安装环境
3.10.0-514.el7.x86_64
ip: 192.168.1.203
关闭selinux
vi /etc/selinux/config SELINUX=disabled #修改 :wq! #保存退出 setenforce 0 #使配置立即生效或者重启系统 获取selinux的当前状态: # getenforce 临时启用或禁用: # setenfoce 0|1
设置防火墙
开启TCP:80端口、TCP:25151端口、UDP:69端口
#这些貌似不知道咋了 开了会不能访问到web页面了 关闭后就可以
firewall-cmd --zone=public --add-port=80/tcp --permanent firewall-cmd --zone=public --add-port=25151/tcp --permanent firewall-cmd --zone=public --add-port=25151/udp --permanent firewall-cmd --zone=public --add-port=67/udp --permanent firewall-cmd --zone=public --add-port=68/udp --permanent firewall-cmd --zone=public --add-port=69/udp --permanent firewall-cmd --zone=public --add-port=546/udp --permanent firewall-cmd --reload
安装所需要的组件
添加yum源:
wget https://mirrors.ustc.edu.cn/epel//epel-release-latest-7.noarch.rpm
rpm -Uvh epel-release-latest-7.noarch.rpm
安装组件:
yum -y install cobbler tftp tftp-server xinetd dhcp httpd rsync pykickstart debmirror python-ctypes cman cobbler-web fence-agents
配置http服务
systemctl start httpd
systemctl enable httpd
ps -ef |grep http
配置tftp和rsync服务
tftp和rsync服务由xinetd管理
cd /etc/xinetd.d/ vim tftp 修改 disable = no systemctl start xinetd systemctl enable xinetd systemctl start tftp systemctl enable tftp systemctl start rsyncd # 在cobbler import 的时候会调用rsync systemctl enable rsyncd ps -ef | grep xinetd ps -ef |grep tftp ps -ef |grep rsync ##cobbler import的时候看到的 rsync进程 [root@localhost ~]# ps -ef |grep rsync root 1621 1 0 04:09 ? 00:00:00 /usr/bin/rsync --daemon --no-detach root 14830 14633 6 05:54 ? 00:00:15 rsync -a /systemctl/ios/centos6.6/ /var/www/cobbler/ks_mirror/centos6.6-x86_64 --progress root 14831 14830 0 05:54 ? 00:00:00 rsync -a /systemctl/ios/centos6.6/ /var/www/cobbler/ks_mirror/centos6.6-x86_64 --progress root 14832 14831 7 05:54 ? 00:00:17 rsync -a /systemctl/ios/centos6.6/ /var/www/cobbler/ks_mirror/centos6.6-x86_64 --progress #默认在/var/www/cobbler/ks_mirror会生成镜像文件夹 和一些配置
配置dhcp服务
cd /etc/dhcp/ vim dhcpd.conf mkdir -p backup cp -a dhcpd.conf backup/ cp -a /usr/share/doc/dhcp*/dhcpd.conf.example ./dhcpd.conf vim dhcpd.conf # dhcpd.conf #这里的配置要和cobbler里的dhcp.template 配置一致 option domain-name "test.org"; option domain-name-servers 202.106.0.20, 114.114.114.114; default-lease-time 600; max-lease-time 7200; log-facility local7; subnet 192.168.1.0 netmask 255.255.255.0 { #网段和子网掩码 option routers 192.168.1.1; #网管关 option domain-name-servers 202.106.0.20; #dns服务器 option subnet-mask 255.255.255.0; range dynamic-bootp 192.168.1.237 192.168.1.240; #分配的地址范围 } systemctl start dhcpd systemctl enable dhcpd ps -ef |grep dhcp
配置cobbler
修改setting
cd /etc/cobbler/ vi /etc/cobbler/setting next_server: 192.168.1.203 #dhcp服务所在服务器的地址 我这都在同一台服务器上,所以就是192.168.1.203 #注意这个文件里 不要用127.0.0.1用配置的静态ip server: 192.168.1.203 #cobbler服务所在服务器的ip地址 用配置的静态ip manage_dhcp: 1 # 设置为1 cobbler管理dhcp,后面用于同步更新配置信息[cobbler sync] manage_rsync: 1 # 设置为1 cobbler管理rsync功能
修改DHCP模板,确保DHCP分配的地址和Cobbler在同一网段
vim dhcp.template 修改如下,其他暂时默认: subnet 192.168.1.0 netmask 255.255.255.0 { #网段和子网掩码 option routers 192.168.1.1; #网管关 option domain-name-servers 202.106.0.20; #dns服务器 option subnet-mask 255.255.255.0; range dynamic-bootp 192.168.1.237 192.168.1.240; #分配的地址范围 default-lease-time 21600; max-lease-time 43200; next-server $next_server; systemctl start cobblerd systemctl enable cobblerd ps -ef |grep cobbler
加载部分缺失的网络boot-loaders
此命令需要cobbler和http已经正常启动,否则执行错误
