# Cobbler自动化系统安装环境配置
网络安装服务器套件 Cobbler(补鞋匠)是RedHat在2008年发布的,用于快速建立Linux网络安装环境。今天我们就用Cobbler来配置一套自动化系统安装环境。
# 0. 参考文档
- Cobbler官方文档:https://cobbler.readthedocs.io/en/latest/ (opens new window)
- Cobbler官网地址:https://github.com/cobbler/cobbler (opens new window)
此处复制一段 Cobbler自动化部署 (opens new window) 中的介绍。
# cobbler简介
1、
Cobbler是一个Linux服务器安装的服务,可以通过网络启动(PXE)的方式来快速安装、重装物理服务器和虚拟机,同时还可以管理DHCP,DNS等。 2、Cobbler可以使用命令行方式管理,也提供了基于Web的界面管理工具(cobbler-web),还提供了API接口,可以方便二次开发使用。 3、Cobbler是较早前的kickstart的升级版,优点是比较容易配置,还自带web界面比较易于管理。 4、Cobbler内置了一个轻量级配置管理系统,但它也支持和其它配置管理系统集成,如Puppet。# cobbler集成的服务
- PXE服务支持
- DHCP服务管理
- DNS服务管理
- 电源管理
- Kickstart服务支持
- YUM仓库管理
- TFTP
- Apache
# cobbler工作原理
Server端
- 启动
Cobbler服务- 进行
Cobbler错误检查,执行cobbler check命令- 进行配置同步,执行
cobbler sync命令- 复制相关启动文件到
TFTP目录中- 启动
DHCP服务,提供地址分配DHCP服务分配IP地址TFTP传输启动文件Server端接收安装信息Server端发送ISO镜像与Kickstart文件Client端
- 客户端以
PXE模式启动- 客户端获取
IP地址- 通过
TFTP服务器获取启动文件- 进入
Cobbler安装选择界面- 根据配置信息准备安装系统
- 加载
Kickstart文件- 传输系统安装的其它文件
- 进行安装系统
作者:别来无恙-
出处:https://www.cnblogs.com/yanjieli/p/11016825.html
版权:本作品采用「署名-非商业性使用-相同方式共享 4.0 国际 (opens new window)」许可协议进行许可。
# 1. 环境说明
- 宿主机:系统
Ubuntu 20.04.2 LTS,IP:192.168.2.113。 - 虚拟化工具:VirtualBox 6.1.22。
- 虚拟机: 采用桥接网卡创建一个CentOS7虚拟机,命名为
cobbler-master。
虚拟机创建注意事项:
VirtualBox中设置虚拟机内存大小2048MB。VirtualBox中设置虚拟机虚拟分配空间40GB,此处空间稍微分配大一点,因为需要存放系统镜像,可能会占用较多空间。VirtualBox中设置虚拟机配置网卡1,启用网络连接,并设置连接方式为"桥接网卡"。
虚拟机其他信息:
操作系统:
[root@cobbler-master ~]# cat /etc/centos-release
CentOS Linux release 7.9.2009 (Core)
1
2
2
配置静态IP地址:
[root@cobbler-master ~]# cat /etc/sysconfig/network-scripts/ifcfg-enp0s3
TYPE="Ethernet"
PROXY_METHOD="none"
BROWSER_ONLY="no"
BOOTPROTO="none"
DEFROUTE="yes"
IPV4_FAILURE_FATAL="no"
IPV6INIT="yes"
IPV6_AUTOCONF="yes"
IPV6_DEFROUTE="yes"
IPV6_FAILURE_FATAL="no"
IPV6_ADDR_GEN_MODE="stable-privacy"
NAME="enp0s3"
UUID="cde3dfd3-712f-40a3-9ab7-aa8d0fc31448"
DEVICE="enp0s3"
ONBOOT="yes"
IPADDR="192.168.2.20"
PREFIX="24"
GATEWAY="192.168.2.1"
IPV6_PRIVACY="no"
DNS1="192.168.2.1"
[root@localhost ~]#
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
在安装虚拟机过程中,可以在网络配置时先选择DHCP方式自动连接网络,网络连接成功后,可以看到IP、网关、子网掩码、DNS等信息,将其记录下来,然后手动配置IP即可。
查看IP、网关、子网掩码、DNS等信息:
# IP信息,此处的192.168.2.20就是虚拟机的IP地址
[root@cobbler-master ~]# ip a show enp0s3
2: enp0s3: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
link/ether 08:00:27:87:c2:4e brd ff:ff:ff:ff:ff:ff
inet 192.168.2.20/24 brd 192.168.2.255 scope global noprefixroute enp0s3
valid_lft forever preferred_lft forever
inet6 fe80::d972:e36b:31ff:8dd1/64 scope link noprefixroute
valid_lft forever preferred_lft forever
# 网关信息,此处第2列的192.168.2.1就是网关IP地址
# 子网掩码信息,此处第3列的255.255.255.0则是子网掩码
[root@cobbler-master ~]# route -n
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
0.0.0.0 192.168.2.1 0.0.0.0 UG 100 0 0 enp0s3
192.168.2.0 0.0.0.0 255.255.255.0 U 100 0 0 enp0s3
# DNS域名服务器信息,此处的192.168.2.1则是域名服务器IP地址
[root@cobbler-master ~]# cat /etc/resolv.conf
# Generated by NetworkManager
nameserver 192.168.2.1
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
记录好这些信息,后面配置Cobbler DHCP时需要使用到。
另外,我们关闭VirtualBox主机网络管理器中的"DHCP服务器",不启用服务器即可。
后续操作,除特殊说明外,都在在虚拟机cobbler-master中操作的。
# 2. YUM源配置
为了加快下载速度,我们将CentOS-Base源更新为国内的华为镜像。
[root@cobbler-master ~]# wget -O /etc/yum.repos.d/CentOS-Base.repo https://repo.huaweicloud.com/repository/conf/CentOS-7-reg.repo
--2021-06-19 08:06:58-- https://repo.huaweicloud.com/repository/conf/CentOS-7-reg.repo
Resolving repo.huaweicloud.com (repo.huaweicloud.com)... 58.49.156.108, 58.49.156.106, 58.49.156.107, ...
Connecting to repo.huaweicloud.com (repo.huaweicloud.com)|58.49.156.108|:443... connected.
HTTP request sent, awaiting response... 200 OK
Length: 1775 (1.7K) [application/octet-stream]
Saving to: ‘/etc/yum.repos.d/CentOS-Base.repo’
100%[=====================================>] 1,775 --.-K/s in 0s
2021-06-19 08:06:58 (96.4 MB/s) - ‘/etc/yum.repos.d/CentOS-Base.repo’ saved [1775/1775]
[root@cobbler-master ~]#
1
2
3
4
5
6
7
8
9
10
11
12
13
2
3
4
5
6
7
8
9
10
11
12
13
配置清华大学的EPEL源镜像:
cat > /etc/yum.repos.d/epel.repo << EOF
[epel]
name=Extra Packages for Enterprise Linux 7 - \$basearch
baseurl=https://mirrors.tuna.tsinghua.edu.cn/epel/7/\$basearch
#mirrorlist=https://mirrors.fedoraproject.org/metalink?repo=epel-7&arch=\$basearch
failovermethod=priority
enabled=1
gpgcheck=1
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-EPEL-7
[epel-debuginfo]
name=Extra Packages for Enterprise Linux 7 - \$basearch - Debug
baseurl=https://mirrors.tuna.tsinghua.edu.cn/epel/7/\$basearch/debug
#mirrorlist=https://mirrors.fedoraproject.org/metalink?repo=epel-debug-7&arch=\$basearch
failovermethod=priority
enabled=0
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-EPEL-7
gpgcheck=1
[epel-source]
name=Extra Packages for Enterprise Linux 7 - \$basearch - Source
baseurl=https://mirrors.tuna.tsinghua.edu.cn/epel/7/SRPMS
#mirrorlist=https://mirrors.fedoraproject.org/metalink?repo=epel-source-7&arch=\$basearch
failovermethod=priority
enabled=0
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-EPEL-7
gpgcheck=1
EOF
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
参考:https://mirrors.tuna.tsinghua.edu.cn/help/epel/ (opens new window)
# 3. 关闭Selinux
官方文档中关于Selinux的说明:
Before getting started with Cobbler, it may be convenient to either disable SELinux or set it to “permissive” mode, especially if you are unfamiliar with SELinux troubleshooting or modifying SELinux policy. Cobbler constantly evolves to assist in managing new system technologies, and the policy that ships with your OS can sometimes lag behind the feature-set we provide, resulting in AVC denials that break Cobbler’s functionality.
大意是操作系统提供的特征策略有可能比Cobbler提供的功能集后滞后,因此建议关闭SELinux。
[root@cobbler-master ~]# getenforce
Disabled
[root@cobbler-master ~]# cat /etc/selinux/config
# This file controls the state of SELinux on the system.
# SELINUX= can take one of these three values:
# enforcing - SELinux security policy is enforced.
# permissive - SELinux prints warnings instead of enforcing.
# disabled - No SELinux policy is loaded.
SELINUX=disabled
# SELINUXTYPE= can take one of three values:
# targeted - Targeted processes are protected,
# minimum - Modification of targeted policy. Only selected processes are protected.
# mls - Multi Level Security protection.
SELINUXTYPE=targeted
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
2
3
4
5
6
7
8
9
10
11
12
13
14
15
确保getenforce获取到在值是Disabled,如果不是的话,可以使用VIM打开配置文件/etc/selinux/config,将其第7行修改为SELINUX=disabled。修改完成后,使用命令shutdown -r now重启虚拟机。
# 4. cobbler安装
参考:https://cobbler.readthedocs.io/en/latest/installation-guide.html (opens new window)
httpd: 通过web服务检测管理cobbler
rsync: 远程同步管理、同步dhcp
xinetd:管理rsync、tftp-server服务
tftp-server:tftp简单文件传输包,传输启动文件
dhcp: DHCP服务分配IP地址
pykickstart:无人值守安装模板,即应答文件
cobbler:cobbler主包,cobbler的核心
cobbler-web:cobbler支持web服务包(图形化界面)
1
2
3
4
5
6
7
8
2
3
4
5
6
7
8
安装:
[root@cobbler-master ~]# yum install httpd xinetd tftp-server dhcp pykickstart cobbler cobbler-web -y
... 省略
Installed:
cobbler.x86_64 0:2.8.5-0.3.el7 cobbler-web.noarch 0:2.8.5-0.3.el7
dhcp.x86_64 12:4.2.5-83.el7.centos.1 pykickstart.noarch 0:1.99.66.22-1.el7
tftp-server.x86_64 0:5.2-22.el7 xinetd.x86_64 2:2.3.15-14.el7
Dependency Installed:
PyYAML.x86_64 0:3.10-11.el7
createrepo.noarch 0:0.9.9-28.el7
deltarpm.x86_64 0:3.6-3.el7
genisoimage.x86_64 0:1.1.11-25.el7
jbigkit-libs.x86_64 0:2.0-11.el7
libjpeg-turbo.x86_64 0:1.2.90-8.el7
libtiff.x86_64 0:4.0.3-35.el7
libusal.x86_64 0:1.1.11-25.el7
libwebp.x86_64 0:0.3.0-10.el7_9
libxml2-python.x86_64 0:2.9.1-6.el7.5
libyaml.x86_64 0:0.1.4-11.el7_0
mod_ssl.x86_64 1:2.4.6-97.el7.centos
mod_wsgi.x86_64 0:3.4-18.el7
mtools.x86_64 0:4.0.18-5.el7
python-backports.x86_64 0:1.0-8.el7
python-backports-ssl_match_hostname.noarch 0:3.5.0.1-1.el7
python-chardet.noarch 0:2.2.1-3.el7
python-cheetah.x86_64 0:2.4.4-5.el7.centos
python-deltarpm.x86_64 0:3.6-3.el7
python-django-bash-completion.noarch 0:1.11.27-1.el7
python-ipaddress.noarch 0:1.0.16-2.el7
python-kitchen.noarch 0:1.1.1-5.el7
python-netaddr.noarch 0:0.7.5-9.el7
python-pillow.x86_64 0:2.0.0-21.gitd1c6db8.el7
python-pygments.noarch 0:1.4-10.el7
python-setuptools.noarch 0:0.9.8-7.el7
python2-django.noarch 0:1.11.27-1.el7
python2-markdown.noarch 0:2.4.1-4.el7
python2-pyyaml.noarch 0:3.10-0.el7
python2-simplejson.x86_64 0:3.10.0-2.el7
pytz.noarch 0:2016.10-2.el7
rsync.x86_64 0:3.1.2-10.el7
syslinux.x86_64 0:4.05-15.el7
yum-utils.noarch 0:1.1.31-54.el7_8
Dependency Updated:
dhclient.x86_64 12:4.2.5-83.el7.centos.1
dhcp-common.x86_64 12:4.2.5-83.el7.centos.1
dhcp-libs.x86_64 12:4.2.5-83.el7.centos.1
Complete!
[root@cobbler-master ~]#
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
# 5. 启动cobblerd服务
我们先启动httpd服务,再启动cobblerd服务。
# 启动服务
[root@cobbler-master ~]# systemctl start httpd cobblerd
# 添加开机启动
[root@cobbler-master ~]# systemctl enable httpd cobblerd
Created symlink from /etc/systemd/system/multi-user.target.wants/httpd.service to /usr/lib/systemd/system/httpd.service.
Created symlink from /etc/systemd/system/multi-user.target.wants/cobblerd.service to /usr/lib/systemd/system/cobblerd.service.
查看httpd和cobblerd服务状态
[root@cobbler-master ~]# systemctl status httpd cobblerd
● httpd.service - The Apache HTTP Server
Loaded: loaded (/usr/lib/systemd/system/httpd.service; enabled; vendor preset: disabled)
Active: active (running) since 六 2021-06-19 09:07:17 CST; 36s ago
Docs: man:httpd(8)
man:apachectl(8)
Main PID: 1683 (httpd)
Status: "Total requests: 0; Current requests/sec: 0; Current traffic: 0 B/sec"
CGroup: /system.slice/httpd.service
├─1683 /usr/sbin/httpd -DFOREGROUND
├─1687 (wsgi:cobbler_w -DFOREGROUND
├─1688 /usr/sbin/httpd -DFOREGROUND
├─1689 /usr/sbin/httpd -DFOREGROUND
├─1690 /usr/sbin/httpd -DFOREGROUND
├─1691 /usr/sbin/httpd -DFOREGROUND
└─1692 /usr/sbin/httpd -DFOREGROUND
6月 19 09:07:17 cobbler-master systemd[1]: Starting The Apache HTTP Server...
6月 19 09:07:17 cobbler-master httpd[1683]: AH00558: httpd: Could not reli...e
6月 19 09:07:17 cobbler-master systemd[1]: Started The Apache HTTP Server.
● cobblerd.service - Cobbler Helper Daemon
Loaded: loaded (/usr/lib/systemd/system/cobblerd.service; enabled; vendor preset: disabled)
Active: active (running) since 六 2021-06-19 09:07:17 CST; 36s ago
Main PID: 1684 (cobblerd)
CGroup: /system.slice/cobblerd.service
└─1684 /usr/bin/python2 -s /usr/bin/cobblerd -F
6月 19 09:07:17 cobbler-master systemd[1]: Starting Cobbler Helper Daemon...
6月 19 09:07:17 cobbler-master systemd[1]: Started Cobbler Helper Daemon.
Hint: Some lines were ellipsized, use -l to show in full.
[root@cobbler-master ~]#
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
# 5.1 查看cobbler版本信息
[root@cobbler-master ~]# cobbler version
Cobbler 2.8.5
source: ?, ?
build time: Tue Oct 15 01:59:43 2019
[root@cobbler-master ~]#
1
2
3
4
5
2
3
4
5
# 5.2 查看cobbler帮助信息
[root@cobbler-master ~]# cobbler --help
usage
=====
cobbler <distro|profile|system|repo|image|mgmtclass|package|file> ...
[add|edit|copy|getks*|list|remove|rename|report] [options|--help]
cobbler <aclsetup|buildiso|import|list|replicate|report|reposync|sync|validateks|version|signature|get-loaders|hardlink> [options|--help]
[root@cobbler-master ~]#
1
2
3
4
5
6
7
2
3
4
5
6
7
# 6. 检查cobbler配置
可以使用cobbler check来检查cobbler的配置,看还存在哪些问题。
[root@cobbler-master ~]# cobbler check
The following are potential configuration items that you may want to fix:
1 : The 'server' field in /etc/cobbler/settings must be set to something other than localhost, or kickstarting features will not work. This should be a resolvable hostname or IP for the boot server as reachable by all machines that will use it.
2 : For PXE to be functional, the 'next_server' field in /etc/cobbler/settings must be set to something other than 127.0.0.1, and should match the IP of the boot server on the PXE network.
