3-1 Cobbler-2.8部署
最后更新于:2022-04-02 07:42:41
### 础部署约定
#### 基本情况
| 名称 |详情|
| :------------: | :------------: |
|关闭服务 | selinux |
#### 程序版本及配置文件位置
|应用名称|版本|安装方式|配置文件目录|
| :------------: | :------------: | :------------: | :------------: |
|Cobbler|2.8.2|YUM|/etc/cobbler/settings|
|DHCP|4.2.5|YUM|/etc/cobbler/dhcpd.conf.template|
|Apache|2.4.6|YUM|/etc/httpd/conf.d/(cobbler.conf & cobbler_web.conf)|
|Xinetd|2.3.15|YUM|/etc/xinetd.conf|
|TFTP|5.2-13|YUM|/etc/xinetd.d/tftp|
|pykickstart|1.99.66|YUM|-|
备注:Centos 6 中,Cobbler版本为2.6了
#### YUM源配置
Centos 6
```shell
#clean OS default repo
mkdir /etc/yum.repos.d/old && mv /etc/yum.repos.d/C* /etc/yum.repos.d/old/
yum clean all
#add extend repo
wget -O /etc/yum.repos.d/CentOS-Base.repo http://mirrors.aliyun.com/repo/Centos-6.repo
wget -O /etc/yum.repos.d/epel.repo http://mirrors.aliyun.com/repo/epel-6.repo
```
Centos 7
```shell
#clean OS default repo
mkdir /etc/yum.repos.d/old && mv /etc/yum.repos.d/C* /etc/yum.repos.d/old/
yum clean all
#add extend repo
wget -O /etc/yum.repos.d/CentOS-Base.repo http://mirrors.aliyun.com/repo/Centos-7.repo
wget -O /etc/yum.repos.d/epel.repo http://mirrors.aliyun.com/repo/epel-7.repo
```
## Cobbler服务部署
#### YUM安装服务
```shell
yum install cobbler cobbler-web dhcp tftp-server pykickstart httpd xinetd -y
```
#### 增加服务到自启动
Centos 6 命令
```shell
chkconfig httpd on
chkconfig xinetd on
chkconfig dhcpd on
chkconfig tftp on
chkconfig cobblerd on
```
Centos 7 命令
```shell
systemctl enable httpd
systemctl enable xinetd
systemctl enable rsyncd
systemctl enable tftp
systemctl enable cobblerd
```
#### 启动相关服务
Centos 6 命令
```shell
/etc/init.d/httpd restart
/etc/init.d/xinetd restart
/etc/init.d/cobblerd restart
/etc/init.d/dhcpd restart
```
Centos 7 命令
```shell
systemctl start httpd
systemctl start xinetd
systemctl start tftp
systemctl start cobblerd
```
#### 执行cobbler check
```shell
[root@cobbler yum.repos.d]# cobbler check
The following are potential configuration items that you may want to fix:
1 : The 'server' field in /etc/cobbler/settings must be set to something other than localhost, or kickstarting features will not work. This should be a resolvable hostname or IP for the boot server as reachable by all machines that will use it.
2 : For PXE to be functional, the 'next_server' field in /etc/cobbler/settings must be set to something other than 127.0.0.1, and should match the IP of the boot server on the PXE network.
3 : change 'disable' to 'no' in /etc/xinetd.d/tftp
4 : some network boot-loaders are missing from /var/lib/cobbler/loaders, you may run 'cobbler get-loaders' to download them, or, if you only want to handle x86/x86_64 netbooting, you may ensure that you have installed a *recent* version of the syslinux package installed and can ignore this message entirely. Files in this directory, should you want to support all architectures, should include pxelinux.0, menu.c32, elilo.efi, and yaboot. The 'cobbler get-loaders' command is the easiest way to resolve these requirements.
5 : enable and start rsyncd.service with systemctl
6 : debmirror package is not installed, it will be required to manage debian deployments and repositories
7 : The default password used by the sample templates for newly installed machines (default_password_crypted in /etc/cobbler/settings) is still set to 'cobbler' and should be changed, try: "openssl passwd -1 -salt 'random-phrase-here' 'your-password-here'" to generate new one
8 : fencing tools were not found, and are required to use the (optional) power management features. install cman or fence-agents to use them
Restart cobblerd and then run 'cobbler sync' to apply changes.
```
#### 先解决问题1、2、7
#### 生成新的默认密码
```shell
openssl passwd -1 -salt `openssl rand 15 -base64` '123qwe!@#'
$1$V0M16k3j$XMyrGlBjyCk1q.MZxQlBl.
```
#### 修改setting配置文件
```shell
#sed -i 's%server: 127.0.0.1%server: 192.168.0.238%g' /etc/cobbler/settings
sed -i 's%^server: 127.0.0.1%server: 192.168.0.238%g' /etc/cobbler/settings
sed -i 's%^next_server: 127.0.0.1%next_server: 192.168.0.238%g' /etc/cobbler/settings
sed -i 's%manage_dhcp: 0%manage_dhcp: 1%g' /etc/cobbler/settings
sed -i 's%^default_password_crypted.*%default_password_crypted: "$1$V0M16k3j$XMyrGlBjyCk1q.MZxQlBl."%g' /etc/cobbler/settings
```
>备注:cobbler为系统安装后设置的密码,请配置强密码!
#### 配置DHCP(根据需求更改)
```shell
dhcp_conf=`grep -n "subnet 192" /etc/cobbler/dhcp.template|awk -F':' '{print $1}'`
sed -i '/192.168/d' /etc/cobbler/dhcp.template
sed -i '/255.255.255.0/d' /etc/cobbler/dhcp.template
sed -i "21 i\subnet 192.168.0.0 netmask 255.255.255.0 { " /etc/cobbler/dhcp.template
sed -i "22 i\ option routers 192.168.0.1; " /etc/cobbler/dhcp.template
sed -i "23 i\ option domain-name-servers 114.114.114.114; " /etc/cobbler/dhcp.template
sed -i "24 i\ option subnet-mask 255.255.255.0; " /etc/cobbler/dhcp.template
sed -i "25 i\ range 192.168.0.100 192.168.0.200; " /etc/cobbler/dhcp.template
```
注释:
~~~
option routers:路由地址
option domain-name-servers:DNS服务器地址
option subnet-mask:子网掩码
range:DHCP地址范围
range dynamic-bootp:为无盘工作站准备的
~~~
#### 解决问题3,启动tftp服务
#### 配置TFTP
```shell
tftp_disable_conf=`grep -n disable /etc/xinetd.d/tftp|awk -F':' '{print $1}'`
sed -i '/disable/d' /etc/xinetd.d/tftp
sed -i "$tftp_disable_conf i\ disable = no" /etc/xinetd.d/tftp
```
#### 解决问题5
Centos 6
```shell
rsync_disable_conf=`grep -n disable /etc/xinetd.d/rsync|awk -F':' '{print $1}'`
sed -i '/disable/d' /etc/xinetd.d/rsync
sed -i "$rsync_disable_conf i\ disable = no" /etc/xinetd.d/rsync
```
>备注:这个问题可以忽略,在Centos 6下未解决
Centos 7
```shell
systemctl enable rsyncd.service
```
#### 解决问题4,可能解析失败,重新执行
```shell
cobbler get-loaders
```
#### 问题8,待补充(真机电源管理)
#### 问题6为deban包,不需要处理
#### 重启cobbler服务并同步改变
```shell
systemctl restart cobblerd
cobbler check
```
';