Automated tools are divided into three categories
# preparatory classes (Os Provisioning)
PXE
Cobbler
# Configuration Management (Os config & DevOps)
Puppet
saltstack
ansible
# monitor class (MOINTOR)
Cacti
Nagios Core
of ZABBIX
# gray website published (dependent on the front lb realization)
closed a number of servers on the Directory
shut down the servers to update application
to update the code to the target host webapp
starts the target application, Dirtectory start these servers
# publish general process
Code Code control (csv, svn, git) detected to be published, Posted on pre-release server to
pre-release servers: pre-release servers with the same online server environment, but not to join the line machine, the implementation of detailed testing
automated testing, automated testing tools use the webapp (such as thoughworks developed selenium) can complete code, test browser compatibility
automation gray published online in batches batch update code
# operational monitoring site
monitoring data acquisition, user behavior logs, server performance monitoring, operational data reports
to monitor abnormal alarm management, failover, automatic graceful degradation
cobbler service integration
pxe service
the DHCP
Rsync
Http
the DNS
Kickstart
the IPMI power management
cobbler design approach
Release (distro): represents an operating system, it carries other data and information initrd kernel, and the kernel, and so
Repository (repository): Save the image information of a yum repository or rsync
Profile (profile): includes a distribution (distro), and possibly a kickstart file repository (repository), also contains more kernel parameters and other data
System (system): rationing machine represented, which contains a mirror or a configuration file, further comprising the ip and mac address, power management (address, credentials type) as well as more specialized data
Mirror (image): replaceable contains release the object does not belong to this category of documents (eg: not as an object kernel and the initrd)
the various components of the above, the release repository configuration file must be configured items
only in the virtual environment, you must use cobbler to boot the virtual machine start time, will use the system components,
but in fact, need a lot of virtual machine instances in a production environment, it is usually to use openstack such as virtual machine nodes
cobbler running processes
dhcp
client: get the address, access next_server ip address from dhcp in
next_server: get the boot kernel, initrd and other documents
tftp: pxe boot file to start the cobbler selection interface
kickstart: determine the add-ins, according to nfs, http, tfp and other shared access to resources
cobbler units
cobbler
cobbler-web
Configuration cobbler step
1 installed cobbler, according cobbler Check check result, setting the main configuration file, the associated correction configuration
2 start the associated HTTP, cobbler service, using cobbler Sync Sync Settings
3 arranged cobbler depends packet
* DHCP
* DNS
* the rsync
* TFTP
4 configuration cobbler components
** for step 3, you need:
program 1 is selected to be used, you can choose one management
2 is to determine the independent management of these services, as well as on behalf of management by the cobbler
* Note:
cobbler itself does not provide a corresponding the service program, so it needs to install the program packages and services corresponding to the rpm, and to ensure its open state initiated by cobbler manage them *
installation cobbler
1. configure installation source
2. set ip forwarding
sed -i 's / net = 0 .ipv4.ip_forward / =. 1 is named net.ipv4.ip_forward and / '/etc/sysctl.conf
sysctl -p
3. installation Cobbler
yum -Y Cobbler the install DHCP-Server TFTP the httpd xinetd xinetd the syslinux pykickstart the rsync Cobbler Web-
4.cobbler Description of various configuration directory
profile directory / etc / cobbler
/ Etc / cobbler / settings: cobbler main configuration file
/ Etc / cobbler / iso /: iso template configuration file
/ Etc / cobbler / pxe: pxe template file
/ Etc / cobbler / power: Power Profile
/etc/cobbler/user.conf: web service authorization profile
/etc/cobbler/users.digest: web access username and password in the configuration file
/etc/cobbler/dhcp.template: dhcp server configuration that last
/etc/cobbler/dnsmasq.template: dns server configuration template
/etc/cobbler/tftpd.template: configuration templates tftp services
/etc/cobbler/modules.conf: profile module
data directory
/ var / lib / cobbler / config /: for storing distros, system, profiles and other information profile
/ var / lib / cobbler / triggers /: for storing user-defined command cobbler
var / lib / cobbler / kickstarts / : default kickstart file stored
var / lib / cobbler / loaders / : storing boot programs of various
Mirror directory
/ Var / www / cobbler / ks_mirror /: import all the data release system
/ Var / www / cobbler / images /: Import release of kernel and initrd image used for remote network boot
/ var / www / cobbler / repo_mirror /: yum repository storage directory.