3 : change 'disable' to 'no' in /etc/xinetd.d/tftp
4 : Some network boot-loaders are missing from /var/lib/cobbler/loaders, you may run 'cobbler get-loaders' to download them, or, if you only want to handle x86/x86_64 netbooting, you may ensure that you have installed a *recent* version of the syslinux package installed and can ignore this message entirely. Files in this directory, should you want to support all architectures, should include pxelinux.0, menu.c32, elilo.efi, and yaboot. The 'cobbler get-loaders' command is the easiest way to resolve these requirements.
5 : enable and start rsyncd.service with systemctl
6 : debmirror package is not installed, it will be required to manage debian deployments and repositories
7 : The default password used by the sample templates for newly installed machines (default_password_crypted in /etc/cobbler/settings) is still set to 'cobbler' and should be changed, try: "openssl passwd -1 -salt 'random-phrase-here' 'your-password-here'" to generate new one
8 : fencing tools were not found, and are required to use the (optional) power management features. install cman or fence-agents to use them
Restart cobblerd and then run 'cobbler sync' to apply changes.
[root@cobbler-master ~]#
1
2
3
4
5
6
7
8
9
10
11
12
13
14
2
3
4
5
6
7
8
9
10
11
12
13
14
可以看到,存在8个问题:
- 问题1,配置文件
/etc/cobbler/settings中需要配置server字段。 - 问题2,配置文件
/etc/cobbler/settings中需要配置next_server字段。 - 问题3,配置文件
/etc/xinetd.d/tftp需要将disable字段设置为no。 - 问题4,需要下载网络加载程序。
- 问题5,需要开启
rsyncd服务。 - 问题6,需要下载安装
debmirror包,用于管理 debian相关的部署、 - 问题7,配置文件
/etc/cobbler/settings中需要配置default_password_crypted字段。修改默认的密码。 - 问题8,需要安装
fencing tools工具,进行电源管理。
可以将问题6和问题8分为一类,缺失软件包,需要安装。
可以将问题1、问题2、问题7分为一类,cobbler配置文件配置。
问题3、问题4、问题5单独处理。
# 6.1 安装缺失包
我们首先处理问题6和问题8,将缺失的包安装上。
查看官方文档 https://cobbler.readthedocs.io/en/latest/user-guide.html#power-management (opens new window):
7.9. Power Management
Cobbler contains a power management feature that allows the user to associate system records in Cobbler with the power management configuration attached to them. This can ease installation by making it easy to reassign systems to new operating systems and then reboot those systems.
即:
7.9。 能源管理
Cobbler包含一个电源管理功能,允许用户将System Records与其连接的电源管理配置相关联。 这可以通过简单地将系统重新分配给新的操作系统,然后重新启动这些系统来简化安装。
而debmirror包是用于安装ubuntu或debian系统时需要使用的。如果仅需要安装centos系统,则可以不用安装。为了消除这个异常提示,我们还是安装一下。
安装缺失包:
[root@cobbler-master ~]# yum install debmirror fence-agents -y
... 省略
Installed:
debmirror.noarch 1:2.30-4.el7 fence-agents-all.x86_64 0:4.2.1-41.el7_9.4
Dependency Installed:
OpenIPMI.x86_64 0:2.0.27-1.el7 OpenIPMI-libs.x86_64 0:2.0.27-1.el7
OpenIPMI-modalias.x86_64 0:2.0.27-1.el7 audit-libs-python.x86_64 0:2.8.5-4.el7
autogen-libopts.x86_64 0:5.18-5.el7 bzip2.x86_64 0:1.0.6-13.el7
checkpolicy.x86_64 0:2.5-8.el7 device-mapper-multipath.x86_64 0:0.4.9-134.el7_9
device-mapper-multipath-libs.x86_64 0:0.4.9-134.el7_9 ed.x86_64 0:1.9-4.el7
fence-agents-amt-ws.x86_64 0:4.2.1-41.el7_9.4 fence-agents-apc.x86_64 0:4.2.1-41.el7_9.4
fence-agents-apc-snmp.x86_64 0:4.2.1-41.el7_9.4 fence-agents-bladecenter.x86_64 0:4.2.1-41.el7_9.4
fence-agents-brocade.x86_64 0:4.2.1-41.el7_9.4 fence-agents-cisco-mds.x86_64 0:4.2.1-41.el7_9.4
fence-agents-cisco-ucs.x86_64 0:4.2.1-41.el7_9.4 fence-agents-common.x86_64 0:4.2.1-41.el7_9.4
fence-agents-compute.x86_64 0:4.2.1-41.el7_9.4 fence-agents-drac5.x86_64 0:4.2.1-41.el7_9.4
fence-agents-eaton-snmp.x86_64 0:4.2.1-41.el7_9.4 fence-agents-emerson.x86_64 0:4.2.1-41.el7_9.4
fence-agents-eps.x86_64 0:4.2.1-41.el7_9.4 fence-agents-heuristics-ping.x86_64 0:4.2.1-41.el7_9.4
fence-agents-hpblade.x86_64 0:4.2.1-41.el7_9.4 fence-agents-ibmblade.x86_64 0:4.2.1-41.el7_9.4
fence-agents-ifmib.x86_64 0:4.2.1-41.el7_9.4 fence-agents-ilo-moonshot.x86_64 0:4.2.1-41.el7_9.4
fence-agents-ilo-mp.x86_64 0:4.2.1-41.el7_9.4 fence-agents-ilo-ssh.x86_64 0:4.2.1-41.el7_9.4
fence-agents-ilo2.x86_64 0:4.2.1-41.el7_9.4 fence-agents-intelmodular.x86_64 0:4.2.1-41.el7_9.4
fence-agents-ipdu.x86_64 0:4.2.1-41.el7_9.4 fence-agents-ipmilan.x86_64 0:4.2.1-41.el7_9.4
fence-agents-kdump.x86_64 0:4.2.1-41.el7_9.4 fence-agents-mpath.x86_64 0:4.2.1-41.el7_9.4
fence-agents-redfish.x86_64 0:4.2.1-41.el7_9.4 fence-agents-rhevm.x86_64 0:4.2.1-41.el7_9.4
fence-agents-rsa.x86_64 0:4.2.1-41.el7_9.4 fence-agents-rsb.x86_64 0:4.2.1-41.el7_9.4
fence-agents-sbd.x86_64 0:4.2.1-41.el7_9.4 fence-agents-scsi.x86_64 0:4.2.1-41.el7_9.4
fence-agents-vmware-rest.x86_64 0:4.2.1-41.el7_9.4 fence-agents-vmware-soap.x86_64 0:4.2.1-41.el7_9.4
fence-agents-wti.x86_64 0:4.2.1-41.el7_9.4 fence-virt.x86_64 0:0.3.2-16.el7
gnutls.x86_64 0:3.3.29-9.el7_6 gnutls-dane.x86_64 0:3.3.29-9.el7_6
gnutls-utils.x86_64 0:3.3.29-9.el7_6 ipmitool.x86_64 0:1.8.18-9.el7_7
libcgroup.x86_64 0:0.41-21.el7 libevent.x86_64 0:2.0.21-4.el7
libsemanage-python.x86_64 0:2.5-14.el7 libwsman1.x86_64 0:2.6.3-7.git4391e5c.el7
net-snmp-libs.x86_64 1:5.7.2-49.el7_9.1 net-snmp-utils.x86_64 1:5.7.2-49.el7_9.1
nettle.x86_64 0:2.7.1-9.el7_9 openwsman-python.x86_64 0:2.6.3-7.git4391e5c.el7
patch.x86_64 0:2.7.1-12.el7_7 perl-Business-ISBN.noarch 0:2.06-2.el7
perl-Business-ISBN-Data.noarch 0:20120719.001-2.el7 perl-Compress-Raw-Bzip2.x86_64 0:2.061-3.el7
perl-Compress-Raw-Zlib.x86_64 1:2.061-4.el7 perl-Data-Dumper.x86_64 0:2.145-3.el7
perl-Digest.noarch 0:1.17-245.el7 perl-Digest-MD5.x86_64 0:2.52-3.el7
perl-Digest-SHA.x86_64 1:5.85-4.el7 perl-Encode-Locale.noarch 0:1.03-5.el7
perl-File-Listing.noarch 0:6.04-7.el7 perl-HTML-Parser.x86_64 0:3.71-4.el7
perl-HTML-Tagset.noarch 0:3.20-15.el7 perl-HTTP-Cookies.noarch 0:6.01-5.el7
perl-HTTP-Daemon.noarch 0:6.01-8.el7 perl-HTTP-Date.noarch 0:6.02-8.el7
perl-HTTP-Message.noarch 0:6.06-6.el7 perl-HTTP-Negotiate.noarch 0:6.01-5.el7
perl-IO-Compress.noarch 0:2.061-2.el7 perl-IO-HTML.noarch 0:1.00-2.el7
perl-IO-Socket-INET6.noarch 0:2.69-5.el7 perl-IO-Socket-IP.noarch 0:0.21-5.el7
perl-IO-Socket-SSL.noarch 0:1.94-7.el7 perl-LWP-MediaTypes.noarch 0:6.02-2.el7
perl-LockFile-Simple.noarch 0:0.208-1.el7 perl-Mozilla-CA.noarch 0:20130114-5.el7
perl-Net-HTTP.noarch 0:6.06-2.el7 perl-Net-INET6Glue.noarch 0:0.5-3.el7
perl-Net-LibIDN.x86_64 0:0.12-15.el7 perl-Net-SSLeay.x86_64 0:1.55-6.el7
perl-Socket6.x86_64 0:0.23-15.el7 perl-TimeDate.noarch 1:2.30-2.el7
perl-URI.noarch 0:1.60-9.el7 perl-WWW-RobotRules.noarch 0:6.02-5.el7
perl-libwww-perl.noarch 0:6.05-2.el7 pexpect.noarch 0:2.3-11.el7
policycoreutils-python.x86_64 0:2.5-34.el7 python-IPy.noarch 0:0.75-6.el7
python-requests.noarch 0:2.6.0-10.el7 python-six.noarch 0:1.9.0-2.el7
python-suds.noarch 0:0.4.1-5.el7 python-urllib3.noarch 0:1.10.2-7.el7
setools-libs.x86_64 0:3.3.8-4.el7 sg3_utils.x86_64 1:1.37-19.el7
sg3_utils-libs.x86_64 1:1.37-19.el7 telnet.x86_64 1:0.17-66.el7
trousers.x86_64 0:0.3.14-2.el7 unbound-libs.x86_64 0:1.6.6-5.el7_8
Dependency Updated:
kpartx.x86_64 0:0.4.9-134.el7_9
Complete!
[root@cobbler-master ~]#
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
安装完成后,再使用cobbler check进行检查一次。
[root@cobbler-master ~]# cobbler check
The following are potential configuration items that you may want to fix:
1 : The 'server' field in /etc/cobbler/settings must be set to something other than localhost, or kickstarting features will not work. This should be a resolvable hostname or IP for the boot server as reachable by all machines that will use it.
2 : For PXE to be functional, the 'next_server' field in /etc/cobbler/settings must be set to something other than 127.0.0.1, and should match the IP of the boot server on the PXE network.
3 : change 'disable' to 'no' in /etc/xinetd.d/tftp
4 : Some network boot-loaders are missing from /var/lib/cobbler/loaders, you may run 'cobbler get-loaders' to download them, or, if you only want to handle x86/x86_64 netbooting, you may ensure that you have installed a *recent* version of the syslinux package installed and can ignore this message entirely. Files in this directory, should you want to support all architectures, should include pxelinux.0, menu.c32, elilo.efi, and yaboot. The 'cobbler get-loaders' command is the easiest way to resolve these requirements.
5 : enable and start rsyncd.service with systemctl
6 : comment out 'dists' on /etc/debmirror.conf for proper debian support
7 : comment out 'arches' on /etc/debmirror.conf for proper debian support
8 : The default password used by the sample templates for newly installed machines (default_password_crypted in /etc/cobbler/settings) is still set to 'cobbler' and should be changed, try: "openssl passwd -1 -salt 'random-phrase-here' 'your-password-here'" to generate new one
Restart cobblerd and then run 'cobbler sync' to apply changes.
[root@cobbler-master ~]#
1
2
3
4
5
6
7
8
9
10
11
12
13
14
2
3
4
5
6
7
8
9
10
11
12
13
14
可以看到,此时多出了问题6和问题7是和debmirror相关的。我们处理一下配置文件/etc/debmirror.conf。为了支持debian,需要将dists和arches配置给注释掉。
查看配置文件/etc/debmirror.conf的内容:
[root@cobbler-master ~]# cat -n /etc/debmirror.conf
1 # Default config for debmirror
2
3 # The config file is a perl script so take care to follow perl syntax.
4 # Any setting in /etc/debmirror.conf overrides these defaults and
5 # ~/.debmirror.conf overrides those again. Take only what you need.
6 #
7 # The syntax is the same as on the command line and variable names
8 # loosely match option names. If you don't recognize something here
9 # then just stick to the command line.
10 #
11 # Options specified on the command line override settings in the config
12 # files.
13
14 # Location of the local mirror (use with care)
15 # $mirrordir="/path/to/mirrordir"
16
17 # Output options
18 $verbose=0;
19 $progress=0;
20 $debug=0;
21
22 # Download options
23 $host="ftp.debian.org";
24 $user="anonymous";
25 $passwd="anonymous@";
26 $remoteroot="debian";
27 $download_method="ftp";
28 @dists="sid";
29 @sections="main,main/debian-installer,contrib,non-free";
30 @arches="i386";
31 # @ignores="";
32 # @excludes="";
33 # @includes="";
34 # @excludes_deb_section="";
35 # @limit_priority="";
36 $omit_suite_symlinks=0;
37 $skippackages=0;
38 # @rsync_extra="doc,tools";
39 $i18n=0;
40 $getcontents=0;
41 $do_source=1;
42 $max_batch=0;
43
44 # @di_dists="dists";
45 # @di_archs="arches";
46
47 # Save mirror state between runs; value sets validity of cache in days
48 $state_cache_days=0;
49
50 # Security/Sanity options
51 $ignore_release_gpg=0;
52 $ignore_release=0;
53 $check_md5sums=0;
54 $ignore_small_errors=0;
55
56 # Cleanup
57 $cleanup=0;
58 $post_cleanup=1;
59
60 # Locking options
61 $timeout=300;
62
63 # Rsync options
64 $rsync_batch=200;
65 $rsync_options="-aIL --partial";
66
67 # FTP/HTTP options
68 $passive=0;
69 # $proxy="http://proxy:port/";
70
71 # Dry run
72 $dry_run=0;
73
74 # Don't keep diff files but use them
75 $diff_mode="use";
76
77 # The config file must return true or perl complains.
78 # Always copy this.
79 1;
[root@cobbler-master ~]#
[root@cobbler-master ~]# cat -n /etc/debmirror.conf|grep 'dists'
28 @dists="sid";
44 # @di_dists="dists";
[root@cobbler-master ~]# cat -n /etc/debmirror.conf|grep 'arches'
30 @arches="i386";
45 # @di_archs="arches";
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
我们把28行和30行的配置替换掉。
# 尝试替换
[root@cobbler-master ~]# sed -n 's/@dists=/# @dists=/gp' /etc/debmirror.conf
# @dists="sid";
[root@cobbler-master ~]# sed -n 's/@arches=/# @arches=/gp' /etc/debmirror.conf
# @arches="i386";
# 直接替换文件内容
[root@cobbler-master ~]# sed -i 's/@dists=/# @dists=/g' /etc/debmirror.conf
[root@cobbler-master ~]# sed -i 's/@arches=/# @arches=/g' /etc/debmirror.conf
# 再次查看配置信息
[root@cobbler-master ~]# cat -n /etc/debmirror.conf|grep 'dists'
28 # @dists="sid";
44 # @di_dists="dists";
[root@cobbler-master ~]# cat -n /etc/debmirror.conf|grep 'arches'
30 # @arches="i386";
45 # @di_archs="arches";
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
可以看到@dists和@arches行已经注释掉了。
再使用cobbler check进行检查一次。
[root@cobbler-master ~]# cobbler check
The following are potential configuration items that you may want to fix:
1 : The 'server' field in /etc/cobbler/settings must be set to something other than localhost, or kickstarting features will not work. This should be a resolvable hostname or IP for the boot server as reachable by all machines that will use it.
2 : For PXE to be functional, the 'next_server' field in /etc/cobbler/settings must be set to something other than 127.0.0.1, and should match the IP of the boot server on the PXE network.
3 : change 'disable' to 'no' in /etc/xinetd.d/tftp
4 : Some network boot-loaders are missing from /var/lib/cobbler/loaders, you may run 'cobbler get-loaders' to download them, or, if you only want to handle x86/x86_64 netbooting, you may ensure that you have installed a *recent* version of the syslinux package installed and can ignore this message entirely. Files in this directory, should you want to support all architectures, should include pxelinux.0, menu.c32, elilo.efi, and yaboot. The 'cobbler get-loaders' command is the easiest way to resolve these requirements.
