Cobbler: различия между версиями
Sirmax (обсуждение | вклад) |
Sirmax (обсуждение | вклад) |
||
Строка 113: | Строка 113: | ||
===Сервисы=== |
===Сервисы=== |
||
+ | Для работы нужны запущенные |
||
+ | * tftpd |
||
+ | * dhcp |
||
+ | * dns |
||
+ | |||
====tftp==== |
====tftp==== |
||
====dns==== |
====dns==== |
||
+ | ====dhcp==== |
Версия 13:26, 29 августа 2012
Cobbler
Установка
Включить EPEL
wget http://dl.fedoraproject.org/pub/epel/6/x86_64/epel-release-6-7.noarch.rpm wget http://rpms.famillecollet.com/enterprise/remi-release-6.rpm sudo rpm -Uvh remi-release-6*.rpm epel-release-6*.rpm vim /etc/yum.repos.d/remi.repo
yum install cobbler-web.noarch cobbler.noarch yum install koan yum-utils httpd xinetd cman
cobbler check - проверить настройки.
[root@puppet ~]# cobbler check The following are potential configuration items that you may want to fix: 1 : The 'server' field in /etc/cobbler/settings must be set to something other than localhost, or kickstarting features will not work. This should be a resolvable hostname or IP for the boot server as reachable by all machines that will use it. 2 : For PXE to be functional, the 'next_server' field in /etc/cobbler/settings must be set to something other than 127.0.0.1, and should match the IP of the boot server on the PXE network. 3 : some network boot-loaders are missing from /var/lib/cobbler/loaders, you may run 'cobbler get-loaders' to download them, or, if you only want to handle x86/x86_64 netbooting, you may ensure that you have installed a *recent* version of the syslinux package installed and can ignore this message entirely. Files in this directory, should you want to support all architectures, should include pxelinux.0, menu.c32, elilo.efi, and yaboot. The 'cobbler get-loaders' command is the easiest way to resolve these requirements. 4 : change 'disable' to 'no' in /etc/xinetd.d/rsync 5 : debmirror package is not installed, it will be required to manage debian deployments and repositories 6 : The default password used by the sample templates for newly installed machines (default_password_crypted in /etc/cobbler/settings) is still set to 'cobbler' and should be changed, try: "openssl passwd -1 -salt 'random-phrase-here' 'your-password-here'" to generate new one
В дефолтной установке нужен запущенный httpd, без него:
cobbler check httpd does not appear to be running and proxying cobbler, or SELinux is in the way. Original traceback: Traceback (most recent call last): File "/usr/lib/python2.6/site-packages/cobbler/cli.py", line 184, in check_setup s.ping() File "/usr/lib/python2.6/xmlrpclib.py", line 1199, in __call__ return self.__send(self.__name, args) File "/usr/lib/python2.6/xmlrpclib.py", line 1489, in __request verbose=self.__verbose File "/usr/lib/python2.6/xmlrpclib.py", line 1235, in request self.send_content(h, request_body) File "/usr/lib/python2.6/xmlrpclib.py", line 1349, in send_content connection.endheaders() File "/usr/lib/python2.6/httplib.py", line 908, in endheaders self._send_output() File "/usr/lib/python2.6/httplib.py", line 780, in _send_output self.send(msg) File "/usr/lib/python2.6/httplib.py", line 739, in send self.connect() File "/usr/lib/python2.6/httplib.py", line 720, in connect self.timeout) File "/usr/lib/python2.6/socket.py", line 567, in create_connection raise error, msg error: [Errno 111] Connection refused
Исправление ошибок которые показывает check
1 : The 'server' field ...
исправить поле server на 172.16.250.1 (IP хоста)
2 : For PXE to be functional, the 'next_server' field in
исправить поле next_server на 172.16.250.1 (IP хоста)
3 : some network boot-loaders are missing from /var/lib/cobbler/loaders, you may run 'cobbler get-loaders'
# cobbler get-loaders task started: 2012-08-29_114756_get_loaders task started (id=Download Bootloader Content, time=Wed Aug 29 11:47:56 2012) downloading http://dgoodwin.fedorapeople.org/loaders/README to /var/lib/cobbler/loaders/README downloading http://dgoodwin.fedorapeople.org/loaders/COPYING.elilo to /var/lib/cobbler/loaders/COPYING.elilo downloading http://dgoodwin.fedorapeople.org/loaders/COPYING.yaboot to /var/lib/cobbler/loaders/COPYING.yaboot downloading http://dgoodwin.fedorapeople.org/loaders/COPYING.syslinux to /var/lib/cobbler/loaders/COPYING.syslinux downloading http://dgoodwin.fedorapeople.org/loaders/elilo-3.8-ia64.efi to /var/lib/cobbler/loaders/elilo-ia64.efi downloading http://dgoodwin.fedorapeople.org/loaders/yaboot-1.3.14-12 to /var/lib/cobbler/loaders/yaboot downloading http://dgoodwin.fedorapeople.org/loaders/pxelinux.0-3.61 to /var/lib/cobbler/loaders/pxelinux.0 downloading http://dgoodwin.fedorapeople.org/loaders/menu.c32-3.61 to /var/lib/cobbler/loaders/menu.c32 downloading http://dgoodwin.fedorapeople.org/loaders/grub-0.97-x86.efi to /var/lib/cobbler/loaders/grub-x86.efi downloading http://dgoodwin.fedorapeople.org/loaders/grub-0.97-x86_64.efi to /var/lib/cobbler/loaders/grub-x86_64.efi *** TASK COMPLETE ***
4 : change 'disable' to 'no' in /etc/xinetd.d/rsync
Поправить соответвенно ...
5 : debmirror package is not installed, it will be required to manage debian deployments and repositories
Игнорирую - дебиан мне не нужен
6 : The default password used by the sample templates for newly installed machines (default_password_crypted in /etc/cobbler/settings) is still set to 'cobbler' and should be changed, try: "openssl passwd -1 -salt 'random-phrase-here' 'your-password-here'" to generate new one
Как и советует подсказка:
openssl passwd -1 -salt 'random-phrase-here' 'swordfish'
и вписать в конфиг
Настройка компонетов системы
Web-управление
В моей установке уже настроено проксирование через апач, аутентификация отключена. Интерфейс доступен https://172.16.250.1/cobbler_web/
Возможна аутентификация через веб-интерфейс несколькими способами: пароль, созданный утилитой htdigest (сохраняется в файле /etc/cobbler/users.digest), Kerberos, LDAP, Spacewalk/Satellite и тестовый (используется для отладки, всегда testing/testing). Но в настройках по умолчанию аутентификация через веб-интерфейс блокирована. Разрешим ее, для примера будем использовать digest-файл. Для чего в файле /etc/cobbler/modules.conf меняем значение параметра module в секции authentication:
[authentication]
- module = authn_denyall # блокировка аутентификации
- module = authn_configfile
module = authn_testing
По умолчанию логин и пароль для регистрации – cobbler/cobbler. Его следует изменить при помощи команды:
# htdigest /etc/cobbler/users.digest "Cobbler" cobbler
Сервисы
Для работы нужны запущенные
- tftpd
- dhcp
- dns