://cobbler.github.io/signatures/2.6.x/latest.json
snippetsdir : /var/lib/cobbler/snippets
template_remote_kickstarts : 0
virt_auto_boot : 1
webdir : /var/www/cobbler
xmlrpc_port : 25151
yum_distro_priority : 1
yum_post_install_mirror : 1
yumdownloader_flags : --resolve

# 修改 seting 文件 cobbler 登陆服务器地址
cobbler setting edit --name=server --value=172.28.0.1
#ks 脚本关闭 pxe,这样就不会重复安装
cobbler setting edit --name=pxe_just_once --value=1
#TFTP 服务器 IP 地址
cobbler setting edit --name=next_server --value=172.28.0.1
#cobbler 管理 rsync,dhcp,dns
cobbler setting edit --name=manage_rsync --value=1
cobbler setting edit --name=manage_dhcp --value=1
cobbler setting edit --name=manage_dns --value=1

cobbler 导入镜像

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
# 使用镜像文件
mount -o loop /tmp/rhel-server-6.3-x86_64-dvd.iso /mnt/rhel63
# 使用光盘
mount /dev/sr0 /mnt/rhel63

# 执行镜像导入,并关联自定义的自动安装配置 ks 脚本,这个地方我们可以为不同的系统版本指定不同的自动安装 ks 脚本(这个过程实际比较长,cobbler 会把软件整个复制一份到本地,在这之前,务必确认硬盘空间足够装下镜像)
cobbler import --path=/tmp/rhel63 --name=rhel63 --kickstart=/var/lib/cobbler/kickstarts/rhel63.cfg

task started: 2016-04-12_090326_import
task started (id=Media import, time=Tue Apr 12 09:03:26 2016)
Found a candidate signature: breed=redhat, version=rhel6
Found a matching signature: breed=redhat, version=rhel6
Adding distros from path /var/www/cobbler/ks_mirror/rhel63:
creating new distro: rhel63-x86_64
trying symlink: /var/www/cobbler/ks_mirror/rhel63 -> /var/www/cobbler/links/rhel63-x86_64
creating new profile: rhel63-x86_64
associating repos
checking for rsync repo(s)
checking for rhn repo(s)
checking for yum repo(s)
starting descent into /var/www/cobbler/ks_mirror/rhel63 for rhel63-x86_64
processing repo at : /var/www/cobbler/ks_mirror/rhel63
need to process repo/comps: /var/www/cobbler/ks_mirror/rhel63
looking for /var/www/cobbler/ks_mirror/rhel63/repodata/*comps*.xml
Keeping repodata as-is :/var/www/cobbler/ks_mirror/rhel63/repodata
processing repo at : /var/www/cobbler/ks_mirror/rhel63/HighAvailability
need to process repo/comps: /var/www/cobbler/ks_mirror/rhel63/HighAvailability
looking for /var/www/cobbler/ks_mirror/rhel63/HighAvailability/repodata/*comps*.xml
Keeping repodata as-is :/var/www/cobbler/ks_mirror/rhel63/HighAvailability/repodata
processing repo at : /var/www/cobbler/ks_mirror/rhel63/Server
need to process repo/comps: /var/www/cobbler/ks_mirror/rhel63/Server
looking for /var/www/cobbler/ks_mirror/rhel63/Server/repodata/*comps*.xml
Keeping repodata as-is :/var/www/cobbler/ks_mirror/rhel63/Server/repodata
processing repo at : /var/www/cobbler/ks_mirror/rhel63/LoadBalancer
need to process repo/comps: /var/www/cobbler/ks_mirror/rhel63/LoadBalancer
looking for /var/www/cobbler/ks_mirror/rhel63/LoadBalancer/repodata/*comps*.xml
Keeping repodata as-is :/var/www/cobbler/ks_mirror/rhel63/LoadBalancer/repodata
processing repo at : /var/www/cobbler/ks_mirror/rhel63/ScalableFileSystem
need to process repo/comps: /var/www/cobbler/ks_mirror/rhel63/ScalableFileSystem
looking for /var/www/cobbler/ks_mirror/rhel63/ScalableFileSystem/repodata/*comps*.xml
Keeping repodata as-is :/var/www/cobbler/ks_mirror/rhel63/ScalableFileSystem/repodata
processing repo at : /var/www/cobbler/ks_mirror/rhel63/ResilientStorage
need to process repo/comps: /var/www/cobbler/ks_mirror/rhel63/ResilientStorage
looking for /var/www/cobbler/ks_mirror/rhel63/ResilientStorage/repodata/*comps*.xml
Keeping repodata as-is :/var/www/cobbler/ks_mirror/rhel63/ResilientStorage/repodata
*** TASK COMPLETE ***


