cobbler大平台,管理一切装机操作服务
Cobbler服务 自动部署装机
dhcp 自动分配ip地址使新机器和服务器在同一个段落互联互通
tftp 压缩内核 引导程序 (速度快)
ftp iso镜像文件
-----------------Cobbler--------------------
rpm -ivh http://mirrors.yun-idc.com/epel/7/x86_64/Packages/e/epel-release-7-11.noarch.rpm
yum list
yum clean all
yum makecache
-------------------正式部署----------------------------------
yum install cobbler cobbler-web dhcp tftp-server pykickstart httpd rsync xinetd -y
注:cobbler 服务
cobbler-web 通过网页形式进行管理
pykickstart 用python开发的kickstart
httpd 检测文件是否安装
rsync 同步管理
xinetd 管理平台,管理tftp和xinetd
vi /etc/cobbler/settings //修改cobbler配置文件
272 next_server: 192.168.80.100 //指定PXE位置
384 server: 192.168.80.100 //tftp服务器
242 manage_dhcp: 1 //管理dhcp启动
101 default_password_crypted: "$1$mF86/UHC$WvcIcX2t6crBz2onWxyac."
这个就是给客户端装机后的root密码,盐值加密
systemctl stop firewalld.service //关闭防火墙
setenforce 0 //关闭增强安全功能
systemctl start httpd.service
systemctl start cobblerd.service
cobbler check
--------------------提示内容:需要优化-----------
The following are potential configuration items that you may want to fix:
1 : SELinux is enabled. Please review the following wiki page for detailson ensuring cobbler works correctly in your SELinux environment:
https://github.com/cobbler/cobbler/wiki/Selinux
2 : change 'disable' to 'no' in /etc/xinetd.d/tftp
3 : Some network boot-loaders are missing from /var/lib/cobbler/loaders, ou may run 'cobbler get-loaders' to download them, or, if you only want t handle x86/x86_64 netbooting, you may ensure that you have installed a *ecent* version of the syslinux package installed and can ignore this messge entirely. Files in this directory, should you want to support all arcitectures, should include pxelinux.0, menu.c32, elilo.efi, and yaboot. Th 'cobbler get-loaders' command is the easiest way to resolve these requirments.
4 : enable and start rsyncd.service with systemctl
5 : debmirror package is not installed, it will be required to manage deban deployments and repositories
6 : The default password used by the sample templates for newly installedmachines (default_password_crypted in /etc/cobbler/settings) is still setto 'cobbler' and should be changed, try: "openssl passwd -1 -salt 'randomphrase-here' 'your-password-here'" to generate new one
7 : fencing tools were not found, and are required to use the (optional) ower management features. install cman or fence-agents to use them
Restart cobblerd and then run 'cobbler sync' to apply changes.
先设置密码
openssl passwd -1 -salt 'abner' 'abner' //盐值加密
$1$abner$kDle2KnwbPHdm1UZEE79V. //加密结果
注:如果tab键补不全,就用yum安装
继续回settings文件中
default_password_crypted: "$1$abner$kDle2KnwbPHdm1UZEE79V." //粘贴
保存退出settings文件
systemctl start rsyncd.service //启动服务
vim /etc/xinetd.d/tftp
disable = no //启用
systemctl restart xinetd.service //重启服务
vim /etc/cobbler/dhcp.template //cobbler控制的dhcp服务模板
subnet 192.168.80.0 netmask 255.255.255.0 {
option routers 192.168.80.1; //修改网关
option domain-name-servers 192.168.80.2; //修改DNS
option subnet-mask 255.255.255.0;
range dynamic-bootp 192.168.80.50 192.168.80.90; //修改地址池
cobbler sync //帮助同步生成DHCP配置文件 同步到dhcp服务里去
cobbler get-loaders //下载引导操作系统文件
systemctl restart dhcpd.service
systemctl restart xinetd.service
systemctl restart rsyncd.service
------------------使用cobbler check再次检查----------
下面三条可以忽略不去处理
1 : SELinux is enabled. Please review the following wiki page for details on ensuring cobbler works correctly in your SELinux environment:
https://github.com/cobbler/cobbler/wiki/Selinux
2 : debmirror package is not installed, it will be required to manage debian deployments and repositories
3 : fencing tools were not found, and are required to use the (optional) power management features. install cman or fence-agents to use them
/var/log/cobbler/cobbler.log //日志文件所在位置
cobbler import --path=/mnt/ --name=CentOS-7-x86_64 --arch=x86_64 //导入iso镜像,命名为 ,指定系统多少位
注:iso镜像一定要先挂载到/mnt下面
可以导入多个镜像。
/var/www/cobbler/ks_mirror/CentOS-7-x86_64 //默认导入存放位置
cobbler list //查看导入结果
cobbler distro list //查看发行版本
yum install tree -y
tree /var/lib/tftpboot/
tree /var/lib/tftpboot/images //查看内核和初始化文件在tftp server 共享目录
cobbler profile report
/var/lib/cobbler/kickstarts/sample_end.ks //ks默认文件存放位置
systemctl restart dhcpd.service
systemctl restart xinetd.service
systemctl restart rsyncd.service
systemctl restart cobblerd.service
客户端安装完成后只具备字符界面 登录账户 root 密码abner
--------------------cobbler web-----------------------------
第一种
/etc/cobbler/modules.conf //authn_configfile 模块认证
htdigest -c /etc/cobbler/users.digest Cobbler cbadmin
输入两次确认密码 例如:abc123
systemctl restart cobblerd.service
systemctl restart httpd.service
浏览器访问:https://192.168.80.100/cobbler_web
web账户为 cbadmin 密码为 abc123
第二种 pam认证
vim /etc/cobbler/modules.conf
module = authn_pam //修改pam认证
module = authz_ownership //在users.conf指定访问权限
useradd webuser
passwd webuser
vim /etc/cobbler/users.conf
[admins]
admin = ""
cobbler = ""
webuser = "" //添加
systemctl restart cobblerd.service
systemctl restart httpd.service
测试:浏览器访问:https://192.168.80.100/cobbler_web
webuser
123