5 : enable and start rsyncd.service with systemctl
6 : The default password used by the sample templates for newly installed machines (default_password_crypted in /etc/cobbler/settings) is still set to 'cobbler' and should be changed, try: "openssl passwd -1 -salt 'random-phrase-here' 'your-password-here'" to generate new one
Restart cobblerd and then run 'cobbler sync' to apply changes.
1
2
3
4
5
6
7
8
9
10
11
2
3
4
5
6
7
8
9
10
11
可以发现debmirror异常已经没有了。
# 6.2 cobbler配置文件修改
本节涉及到第二类问题,server、next_server和default_password_crypted的修改。
在修改配置文件前,我们开启下动态更新配置文件开关。
查看官方文档 https://cobbler.readthedocs.io/en/latest/cobbler-conf.html#allow-dynamic-settings (opens new window)
allow_dynamic_settings
If
True, Cobbler will allow settings to be changed dynamically without a restart of thecobblerddaemon. You can only change this variable by manually editing the settings file, and you MUST restartcobblerdafter changing it.default:
False
可以知道。通过开启该配置,可以在修改配置文件后,不需要重置cobblerd服务。因此我们先手动修改一下该配置,并重置cobblerd服务,后面再修改配置就不需要重置了。
修改前,先备份配置文件。
[root@cobbler-master ~]# cp /etc/cobbler/settings{,.bak}
[root@cobbler-master ~]# ls /etc/cobbler/settings*
/etc/cobbler/settings /etc/cobbler/settings.bak
1
2
3
2
3
查看当前allow_dynamic_settings配置信息:
[root@cobbler-master ~]# grep 'allow_dynamic_settings' /etc/cobbler/settings
allow_dynamic_settings: 0
# 获取帮助信息
[root@cobbler-master ~]# cobbler setting --help
usage
=====
cobbler setting edit
cobbler setting report
[root@cobbler-master ~]# cobbler setting report --help
Usage: cobbler [options]
Options:
-h, --help show this help message and exit
--name=NAME name of object
# 查看当前allow_dynamic_settings的配置信息
[root@cobbler-master ~]# cobbler setting report --name=allow_dynamic_settings
allow_dynamic_settings : 0
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
我们使用sed命令替换掉:
# 尝试替换
[root@cobbler-master ~]# sed -n 's/allow_dynamic_settings: 0/allow_dynamic_settings: 1/gp' /etc/cobbler/settings
allow_dynamic_settings: 1
# 直接替换文件中内容
[root@cobbler-master ~]# sed -i 's/allow_dynamic_settings: 0/allow_dynamic_settings: 1/g' /etc/cobbler/settings
# 再次查看配置文件
[root@cobbler-master ~]# grep 'allow_dynamic_settings' /etc/cobbler/settings
allow_dynamic_settings: 1
1
2
3
4
5
6
7
8
9
10
2
3
4
5
6
7
8
9
10
重启cobblerd服务:
[root@cobbler-master ~]# systemctl restart cobblerd && systemctl status cobblerd
● cobblerd.service - Cobbler Helper Daemon
Loaded: loaded (/usr/lib/systemd/system/cobblerd.service; enabled; vendor preset: disabled)
Active: active (running) since 六 2021-06-19 12:13:18 CST; 20ms ago
Process: 2120 ExecStartPost=/usr/bin/touch /usr/share/cobbler/web/cobbler.wsgi (code=exited, status=0/SUCCESS)
Main PID: 2119 (cobblerd)
CGroup: /system.slice/cobblerd.service
└─2119 /usr/bin/python2 -s /usr/bin/cobblerd -F
6月 19 12:13:18 cobbler-master systemd[1]: Stopped Cobbler Helper Daemon.
6月 19 12:13:18 cobbler-master systemd[1]: Starting Cobbler Helper Daemon...
6月 19 12:13:18 cobbler-master systemd[1]: Started Cobbler Helper Daemon.
[root@cobbler-master ~]#
1
2
3
4
5
6
7
8
9
10
11
12
13
2
3
4
5
6
7
8
9
10
11
12
13
下面我们开始修改配置文件。
# 6.2.1 修改server和next_server配置
server选项是指cobbler server的ip地址,修改服务器的IP地址192.168.2.20。next_server选项被用在DHCP/PXE上,用来作为DHCP Server和TFTP Server的IP地址,一般和Cobbler服务地址使用一个IP。
我们使用命令cobbler setting edit命令来动态更新配置文件
# 获取帮助信息
[root@cobbler-master ~]# cobbler setting edit --help
Usage: cobbler [options]
Options:
-h, --help show this help message and exit
--name=NAME Name (Ex: server)
--value=VALUE Value (Ex: 127.0.0.1)
# 获取帮助信息
[root@cobbler-master ~]# cobbler setting report --help
Usage: cobbler [options]
Options:
-h, --help show this help message and exit
--name=NAME name of object
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
先查看一下配置信息:
[root@cobbler-master ~]# cobbler setting report --name=server
server : 127.0.0.1
[root@cobbler-master ~]# cobbler setting report --name=next_server
next_server : 127.0.0.1
1
2
3
4
2
3
4
更新:
[root@cobbler-master ~]# cobbler setting edit --name=server --value="192.168.2.20"
[root@cobbler-master ~]# cobbler setting edit --name=next_server --value="192.168.2.20"
[root@cobbler-master ~]# cobbler setting report --name=server
server : 192.168.2.20
[root@cobbler-master ~]# cobbler setting report --name=next_server
next_server : 192.168.2.20
1
2
3
4
5
6
2
3
4
5
6
可以看到server和next_server配置已经更新成功。
再使用cobbler check进行检查一次。
[root@cobbler-master ~]# cobbler check
The following are potential configuration items that you may want to fix:
1 : change 'disable' to 'no' in /etc/xinetd.d/tftp
2 : Some network boot-loaders are missing from /var/lib/cobbler/loaders, you may run 'cobbler get-loaders' to download them, or, if you only want to handle x86/x86_64 netbooting, you may ensure that you have installed a *recent* version of the syslinux package installed and can ignore this message entirely. Files in this directory, should you want to support all architectures, should include pxelinux.0, menu.c32, elilo.efi, and yaboot. The 'cobbler get-loaders' command is the easiest way to resolve these requirements.
3 : enable and start rsyncd.service with systemctl
4 : The default password used by the sample templates for newly installed machines (default_password_crypted in /etc/cobbler/settings) is still set to 'cobbler' and should be changed, try: "openssl passwd -1 -salt 'random-phrase-here' 'your-password-here'" to generate new one
Restart cobblerd and then run 'cobbler sync' to apply changes.
[root@cobbler-master ~]#
1
2
3
4
5
6
7
8
9
10
2
3
4
5
6
7
8
9
10
可能发现server和next_server异常已经没有了。
接着处理default_password_crypted配置的问题。
# 6.2.2 修改default_password_crypted配置
default_password_crypted配置用于指定安装新系统时root账号的密码。
按提示可以使用命令openssl passwd -1 -salt 'random-phrase-here' 'your-password-here'生成加密的密码。
查看默认密码:
[root@cobbler-master ~]# cobbler setting report --name=default_password_crypted
default_password_crypted : $1$mF86/UHC$WvcIcX2t6crBz2onWxyac.
1
2
2
可以看到,这是一个加密后的密码字符串。
我们需要更新该密码。假设我们使用admin.CB@nodes1234作为新的系统的默认密码(注意,该密码不要让别人知道,此处我是随意取的)。那么我们需要进行以下处理,生成加密后的密码字符串。
生成随机盐:
[root@cobbler-master ~]# openssl rand --help
Usage: rand [options] num
where options are
-out file - write to file
-engine e - use engine e, possibly a hardware device.
-rand file:file:... - seed PRNG from files
-base64 - base64 encode output
-hex - hex encode output
[root@cobbler-master ~]# salt=$( openssl rand -hex 6 )
[root@cobbler-master ~]# echo $salt
ccd64bfd742f
1
2
3
4
5
6
7
8
9
10
11
2
3
4
5
6
7
8
9
10
11
使用刚才生成的随机盐进行密码加密:
[root@cobbler-master ~]# openssl passwd --help
Usage: passwd [options] [passwords]
where options are
-crypt standard Unix password algorithm (default)
-1 MD5-based password algorithm
-apr1 MD5-based password algorithm, Apache variant
-salt string use provided salt
-in file read passwords from file
-stdin read passwords from stdin
-noverify never verify when reading password from terminal
-quiet no warnings
-table format output as table
-reverse switch table columns
[root@cobbler-master ~]# scpasswd=$( openssl passwd -1 -salt "${salt}" "admin.CB@nodes1234" )
[root@cobbler-master ~]# echo $scpasswd
$1$ccd64bfd$5VwI.zd5m7wpraFvvClhT.
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
更新默认密码:
[root@cobbler-master ~]# cobbler setting edit --name=default_password_crypted --value="${scpasswd}"
[root@cobbler-master ~]# cobbler setting report --name=default_password_crypted
default_password_crypted : $1$ccd64bfd$5VwI.zd5m7wpraFvvClhT.
1
2
3
2
3
再使用cobbler check进行检查一次。
[root@cobbler-master ~]# cobbler check
The following are potential configuration items that you may want to fix:
1 : change 'disable' to 'no' in /etc/xinetd.d/tftp
2 : Some network boot-loaders are missing from /var/lib/cobbler/loaders, you may run 'cobbler get-loaders' to download them, or, if you only want to handle x86/x86_64 netbooting, you may ensure that you have installed a *recent* version of the syslinux package installed and can ignore this message entirely. Files in this directory, should you want to support all architectures, should include pxelinux.0, menu.c32, elilo.efi, and yaboot. The 'cobbler get-loaders' command is the easiest way to resolve these requirements.
3 : enable and start rsyncd.service with systemctl
Restart cobblerd and then run 'cobbler sync' to apply changes.
[root@cobbler-master ~]#
1
2
3
4
5
6
7
8
9
2
3
4
5
6
7
8
9
可以看到,cobbler配置文件相关的异常已经没有了。
# 6.3 修改TFTP配置文件
先备份配置文件/etc/xinetd.d/tftp:
[root@cobbler-master ~]# cp /etc/xinetd.d/tftp{,.bak}
[root@cobbler-master ~]# ls /etc/xinetd.d/tftp*
/etc/xinetd.d/tftp /etc/xinetd.d/tftp.bak
1
2
3
2
3
查看配置内容:
[root@cobbler-master ~]# cat -n /etc/xinetd.d/tftp
1 # default: off
2 # description: The tftp server serves files using the trivial file transfer \
3 # protocol. The tftp protocol is often used to boot diskless \
4 # workstations, download configuration files to network-aware printers, \
5 # and to start the installation process for some operating systems.
6 service tftp
7 {
8 socket_type = dgram
9 protocol = udp
10 wait = yes
11 user = root
12 server = /usr/sbin/in.tftpd
13 server_args = -s /var/lib/tftpboot
14 disable = yes
15 per_source = 11
16 cps = 100 2
17 flags = IPv4
18 }
[root@cobbler-master ~]#
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
将第14行的disable = yes改成disable = no。修改后配置文件 如下:
[root@cobbler-master ~]# cat -n /etc/xinetd.d/tftp
1 # default: off
2 # description: The tftp server serves files using the trivial file transfer \
3 # protocol. The tftp protocol is often used to boot diskless \
4 # workstations, download configuration files to network-aware printers, \
5 # and to start the installation process for some operating systems.
6 service tftp
7 {
8 socket_type = dgram
9 protocol = udp
10 wait = yes
11 user = root
12 server = /usr/sbin/in.tftpd
13 server_args = -s /var/lib/tftpboot
14 disable = no
15 per_source = 11
16 cps = 100 2
17 flags = IPv4
18 }
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
启动xinetd服务:
# 设置开机自启动
[root@cobbler-master ~]# systemctl enable xinetd
# 启动xinetd服务,并查看服务状态
[root@cobbler-master ~]# systemctl start xinetd && systemctl status xinetd
● xinetd.service - Xinetd A Powerful Replacement For Inetd
Loaded: loaded (/usr/lib/systemd/system/xinetd.service; enabled; vendor preset: enabled)
Active: active (running) since 六 2021-06-19 14:49:10 CST; 4ms ago
Process: 2310 ExecStart=/usr/sbin/xinetd -stayalive -pidfile /var/run/xinetd.pid $EXTRAOPTIONS (code=exited, status=0/SUCCESS)
Main PID: 2311 (xinetd)
CGroup: /system.slice/xinetd.service
└─2311 /usr/sbin/xinetd -stayalive -pidfile /var/run/xinetd.pid
6月 19 14:49:10 cobbler-master xinetd[2311]: removing discard
6月 19 14:49:10 cobbler-master xinetd[2311]: removing discard
6月 19 14:49:10 cobbler-master xinetd[2311]: removing echo
6月 19 14:49:10 cobbler-master xinetd[2311]: removing echo
6月 19 14:49:10 cobbler-master xinetd[2311]: removing tcpmux
6月 19 14:49:10 cobbler-master xinetd[2311]: removing time
6月 19 14:49:10 cobbler-master xinetd[2311]: removing time
6月 19 14:49:10 cobbler-master xinetd[2311]: xinetd Version 2.3.15 started with libwrap loadavg labeled-networking opt...ed in.
6月 19 14:49:10 cobbler-master xinetd[2311]: Started working: 1 available service
6月 19 14:49:10 cobbler-master systemd[1]: Started Xinetd A Powerful Replacement For Inetd.
Hint: Some lines were ellipsized, use -l to show in full.
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
可以看到服务已经正常启动。这样TFTP服务就启动成功了。
我们再使用cobbler check进行检查一次。
[root@cobbler-master ~]# cobbler check
The following are potential configuration items that you may want to fix:
1 : Some network boot-loaders are missing from /var/lib/cobbler/loaders, you may run 'cobbler get-loaders' to download them, or, if you only want to handle x86/x86_64 netbooting, you may ensure that you have installed a *recent* version of the syslinux package installed and can ignore this message entirely. Files in this directory, should you want to support all architectures, should include pxelinux.0, menu.c32, elilo.efi, and yaboot. The 'cobbler get-loaders' command is the easiest way to resolve these requirements.
2 : enable and start rsyncd.service with systemctl
Restart cobblerd and then run 'cobbler sync' to apply changes.
1
2
3
4
5
6
7
2
3
4
5
6
7
可以看到只剩下两个问题需要处理了。
# 6.4 启动rsyncd服务
rsync是一种快速且极其通用的文件复制工具。我们使用以下命令将该服务启动起来。
[root@cobbler-master ~]# systemctl enable rsyncd
Created symlink from /etc/systemd/system/multi-user.target.wants/rsyncd.service to /usr/lib/systemd/system/rsyncd.service.
[root@cobbler-master ~]# systemctl start rsyncd && systemctl status rsyncd
● rsyncd.service - fast remote file copy program daemon
Loaded: loaded (/usr/lib/systemd/system/rsyncd.service; enabled; vendor preset: disabled)
Active: active (running) since 六 2021-06-19 14:56:21 CST; 6ms ago
Main PID: 2350 (rsync)
CGroup: /system.slice/rsyncd.service
└─2350 /usr/bin/rsync --daemon --no-detach
6月 19 14:56:21 cobbler-master systemd[1]: Started fast remote file copy program daemon.
6月 19 14:56:21 cobbler-master rsyncd[2350]: rsyncd version 3.1.2 starting, listening on port 873
[root@cobbler-master ~]#
1
2
3
4
5
6
7
8
9
10
11
12
13
2
3
4
5
6
7
8
9
10
11
12
13
可以看到rsyncd服务已经启动成功,并监听873端口。
我们再使用cobbler check进行检查一次。
[root@cobbler-master ~]# cobbler check
The following are potential configuration items that you may want to fix:
1 : Some network boot-loaders are missing from /var/lib/cobbler/loaders, you may run 'cobbler get-loaders' to download them, or, if you only want to handle x86/x86_64 netbooting, you may ensure that you have installed a *recent* version of the syslinux package installed and can ignore this message entirely. Files in this directory, should you want to support all architectures, should include pxelinux.0, menu.c32, elilo.efi, and yaboot. The 'cobbler get-loaders' command is the easiest way to resolve these requirements.
Restart cobblerd and then run 'cobbler sync' to apply changes.
1
2
3
4
5
6
2
3
4
5
6
可以看到,只有最后一个问题需要处理了。
# 6.5 下载网络启动器文件
按提示信息,直接运行命令cobbler get-loaders:
# 运行第1次
[root@cobbler-master ~]# cobbler get-loaders
task started: 2021-06-19_150035_get_loaders
task started (id=Download Bootloader Content, time=Sat Jun 19 15:00:35 2021)
downloading https://cobbler.github.io/loaders/README to /var/lib/cobbler/loaders/README
Exception occured: <class 'urlgrabber.grabber.URLGrabError'>
Exception value: [Errno 14] curl#60 - "Issuer certificate is invalid."
