3-1 Cobbler-2.8部署 · 運維工作筆記

### 礎部署約定 #### 基本情況 | 名稱 |詳情| | :------------: | :------------: | |關閉服務 | selinux | #### 程序版本及配置文件位置 |應用名稱|版本|安裝方式|配置文件目錄| | :------------: | :------------: | :------------: | :------------: | |Cobbler|2.8.2|YUM|/etc/cobbler/settings| |DHCP|4.2.5|YUM|/etc/cobbler/dhcpd.conf.template| |Apache|2.4.6|YUM|/etc/httpd/conf.d/(cobbler.conf & cobbler_web.conf)| |Xinetd|2.3.15|YUM|/etc/xinetd.conf| |TFTP|5.2-13|YUM|/etc/xinetd.d/tftp| |pykickstart|1.99.66|YUM|-| 備注：Centos 6 中，Cobbler版本為2.6了 #### YUM源配置 Centos 6 ```shell #clean OS default repo mkdir /etc/yum.repos.d/old && mv /etc/yum.repos.d/C* /etc/yum.repos.d/old/ yum clean all #add extend repo wget -O /etc/yum.repos.d/CentOS-Base.repo http://mirrors.aliyun.com/repo/Centos-6.repo wget -O /etc/yum.repos.d/epel.repo http://mirrors.aliyun.com/repo/epel-6.repo ``` Centos 7 ```shell #clean OS default repo mkdir /etc/yum.repos.d/old && mv /etc/yum.repos.d/C* /etc/yum.repos.d/old/ yum clean all #add extend repo wget -O /etc/yum.repos.d/CentOS-Base.repo http://mirrors.aliyun.com/repo/Centos-7.repo wget -O /etc/yum.repos.d/epel.repo http://mirrors.aliyun.com/repo/epel-7.repo ``` ## Cobbler服務部署 #### YUM安裝服務 ```shell yum install cobbler cobbler-web dhcp tftp-server pykickstart httpd xinetd -y ``` #### 增加服務到自啟動 Centos 6 命令 ```shell chkconfig httpd on chkconfig xinetd on chkconfig dhcpd on chkconfig tftp on chkconfig cobblerd on ``` Centos 7 命令 ```shell systemctl enable httpd systemctl enable xinetd systemctl enable rsyncd systemctl enable tftp systemctl enable cobblerd ``` #### 啟動相關服務 Centos 6 命令 ```shell /etc/init.d/httpd restart /etc/init.d/xinetd restart /etc/init.d/cobblerd restart /etc/init.d/dhcpd restart ``` Centos 7 命令 ```shell systemctl start httpd systemctl start xinetd systemctl start tftp systemctl start cobblerd ``` #### 執行cobbler check ```shell [root@cobbler yum.repos.d]# cobbler check The following are potential configuration items that you may want to fix: 1 : The 'server' field in /etc/cobbler/settings must be set to something other than localhost, or kickstarting features will not work. This should be a resolvable hostname or IP for the boot server as reachable by all machines that will use it. 2 : For PXE to be functional, the 'next_server' field in /etc/cobbler/settings must be set to something other than 127.0.0.1, and should match the IP of the boot server on the PXE network. 3 : change 'disable' to 'no' in /etc/xinetd.d/tftp 4 : some network boot-loaders are missing from /var/lib/cobbler/loaders, you may run 'cobbler get-loaders' to download them, or, if you only want to handle x86/x86_64 netbooting, you may ensure that you have installed a *recent* version of the syslinux package installed and can ignore this message entirely. Files in this directory, should you want to support all architectures, should include pxelinux.0, menu.c32, elilo.efi, and yaboot. The 'cobbler get-loaders' command is the easiest way to resolve these requirements. 5 : enable and start rsyncd.service with systemctl 6 : debmirror package is not installed, it will be required to manage debian deployments and repositories 7 : The default password used by the sample templates for newly installed machines (default_password_crypted in /etc/cobbler/settings) is still set to 'cobbler' and should be changed, try: "openssl passwd -1 -salt 'random-phrase-here' 'your-password-here'" to generate new one 8 : fencing tools were not found, and are required to use the (optional) power management features. install cman or fence-agents to use them Restart cobblerd and then run 'cobbler sync' to apply changes. ``` #### 先解決問題1、2、7 #### 生成新的默認密碼 ```shell openssl passwd -1 -salt `openssl rand 15 -base64` '123qwe!@#' $1$V0M16k3j$XMyrGlBjyCk1q.MZxQlBl. ``` #### 修改setting配置文件 ```shell #sed -i 's%server: 127.0.0.1%server: 192.168.0.238%g' /etc/cobbler/settings sed -i 's%^server: 127.0.0.1%server: 192.168.0.238%g' /etc/cobbler/settings sed -i 's%^next_server: 127.0.0.1%next_server: 192.168.0.238%g' /etc/cobbler/settings sed -i 's%manage_dhcp: 0%manage_dhcp: 1%g' /etc/cobbler/settings sed -i 's%^default_password_crypted.*%default_password_crypted: "$1$V0M16k3j$XMyrGlBjyCk1q.MZxQlBl."%g' /etc/cobbler/settings ``` >備注：cobbler為系統安裝后設置的密碼,請配置強密碼！ #### 配置DHCP（根據需求更改） ```shell dhcp_conf=`grep -n "subnet 192" /etc/cobbler/dhcp.template|awk -F':' '{print $1}'` sed -i '/192.168/d' /etc/cobbler/dhcp.template sed -i '/255.255.255.0/d' /etc/cobbler/dhcp.template sed -i "21 i\subnet 192.168.0.0 netmask 255.255.255.0 { " /etc/cobbler/dhcp.template sed -i "22 i\ option routers 192.168.0.1; " /etc/cobbler/dhcp.template sed -i "23 i\ option domain-name-servers 114.114.114.114; " /etc/cobbler/dhcp.template sed -i "24 i\ option subnet-mask 255.255.255.0; " /etc/cobbler/dhcp.template sed -i "25 i\ range 192.168.0.100 192.168.0.200; " /etc/cobbler/dhcp.template ``` 注釋： ~~~ option routers：路由地址 option domain-name-servers：DNS服務器地址 option subnet-mask：子網掩碼 range：DHCP地址范圍 range dynamic-bootp:為無盤工作站準備的 ~~~ #### 解決問題3，啟動tftp服務 #### 配置TFTP ```shell tftp_disable_conf=`grep -n disable /etc/xinetd.d/tftp|awk -F':' '{print $1}'` sed -i '/disable/d' /etc/xinetd.d/tftp sed -i "$tftp_disable_conf i\ disable = no" /etc/xinetd.d/tftp ``` #### 解決問題5 Centos 6 ```shell rsync_disable_conf=`grep -n disable /etc/xinetd.d/rsync|awk -F':' '{print $1}'` sed -i '/disable/d' /etc/xinetd.d/rsync sed -i "$rsync_disable_conf i\ disable = no" /etc/xinetd.d/rsync ``` >備注：這個問題可以忽略，在Centos 6下未解決 Centos 7 ```shell systemctl enable rsyncd.service ``` #### 解決問題4，可能解析失敗，重新執行 ```shell cobbler get-loaders ``` #### 問題8，待補充（真機電源管理） #### 問題6為deban包，不需要處理 #### 重啟cobbler服務并同步改變 ```shell systemctl restart cobblerd cobbler check ```