Log Directory
/ Var / log / cobbler / installing: Client installation log
/var/log/cobbler/cobbler.log: cobbler log
cobbler commands
import
sync
reposync
build iso (use release, configuration files, making system image)
command line search
replication
valication kickstart
动态更新配置
cp /etc/cobbler/settings /etc/cobbler/settings.bak
开启编辑setting配置文件,直接使用命令去修改
sed -i 's/allow_dynamic_settings: 0/allow_dynamic_settings: 1/g' /etc/cobbler/settings
systemctl start cobblerd
检查需要安装的配置
cobbler check
1 : The 'server' field in /etc/cobbler/settings must be set to something other than localhost, or kickstarting features will not work. This should be a resolvable hostname or IP for the boot server as reachable by all machines that will use it.
2 : For PXE to be functional, the 'next_server' field in /etc/cobbler/settings must be set to something other than 127.0.0.1, and should match the IP of the boot server on the PXE network.
3 : change 'disable' to 'no' in /etc/xinetd.d/tftp
4 : some network boot-loaders are missing from /var/lib/cobbler/loaders, you may run 'cobbler get-loaders' to download them, or, if you only want to handle x86/x86_64 netbooting, you may ensure that you have installed a *recent* version of the syslinux package installed and can ignore this message entirely. Files in this directory, should you want to support all architectures, should include pxelinux.0, menu.c32, elilo.efi, and yaboot. The 'cobbler get-loaders' command is the easiest way to resolve these requirements.
5 : change 'disable' to 'no' in /etc/xinetd.d/rsync
6 : since iptables may be running, ensure 69, 80/443, and 25151 are unblocked
7 : reposync is not installed, need for cobbler reposync, install/upgrade yum-utils?
8 : debmirror package is not installed, it will be required to manage debian deployments and repositories
9 : The default password used by the sample templates for newly installed machines (default_password_crypted in /etc/cobbler/settings) is still set to 'cobbler' and should be changed, try: "openssl passwd -1 -salt 'random-phrase-here' 'your-password-here'" to generate new one
# Solve the problem
1.cobbler Setting Edit Server --value --name = = 10.10.10.10
2.cobbler Setting Edit --name = next_server --value 10.10.10.10 =
3. Modify /etc/xinetd.d/tftp disable no into Yes
systemctl start the httpd cobblerd TFTP the rsync xinetd
systemctl enable the httpd cobblerd TFTP the rsyncd xinetd
4. Download start menu GET-loaders to Cobbler
5. The configured firewall
iptables -A INPUT -m state --state NEW -m tcp -p tcp -m multiport -j ACCEPT 80,443,88,25151 --dports
iptables -A State --state the INPUT NEW -m -m -m UDP -p UDP Multiport --dports 53,67,68,25252 -j ACCEPT
iptables -A the INPUT -m NEW -m udp -p --state State udp --dport 69 -j ACCEPT
6. configure repo warehouse
7. problem with debian system, and if there is need to install what you can, otherwise you can ignore the yum -y install debmirror
The passwd -1 -salt 8.openssl 'nt2017123' 'nt2017123'
Cobbler Setting Edit --name = default_password_crypted --value = "nt201712 $ $ $ F.. 1 / kd8KCQKtgvqjoU40YJz0"
9. The power management mounted the install the cman fence -Y-yum Agents
10. reinstall the system to prevent misuse, options pxe_just_one
cobbler Setting Edit --name = 1 = pxe_just_once --value
the dhcp service is managed by a cobbler (used here cobbler management dhcp, you can also use dnsmasq to manage)
configuration dhcpd configuration file
vim / etc /cobbler/dhcp.template
# other no need to move, to modify only the following several elements
Subnet 10.10.10.0 255.255.255.0 Netmask {
Option Routers 10.10.10.10;
Option-name-Domain Servers 114.114.114.114;
Option-Subnet mask 255.255 .255.0;
Range Dynamic-BOOTP 10.10.10.20 10.10.10.50;
default-Lease Time-21600;
max-Lease Time-43200;
next-server $next_server;
vim /etc/dhcp/dhcpd.conf
# ******************************************************************
# Cobbler managed dhcpd.conf file
# generated from cobbler dhcp.conf template (Sun Jan 31 15:47:49 2016)
# Do NOT make changes to /etc/dhcpd.conf. Instead, make your changes
# in /etc/cobbler/dhcp.template, as /etc/dhcpd.conf will be
# overwritten.
# *****************************************************************
ddns-update-style interim;
allow booting
allow bootp
ignore client-updates;
set vendorclass = option vendor-class-identifier
option pxe-system-type code 93 = unsigned integer 16;
subnet 10.10.10.0 netmask 255.255.255.0 {
同步cobbler
systemctl restart cobblerd
cobbler sync
systemctl restart cobblerd
再次检查
cobbler check
配置命令
cobbler usage
=====
cobbler <distro|profile|system|repo|image|mgmtclass|package|file> ...