Exception Info:
File "/usr/lib/python2.7/site-packages/cobbler/remote.py", line 82, in run
rc = self._run(self)
File "/usr/lib/python2.7/site-packages/cobbler/remote.py", line 176, in runner
return self.remote.api.dlcontent(self.options.get("force",False), self.logger)
File "/usr/lib/python2.7/site-packages/cobbler/api.py", line 735, in dlcontent
return grabber.run(force)
File "/usr/lib/python2.7/site-packages/cobbler/action_dlcontent.py", line 73, in run
urlgrabber.grabber.urlgrab(src, filename=dst, proxies=proxies)
File "/usr/lib/python2.7/site-packages/urlgrabber/grabber.py", line 773, in urlgrab
return default_grabber.urlgrab(url, filename, **kwargs)
File "/usr/lib/python2.7/site-packages/urlgrabber/grabber.py", line 1220, in urlgrab
return _run_callback(opts.failfunc, opts)
File "/usr/lib/python2.7/site-packages/urlgrabber/grabber.py", line 1071, in _run_callback
return cb(obj)
File "/usr/lib/python2.7/site-packages/urlgrabber/grabber.py", line 1065, in _do_raise
raise obj.exception
!!! TASK FAILED !!!
# 运行第2次
[root@cobbler-master ~]# cobbler get-loaders
task started: 2021-06-19_150041_get_loaders
task started (id=Download Bootloader Content, time=Sat Jun 19 15:00:41 2021)
path /var/lib/cobbler/loaders/README already exists, not overwriting existing content, use --force if you wish to update
downloading https://cobbler.github.io/loaders/COPYING.elilo to /var/lib/cobbler/loaders/COPYING.elilo
Exception occured: <class 'urlgrabber.grabber.URLGrabError'>
Exception value: [Errno 14] curl#60 - "Issuer certificate is invalid."
Exception Info:
File "/usr/lib/python2.7/site-packages/cobbler/remote.py", line 82, in run
rc = self._run(self)
File "/usr/lib/python2.7/site-packages/cobbler/remote.py", line 176, in runner
return self.remote.api.dlcontent(self.options.get("force",False), self.logger)
File "/usr/lib/python2.7/site-packages/cobbler/api.py", line 735, in dlcontent
return grabber.run(force)
File "/usr/lib/python2.7/site-packages/cobbler/action_dlcontent.py", line 73, in run
urlgrabber.grabber.urlgrab(src, filename=dst, proxies=proxies)
File "/usr/lib/python2.7/site-packages/urlgrabber/grabber.py", line 773, in urlgrab
return default_grabber.urlgrab(url, filename, **kwargs)
File "/usr/lib/python2.7/site-packages/urlgrabber/grabber.py", line 1220, in urlgrab
return _run_callback(opts.failfunc, opts)
File "/usr/lib/python2.7/site-packages/urlgrabber/grabber.py", line 1071, in _run_callback
return cb(obj)
File "/usr/lib/python2.7/site-packages/urlgrabber/grabber.py", line 1065, in _do_raise
raise obj.exception
!!! TASK FAILED !!!
# 运行第3次
[root@cobbler-master ~]# cobbler get-loaders
task started: 2021-06-19_150055_get_loaders
task started (id=Download Bootloader Content, time=Sat Jun 19 15:00:55 2021)
path /var/lib/cobbler/loaders/README already exists, not overwriting existing content, use --force if you wish to update
path /var/lib/cobbler/loaders/COPYING.elilo already exists, not overwriting existing content, use --force if you wish to update
downloading https://cobbler.github.io/loaders/COPYING.yaboot to /var/lib/cobbler/loaders/COPYING.yaboot
Exception occured: <class 'urlgrabber.grabber.URLGrabError'>
Exception value: [Errno 14] curl#60 - "Issuer certificate is invalid."
Exception Info:
File "/usr/lib/python2.7/site-packages/cobbler/remote.py", line 82, in run
rc = self._run(self)
File "/usr/lib/python2.7/site-packages/cobbler/remote.py", line 176, in runner
return self.remote.api.dlcontent(self.options.get("force",False), self.logger)
File "/usr/lib/python2.7/site-packages/cobbler/api.py", line 735, in dlcontent
return grabber.run(force)
File "/usr/lib/python2.7/site-packages/cobbler/action_dlcontent.py", line 73, in run
urlgrabber.grabber.urlgrab(src, filename=dst, proxies=proxies)
File "/usr/lib/python2.7/site-packages/urlgrabber/grabber.py", line 773, in urlgrab
return default_grabber.urlgrab(url, filename, **kwargs)
File "/usr/lib/python2.7/site-packages/urlgrabber/grabber.py", line 1220, in urlgrab
return _run_callback(opts.failfunc, opts)
File "/usr/lib/python2.7/site-packages/urlgrabber/grabber.py", line 1071, in _run_callback
return cb(obj)
File "/usr/lib/python2.7/site-packages/urlgrabber/grabber.py", line 1065, in _do_raise
raise obj.exception
!!! TASK FAILED !!!
[root@cobbler-master ~]#
# 运行第4次
[root@cobbler-master ~]# cobbler get-loaders
task started: 2021-06-19_150140_get_loaders
task started (id=Download Bootloader Content, time=Sat Jun 19 15:01:40 2021)
path /var/lib/cobbler/loaders/README already exists, not overwriting existing content, use --force if you wish to update
path /var/lib/cobbler/loaders/COPYING.elilo already exists, not overwriting existing content, use --force if you wish to update
path /var/lib/cobbler/loaders/COPYING.yaboot already exists, not overwriting existing content, use --force if you wish to update
downloading https://cobbler.github.io/loaders/COPYING.syslinux to /var/lib/cobbler/loaders/COPYING.syslinux
Exception occured: <class 'urlgrabber.grabber.URLGrabError'>
Exception value: [Errno 14] curl#60 - "Issuer certificate is invalid."
Exception Info:
File "/usr/lib/python2.7/site-packages/cobbler/remote.py", line 82, in run
rc = self._run(self)
File "/usr/lib/python2.7/site-packages/cobbler/remote.py", line 176, in runner
return self.remote.api.dlcontent(self.options.get("force",False), self.logger)
File "/usr/lib/python2.7/site-packages/cobbler/api.py", line 735, in dlcontent
return grabber.run(force)
File "/usr/lib/python2.7/site-packages/cobbler/action_dlcontent.py", line 73, in run
urlgrabber.grabber.urlgrab(src, filename=dst, proxies=proxies)
File "/usr/lib/python2.7/site-packages/urlgrabber/grabber.py", line 773, in urlgrab
return default_grabber.urlgrab(url, filename, **kwargs)
File "/usr/lib/python2.7/site-packages/urlgrabber/grabber.py", line 1220, in urlgrab
return _run_callback(opts.failfunc, opts)
File "/usr/lib/python2.7/site-packages/urlgrabber/grabber.py", line 1071, in _run_callback
return cb(obj)
File "/usr/lib/python2.7/site-packages/urlgrabber/grabber.py", line 1065, in _do_raise
raise obj.exception
!!! TASK FAILED !!!
[root@cobbler-master ~]#
# 运行第5次
[root@cobbler-master ~]# cobbler get-loaders
task started: 2021-06-19_150217_get_loaders
task started (id=Download Bootloader Content, time=Sat Jun 19 15:02:17 2021)
path /var/lib/cobbler/loaders/README already exists, not overwriting existing content, use --force if you wish to update
path /var/lib/cobbler/loaders/COPYING.elilo already exists, not overwriting existing content, use --force if you wish to update
path /var/lib/cobbler/loaders/COPYING.yaboot already exists, not overwriting existing content, use --force if you wish to update
path /var/lib/cobbler/loaders/COPYING.syslinux already exists, not overwriting existing content, use --force if you wish to update
downloading https://cobbler.github.io/loaders/elilo-3.8-ia64.efi to /var/lib/cobbler/loaders/elilo-ia64.efi
Exception occured: <class 'urlgrabber.grabber.URLGrabError'>
Exception value: [Errno 14] curl#60 - "Issuer certificate is invalid."
Exception Info:
File "/usr/lib/python2.7/site-packages/cobbler/remote.py", line 82, in run
rc = self._run(self)
File "/usr/lib/python2.7/site-packages/cobbler/remote.py", line 176, in runner
return self.remote.api.dlcontent(self.options.get("force",False), self.logger)
File "/usr/lib/python2.7/site-packages/cobbler/api.py", line 735, in dlcontent
return grabber.run(force)
File "/usr/lib/python2.7/site-packages/cobbler/action_dlcontent.py", line 73, in run
urlgrabber.grabber.urlgrab(src, filename=dst, proxies=proxies)
File "/usr/lib/python2.7/site-packages/urlgrabber/grabber.py", line 773, in urlgrab
return default_grabber.urlgrab(url, filename, **kwargs)
File "/usr/lib/python2.7/site-packages/urlgrabber/grabber.py", line 1220, in urlgrab
return _run_callback(opts.failfunc, opts)
File "/usr/lib/python2.7/site-packages/urlgrabber/grabber.py", line 1071, in _run_callback
return cb(obj)
File "/usr/lib/python2.7/site-packages/urlgrabber/grabber.py", line 1065, in _do_raise
raise obj.exception
!!! TASK FAILED !!!
[root@cobbler-master ~]#
# 运行第6次
[root@cobbler-master ~]# cobbler get-loaders
task started: 2021-06-19_150247_get_loaders
task started (id=Download Bootloader Content, time=Sat Jun 19 15:02:47 2021)
path /var/lib/cobbler/loaders/README already exists, not overwriting existing content, use --force if you wish to update
path /var/lib/cobbler/loaders/COPYING.elilo already exists, not overwriting existing content, use --force if you wish to update
path /var/lib/cobbler/loaders/COPYING.yaboot already exists, not overwriting existing content, use --force if you wish to update
path /var/lib/cobbler/loaders/COPYING.syslinux already exists, not overwriting existing content, use --force if you wish to update
path /var/lib/cobbler/loaders/elilo-ia64.efi already exists, not overwriting existing content, use --force if you wish to update
downloading https://cobbler.github.io/loaders/yaboot-1.3.17 to /var/lib/cobbler/loaders/yaboot
Exception occured: <class 'urlgrabber.grabber.URLGrabError'>
Exception value: [Errno 14] curl#60 - "Issuer certificate is invalid."
Exception Info:
File "/usr/lib/python2.7/site-packages/cobbler/remote.py", line 82, in run
rc = self._run(self)
File "/usr/lib/python2.7/site-packages/cobbler/remote.py", line 176, in runner
return self.remote.api.dlcontent(self.options.get("force",False), self.logger)
File "/usr/lib/python2.7/site-packages/cobbler/api.py", line 735, in dlcontent
return grabber.run(force)
File "/usr/lib/python2.7/site-packages/cobbler/action_dlcontent.py", line 73, in run
urlgrabber.grabber.urlgrab(src, filename=dst, proxies=proxies)
File "/usr/lib/python2.7/site-packages/urlgrabber/grabber.py", line 773, in urlgrab
return default_grabber.urlgrab(url, filename, **kwargs)
File "/usr/lib/python2.7/site-packages/urlgrabber/grabber.py", line 1220, in urlgrab
return _run_callback(opts.failfunc, opts)
File "/usr/lib/python2.7/site-packages/urlgrabber/grabber.py", line 1071, in _run_callback
return cb(obj)
File "/usr/lib/python2.7/site-packages/urlgrabber/grabber.py", line 1065, in _do_raise
raise obj.exception
!!! TASK FAILED !!!
[root@cobbler-master ~]#
# 运行第7次
[root@cobbler-master ~]# cobbler get-loaders
task started: 2021-06-19_150327_get_loaders
task started (id=Download Bootloader Content, time=Sat Jun 19 15:03:27 2021)
path /var/lib/cobbler/loaders/README already exists, not overwriting existing content, use --force if you wish to update
path /var/lib/cobbler/loaders/COPYING.elilo already exists, not overwriting existing content, use --force if you wish to update
path /var/lib/cobbler/loaders/COPYING.yaboot already exists, not overwriting existing content, use --force if you wish to update
path /var/lib/cobbler/loaders/COPYING.syslinux already exists, not overwriting existing content, use --force if you wish to update
path /var/lib/cobbler/loaders/elilo-ia64.efi already exists, not overwriting existing content, use --force if you wish to update
path /var/lib/cobbler/loaders/yaboot already exists, not overwriting existing content, use --force if you wish to update
downloading https://cobbler.github.io/loaders/pxelinux.0-3.86 to /var/lib/cobbler/loaders/pxelinux.0
Exception occured: <class 'urlgrabber.grabber.URLGrabError'>
Exception value: [Errno 14] curl#60 - "Issuer certificate is invalid."
Exception Info:
File "/usr/lib/python2.7/site-packages/cobbler/remote.py", line 82, in run
rc = self._run(self)
File "/usr/lib/python2.7/site-packages/cobbler/remote.py", line 176, in runner
return self.remote.api.dlcontent(self.options.get("force",False), self.logger)
File "/usr/lib/python2.7/site-packages/cobbler/api.py", line 735, in dlcontent
return grabber.run(force)
File "/usr/lib/python2.7/site-packages/cobbler/action_dlcontent.py", line 73, in run
urlgrabber.grabber.urlgrab(src, filename=dst, proxies=proxies)
File "/usr/lib/python2.7/site-packages/urlgrabber/grabber.py", line 773, in urlgrab
return default_grabber.urlgrab(url, filename, **kwargs)
File "/usr/lib/python2.7/site-packages/urlgrabber/grabber.py", line 1220, in urlgrab
return _run_callback(opts.failfunc, opts)
File "/usr/lib/python2.7/site-packages/urlgrabber/grabber.py", line 1071, in _run_callback
return cb(obj)
File "/usr/lib/python2.7/site-packages/urlgrabber/grabber.py", line 1065, in _do_raise
raise obj.exception
!!! TASK FAILED !!!
[root@cobbler-master ~]#
# 运行第8次
[root@cobbler-master ~]# cobbler get-loaders
task started: 2021-06-19_150342_get_loaders
task started (id=Download Bootloader Content, time=Sat Jun 19 15:03:42 2021)
path /var/lib/cobbler/loaders/README already exists, not overwriting existing content, use --force if you wish to update
path /var/lib/cobbler/loaders/COPYING.elilo already exists, not overwriting existing content, use --force if you wish to update
path /var/lib/cobbler/loaders/COPYING.yaboot already exists, not overwriting existing content, use --force if you wish to update
path /var/lib/cobbler/loaders/COPYING.syslinux already exists, not overwriting existing content, use --force if you wish to update
path /var/lib/cobbler/loaders/elilo-ia64.efi already exists, not overwriting existing content, use --force if you wish to update
path /var/lib/cobbler/loaders/yaboot already exists, not overwriting existing content, use --force if you wish to update
path /var/lib/cobbler/loaders/pxelinux.0 already exists, not overwriting existing content, use --force if you wish to update
downloading https://cobbler.github.io/loaders/menu.c32-3.86 to /var/lib/cobbler/loaders/menu.c32
Exception occured: <class 'urlgrabber.grabber.URLGrabError'>
Exception value: [Errno 14] curl#60 - "Issuer certificate is invalid."
Exception Info:
File "/usr/lib/python2.7/site-packages/cobbler/remote.py", line 82, in run
rc = self._run(self)
File "/usr/lib/python2.7/site-packages/cobbler/remote.py", line 176, in runner
return self.remote.api.dlcontent(self.options.get("force",False), self.logger)
File "/usr/lib/python2.7/site-packages/cobbler/api.py", line 735, in dlcontent
return grabber.run(force)
File "/usr/lib/python2.7/site-packages/cobbler/action_dlcontent.py", line 73, in run
urlgrabber.grabber.urlgrab(src, filename=dst, proxies=proxies)
File "/usr/lib/python2.7/site-packages/urlgrabber/grabber.py", line 773, in urlgrab
return default_grabber.urlgrab(url, filename, **kwargs)
File "/usr/lib/python2.7/site-packages/urlgrabber/grabber.py", line 1220, in urlgrab
return _run_callback(opts.failfunc, opts)
File "/usr/lib/python2.7/site-packages/urlgrabber/grabber.py", line 1071, in _run_callback
return cb(obj)
File "/usr/lib/python2.7/site-packages/urlgrabber/grabber.py", line 1065, in _do_raise
raise obj.exception
!!! TASK FAILED !!!
