3-1 Cobbler-2.8部署

### 础部署约定 #### 基本情况 | 名称 |详情| | :------------: | :------------: | |关闭服务 | selinux | #### 程序版本及配置文件位置 |应用名称|版本|安装方式|配置文件目录| | :------------: | :------------: | :------------: | :------------: | |Cobbler|2.8.2|YUM|/etc/cobbler/settings| |DHCP|4.2.5|YUM|/etc/cobbler/dhcpd.conf.template| |Apache|2.4.6|YUM|/etc/httpd/conf.d/(cobbler.conf & cobbler_web.conf)| |Xinetd|2.3.15|YUM|/etc/xinetd.conf| |TFTP|5.2-13|YUM|/etc/xinetd.d/tftp| |pykickstart|1.99.66|YUM|-| 备注：Centos 6 中，Cobbler版本为2.6了 #### YUM源配置 Centos 6 ```shell #clean OS default repo mkdir /etc/yum.repos.d/old && mv /etc/yum.repos.d/C* /etc/yum.repos.d/old/ yum clean all #add extend repo wget -O /etc/yum.repos.d/CentOS-Base.repo http://mirrors.aliyun.com/repo/Centos-6.repo wget -O /etc/yum.repos.d/epel.repo http://mirrors.aliyun.com/repo/epel-6.repo ``` Centos 7 ```shell #clean OS default repo mkdir /etc/yum.repos.d/old && mv /etc/yum.repos.d/C* /etc/yum.repos.d/old/ yum clean all #add extend repo wget -O /etc/yum.repos.d/CentOS-Base.repo http://mirrors.aliyun.com/repo/Centos-7.repo wget -O /etc/yum.repos.d/epel.repo http://mirrors.aliyun.com/repo/epel-7.repo ``` ## Cobbler服务部署 #### YUM安装服务 ```shell yum install cobbler cobbler-web dhcp tftp-server pykickstart httpd xinetd -y ``` #### 增加服务到自启动 Centos 6 命令 ```shell chkconfig httpd on chkconfig xinetd on chkconfig dhcpd on chkconfig tftp on chkconfig cobblerd on ``` Centos 7 命令 ```shell systemctl enable httpd systemctl enable xinetd systemctl enable rsyncd systemctl enable tftp systemctl enable cobblerd ``` #### 启动相关服务 Centos 6 命令 ```shell /etc/init.d/httpd restart /etc/init.d/xinetd restart /etc/init.d/cobblerd restart /etc/init.d/dhcpd restart ``` Centos 7 命令 ```shell systemctl start httpd systemctl start xinetd systemctl start tftp systemctl start cobblerd ``` #### 执行cobbler check ```shell [root@cobbler yum.repos.d]# cobbler check The following are potential configuration items that you may want to fix: 1 : The 'server' field in /etc/cobbler/settings must be set to something other than localhost, or kickstarting features will not work. This should be a resolvable hostname or IP for the boot server as reachable by all machines that will use it. 2 : For PXE to be functional, the 'next_server' field in /etc/cobbler/settings must be set to something other than 127.0.0.1, and should match the IP of the boot server on the PXE network. 3 : change 'disable' to 'no' in /etc/xinetd.d/tftp 4 : some network boot-loaders are missing from /var/lib/cobbler/loaders, you may run 'cobbler get-loaders' to download them, or, if you only want to handle x86/x86_64 netbooting, you may ensure that you have installed a *recent* version of the syslinux package installed and can ignore this message entirely. Files in this directory, should you want to support all architectures, should include pxelinux.0, menu.c32, elilo.efi, and yaboot. The 'cobbler get-loaders' command is the easiest way to resolve these requirements. 5 : enable and start rsyncd.service with systemctl 6 : debmirror package is not installed, it will be required to manage debian deployments and repositories 7 : The default password used by the sample templates for newly installed machines (default_password_crypted in /etc/cobbler/settings) is still set to 'cobbler' and should be changed, try: "openssl passwd -1 -salt 'random-phrase-here' 'your-password-here'" to generate new one 8 : fencing tools were not found, and are required to use the (optional) power management features. install cman or fence-agents to use them Restart cobblerd and then run 'cobbler sync' to apply changes. ``` #### 先解决问题1、2、7 #### 生成新的默认密码 ```shell openssl passwd -1 -salt `openssl rand 15 -base64` '123qwe!@#' $1$V0M16k3j$XMyrGlBjyCk1q.MZxQlBl. ``` #### 修改setting配置文件 ```shell #sed -i 's%server: 127.0.0.1%server: 192.168.0.238%g' /etc/cobbler/settings sed -i 's%^server: 127.0.0.1%server: 192.168.0.238%g' /etc/cobbler/settings sed -i 's%^next_server: 127.0.0.1%next_server: 192.168.0.238%g' /etc/cobbler/settings sed -i 's%manage_dhcp: 0%manage_dhcp: 1%g' /etc/cobbler/settings sed -i 's%^default_password_crypted.*%default_password_crypted: "$1$V0M16k3j$XMyrGlBjyCk1q.MZxQlBl."%g' /etc/cobbler/settings ``` >备注：cobbler为系统安装后设置的密码,请配置强密码！ #### 配置DHCP（根据需求更改） ```shell dhcp_conf=`grep -n "subnet 192" /etc/cobbler/dhcp.template|awk -F':' '{print $1}'` sed -i '/192.168/d' /etc/cobbler/dhcp.template sed -i '/255.255.255.0/d' /etc/cobbler/dhcp.template sed -i "21 i\subnet 192.168.0.0 netmask 255.255.255.0 { " /etc/cobbler/dhcp.template sed -i "22 i\ option routers 192.168.0.1; " /etc/cobbler/dhcp.template sed -i "23 i\ option domain-name-servers 114.114.114.114; " /etc/cobbler/dhcp.template sed -i "24 i\ option subnet-mask 255.255.255.0; " /etc/cobbler/dhcp.template sed -i "25 i\ range 192.168.0.100 192.168.0.200; " /etc/cobbler/dhcp.template ``` 注释： ~~~ option routers：路由地址 option domain-name-servers：DNS服务器地址 option subnet-mask：子网掩码 range：DHCP地址范围 range dynamic-bootp:为无盘工作站准备的 ~~~ #### 解决问题3，启动tftp服务 #### 配置TFTP ```shell tftp_disable_conf=`grep -n disable /etc/xinetd.d/tftp|awk -F':' '{print $1}'` sed -i '/disable/d' /etc/xinetd.d/tftp sed -i "$tftp_disable_conf i\ disable = no" /etc/xinetd.d/tftp ``` #### 解决问题5 Centos 6 ```shell rsync_disable_conf=`grep -n disable /etc/xinetd.d/rsync|awk -F':' '{print $1}'` sed -i '/disable/d' /etc/xinetd.d/rsync sed -i "$rsync_disable_conf i\ disable = no" /etc/xinetd.d/rsync ``` >备注：这个问题可以忽略，在Centos 6下未解决 Centos 7 ```shell systemctl enable rsyncd.service ``` #### 解决问题4，可能解析失败，重新执行 ```shell cobbler get-loaders ``` #### 问题8，待补充（真机电源管理） #### 问题6为deban包，不需要处理 #### 重启cobbler服务并同步改变 ```shell systemctl restart cobblerd cobbler check ```