# 查看 cobbler 导入结果
cobbler distro list
cobbler report

# 验证 ks 有效性,剩下的就是 PXE 引导测试了
cobbler validateks

cobbler-web

1
2
3
4
5
6
7
8
9
10
11
# 设置 Web 登录, cobbler 2.6 以上版本已经无需修改
sed -i 's/module = authn_denyall/module = authn_configfile/g' /etc/cobbler/modules.conf

# 设置 Cobbler Web 登录用户登录密码
htdigest /etc/cobbler/users.digest "Cobbler" cobbler
Changing password for user cobbler in realm Cobbler
New password:cobbler
Re-type new password:cobbler

#cobbler_web 登录地址,推荐使用命令行管理
http://{IP}/cobbler_web

Cobbler 相关选项说明

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
#Cobbler 常用命令详解 
cobbler check # 检查 cobbler 配置
cobbler sync # 同步配置到 dhcp/pxe 和数据目录
cobbler list # 列出所有的 cobbler 元素
cobbler import # 导入安装的系统镜像
cobbler report # 列出各元素的详细信息
cobbler distro # 查看导入的发行版系统信息
cobbler profile # 查看配置信息
cobbler system # 查看添加的系统信息
cobbler reposync # 同步 yum 仓库到本地

# 导入镜像文件
命令:cobbler import --path = 镜像路径 -- name = 安装引导名 --arch=32 位或 64 位
参数:
path 是镜像所挂载的目录
name 是导入到 cobbler 里面显示的名字
arch 是 32 位系统还是 64 位系统

# 导入 kickstart 文件
命令:cobbler profile add --name=list 名 --distro = 镜像 --kickstart = 路径
参数:
name 是表示添加的 ks 的名字,用 cobbler report 可以看到这个名字
distro 是用哪个镜像,list 的 distros 里面选择一个,需要版本相对应
kickstart 是具体的 ks 文件路径

# 同步 DHCP、HTTPD
命令:cobbler sync
注,每次修改完 dhcp.template 之类的配置文件需要执行一次使其生效。

# 查看 Cobbler 列表
命令:cobbler list
注,列出 Cobbler 所有的元素。

# 删除相关列表
命令:cobbler distro/profile remove --name = 要删除的引导文件名
删除指定 distro , 也就是镜像
删除指定的 profile 文件,也就是 ks

#Cobbler 安装后目录说明
cobbler 配置文件目录 / etc/cobbler:
/etc/cobbler/settings #cobbler 主配置文件
/etc/cobbler/iso/ #iso 模板配置文件
/etc/cobbler/pxe #pxe 模板文件
/etc/cobbler/power # 电源的配置文件
/etc/cobbler/users.conf #Web 服务授权配置文件
/etc/cobbler/users.digest # 用于 web 访问的用户名密码配置文件
/etc/cobbler/dhcp.template #DHCP 服务的配置模板
/etc/cobbler/dnsmasq.template #DNS 服务的配置模板
/etc/cobbler/tftpd.template #tftp 服务的配置模板
/etc/cobbler/modules.conf #Cobbler 模块配置文件

cobbler 数据目录 / var/lib/cobbler:
/var/lib/cobbler/config/ # 用于存放 distros、systems、profiles 等信息配置文件
/var/lib/cobbler/triggers # 用于存放用户定义的 cobbler 命令
/var/lib/cobbler/kickstarts/ # 默认存放 kickstart 文件
/var/lib/cobbler/loaders # 存放的各种引导程序

镜像数据目录 / var/www/cobbler:
/var/www/cobbler/ks_mirror/ # 导入的发行版系统的所有数据
/var/www/cobbler/images/ # 导入发行版的 Kernel 和 initrd 镜像用于远程网络启动
/var/www/cobbler/repo_mirror/ #yum 仓库存储目录

日志目录 /var/log/cobbler/:
/var/log/cobbler/install.log # 客户端的安装系统日志
/var/log/cobbler/cobbler.log #cobbler 日志

常见问题

1
2
3
4
5
6
7
8
9
10
11
12
# 多查看错误日志
less /var/log/cobbler/cobbler.log

# 为 cobbler-web 重置用户密码
htdigest /etc/cobbler/users.digest "Cobbler" cobbler
# 添加新用户
htdigest /etc/cobbler/users.digest "Cobbler" usernam

#DHCP 多网卡环境可以指定网卡
vi /etc/sysconfig/dhcpd
# Command line options here
DHCPDARGS=eth0
文章目录
  1. 1. 前言
  2. 2. 更新记录
  3. 3. Cobbler 工作原理
  4. 4. Cobbler 部署实践
  5. 5. cobbler 导入镜像
  6. 6. cobbler-web
  7. 7. Cobbler 相关选项说明
  8. 8. 常见问题