[root@cobbler-master ~]#
# 运行第9次
[root@cobbler-master ~]# cobbler get-loaders
task started: 2021-06-19_150416_get_loaders
task started (id=Download Bootloader Content, time=Sat Jun 19 15:04:16 2021)
path /var/lib/cobbler/loaders/README already exists, not overwriting existing content, use --force if you wish to update
path /var/lib/cobbler/loaders/COPYING.elilo already exists, not overwriting existing content, use --force if you wish to update
path /var/lib/cobbler/loaders/COPYING.yaboot already exists, not overwriting existing content, use --force if you wish to update
path /var/lib/cobbler/loaders/COPYING.syslinux already exists, not overwriting existing content, use --force if you wish to update
path /var/lib/cobbler/loaders/elilo-ia64.efi already exists, not overwriting existing content, use --force if you wish to update
path /var/lib/cobbler/loaders/yaboot already exists, not overwriting existing content, use --force if you wish to update
path /var/lib/cobbler/loaders/pxelinux.0 already exists, not overwriting existing content, use --force if you wish to update
path /var/lib/cobbler/loaders/menu.c32 already exists, not overwriting existing content, use --force if you wish to update
downloading https://cobbler.github.io/loaders/grub-0.97-x86.efi to /var/lib/cobbler/loaders/grub-x86.efi
Exception occured: <class 'urlgrabber.grabber.URLGrabError'>
Exception value: [Errno 14] curl#60 - "Issuer certificate is invalid."
Exception Info:
File "/usr/lib/python2.7/site-packages/cobbler/remote.py", line 82, in run
rc = self._run(self)
File "/usr/lib/python2.7/site-packages/cobbler/remote.py", line 176, in runner
return self.remote.api.dlcontent(self.options.get("force",False), self.logger)
File "/usr/lib/python2.7/site-packages/cobbler/api.py", line 735, in dlcontent
return grabber.run(force)
File "/usr/lib/python2.7/site-packages/cobbler/action_dlcontent.py", line 73, in run
urlgrabber.grabber.urlgrab(src, filename=dst, proxies=proxies)
File "/usr/lib/python2.7/site-packages/urlgrabber/grabber.py", line 773, in urlgrab
return default_grabber.urlgrab(url, filename, **kwargs)
File "/usr/lib/python2.7/site-packages/urlgrabber/grabber.py", line 1220, in urlgrab
return _run_callback(opts.failfunc, opts)
File "/usr/lib/python2.7/site-packages/urlgrabber/grabber.py", line 1071, in _run_callback
return cb(obj)
File "/usr/lib/python2.7/site-packages/urlgrabber/grabber.py", line 1065, in _do_raise
raise obj.exception
!!! TASK FAILED !!!
[root@cobbler-master ~]#
# 运行第10次
[root@cobbler-master ~]# cobbler get-loaders
task started: 2021-06-19_150443_get_loaders
task started (id=Download Bootloader Content, time=Sat Jun 19 15:04:43 2021)
path /var/lib/cobbler/loaders/README already exists, not overwriting existing content, use --force if you wish to update
path /var/lib/cobbler/loaders/COPYING.elilo already exists, not overwriting existing content, use --force if you wish to update
path /var/lib/cobbler/loaders/COPYING.yaboot already exists, not overwriting existing content, use --force if you wish to update
path /var/lib/cobbler/loaders/COPYING.syslinux already exists, not overwriting existing content, use --force if you wish to update
path /var/lib/cobbler/loaders/elilo-ia64.efi already exists, not overwriting existing content, use --force if you wish to update
path /var/lib/cobbler/loaders/yaboot already exists, not overwriting existing content, use --force if you wish to update
path /var/lib/cobbler/loaders/pxelinux.0 already exists, not overwriting existing content, use --force if you wish to update
path /var/lib/cobbler/loaders/menu.c32 already exists, not overwriting existing content, use --force if you wish to update
path /var/lib/cobbler/loaders/grub-x86.efi already exists, not overwriting existing content, use --force if you wish to update
downloading https://cobbler.github.io/loaders/grub-0.97-x86_64.efi to /var/lib/cobbler/loaders/grub-x86_64.efi
Exception occured: <class 'urlgrabber.grabber.URLGrabError'>
Exception value: [Errno 14] curl#60 - "Issuer certificate is invalid."
Exception Info:
File "/usr/lib/python2.7/site-packages/cobbler/remote.py", line 82, in run
rc = self._run(self)
File "/usr/lib/python2.7/site-packages/cobbler/remote.py", line 176, in runner
return self.remote.api.dlcontent(self.options.get("force",False), self.logger)
File "/usr/lib/python2.7/site-packages/cobbler/api.py", line 735, in dlcontent
return grabber.run(force)
File "/usr/lib/python2.7/site-packages/cobbler/action_dlcontent.py", line 73, in run
urlgrabber.grabber.urlgrab(src, filename=dst, proxies=proxies)
File "/usr/lib/python2.7/site-packages/urlgrabber/grabber.py", line 773, in urlgrab
return default_grabber.urlgrab(url, filename, **kwargs)
File "/usr/lib/python2.7/site-packages/urlgrabber/grabber.py", line 1220, in urlgrab
return _run_callback(opts.failfunc, opts)
File "/usr/lib/python2.7/site-packages/urlgrabber/grabber.py", line 1071, in _run_callback
return cb(obj)
File "/usr/lib/python2.7/site-packages/urlgrabber/grabber.py", line 1065, in _do_raise
raise obj.exception
!!! TASK FAILED !!!
[root@cobbler-master ~]#
# 运行第11次
[root@cobbler-master ~]# cobbler get-loaders
task started: 2021-06-19_150515_get_loaders
task started (id=Download Bootloader Content, time=Sat Jun 19 15:05:15 2021)
path /var/lib/cobbler/loaders/README already exists, not overwriting existing content, use --force if you wish to update
path /var/lib/cobbler/loaders/COPYING.elilo already exists, not overwriting existing content, use --force if you wish to update
path /var/lib/cobbler/loaders/COPYING.yaboot already exists, not overwriting existing content, use --force if you wish to update
path /var/lib/cobbler/loaders/COPYING.syslinux already exists, not overwriting existing content, use --force if you wish to update
path /var/lib/cobbler/loaders/elilo-ia64.efi already exists, not overwriting existing content, use --force if you wish to update
path /var/lib/cobbler/loaders/yaboot already exists, not overwriting existing content, use --force if you wish to update
path /var/lib/cobbler/loaders/pxelinux.0 already exists, not overwriting existing content, use --force if you wish to update
path /var/lib/cobbler/loaders/menu.c32 already exists, not overwriting existing content, use --force if you wish to update
path /var/lib/cobbler/loaders/grub-x86.efi already exists, not overwriting existing content, use --force if you wish to update
path /var/lib/cobbler/loaders/grub-x86_64.efi already exists, not overwriting existing content, use --force if you wish to update
*** TASK COMPLETE ***
[root@cobbler-master ~]# echo $?
0
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
在执行命令的过程中,发现命令每次都在下载文件,因此经过多次下载后,所有的问题都下载完了,最后显示*** TASK COMPLETE ***说明任务执行完成了。
我们再使用cobbler check进行检查一次。
[root@cobbler-master ~]# cobbler check
No configuration problems found. All systems go.
1
2
2
这个时候提示没有配置问题,说明所有异常都解决了。
# 7. 配置DHCP服务
注意,在使用虚拟机测试时,关闭VirtualBox的DHCP服务。
In order to PXE boot, you need a DHCP server to hand out addresses and direct the booting system to the TFTP server where it can download the network boot files. Cobbler can manage this for you, via the
manage_dhcpsetting:manage_dhcp: 01Change that setting to 1 so Cobbler will generate the
dhcpd.conffile based on thedhcp.templatethat is included with Cobbler. This template will most likely need to be modified as well, based on your network settings:$ vi /etc/cobbler/dhcp.template1For most uses, you’ll only need to modify this block:
subnet 192.168.1.0 netmask 255.255.255.0 { option routers 192.168.1.1; option domain-name-servers 192.168.1.210,192.168.1.211; option subnet-mask 255.255.255.0; filename "/pxelinux.0"; default-lease-time 21600; max-lease-time 43200; next-server $next_server_v4; }1
2
3
4
5
6
7
8
9No matter what, make sure you do not modify the
next-server $next_server_v4;line, as that is how the next server setting is pulled into the configuration. This file is a cheetah template, so be sure not to modify anything starting after this line:#for dhcp_tag in $dhcp_tags.keys():1Completely going through the
dhcpd.confconfiguration syntax is beyond the scope of this document, but for more information see the man page for more details:$ man dhcpd.conf1
即,需要做两件事:
- 开启
manager_dhcp。 - 配置DHCP模板文件。
# 7.1 开启manage_dhcp
查看manage_dhcp的当前配置:
[root@cobbler-master ~]# grep -n 'manage_dhcp' /etc/cobbler/settings
61:manage_dhcp: 0
[root@cobbler-master ~]# cobbler setting report --name=manage_dhcp
manage_dhcp : 0
1
2
3
4
2
3
4
我们将该值设置为1,使用动态更新配置命令进行更新:
# 更新
[root@cobbler-master ~]# cobbler setting edit --name=manage_dhcp --value=1
# 再次查看配置情况
[root@cobbler-master ~]# grep -n 'manage_dhcp' /etc/cobbler/settings
61:manage_dhcp: 1
[root@cobbler-master ~]# cobbler setting report --name=manage_dhcp
manage_dhcp : 1
1
2
3
4
5
6
7
8
2
3
4
5
6
7
8
可以看到配置已经生效。这样cobbler就会托管DHCP服务。
# 7.2 DHCP模板文件配置
查看当前模板文件内容:
[root@cobbler-master ~]# cat -n /etc/cobbler/dhcp.template
1 # ******************************************************************
2 # Cobbler managed dhcpd.conf file
3 #
4 # generated from cobbler dhcp.conf template ($date)
5 # Do NOT make changes to /etc/dhcpd.conf. Instead, make your changes
6 # in /etc/cobbler/dhcp.template, as /etc/dhcpd.conf will be
7 # overwritten.
8 #
9 # ******************************************************************
10
11 ddns-update-style interim;
12
13 allow booting;
14 allow bootp;
15
16 ignore client-updates;
17 set vendorclass = option vendor-class-identifier;
18
19 option pxe-system-type code 93 = unsigned integer 16;
20
21 subnet 192.168.1.0 netmask 255.255.255.0 {
22 option routers 192.168.1.5;
23 option domain-name-servers 192.168.1.1;
24 option subnet-mask 255.255.255.0;
25 range dynamic-bootp 192.168.1.100 192.168.1.254;
26 default-lease-time 21600;
27 max-lease-time 43200;
28 next-server $next_server;
29 class "pxeclients" {
30 match if substring (option vendor-class-identifier, 0, 9) = "PXEClient";
31 if option pxe-system-type = 00:02 {
32 filename "ia64/elilo.efi";
33 } else if option pxe-system-type = 00:06 {
34 filename "grub/grub-x86.efi";
35 } else if option pxe-system-type = 00:07 {
36 filename "grub/grub-x86_64.efi";
37 } else if option pxe-system-type = 00:09 {
38 filename "grub/grub-x86_64.efi";
39 } else {
40 filename "pxelinux.0";
41 }
42 }
43
44 }
45
46 #for dhcp_tag in $dhcp_tags.keys():
47 ## group could be subnet if your dhcp tags line up with your subnets
48 ## or really any valid dhcpd.conf construct ... if you only use the
49 ## default dhcp tag in cobbler, the group block can be deleted for a
50 ## flat configuration
51 # group for Cobbler DHCP tag: $dhcp_tag
52 group {
53 #for mac in $dhcp_tags[$dhcp_tag].keys():
54 #set iface = $dhcp_tags[$dhcp_tag][$mac]
55 host $iface.name {
56 #if $iface.interface_type == "infiniband":
57 option dhcp-client-identifier = $mac;
58 #else
59 hardware ethernet $mac;
60 #end if
61 #if $iface.ip_address:
62 fixed-address $iface.ip_address;
63 #end if
64 #if $iface.hostname:
65 option host-name "$iface.hostname";
66 #end if
67 #if $iface.netmask:
68 option subnet-mask $iface.netmask;
69 #end if
70 #if $iface.gateway:
71 option routers $iface.gateway;
72 #end if
73 #if $iface.enable_gpxe:
74 if exists user-class and option user-class = "gPXE" {
75 filename "http://$cobbler_server/cblr/svc/op/gpxe/system/$iface.owner";
76 } else if exists user-class and option user-class = "iPXE" {
77 filename "http://$cobbler_server/cblr/svc/op/gpxe/system/$iface.owner";
78 } else {
79 filename "undionly.kpxe";
80 }
81 #else
82 filename "$iface.filename";
83 #end if
84 ## Cobbler defaults to $next_server, but some users
85 ## may like to use $iface.system.server for proxied setups
86 next-server $next_server;
87 ## next-server $iface.next_server;
88 }
89 #end for
90 }
91 #end for
92
[root@cobbler-master ~]#
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
可以看到有92行内容,我们只用修改21-25行这几行中的内容,其他行不用修改。
[root@cobbler-master ~]# cat -n /etc/cobbler/dhcp.template |sed -n '21,25p'
21 subnet 192.168.1.0 netmask 255.255.255.0 {
22 option routers 192.168.1.5;
23 option domain-name-servers 192.168.1.1;
24 option subnet-mask 255.255.255.0;
25 range dynamic-bootp 192.168.1.100 192.168.1.254;
[root@cobbler-master ~]#
1
2
3
4
5
6
7
2
3
4
5
6
7
解释一些这几行的意思:
subnet 192.168.1.0服务器网段,我们cobbler服务器此处应改成192.168.2.0。netmask 255.255.255.0子网掩码,不用修改。option routers 192.168.1.5;网关地址,我们cobbler服务器此处应改成192.168.2.1。option domain-name-servers 192.168.1.1;域名服务器IP地址,我们的域名IP和网关地址相同,也是192.168.2.1。option subnet-mask 255.255.255.0;子网掩码,不用修改。range dynamic-bootp 192.168.1.100 192.168.1.254;DHCP服务器分配的IP地址租用范围。为了不与局域网内其他服务器有冲突,我们设置租用范围从192.168.2.200到192.168.2.254。这够我们测试使用了。
先备份一下配置文件:
[root@cobbler-master ~]# cp /etc/cobbler/dhcp.template{,.bak}
[root@cobbler-master ~]# ls /etc/cobbler/dhcp.template*
/etc/cobbler/dhcp.template /etc/cobbler/dhcp.template.bak
1
2
3
2
3
使用vim编辑一下。修改后查看21-25行内容:
[root@cobbler-master ~]# cat -n /etc/cobbler/dhcp.template |sed -n '21,25p'
21 subnet 192.168.2.0 netmask 255.255.255.0 {
22 option routers 192.168.2.1;
23 option domain-name-servers 192.168.2.1;
24 option subnet-mask 255.255.255.0;
25 range dynamic-bootp 192.168.2.200 192.168.2.254;
[root@cobbler-master ~]#
1
2
3
4
5
6
7
2
3
4
5
6
7
注意,不要修改本文件中其他任何位置的内容。
# 8. 同步cobbler配置
同步最新cobbler配置,它会根据配置自动修改dhcp等服务。
[root@cobbler-master ~]# cobbler sync
task started: 2021-06-19_155041_sync
task started (id=Sync, time=Sat Jun 19 15:50:41 2021)
running pre-sync triggers
cleaning trees
removing: /var/lib/tftpboot/grub/images
copying bootloaders
trying hardlink /var/lib/cobbler/loaders/pxelinux.0 -> /var/lib/tftpboot/pxelinux.0
trying hardlink /var/lib/cobbler/loaders/menu.c32 -> /var/lib/tftpboot/menu.c32
trying hardlink /var/lib/cobbler/loaders/yaboot -> /var/lib/tftpboot/yaboot
trying hardlink /usr/share/syslinux/memdisk -> /var/lib/tftpboot/memdisk
trying hardlink /var/lib/cobbler/loaders/grub-x86.efi -> /var/lib/tftpboot/grub/grub-x86.efi
trying hardlink /var/lib/cobbler/loaders/grub-x86_64.efi -> /var/lib/tftpboot/grub/grub-x86_64.efi
copying distros to tftpboot
copying images
generating PXE configuration files
generating PXE menu structure
rendering DHCP files
generating /etc/dhcp/dhcpd.conf
rendering TFTPD files
generating /etc/xinetd.d/tftp
cleaning link caches
running post-sync triggers
running python triggers from /var/lib/cobbler/triggers/sync/post/*
running python trigger cobbler.modules.sync_post_restart_services
running: dhcpd -t -q
received on stdout:
received on stderr:
running: service dhcpd restart
received on stdout:
received on stderr: Redirecting to /bin/systemctl restart dhcpd.service
running shell triggers from /var/lib/cobbler/triggers/sync/post/*
running python triggers from /var/lib/cobbler/triggers/change/*
running python trigger cobbler.modules.manage_genders
running python trigger cobbler.modules.scm_track
running shell triggers from /var/lib/cobbler/triggers/change/*
*** TASK COMPLETE ***
[root@cobbler-master ~]# echo $?