[add|edit|copy|getks*|list|remove|rename|report] [options|--help]
cobbler <aclsetup|buildiso|import|list|replicate|report|reposync|sync|validateks|version|signature|get-loaders|hardlink> [options|--help]
[root @ linux-node1 ~] # cobbler import --help # Import mirror
the Usage: Cobbler [Options]
the Options:
-H, the this --help Show Exit and Help Message
--arch the OS = the ARCH Architecture being imported
--breed = The Breed being imported BREED
- OS-Version = OS_VERSION
The Version being imported
--path the pATH = local path or the rsync LOCATION
--name name = nAME, EX '. 5-RHEL'
--available-AS = AVAILABLE_AS
Tree IS here Wallpaper, Mirror not do
--kickstart = KICKSTART_FILE
ASSIGN the this kickstart File
--rsync-flags = RSYNC_FLAGS
Pass Additional flags to rsync
cobbler check the current setting of the check if there are problems
cobbler list lists all the elements of the cobbler
details cobbler report lists the elements
cobbler sync configured to synchronize data directory, change the configuration to be the next best
cobbler reposync synchronization yum warehouse
cobbler distro view the imported information release system
cobbler system add view system information
cobbler profile to check the configuration
Introducing system to Cobbler
Mount / dev / CDROM / mnt
Cobbler --path = Import / mnt / --name = Centos-6.5---arch the x86_64 the x86_64 =
Cobbler Distro Report --name = Centos-6.5-the x86_64
view
cobbler distro list
ks modify the default document
profile path /var/www/cobbler/images/redhat-6.5-x86_64
ks path / var / lib / cobbler / kickstarts
# platform = x86, AMD64, or Intel EM64T # cpu type mounting configuration system
# = DEVEL Version
# X-patterning the Window the System Configuration Information
xconfig --startxonboot
# INSTEAD of the Install the OS upgradea -> install
the install
# the Use Network Installation
URL - -url = http: //192.168.1.20/wangfeng7399 -> location of the boot program is located
# at the Setup Agent ON the Run the boot First
the firstboot --enable
ignoredisk --only-use = sda
# root password set the root password is encrypted - -> file and encryption algorithm written here must be above the root password and encryption algorithms consistent
rootpw --iscrypted $ 6 $ CGsqab6d $ Cd.PnnWtlL5XZAyr9J2zoMqyJH1QodcDp1pQp0uZ1f0Cq4eq9.TMkSQU6IfpvYZEYc32.lmF0lKuQwavnC49a0 -> root account password
# system authorization information system configuration encrypting
the auth --useshadow --passalgo = SHA512
# keyboard Layouts -> select the keyboard type
Keyboard 'US'
# the System Language -> select a language
lang. 8 the en_US.UTF-
# TimeZone the System -> selecting a time zone
TimeZone Asia / --isUtc of Shanghai
# Firewall Configuration
Firewall --disabled -> Firewall operating state
# SELinux configuration
selinux --disabled -> selinux running state
# reboot after installation if the installation is complete reboot
reboot
# Network information
--noipv6 Network --onboot yes --device dhcp eth0 --bootproto -> card information, representation boot from start and past through dhcp ip address, turn off ipv6 function
# the Configuration System bootloader
bootloader --location = = sda mbr --driveorder --append = "crashkernel = = Auto Auto crashkernel rhgb rhgb quiet quiet" -> write mbr table the disk has been passed to the kernel boot parameter
# the following is the partition information you requested
# Note that any partitions you deleted are not expressed
# here so unless you clear all partitions first, this is
# not guaranteed to work
The the Record the Clear the Boot Master #
the clearpart --all -> Format all hard
zerombr -> Empty hard disk mbr Table
text -> text mode installation
# the Partition Information Clearing
the clearpart --none --initlabel
Disk Partitioning Information #
Part / boot --fstype = "ext4" - ondisk = sda --size = 200 -> creates ext4 format of 200M / boot partition
part pv.9009 --size = 61440 -> create lvm physical volume
volgroup vg0 --pesize = 8192 pv.9009 -> Create lvm volume group specified size pe 8M
logvol / --fstype ext4 --name = = = the root --vgname VG0 --size = 20480 -> Create Logical volume