cobbler get-loaders task started: 2017-07-04_055352_get_loaders task started (id=Download Bootloader Content, time=Tue Jul 4 05:53:52 2017) downloading https://cobbler.github.io/loaders/README to /var/lib/cobbler/loaders/README ...省略 downloading https://cobbler.github.io/loaders/grub-0.97-x86_64.efi to /var/lib/cobbler/loaders/grub-x86_64.efi *** TASK COMPLETE ***
修改debmirror
vim /etc/debmirror.conf #注释以下两行 #@dists="sid"; #@arches="i386";
修改cobbler的默认密码
用 openssl 生成一串密码后加入到 cobbler 的配置文件(/etc/cobbler/settings)里,替换 default_password_crypted 字段:
openssl passwd -1 -salt 'random-phrase-here' '1234567890' $1$random-p$RkqDMTpuNlZZhJ7moLn3Q. vi /etc/cobbler/settings default_password_crypted: "$1$random-p$RkqDMTpuNlZZhJ7moLn3Q." #点 也要复制上 systemctl restart cobblerd ps -ef | grep cobbler
检查
cobbler check No configuration problems found. All systems go. #这样才算可以哦 没有问题了
导入镜像
mkdir -p /systemctl/ios #新建放镜像的文件夹 #新建不同版本的文件夹 mkdir -p /systemctl/ios/all #用来放所有的镜像的实体文件 mkdir -p /systemctl/ios/centos6.5 mkdir -p /systemctl/ios/centos7 mkdir -p /systemctl/ios/win7 #挂载并导入镜像 ***挂载后 要设置开机挂载 将挂载命令添加到 /etc/rc.local文件里 mount -o loop CentOS-6.6-x86_64-bin-DVD1.iso /systemctl/ios/centos6.6/ mount -o loop CentOS-7-x86_64-DVD-1708.iso /systemctl/ios/centos7/ cobbler import --path=/systemctl/ios/centos6.6/ --name=centos6.6 --arch=x86_64 cobbler import --path=/systemctl/ios/centos7/ --name=centos7 --arch=x86_64 或者这样挂载 import 报错No signature matched in /var/www/cobbler/ks_mirror/centos6.6-x86_64 我换做了这样挂载就好了,感觉是什么不匹配,也没找到真正的原因 mount -t iso9660 -o loop /home/ios/all/CentOS-6.6-x86_64-bin-DVD1.iso /home/ios/centos6.6/ ##以上方法 导入的是本地的镜像,也可以通过网络安装 cobbler import--path=rsync://centos.ustc.edu.cn/centos/6.6/os/i386/ --name=centos-6.6-i386
配合kickstart 为镜像自定义自动安装设置
1. 安装所需组件
yum -y install system-config-kickstart
2.查看要修改的镜像默认使用的自动安装文件
cobbler profile report #查看所有的 cobbler profile report --name centos6.6-x86_64 #查看指定的 [root@localhost ios]# cobbler profile report --name=centos6.6-x86_64 Name : centos6.6-x86_64 Kickstart : /var/lib/cobbler/kickstarts/sample_end.ks
3.自定义自动安装文件
我这里就是cp默认的安装文件,然后修改了一行 firewall --disabled
测试使用 关于kickstarts后续详解 这里只做简单的测试
cd /var/lib/cobbler/kickstarts/ cp -a sample_end.ks centos6.6-x86-64.ks vim centos6.6-x86-64.ks firewall --disabled
4.语法检查自定义的自动安装文件
kickstart文件的位置 /var/lib/cobbler/kickstarts
ksvalidator centos6.6-x86-64.ks(文件名)
5.移除默认自动安装文件
cobbler profile remove --name=centos6.6-x86_64
6.添加自定义的文件
cobbler profile add --name=centos6.6-x86_64 --distro=centos6.6-x86_64 --kickstart=/var/lib/cobbler/kickstarts/centos6.6-x86-64.ks cobbler profile report --name centos6.6-x86_64#查看是否修改成功
7. 检查并同步配置到dhcp/pxe
cobbler check && cobbler sync **执行这个sync的时候 我就觉得我这个学python的学渣屌爆了呢 systemctl restart cobblerd ##cobbler sync 执行的时候 是之前的cobbler import 到/var/www/下的 转移到了 pxe里 注意观察执行的过程
8. 测试
开启客户端 bios调为网卡启动 选择自己要安装的版本
client装完之后 就赶紧将启动顺序调回从硬盘启动,否则重启的时候容易被cobbler给重装了
web管理
Cobbler的Web管理模块和命令行模块是可以分开工作的,没有依赖关系。
1.安装组件
yum -y install django cobbler-web
2.修改配置文件
Web页面默认不允许任何人登录,需要手动修改认证相关配置。
# vim /etc/cobbler/modules.conf [authentication] #module = authn_denyall module = authn_pam
3.创建账户,使其能够登录CobblerWeb页面。
# useradd Cadmin [root@web tmp]# passwd admin Changing password for user admin. New password: BAD PASSWORD: it is too simplistic/systematic BAD PASSWORD: is too simple 修改Cobbler的用户配置文件,添加进Cobbler管理组。 # vim /etc/cobbler/users.conf [admins] admin = "admin" cobbler = "admin" [root@localhost cobbler]# systemctl restart cobblerd [root@localhost cobbler]# systemctl restart httpd
5.访问 登录
https://192.168.1.203/cobbler_web