0
[root@cobbler-master ~]#
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
可以看到,同步配置文件完成。我们看一下/etc/dhcp/dhcpd.conf配置文件:
[root@cobbler-master ~]# cat -n /etc/dhcp/dhcpd.conf
1 # ******************************************************************
2 # Cobbler managed dhcpd.conf file
3 # generated from cobbler dhcp.conf template (Sat Jun 19 07:50:42 2021)
4 # Do NOT make changes to /etc/dhcpd.conf. Instead, make your changes
5 # in /etc/cobbler/dhcp.template, as /etc/dhcpd.conf will be
6 # overwritten.
7 # ******************************************************************
8
9 ddns-update-style interim;
10
11 allow booting;
12 allow bootp;
13
14 ignore client-updates;
15 set vendorclass = option vendor-class-identifier;
16
17 option pxe-system-type code 93 = unsigned integer 16;
18
19 subnet 192.168.2.0 netmask 255.255.255.0 {
20 option routers 192.168.2.1;
21 option domain-name-servers 192.168.2.1;
22 option subnet-mask 255.255.255.0;
23 range dynamic-bootp 192.168.2.200 192.168.2.254;
24 default-lease-time 21600;
25 max-lease-time 43200;
26 next-server 192.168.2.20;
27 class "pxeclients" {
28 match if substring (option vendor-class-identifier, 0, 9) = "PXEClient";
29 if option pxe-system-type = 00:02 {
30 filename "ia64/elilo.efi";
31 } else if option pxe-system-type = 00:06 {
32 filename "grub/grub-x86.efi";
33 } else if option pxe-system-type = 00:07 {
34 filename "grub/grub-x86_64.efi";
35 } else if option pxe-system-type = 00:09 {
36 filename "grub/grub-x86_64.efi";
37 } else {
38 filename "pxelinux.0";
39 }
40 }
41
42 }
43
44 # group for Cobbler DHCP tag: default
45 group {
46 }
47
[root@cobbler-master ~]#
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
可以看到DHCP的配置文件已经由cobbler托管了。后续不能手动更新该文件。
同步完成后,为避免后续出现异常,我们把相关服务都重启一下,涉及到以下服务:
xinetdrsyncdhttpddhcpdcobblerd
执行命令:
# 重启服务
[root@cobbler-master ~]# systemctl restart xinetd rsyncd dhcpd httpd cobblerd
# 查看服务状态
[root@cobbler-master ~]# systemctl status xinetd rsyncd dhcpd httpd cobblerd
● xinetd.service - Xinetd A Powerful Replacement For Inetd
Loaded: loaded (/usr/lib/systemd/system/xinetd.service; enabled; vendor preset: enabled)
Active: active (running) since 六 2021-06-19 15:58:40 CST; 9s ago
Process: 2545 ExecStart=/usr/sbin/xinetd -stayalive -pidfile /var/run/xinetd.pid $EXTRAOPTIONS (code=exited, status=0/SUCCESS)
Main PID: 2552 (xinetd)
CGroup: /system.slice/xinetd.service
└─2552 /usr/sbin/xinetd -stayalive -pidfile /var/run/xinetd.pid
6月 19 15:58:40 cobbler-master xinetd[2552]: removing discard
6月 19 15:58:40 cobbler-master xinetd[2552]: removing discard
6月 19 15:58:40 cobbler-master xinetd[2552]: removing echo
6月 19 15:58:40 cobbler-master xinetd[2552]: removing echo
6月 19 15:58:40 cobbler-master xinetd[2552]: removing tcpmux
6月 19 15:58:40 cobbler-master xinetd[2552]: removing time
6月 19 15:58:40 cobbler-master xinetd[2552]: removing time
6月 19 15:58:40 cobbler-master xinetd[2552]: xinetd Version 2.3.15 started with libwrap loadavg labeled-networking opt...ed in.
6月 19 15:58:40 cobbler-master xinetd[2552]: Started working: 1 available service
6月 19 15:58:40 cobbler-master systemd[1]: Started Xinetd A Powerful Replacement For Inetd.
● rsyncd.service - fast remote file copy program daemon
Loaded: loaded (/usr/lib/systemd/system/rsyncd.service; enabled; vendor preset: disabled)
Active: active (running) since 六 2021-06-19 15:58:40 CST; 9s ago
Main PID: 2561 (rsync)
CGroup: /system.slice/rsyncd.service
└─2561 /usr/bin/rsync --daemon --no-detach
6月 19 15:58:40 cobbler-master systemd[1]: Stopped fast remote file copy program daemon.
6月 19 15:58:40 cobbler-master systemd[1]: Started fast remote file copy program daemon.
6月 19 15:58:40 cobbler-master rsyncd[2561]: rsyncd version 3.1.2 starting, listening on port 873
● dhcpd.service - DHCPv4 Server Daemon
Loaded: loaded (/usr/lib/systemd/system/dhcpd.service; disabled; vendor preset: disabled)
Active: active (running) since 六 2021-06-19 15:58:40 CST; 9s ago
Docs: man:dhcpd(8)
man:dhcpd.conf(5)
Main PID: 2546 (dhcpd)
Status: "Dispatching packets..."
CGroup: /system.slice/dhcpd.service
└─2546 /usr/sbin/dhcpd -f -cf /etc/dhcp/dhcpd.conf -user dhcpd -group dhcpd --no-pid
6月 19 15:58:40 cobbler-master dhcpd[2546]: Copyright 2004-2013 Internet Systems Consortium.
6月 19 15:58:40 cobbler-master dhcpd[2546]: All rights reserved.
6月 19 15:58:40 cobbler-master dhcpd[2546]: For info, please visit https://www.isc.org/software/dhcp/
6月 19 15:58:40 cobbler-master dhcpd[2546]: Not searching LDAP since ldap-server, ldap-port and ldap-base-dn were not ...g file
6月 19 15:58:40 cobbler-master dhcpd[2546]: Wrote 0 class decls to leases file.
6月 19 15:58:40 cobbler-master dhcpd[2546]: Wrote 0 leases to leases file.
6月 19 15:58:40 cobbler-master dhcpd[2546]: Listening on LPF/enp0s3/08:00:27:87:c2:4e/192.168.2.0/24
6月 19 15:58:40 cobbler-master dhcpd[2546]: Sending on LPF/enp0s3/08:00:27:87:c2:4e/192.168.2.0/24
6月 19 15:58:40 cobbler-master dhcpd[2546]: Sending on Socket/fallback/fallback-net
6月 19 15:58:40 cobbler-master systemd[1]: Started DHCPv4 Server Daemon.
● httpd.service - The Apache HTTP Server
Loaded: loaded (/usr/lib/systemd/system/httpd.service; enabled; vendor preset: disabled)
Active: active (running) since 六 2021-06-19 15:58:41 CST; 8s ago
Docs: man:httpd(8)
man:apachectl(8)
Process: 2547 ExecStop=/bin/kill -WINCH ${MAINPID} (code=exited, status=0/SUCCESS)
Main PID: 2565 (httpd)
Status: "Processing requests..."
CGroup: /system.slice/httpd.service
├─2565 /usr/sbin/httpd -DFOREGROUND
├─2566 (wsgi:cobbler_w -DFOREGROUND
├─2567 /usr/sbin/httpd -DFOREGROUND
├─2568 /usr/sbin/httpd -DFOREGROUND
├─2569 /usr/sbin/httpd -DFOREGROUND
├─2570 /usr/sbin/httpd -DFOREGROUND
└─2571 /usr/sbin/httpd -DFOREGROUND
6月 19 15:58:41 cobbler-master systemd[1]: Stopped The Apache HTTP Server.
6月 19 15:58:41 cobbler-master systemd[1]: Starting The Apache HTTP Server...
6月 19 15:58:41 cobbler-master systemd[1]: Started The Apache HTTP Server.
6月 19 15:58:41 cobbler-master httpd[2565]: AH00558: httpd: Could not reliably determine the server's fully qualified ...essage
● cobblerd.service - Cobbler Helper Daemon
Loaded: loaded (/usr/lib/systemd/system/cobblerd.service; enabled; vendor preset: disabled)
Active: active (running) since 六 2021-06-19 15:58:40 CST; 9s ago
Process: 2551 ExecStartPost=/usr/bin/touch /usr/share/cobbler/web/cobbler.wsgi (code=exited, status=0/SUCCESS)
Main PID: 2550 (cobblerd)
CGroup: /system.slice/cobblerd.service
└─2550 /usr/bin/python2 -s /usr/bin/cobblerd -F
6月 19 15:58:40 cobbler-master systemd[1]: Stopped Cobbler Helper Daemon.
6月 19 15:58:40 cobbler-master systemd[1]: Starting Cobbler Helper Daemon...
6月 19 15:58:40 cobbler-master systemd[1]: Started Cobbler Helper Daemon.
Hint: Some lines were ellipsized, use -l to show in full.
[root@cobbler-master ~]#
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
# 9. 防火墙配置
查看当前所有监听的端口号:
[root@cobbler-master ~]# netstat -tunlp
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
tcp 0 0 0.0.0.0:873 0.0.0.0:* LISTEN 2561/rsync
tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN 953/sshd
tcp 0 0 127.0.0.1:25 0.0.0.0:* LISTEN 1147/master
tcp 0 0 127.0.0.1:25151 0.0.0.0:* LISTEN 2550/python2
tcp6 0 0 :::873 :::* LISTEN 2561/rsync
tcp6 0 0 :::80 :::* LISTEN 2565/httpd
tcp6 0 0 :::22 :::* LISTEN 953/sshd
tcp6 0 0 ::1:25 :::* LISTEN 1147/master
tcp6 0 0 :::443 :::* LISTEN 2565/httpd
udp 0 0 0.0.0.0:67 0.0.0.0:* 2546/dhcpd
udp 0 0 0.0.0.0:69 0.0.0.0:* 2552/xinetd
1
2
3
4
5
6
7
8
9
10
11
12
13
14
2
3
4
5
6
7
8
9
10
11
12
13
14
我们需要注意以下几个端口号:
25151, cobbler服务端口号。80和443,httpd web服务端口号。69,tftp服务需要此端口号。873,rsync同步服务端口号。87,DHCP服务端口号。
我们先放25151、80、443和69这几个端口号。
[root@cobbler-master ~]# firewall-cmd --zone=public --add-port=80/tcp --permanent
Warning: ALREADY_ENABLED: 80:tcp
success
[root@cobbler-master ~]# firewall-cmd --zone=public --add-port=443/tcp --permanent
success
[root@cobbler-master ~]# firewall-cmd --zone=public --add-port=25151/tcp --permanent
success
[root@cobbler-master ~]# firewall-cmd --zone=public --add-port=69/tcp --permanent
success
[root@cobbler-master ~]# firewall-cmd --reload
success
[root@cobbler-master ~]# firewall-cmd --list-all
public (active)
target: default
icmp-block-inversion: no
interfaces: enp0s3
sources:
services: dhcpv6-client ssh
ports: 80/tcp 443/tcp 25151/tcp 69/tcp
protocols:
masquerade: no
forward-ports:
source-ports:
icmp-blocks:
rich rules:
[root@cobbler-master ~]#
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
此时打开浏览器,访问地址 https://192.168.2.20/cobbler/ (opens new window),可以看到如下文件列表信息:
访问:https://192.168.2.20/cobbler_web/ (opens new window) 可以访问Cobbler的Web管理系统:
该系统使用cobbler作为账号和密码就可以登陆成功。
# 10. 新建虚拟机节点
我们尝试新建一个虚拟机节点,看是否能够从网络安装。
新建一个名称为cobbler-node1的虚拟机:
内存设置为2048MB,虚拟硬盘大小设置为40GB。
系统设置为从“网络”启动:
并且设置网络为桥接模式:
此时启动虚拟机节点, 发现不能正常启动,报以下异常:
有可能是cobbler哪里配置异常,我们先关闭cobbler-node1虚拟机。
我们在cobber服务上将防火墙关闭后,再重启服务:
[root@cobbler-master ~]# systemctl stop firewalld
[root@cobbler-master ~]# systemctl status firewalld
● firewalld.service - firewalld - dynamic firewall daemon
Loaded: loaded (/usr/lib/systemd/system/firewalld.service; enabled; vendor preset: enabled)
Active: inactive (dead) since 六 2021-06-19 17:35:05 CST; 6s ago
Docs: man:firewalld(1)
Process: 660 ExecStart=/usr/sbin/firewalld --nofork --nopid $FIREWALLD_ARGS (code=exited, status=0/SUCCESS)
Main PID: 660 (code=exited, status=0/SUCCESS)
6月 19 16:33:36 cobbler-master systemd[1]: Starting firewalld - dynamic fi....
6月 19 16:33:38 cobbler-master systemd[1]: Started firewalld - dynamic fir....
6月 19 16:33:39 cobbler-master firewalld[660]: WARNING: AllowZoneDrifting ....
6月 19 17:35:05 cobbler-master systemd[1]: Stopping firewalld - dynamic fi....
6月 19 17:35:05 cobbler-master systemd[1]: Stopped firewalld - dynamic fir....
Hint: Some lines were ellipsized, use -l to show in full.
[root@cobbler-master ~]# systemctl restart xinetd rsyncd dhcpd httpd cobblerd
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
此时,再启动cobbler-node1虚拟机,发现还是启动不了,但是出现的结果不一样了:
但这次可以看到已经能够正常显示IP地址,以及Next Server地址了。
同样,我们点击cobbler-node1虚拟机,依次点击管理-退出-强制退出-确定,退出虚拟机。
有可能是因为我们没有配置镜像文件,导致后续步骤不能执行。因此我们先配置一下镜像。
# 11. 镜像配置
# 11.1 上传镜像
上传镜像到cobbler服务器上。
在宿主机上面执行以下命令,将iso文件上传到服务器:
meizhaohui@ubuntu:~$ scp ~/Downloads/CentOS-7-x86_64-Minimal-2009.iso root@192.168.2.20:/root/
root@192.168.2.20's password:
CentOS-7-x86_64-Minimal-2009.iso 100% 973MB 32.7MB/s 00:29
1
2
3
2
3
再在服务器端查看一下,看看文件是否上传成功:
[root@cobbler-master ~]# ls CentOS-7-x86_64-Minimal-2009.iso
CentOS-7-x86_64-Minimal-2009.iso
1
2
2
说明文件上传成功。
# 11.2 挂载镜像
创建挂载点,不要挂载在/tmp目录或其子目录下。我们挂载在/mnt/centos7.9目录上。
创建挂载目录:
[root@cobbler-master ~]# mkdir -p /mnt/centos7.9
1
挂载:
[root@cobbler-master ~]# mount -t iso9660 -o loop,ro /root/CentOS-7-x86_64-Minimal-2009.iso /mnt/centos7.9
[root@cobbler-master ~]# df -h
Filesystem Size Used Avail Use% Mounted on
devtmpfs 908M 0 908M 0% /dev
tmpfs 919M 0 919M 0% /dev/shm
tmpfs 919M 8.6M 911M 1% /run
tmpfs 919M 0 919M 0% /sys/fs/cgroup
/dev/mapper/centos-root 37G 2.6G 35G 7% /
/dev/sda1 1014M 150M 864M 15% /boot
tmpfs 184M 0 184M 0% /run/user/0
/dev/loop0 973M 973M 0 100% /mnt/centos7.9
1
2
3
4
5
6
7
8
9
10
11
2
3
4
5
6
7
8
9
10
11
查看挂载后的文件数据:
[root@cobbler-master ~]# ls -lah /mnt/centos7.9/
total 113K
drwxr-xr-x 8 root root 2.0K 11月 3 2020 .
drwxr-xr-x. 3 root root 23 6月 19 22:09 ..