logvol the swap the swap --vgname --name = = = 2048 VG0 --size
logvol / usr --fstype ext4 --name = = = usr --vgname VG0 --size = 10240
logvol / var --fstype = ext4 - -name = var --vgname = vg0 --size = 20480
repo --name = "CentOS" --baseurl = http: //192.168.1.20/wangfeng7399 -> repo specified reading position, i.e. the reading position rpm package
%packages -->程序包段的开始
@Base
@Core
@base
@basic-desktop
@chinese-support
@client-mgmt-tools
@core
@desktop-platform
@fonts
@general-desktop
@graphical-admin-tools
@legacy-x
@network-file-system-client
@perl-runtime
@remote-desktop-clients
@x11
ibus-table-cangjie
ibus-table-erbi
ibus-table-wubi
lftp
% End -> package sections
%packages
####### CentOS mini desktop packages ############
@base
@basic-desktop
@chinese-support
@desktop-debugging
@desktop-platform
@directory-client
@fonts
@input-methods
@internet-browser
@java-platform
@legacy-x
@network-file-system-client
@remote-desktop-clients
@server-platform
@x11
######## graphic admin tools #############
@graphical-admin-tools
audit-viewer
firstaidkit-gui
policycoreutils-gui
sabayon
setroubleshoot
system-config-kickstart
system-config-lvm
wireshark-gnome
############ virtualization tools ########
@virtualization
@virtualization-client
@virtualization-platform
@virtualization-tools
fence-virtd-libvirt
fence-virtd-multicast
fence-virtd-serial
libguestfs-java
libguestfs-tools
libvirt-cim
libvirt-java
libvirt-qmf
libvirt-snmp
perl-Sys-Virt
#qemu-guest-agent
qemu-kvm-tools
virt-v2v
%post --interpreter=/bin/bash
配置centos7
#cobbler for Kickstart Configurator for CentOS 7.1 by hetao
install
url --url=$tree
text
lang en_US.UTF-8
keyboard us
zerombr
bootloader --location=mbr
# Network information
$SNIPPET('network_config')
timezone --utc Asia/Shanghai
authconfig --enableshadow --passalgo=sha512
rootpw --iscrypted $default_password_crypted
clearpart --all --initlabel
part /boot --fstype xfs --size 500
part swap --size 2000
part / --fstype xfs --size 20000
part /data --fstype xfs --size 30000
firstboot --disable
selinux --disabled
firewall --disabled
logging --level=info
reboot
%pre
$SNIPPET('log_ks_pre')
$SNIPPET('kickstart_start')
$SNIPPET('pre_install_network_config')
# Enable installation monitoring
$SNIPPET('pre_anamon')
%end
%packages
@base
@compat-libraries
@debugging
@development
tree
nmap
sysstat
lrzsz
dos2unix
telnet
iptraf
ncurses-devel
openssl-devel
zlib-devel
OpenIPMI-tools
screen
%end
%post
systemctl disable postfix.service
%end
Modify centos7 card label
modify kernel parameters to install the system, the system has a place in CentOS7 changed is the name of the card becomes eno16777736 this form, but in order to standardize the operation and maintenance,
Cobbler Profile Edit --name = CentOS-7.1-x86_64 - = kopts 'net.ifnames biosdevname = 0 = 0'
Cobbler Profile --name = the CentOS-Report. 7-the x86_64
view
Cobbler Profile Centos-Report. 7-the x86_64
Cobbler Profile Report the x86_64 Centos-6.5-
Cobbler List
Cobbler Sync
configure the local source yum
mkdir / tmp / RPMS
the createrepo / tmp / # RPMS into rpm package, perform this step
Cobbler the repo = --mirror the Add / tmp / RPMS --name = local
Cobbler reposync
Cobbler the repo List
Bind the mac address and IP address, start automatically selected
Cobbler System --name = budongshu the Add --mac = 00: 0C: 29: 48: 1D: 75---profile = Centos. 7-the x86_64 \
--ip-address 10.10.10.23 --subnet = 255.255.255.0 --gateway = = = 10.10.10.10 --interface eth0 \
--static --hostname. 1 = = = budongshu --name-Servers "114.114.114.114 8.8.8.8"
cobbler sync
web interface to configure
cobbler-web supports multiple authentication modes, such as authn_configfil, authn_ldap authn_pam, or the like, based on the following we do authn_pam authentication
Vim /etc/cobbler/modules.conf
[authentication]
Module1 = authn_pam
Add system users
useradd cobbler
echo "cobbler" | passwd --stdin cobbler
Add the user to the administrative group
Vim /etc/cobbler/modules.conf
[Admins]
ADMIN = "Cobbler"
systemctl the restart cobblerd the httpd
http://10.10.49.155/cobbler_web