-rw-r--r-- 2 root root 14 10月 30 2020 CentOS_BuildTag
-rw-r--r-- 2 root root 29 10月 27 2020 .discinfo
drwxr-xr-x 3 root root 2.0K 10月 27 2020 EFI
-rw-rw-r-- 15 root root 227 8月 30 2017 EULA
-rw-rw-r-- 15 root root 18K 12月 10 2015 GPL
drwxr-xr-x 3 root root 2.0K 10月 27 2020 images
drwxr-xr-x 2 root root 2.0K 11月 3 2020 isolinux
drwxr-xr-x 2 root root 2.0K 10月 27 2020 LiveOS
drwxr-xr-x 2 root root 72K 11月 3 2020 Packages
drwxr-xr-x 2 root root 4.0K 11月 3 2020 repodata
-rw-rw-r-- 15 root root 1.7K 12月 10 2015 RPM-GPG-KEY-CentOS-7
-rw-rw-r-- 15 root root 1.7K 12月 10 2015 RPM-GPG-KEY-CentOS-Testing-7
-r--r--r-- 1 root root 2.9K 11月 3 2020 TRANS.TBL
-rw-r--r-- 2 root root 354 10月 27 2020 .treeinfo
[root@cobbler-master ~]#
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
# 11.3 导入镜像
使用命令cobbler import进行导入。
查看命令帮助信息:
[root@cobbler-master ~]# cobbler import --help
Usage: cobbler import [options]
Options:
-h, --help show this help message and exit
--arch=ARCH OS architecture being imported
--breed=BREED the breed being imported
--os-version=OS_VERSION
the version being imported
--path=PATH local path or rsync location
--name=NAME name, ex 'RHEL-5'
--available-as=AVAILABLE_AS
tree is here, don't mirror
--kickstart=KICKSTART_FILE
assign this kickstart file
--rsync-flags=RSYNC_FLAGS
pass additional flags to rsync
[root@cobbler-master ~]#
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
导入:
[root@cobbler-master ~]# cobbler import --name=centos7.9 --arch=x86_64 --path=/mnt/centos7.9
task started: 2021-06-19_222128_import
task started (id=Media import, time=Sat Jun 19 22:21:28 2021)
Found a candidate signature: breed=redhat, version=rhel6
Found a candidate signature: breed=redhat, version=rhel7
Found a matching signature: breed=redhat, version=rhel7
Adding distros from path /var/www/cobbler/ks_mirror/centos7.9-x86_64:
creating new distro: centos7.9-x86_64
trying symlink: /var/www/cobbler/ks_mirror/centos7.9-x86_64 -> /var/www/cobbler/links/centos7.9-x86_64
creating new profile: centos7.9-x86_64
associating repos
checking for rsync repo(s)
checking for rhn repo(s)
checking for yum repo(s)
starting descent into /var/www/cobbler/ks_mirror/centos7.9-x86_64 for centos7.9-x86_64
processing repo at : /var/www/cobbler/ks_mirror/centos7.9-x86_64
need to process repo/comps: /var/www/cobbler/ks_mirror/centos7.9-x86_64
looking for /var/www/cobbler/ks_mirror/centos7.9-x86_64/repodata/*comps*.xml
Keeping repodata as-is :/var/www/cobbler/ks_mirror/centos7.9-x86_64/repodata
*** TASK COMPLETE ***
[root@cobbler-master ~]# echo $?
0
[root@cobbler-master ~]#
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
可以看到导入镜像成功了。
# 11.4 查看导入后的镜像列表和配置列表信息
使用以下命令进行查看:
$ cobbler distro list
$ cobbler profile list
1
2
2
查看镜像列表和配置列表信息:
[root@cobbler-master ~]# cobbler distro list
centos7.9-x86_64
[root@cobbler-master ~]# cobbler profile list
centos7.9-x86_64
[root@cobbler-master ~]#
1
2
3
4
5
2
3
4
5
查看详情:
# 获取帮助信息
[root@cobbler-master ~]# cobbler distro report --help
Usage: cobbler [options]
Options:
-h, --help show this help message and exit
--name=NAME name of object
# 查看镜像信息
[root@cobbler-master ~]# cobbler distro report --name=centos7.9-x86_64
Name : centos7.9-x86_64
Architecture : x86_64
TFTP Boot Files : {}
Breed : redhat
Comment :
Fetchable Files : {}
Initrd : /var/www/cobbler/ks_mirror/centos7.9-x86_64/images/pxeboot/initrd.img
Kernel : /var/www/cobbler/ks_mirror/centos7.9-x86_64/images/pxeboot/vmlinuz
Kernel Options : {}
Kernel Options (Post Install) : {}
Kickstart Metadata : {'tree': 'http://@@http_server@@/cblr/links/centos7.9-x86_64'}
Management Classes : []
OS Version : rhel7
Owners : ['admin']
Red Hat Management Key : <<inherit>>
Red Hat Management Server : <<inherit>>
Template Files : {}
[root@cobbler-master ~]#
# 查看配置信息
[root@cobbler-master ~]# cobbler profile report --name=centos7.9-x86_64
Name : centos7.9-x86_64
TFTP Boot Files : {}
Comment :
DHCP Tag : default
Distribution : centos7.9-x86_64
Enable gPXE? : 0
Enable PXE Menu? : 1
Fetchable Files : {}
Kernel Options : {}
Kernel Options (Post Install) : {}
Kickstart : /var/lib/cobbler/kickstarts/sample_end.ks
Kickstart Metadata : {}
Management Classes : []
Management Parameters : <<inherit>>
Name Servers : []
Name Servers Search Path : []
Owners : ['admin']
Parent Profile :
Internal proxy :
Red Hat Management Key : <<inherit>>
Red Hat Management Server : <<inherit>>
Repos : []
Server Override : <<inherit>>
Template Files : {}
Virt Auto Boot : 1
Virt Bridge : xenbr0
Virt CPUs : 1
Virt Disk Driver Type : raw
Virt File Size(GB) : 5
Virt Path :
Virt RAM (MB) : 512
Virt Type : kvm
[root@cobbler-master ~]#
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
# 11.5 编辑ks自动应答文件
从上面的配置信息,我们可以知道Kickstart : /var/lib/cobbler/kickstarts/sample_end.ks,ks文件存放在/var/lib/cobbler/kickstarts/sample_end.ks路径。
复制一份ks文件为centos7.9.ks文件:
[root@cobbler-master ~]# ls /var/lib/cobbler/kickstarts/sample_end.ks
/var/lib/cobbler/kickstarts/sample_end.ks
[root@cobbler-master ~]# cp /var/lib/cobbler/kickstarts/sample_end.ks /var/lib/cobbler/kickstarts/centos7.9.ks
[root@cobbler-master ~]# ls -lah /var/lib/cobbler/kickstarts/centos7.9.ks
-rw-r--r-- 1 root root 1.9K 6月 19 22:40 /var/lib/cobbler/kickstarts/centos7.9.ks
[root@cobbler-master ~]#
1
2
3
4
5
6
2
3
4
5
6
查看ks文件内容:
[root@cobbler-master ~]# cat -n /var/lib/cobbler/kickstarts/centos7.9.ks
1 # This kickstart file should only be used with EL > 5 and/or Fedora > 7.
2 # For older versions please use the sample.ks kickstart file.
3
4 #platform=x86, AMD64, or Intel EM64T
5 # System authorization information
6 auth --useshadow --enablemd5
7 # System bootloader configuration
8 bootloader --location=mbr
9 # Partition clearing information
10 clearpart --all --initlabel
11 # Use text mode install
12 text
13 # Firewall configuration
14 firewall --enabled
15 # Run the Setup Agent on first boot
16 firstboot --disable
17 # System keyboard
18 keyboard us
19 # System language
20 lang en_US
21 # Use network installation
22 url --url=$tree
23 # If any cobbler repo definitions were referenced in the kickstart profile, include them here.
24 $yum_repo_stanza
25 # Network information
26 $SNIPPET('network_config')
27 # Reboot after installation
28 reboot
29
30 #Root password
31 rootpw --iscrypted $default_password_crypted
32 # SELinux configuration
33 selinux --disabled
34 # Do not configure the X Window System
35 skipx
36 # System timezone
37 timezone America/New_York
38 # Install OS instead of upgrade
39 install
40 # Clear the Master Boot Record
41 zerombr
42 # Allow anaconda to partition the system as needed
43 autopart
44
45 %pre
46 $SNIPPET('log_ks_pre')
47 $SNIPPET('kickstart_start')
48 $SNIPPET('pre_install_network_config')
49 # Enable installation monitoring
50 $SNIPPET('pre_anamon')
51 %end
52
53 %packages
54 $SNIPPET('func_install_if_enabled')
55 %end
56
57 %post --nochroot
58 $SNIPPET('log_ks_post_nochroot')
59 %end
60
61 %post
62 $SNIPPET('log_ks_post')
63 # Start yum configuration
64 $yum_config_stanza
65 # End yum configuration
66 $SNIPPET('post_install_kernel_options')
67 $SNIPPET('post_install_network_config')
68 $SNIPPET('func_register_if_enabled')
69 $SNIPPET('download_config_files')
70 $SNIPPET('koan_environment')
71 $SNIPPET('redhat_register')
72 $SNIPPET('cobbler_register')
73 # Enable post-install boot notification
74 $SNIPPET('post_anamon')
75 # Start final steps
76 $SNIPPET('kickstart_done')
77 # End final steps
78 %end
[root@cobbler-master ~]#
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
我们对这个应答文件进行修改。
kickstart 配置文件说明详见https://blog.csdn.net/yanghua1012/article/details/80426659 (opens new window)。
我们直接对该配置文件进行修改,并增加一些说明信息。
修改后,查看配置应答文件:
[root@cobbler-master ~]# cat -n /var/lib/cobbler/kickstarts/centos7.9.ks
1 # This kickstart file should only be used with EL > 5 and/or Fedora > 7.
2 # For older versions please use the sample.ks kickstart file.
3 # 这个应答文件只适用于RedHat 5或Fedora 7以上版本。
4 # 旧版本请使用sample.ks应答文件。
5
6 #platform=x86, AMD64, or Intel EM64T
7 # System authorization information
8 # 系统认证信息
9 # --useshadow或—enableshadow 使用隐藏密码
10 # --enablemd5 使用MD5加密方式
11 auth --useshadow --enablemd5
12
13 # System bootloader configuration
14 # 系统引导程序配置,必须配置
15 # --location= 设定引导记录的位置; mbr:默认值
16 bootloader --location=mbr
17
18 # Partition clearing information
19 # 分区清理信息
20 # 在建立新分区前清空系统上原有的分区表
21 # --all 擦除系统上原有所有分区
22 # --initlabel 初始化磁盘卷标为系统架构的默认卷标
23 clearpart --all --initlabel
24
25 # 分区设置
26 # /boot 文件类型为xfs,分区最小值1024MB
27 # swap分区,文件类型为swap,分区最小值2048MB
28 # /分区,文件类型为xfs,将剩余可利用磁盘空间都分区给/分区
29 part /boot --fstype=xfs --size=1024
30 part swap --fstype=swap --size=2048
31 part / --fstype=xfs --grow --size=10240
32
33 # Use text mode install
34 # 以文本方式进行kickstart安装;默认为图形界面
35 text
36
37 # Firewall configuration
38 # 防火墙配置
39 # --enable 拒绝外部发起的任何主动连接
40 firewall --enabled
41
42 # Run the Setup Agent on first boot
43 # 系统在第一次引导时启动设置代码
44 # --disable 不启动设置代理
45 firstboot --disable
46
47 # System keyboard
48 # 系统键盘类型
49 # 使用us键盘
50 keyboard us
51
52 # System language
53 # 系统语言,设置为en_US.UTF-8
54 lang en_US.UTF-8
55
56 # Use network installation
57 # 使用网络安装器
58 url --url=$tree
59
60 # If any cobbler repo definitions were referenced in the kickstart profile, include them here.
61 # 包含yum repo仓库
62 $yum_repo_stanza
63
64 # Network information
65 $SNIPPET('network_config')
66
67 # Reboot after installation
68 # 安装完成后重启
69 reboot
70
71 #Root password
72 # 设置root账号加密密码
73 rootpw --iscrypted $default_password_crypted
74
75 # SELinux configuration
76 # SELinux状态设置
77 # 设置为关闭状态
78 selinux --disabled
79
80 # Do not configure the X Window System
81 # 忽略X Window系统设置
82 skipx
83
84 # System timezone
85 # 系统时区
86 # 设置为亚洲/上海
87 timezone Asia/Shanghai
88
89 # Install OS instead of upgrade
90 # 安装全新系统而不是在现有系统上进行升级
91 install
92
93 # Clear the Master Boot Record
94 # 任何磁盘上的无效分区表都将被初始化
95 zerombr
96
97 # Allow anaconda to partition the system as needed
98 # 自动创建分区
99 autopart
100
101 # 脚本,在安装前运行
102 %pre
103 $SNIPPET('log_ks_pre')
104 $SNIPPET('kickstart_start')
105 $SNIPPET('pre_install_network_config')
106 # Enable installation monitoring
107 $SNIPPET('pre_anamon')
108 %end
109
110 # 设定需要安装的软件包及包组
111 %packages
112 $SNIPPET('func_install_if_enabled')
113 dos2unix
114 tree
115 net-tools
116 lrzsz
117 gcc
118 golang
119 python3
120 httpd
121 sysstat
122 ntp
123 %end
124
125 # 脚本。在安装后运行
126 %post --nochroot
127 $SNIPPET('log_ks_post_nochroot')
128 %end
129
130 %post
131 $SNIPPET('log_ks_post')
132 # Start yum configuration
133 $yum_config_stanza
134 # End yum configuration
135 $SNIPPET('post_install_kernel_options')
136 $SNIPPET('post_install_network_config')
137 $SNIPPET('func_register_if_enabled')
138 $SNIPPET('download_config_files')
139 $SNIPPET('koan_environment')
140 $SNIPPET('redhat_register')
141 $SNIPPET('cobbler_register')
142 # Enable post-install boot notification
143 $SNIPPET('post_anamon')
144 # Start final steps
145 $SNIPPET('kickstart_done')
146 # End final steps
147 %end
[root@cobbler-master ~]#
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
# 11.6 编辑centos7.9镜像所使用的kickstart文件
查看当前ks配置信息:
[root@cobbler-master ~]# cobbler profile report --name=centos7.9-x86_64 |grep 'Kickstart.*ks$'
Kickstart : /var/lib/cobbler/kickstarts/sample_end.ks
1
2
2
更新一下:
[root@cobbler-master ~]# cobbler profile edit --name=centos7.9-x86_64 --kickstart="/var/lib/cobbler/kickstarts/centos7.9.ks"
[root@cobbler-master ~]# cobbler profile report --name=centos7.9-x86_64 |grep 'Kickstart.*ks$'
Kickstart : /var/lib/cobbler/kickstarts/centos7.9.ks
1
2
3
2
3
可以看到应答文件配置已经更新成功。
# 11.7 重启服务并同步配置
重启所有服务,并同步配置:
[root@cobbler-master ~]# systemctl restart xinetd rsyncd dhcpd httpd cobblerd
[root@cobbler-master ~]# echo $?
0
[root@cobbler-master ~]# cobbler check
No configuration problems found. All systems go.
[root@cobbler-master ~]# cobbler sync
task started: 2021-06-19_234928_sync
task started (id=Sync, time=Sat Jun 19 23:49:28 2021)
running pre-sync triggers
cleaning trees
removing: /var/www/cobbler/images/centos7.9-x86_64
removing: /var/lib/tftpboot/pxelinux.cfg/default
removing: /var/lib/tftpboot/grub/images
removing: /var/lib/tftpboot/grub/grub-x86.efi
removing: /var/lib/tftpboot/grub/grub-x86_64.efi
removing: /var/lib/tftpboot/grub/efidefault
removing: /var/lib/tftpboot/images/centos7.9-x86_64
removing: /var/lib/tftpboot/s390x/profile_list
copying bootloaders
trying hardlink /var/lib/cobbler/loaders/grub-x86.efi -> /var/lib/tftpboot/grub/grub-x86.efi
trying hardlink /var/lib/cobbler/loaders/grub-x86_64.efi -> /var/lib/tftpboot/grub/grub-x86_64.efi
copying distros to tftpboot
copying files for distro: centos7.9-x86_64
trying hardlink /var/www/cobbler/ks_mirror/centos7.9-x86_64/images/pxeboot/vmlinuz -> /var/lib/tftpboot/images/centos7.9-x86_64/vmlinuz
trying hardlink /var/www/cobbler/ks_mirror/centos7.9-x86_64/images/pxeboot/initrd.img -> /var/lib/tftpboot/images/centos7.9-x86_64/initrd.img
copying images
generating PXE configuration files
generating PXE menu structure
copying files for distro: centos7.9-x86_64
trying hardlink /var/www/cobbler/ks_mirror/centos7.9-x86_64/images/pxeboot/vmlinuz -> /var/www/cobbler/images/centos7.9-x86_64/vmlinuz
trying hardlink /var/www/cobbler/ks_mirror/centos7.9-x86_64/images/pxeboot/initrd.img -> /var/www/cobbler/images/centos7.9-x86_64/initrd.img
Writing template files for centos7.9-x86_64
rendering DHCP files
generating /etc/dhcp/dhcpd.conf
rendering TFTPD files
generating /etc/xinetd.d/tftp
processing boot_files for distro: centos7.9-x86_64
cleaning link caches
running post-sync triggers
running python triggers from /var/lib/cobbler/triggers/sync/post/*
running python trigger cobbler.modules.sync_post_restart_services
running: dhcpd -t -q
received on stdout:
received on stderr:
running: service dhcpd restart
received on stdout:
received on stderr: Redirecting to /bin/systemctl restart dhcpd.service
running shell triggers from /var/lib/cobbler/triggers/sync/post/*
running python triggers from /var/lib/cobbler/triggers/change/*
running python trigger cobbler.modules.manage_genders
running python trigger cobbler.modules.scm_track
running shell triggers from /var/lib/cobbler/triggers/change/*
*** TASK COMPLETE ***
[root@cobbler-master ~]# echo $?
0
[root@cobbler-master ~]#
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
我们再次尝试开机cobbler-node1虚拟机,看能否自动安装系统。
此时,还是异常。
然后,我尝试打开https://192.168.2.20/cblr/svc/op/ks/profile/centos7.9-x86_64,查看应答文件,发现提示异常:
# This kickstart had errors that prevented it from being rendered correctly.
# The cobbler.log should have information relating to this failure.
1
2
2
说明应答文件出现问题。
我们打开/var/log/cobbler/cobbler.log
可以看到有以下异常:
Sun Jun 20 00:19:21 2021 - INFO | Exception value: 'ascii' codec can't decode byte 0xe8 in position 162: ordinal not in range(128)
1
我们把应答文件里面所有中文移除掉,再查看文件:
[root@cobbler-master ~]# cat -n /var/lib/cobbler/kickstarts/centos7.9.ks
1 # This kickstart file should only be used with EL > 5 and/or Fedora > 7.
2 # For older versions please use the sample.ks kickstart file.
3
4 #platform=x86, AMD64, or Intel EM64T
5 # System authorization information
6 auth --useshadow --enablemd5
7
8 # System bootloader configuration
9 bootloader --location=mbr
10
11 # Partition clearing information
12 clearpart --all --initlabel
13
14 part /boot --fstype=xfs --size=1024
15 part swap --fstype=swap --size=2048
16 part / --fstype=xfs --grow --size=10240
17
18 # Use text mode install
19 text
20
21 # Firewall configuration
22 firewall --enabled
23
24 # Run the Setup Agent on first boot
25 firstboot --disable
26
27 # System keyboard
28 keyboard us
29
30 # System language
31 lang en_US.UTF-8
32
33 # Use network installation
34 url --url=$tree
35
36 # If any cobbler repo definitions were referenced in the kickstart profile, include them here.
37 $yum_repo_stanza
38
39 # Network information
40 $SNIPPET('network_config')
41
42 # Reboot after installation
43 reboot
44
45 #Root password
46 rootpw --iscrypted $default_password_crypted
47
48 # SELinux configuration
49 selinux --disabled
50
51 # Do not configure the X Window System
52 skipx
53
54 # System timezone
55 timezone Asia/Shanghai
56
57 # Install OS instead of upgrade
58 install
59
60 # Clear the Master Boot Record
61 zerombr
62
63 # Allow anaconda to partition the system as needed
64 autopart
65
66 %pre
67 $SNIPPET('log_ks_pre')
68 $SNIPPET('kickstart_start')
69 $SNIPPET('pre_install_network_config')
70 # Enable installation monitoring
71 $SNIPPET('pre_anamon')
72 %end
73
74 %packages
75 $SNIPPET('func_install_if_enabled')
76 dos2unix
77 tree
78 net-tools
79 lrzsz
80 gcc
81 golang
82 python3
83 httpd
84 sysstat
85 ntp
86 %end
87
88 %post --nochroot
89 $SNIPPET('log_ks_post_nochroot')
90 %end
91
92 %post
93 $SNIPPET('log_ks_post')
94 # Start yum configuration
95 $yum_config_stanza
96 # End yum configuration
97 $SNIPPET('post_install_kernel_options')
98 $SNIPPET('post_install_network_config')
99 $SNIPPET('func_register_if_enabled')
100 $SNIPPET('download_config_files')
101 $SNIPPET('koan_environment')
102 $SNIPPET('redhat_register')
103 $SNIPPET('cobbler_register')
104 # Enable post-install boot notification
105 $SNIPPET('post_anamon')
106 # Start final steps
107 $SNIPPET('kickstart_done')
108 # End final steps
109 %end
[root@cobbler-master ~]#
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
再重启服务,并同步配置:
[root@cobbler-master ~]# systemctl restart xinetd rsyncd dhcpd httpd cobblerd
[root@cobbler-master ~]# cobbler sync
task started: 2021-06-20_002657_sync
task started (id=Sync, time=Sun Jun 20 00:26:57 2021)
running pre-sync triggers
cleaning trees
removing: /var/www/cobbler/images/centos7.9-x86_64
removing: /var/lib/tftpboot/pxelinux.cfg/default
removing: /var/lib/tftpboot/grub/images
removing: /var/lib/tftpboot/grub/grub-x86.efi
removing: /var/lib/tftpboot/grub/grub-x86_64.efi
removing: /var/lib/tftpboot/grub/efidefault
removing: /var/lib/tftpboot/images/centos7.9-x86_64
removing: /var/lib/tftpboot/s390x/profile_list
copying bootloaders
trying hardlink /var/lib/cobbler/loaders/grub-x86.efi -> /var/lib/tftpboot/grub/grub-x86.efi
trying hardlink /var/lib/cobbler/loaders/grub-x86_64.efi -> /var/lib/tftpboot/grub/grub-x86_64.efi
copying distros to tftpboot
copying files for distro: centos7.9-x86_64
trying hardlink /var/www/cobbler/ks_mirror/centos7.9-x86_64/images/pxeboot/vmlinuz -> /var/lib/tftpboot/images/centos7.9-x86_64/vmlinuz
trying hardlink /var/www/cobbler/ks_mirror/centos7.9-x86_64/images/pxeboot/initrd.img -> /var/lib/tftpboot/images/centos7.9-x86_64/initrd.img
copying images
generating PXE configuration files
generating PXE menu structure
copying files for distro: centos7.9-x86_64
trying hardlink /var/www/cobbler/ks_mirror/centos7.9-x86_64/images/pxeboot/vmlinuz -> /var/www/cobbler/images/centos7.9-x86_64/vmlinuz
trying hardlink /var/www/cobbler/ks_mirror/centos7.9-x86_64/images/pxeboot/initrd.img -> /var/www/cobbler/images/centos7.9-x86_64/initrd.img
Writing template files for centos7.9-x86_64
rendering DHCP files
generating /etc/dhcp/dhcpd.conf
rendering TFTPD files
generating /etc/xinetd.d/tftp
processing boot_files for distro: centos7.9-x86_64
cleaning link caches
running post-sync triggers
running python triggers from /var/lib/cobbler/triggers/sync/post/*
running python trigger cobbler.modules.sync_post_restart_services
running: dhcpd -t -q
received on stdout:
received on stderr:
running: service dhcpd restart
received on stdout:
received on stderr: Redirecting to /bin/systemctl restart dhcpd.service
running shell triggers from /var/lib/cobbler/triggers/sync/post/*
running python triggers from /var/lib/cobbler/triggers/change/*
running python trigger cobbler.modules.manage_genders
running python trigger cobbler.modules.scm_track
running shell triggers from /var/lib/cobbler/triggers/change/*
*** TASK COMPLETE ***
[root@cobbler-master ~]# echo $?
0
[root@cobbler-master ~]#
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
再次在浏览器中打开应答文件,可以发现没有提示异常。
重新启动cobbler_node1虚拟机。仍然提示异常:
在VMware中安装虚拟机,尝试开机启动也会提示异常:
我们尝试手动连接一下TFTP。
我们可以Web浏览器中访问 https://192.168.2.20/cobbler/ (opens new window) 查看FTP的数据:
在cobbler服务器上面测试,可以看到可以快速下载下来:
[root@cobbler-master ~]# tftp 192.168.2.20
tftp> get images/centos7.9-x86_64/initrd.img
tftp> quit
[root@cobbler-master ~]#
1
2
3
4
2
3
4
但在宿主机上面下载,则会提示超时:
meizhaohui@ubuntu:~$ tftp 192.168.2.20
tftp> ?
Commands may be abbreviated. Commands are:
connect connect to remote tftp
mode set file transfer mode
put send file
get receive file
quit exit tftp
verbose toggle verbose mode
trace toggle packet tracing
status show current status
binary set mode to octet
ascii set mode to netascii
rexmt set per-packet retransmission timeout
timeout set total retransmission timeout
? print help information
tftp> get images/centos7.9-x86_64/initrd.img
Transfer timed out.
tftp> quit
meizhaohui@ubuntu:~$
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
说明TFTP服务还是有问题的。
查看TFTP的日志文件/var/log/messages:
[root@cobbler-master ~]# tail /var/log/messages
Jun 21 00:04:14 cobbler-master in.tftpd[2145]: RRQ from 192.168.2.113 filename images/centos7.9-x86_64/initrd.img
Jun 21 00:04:15 cobbler-master in.tftpd[2144]: Client 192.168.2.113 finished images/centos7.9-x86_64/initrd.img
Jun 21 00:04:15 cobbler-master in.tftpd[2144]: Client 192.168.2.113 timed out
Jun 21 00:04:19 cobbler-master in.tftpd[2146]: RRQ from 192.168.2.113 filename images/centos7.9-x86_64/initrd.img
Jun 21 00:04:20 cobbler-master in.tftpd[2145]: Client 192.168.2.113 finished images/centos7.9-x86_64/initrd.img
Jun 21 00:04:20 cobbler-master in.tftpd[2145]: Client 192.168.2.113 timed out
Jun 21 00:04:25 cobbler-master in.tftpd[2146]: Client 192.168.2.113 finished images/centos7.9-x86_64/initrd.img
Jun 21 00:04:25 cobbler-master in.tftpd[2146]: Client 192.168.2.113 timed out
Jun 21 00:05:01 cobbler-master in.tftpd[2148]: RRQ from 192.168.2.20 filename images/centos7.9-x86_64/initrd.img
Jun 21 00:05:02 cobbler-master in.tftpd[2148]: Client 192.168.2.20 finished images/centos7.9-x86_64/initrd.img
1
2
3
4
5
6
7
8
9
10
11
2
3
4
5
6
7
8
9
10
11
可以看到,本cobbler服务器上面下载images/centos7.9-x86_64/initrd.img能够正常下载下来,但是通过宿主机192.168.2.113下载images/centos7.9-x86_64/initrd.img就出现超时问题timed out,进一步验证了TFTP服务有问题。
而此时通过检查可以看防火墙和SELinux都是关闭状态:
[root@cobbler-master ~]# systemctl status firewalld
● firewalld.service - firewalld - dynamic firewall daemon
Loaded: loaded (/usr/lib/systemd/system/firewalld.service; disabled; vendor preset: enabled)
Active: inactive (dead)
Docs: man:firewalld(1)
6月 20 21:40:13 cobbler-master systemd[1]: Starting firewalld - dynamic firewall daemon...
6月 20 21:40:15 cobbler-master systemd[1]: Started firewalld - dynamic firewall daemon.
6月 20 21:40:16 cobbler-master firewalld[657]: WARNING: AllowZoneDrifting is enabled. This...w.
6月 20 21:43:53 cobbler-master systemd[1]: Stopping firewalld - dynamic firewall daemon...
6月 20 21:43:53 cobbler-master systemd[1]: Stopped firewalld - dynamic firewall daemon.
Hint: Some lines were ellipsized, use -l to show in full.
[root@cobbler-master ~]# getenforce
Disabled
1
2
3
4
5
6
7
8
9
10
11
12
13
14
2
3
4
5
6
7
8
9
10
11
12
13
14
我们在宿主机上面再看一下防火墙相关配置:
# 检查宿主机状态,发现宿主机防火墙开启了
meizhaohui@ubuntu:~$ sudo ufw status
[sudo] password for meizhaohui:
Status: active
# 关闭宿主机的防火墙
meizhaohui@ubuntu:~$ sudo ufw disable
Firewall stopped and disabled on system startup
meizhaohui@ubuntu:~$ sudo ufw status
Status: inactive
# 再次连接到tftp,尝试下来,发现能够正常下载,说明现在tftp服务是正常的呢!
meizhaohui@ubuntu:~$ tftp 192.168.2.20
tftp> get images/centos7.9-x86_64/initrd.img
Received 55129656 bytes in 5.1 seconds
tftp> quit
meizhaohui@ubuntu:~$
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
此时,可以看到,能够正常下载文件了。
说明是因为宿主机的防火墙开启导致安装新的系统时,新系统不能下载FTP的数据。
我们再次尝试在VMware和VirtualBox中启动系统。
注意,我们在VirtualBox或VMware中配置的新系统都使用桥接网络:
启动cobbler_node1虚拟机:
由于我长时间没有选择,系统自动从local启动,而我们local本地没有启动程序,出现异常:
我们关闭系统,重新启动:
终于看到安装界面了,此时我们选择我们的系统centos7.9开始安装。
但是还没有完成,重新启动虚拟机时,在后台日志中可以看到异常:
[root@cobbler-master cobbler]# tail -f /var/log/messages
Jun 21 22:08:45 cobbler-master dhcpd: DHCPOFFER on 192.168.2.224 to 00:50:56:38:96:30 via enp0s3
Jun 21 22:08:46 cobbler-master dhcpd: DHCPREQUEST for 192.168.2.224 (192.168.2.20) from 00:50:56:38:96:30 via enp0s3
Jun 21 22:08:46 cobbler-master dhcpd: DHCPACK on 192.168.2.224 to 00:50:56:38:96:30 via enp0s3
Jun 21 22:08:46 cobbler-master xinetd[1663]: START: tftp pid=1729 from=192.168.2.224
Jun 21 22:08:46 cobbler-master in.tftpd[1730]: RRQ from 192.168.2.224 filename pxelinux.0
Jun 21 22:08:46 cobbler-master in.tftpd[1730]: Error code 0: TFTP Aborted
Jun 21 22:08:46 cobbler-master in.tftpd[1731]: RRQ from 192.168.2.224 filename pxelinux.0
Jun 21 22:08:46 cobbler-master in.tftpd[1731]: Client 192.168.2.224 finished pxelinux.0
Jun 21 22:08:46 cobbler-master dhcpd: DHCPREQUEST for 192.168.2.224 (192.168.2.20) from 00:50:56:38:96:30 via enp0s3
Jun 21 22:08:46 cobbler-master dhcpd: DHCPACK on 192.168.2.224 to 00:50:56:38:96:30 via enp0s3
1
2
3
4
5
6
7
8
9
10
11
2
3
4
5
6
7
8
9
10
11
其中有一个Error code 0: TFTP Aborted,安装系统直接没有反应,不进行后续操作。
# 12. 使用VMWare进行测试安装
我们在virtualbox里面搭建虚拟机,发现一直测试不成功。我们尝试在VMware中新建一个虚拟机,并快捷搭建cobbler系统,看看是不是因为虚拟软件的不同导致不能启动。以下步骤只是简单的写出主要步骤。
- 步骤1: VMware中创建CentOS7.9虚拟机。
- 步骤2: 安装相关软件包。
# 安装基础工具
yum install vim wget -y
# 更新yum源
wget -O /etc/yum.repos.d/CentOS-Base.repo https://repo.huaweicloud.com/repository/conf/CentOS-7-reg.repo
cat > /etc/yum.repos.d/epel.repo << EOF
[epel]
name=Extra Packages for Enterprise Linux 7 - \$basearch
baseurl=https://mirrors.tuna.tsinghua.edu.cn/epel/7/\$basearch
#mirrorlist=https://mirrors.fedoraproject.org/metalink?repo=epel-7&arch=\$basearch
failovermethod=priority
enabled=1
gpgcheck=1
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-EPEL-7
[epel-debuginfo]
name=Extra Packages for Enterprise Linux 7 - \$basearch - Debug
baseurl=https://mirrors.tuna.tsinghua.edu.cn/epel/7/\$basearch/debug
#mirrorlist=https://mirrors.fedoraproject.org/metalink?repo=epel-debug-7&arch=\$basearch
failovermethod=priority
enabled=0
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-EPEL-7
gpgcheck=1
[epel-source]
name=Extra Packages for Enterprise Linux 7 - \$basearch - Source
baseurl=https://mirrors.tuna.tsinghua.edu.cn/epel/7/SRPMS
#mirrorlist=https://mirrors.fedoraproject.org/metalink?repo=epel-source-7&arch=\$basearch
failovermethod=priority
enabled=0
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-EPEL-7
gpgcheck=1
EOF
# 关闭SELinux
setenforce 0
sed -i 's/SELINUX=enforcing/SELINUX=disabled/g' /etc/selinux/config
cat /etc/selinux/config |sed -n 7p
# 关闭防火墙
systemctl disable firewalld
systemctl stop firewalld
systemctl status firewalld
# cobbler相关软件安装
yum install httpd xinetd debmirror fence-agents tftp-server dhcp pykickstart cobbler cobbler-web -y
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
参考: