Created
November 12, 2012 11:18
-
-
Save bugcy013/4058779 to your computer and use it in GitHub Desktop.
cobbler guide
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| cobbler distro add --arch=x86_64 --breed=redhat --name=centos-5_8-64bit --initrd=/var/lib/tftpboot/images/centos_images_5.8_x86/initrd.img --kernel=/var/lib/tftpboot/images/centos_images_5.8_x86/vmlinuz | |
| cobbler profile add --name=Development --distro ubuntu-12_04-64bit | |
| cobbler profile edit --name=Development --kickstart=/var/lib/cobbler/kickstarts/preseed.txt --kopts="priority=critical locale=en_US" | |
| cobbler system add –name=AA:BB:CC:DD:EE:FF –profile=RHEL5-i386 | |
| yum install koan | |
| koan --server=192.168.0.42 --list=profiles (lists available profiles on the Cobbler server) | |
| koan --server=192.168.0.42 --list=systems (lists available systems, if any) | |
| koan --virt --server=192.168.0.42 --profile=RHEL5-i386 --virt-name=web01 (installs a virtual guest using the indicated profile) | |
| koan --virt --server=192.168.0.42 --profile=RHEL5-i386 --virt-name=web01 --nogfx (installs a virtual guest from a console without graphic support). | |
| virsh -c qemu:///system list | |
| koan --server=192.168.70.52 --virt --profile=ubuntu-12.04-server-x86_64 | |
| [root@dvtelx2qa27 ~]# koan --server=172.16.30.68 --list=profiles | |
| - looking for Cobbler at http://172.16.30.68:80/cobbler_api | |
| ubuntu-12.04.1-server-x86_64 | |
| Listing VMs | |
| $ virsh list | |
| Working with a Running Virtual Machine | |
| Once a virtual machine is running, you can manage it in many different ways, such as: | |
| $ virsh start foo | |
| $ virsh reboot foo | |
| $ virsh shutdown foo | |
| $ virsh suspend foo | |
| $ virsh resume foo | |
| Console | |
| Sometimes, it's useful to attach to the console of a running VM, to obtain debugging information, etc. | |
| $ virsh console foo | |
| Connected to domain foo | |
| Escape character is ^] | |
| Deleting a Virtual Machine | |
| To delete a virtual machine, first terminate it (if running), and then undefine it: | |
| $ virsh destroy foo_new | |
| $ virsh undefine foo_new | |
| settings: | |
| ========= | |
| [root@spaceclient cobbler]# cat settings | |
| --- | |
| # cobbler settings file | |
| # restart cobblerd and run "cobbler sync" after making changes | |
| # This config file is in YAML 1.0 format | |
| # see http://yaml.org | |
| # ========================================================== | |
| # if 1, cobbler will allow insertions of system records that duplicate | |
| # the --dns-name information of other system records. In general, | |
| # this is undesirable and should be left 0. | |
| allow_duplicate_hostnames: 0 | |
| # if 1, cobbler will allow insertions of system records that duplicate | |
| # the ip address information of other system records. In general, | |
| # this is undesirable and should be left 0. | |
| allow_duplicate_ips: 0 | |
| # if 1, cobbler will allow insertions of system records that duplicate | |
| # the mac address information of other system records. In general, | |
| # this is undesirable. | |
| allow_duplicate_macs: 0 | |
| # by default, installs are *not* set to send installation logs to the cobbler | |
| # # # server. With 'anamon_enabled', kickstart templates may use the pre_anamon | |
| # # # snippet to allow remote live monitoring of their installations from the | |
| # # # cobbler server. Installation logs will be stored under | |
| # # # /var/log/cobbler/anamon/. NOTE: This does allow an xmlrpc call to send logs | |
| # # # to this directory, without authentication, so enable only if you are | |
| # # # ok with this limitation. | |
| anamon_enabled: 0 | |
| # If using authn_pam in the modules.conf, this can be configured | |
| # to change the PAM service authentication will be tested against. | |
| # The default value is "login". | |
| authn_pam_service: "login" | |
| # Email out a report when cobbler finishes installing a system. | |
| # enabled: set to 1 to turn this feature on | |
| # sender: optional | |
| # email: which addresses to email | |
| # smtp_server: used to specify another server for an MTA | |
| # subject: use the default subject unless overridden | |
| build_reporting_enabled: 0 | |
| build_reporting_sender: "" | |
| build_reporting_email: [ 'root@localhost' ] | |
| build_reporting_smtp_server: "localhost" | |
| build_reporting_subject: "" | |
| # Cheetah-language kickstart templates can import Python modules. | |
| # while this is a useful feature, it is not safe to allow them to | |
| # import anything they want. This whitelists which modules can be | |
| # imported through Cheetah. Users can expand this as needed but | |
| # should never allow modules such as subprocess or those that | |
| # allow access to the filesystem as Cheetah templates are evaluated | |
| # by cobblerd as code. | |
| cheetah_import_whitelist: | |
| - "random" | |
| - "re" | |
| - "time" | |
| # Default createrepo_flags to use for new repositories. If you have | |
| # createrepo >= 0.4.10, consider "-c cache --update -C", which can | |
| # dramatically improve your "cobbler reposync" time. "-s sha" | |
| # enables working with Fedora repos from F11/F12 from EL-4 or | |
| # EL-5 without python-hashlib installed (which is not available | |
| # on EL-4) | |
| createrepo_flags: "-c cache -s sha" | |
| # if no kickstart is specified to profile add, use this template | |
| default_kickstart: /var/lib/cobbler/kickstarts/default.ks | |
| # configure all installed systems to use these nameservers by default | |
| # unless defined differently in the profile. For DHCP configurations | |
| # you probably do /not/ want to supply this. | |
| default_name_servers: [] | |
| # if using the authz_ownership module (see the Wiki), objects | |
| # created without specifying an owner are assigned to this | |
| # owner and/or group. Can be a comma seperated list. | |
| default_ownership: | |
| - "admin" | |
| # cobbler has various sample kickstart templates stored | |
| # in /var/lib/cobbler/kickstarts/. This controls | |
| # what install (root) password is set up for those | |
| # systems that reference this variable. The factory | |
| # default is "cobbler" and cobbler check will warn if | |
| # this is not changed. | |
| # The simplest way to change the password is to run | |
| # openssl passwd -1 | |
| # and put the output between the "" below. | |
| default_password_crypted: "$1$mF86/UHC$WvcIcX2t6crBz2onWxyac." | |
| # the default template type to use in the absence of any | |
| # other detected template. If you do not specify the template | |
| # with '#template=<template_type>' on the first line of your | |
| # templates/snippets, cobbler will assume try to use the | |
| # following template engine to parse the templates. | |
| # | |
| # Current valid values are: cheetah, jinja2 | |
| default_template_type: "cheetah" | |
| # for libvirt based installs in koan, if no virt bridge | |
| # is specified, which bridge do we try? For EL 4/5 hosts | |
| # this should be xenbr0, for all versions of Fedora, try | |
| # "virbr0". This can be overriden on a per-profile | |
| # basis or at the koan command line though this saves | |
| # typing to just set it here to the most common option. | |
| default_virt_bridge: xenbr0 | |
| # use this as the default disk size for virt guests (GB) | |
| default_virt_file_size: 5 | |
| # use this as the default memory size for virt guests (MB) | |
| default_virt_ram: 512 | |
| # if koan is invoked without --virt-type and no virt-type | |
| # is set on the profile/system, what virtualization type | |
| # should be assumed? Values: xenpv, xenfv, qemu, vmware | |
| # (NOTE: this does not change what virt_type is chosen by import) | |
| default_virt_type: xenpv | |
| # enable gPXE booting? Enabling this option will cause cobbler | |
| # to copy the undionly.kpxe file to the tftp root directory, | |
| # and if a profile/system is configured to boot via gpxe it will | |
| # chain load off pxelinux.0. | |
| # Default: 0 | |
| enable_gpxe: 0 | |
| # controls whether cobbler will add each new profile entry to the default | |
| # PXE boot menu. This can be over-ridden on a per-profile | |
| # basis when adding/editing profiles with --enable-menu=0/1. Users | |
| # should ordinarily leave this setting enabled unless they are concerned | |
| # with accidental reinstalls from users who select an entry at the PXE | |
| # boot menu. Adding a password to the boot menus templates | |
| # may also be a good solution to prevent unwanted reinstallations | |
| enable_menu: 1 | |
| # enable Func-integration? This makes sure each installed machine is set up | |
| # to use func out of the box, which is a powerful way to script and control | |
| # remote machines. | |
| # Func lives at http://fedorahosted.org/func | |
| # read more at https://github.com/cobbler/cobbler/wiki/Func-integration | |
| # you will need to mirror Fedora/EPEL packages for this feature, so see | |
| # https://github.com/cobbler/cobbler/wiki/Manage-yum-repos if you want cobbler | |
| # to help you with this | |
| func_auto_setup: 0 | |
| func_master: overlord.example.org | |
| # change this port if Apache is not running plaintext on port | |
| # 80. Most people can leave this alone. | |
| http_port: 80 | |
| # kernel options that should be present in every cobbler installation. | |
| # kernel options can also be applied at the distro/profile/system | |
| # level. | |
| kernel_options: | |
| ksdevice: bootif | |
| lang: ' ' | |
| text: ~ | |
| # s390 systems require additional kernel options in addition to the | |
| # above defaults | |
| kernel_options_s390x: | |
| RUNKS: 1 | |
| ramdisk_size: 40000 | |
| root: /dev/ram0 | |
| ro: ~ | |
| ip: off | |
| vnc: ~ | |
| # configuration options if using the authn_ldap module. See the | |
| # the Wiki for details. This can be ignored if you are not using | |
| # LDAP for WebUI/XMLRPC authentication. | |
| ldap_server: "ldap.example.com" | |
| ldap_base_dn: "DC=example,DC=com" | |
| ldap_port: 389 | |
| ldap_tls: 1 | |
| ldap_anonymous_bind: 1 | |
| ldap_search_bind_dn: '' | |
| ldap_search_passwd: '' | |
| ldap_search_prefix: 'uid=' | |
| # cobbler has a feature that allows for integration with config management | |
| # systems such as Puppet. The following parameters work in conjunction with | |
| # --mgmt-classes and are described in furhter detail at: | |
| # https://github.com/cobbler/cobbler/wiki/Using-cobbler-with-a-configuration-management-system | |
| mgmt_classes: [] | |
| mgmt_parameters: | |
| from_cobbler: 1 | |
| # if enabled, this setting ensures that puppet is installed during | |
| # machine provision, a client certificate is generated and a | |
| # certificate signing request is made with the puppet master server | |
| puppet_auto_setup: 0 | |
| # when puppet starts on a system after installation it needs to have | |
| # its certificate signed by the puppet master server. Enabling the | |
| # following feature will ensure that the puppet server signs the | |
| # certificate after installation if the puppet master server is | |
| # running on the same machine as cobbler. This requires | |
| # puppet_auto_setup above to be enabled | |
| sign_puppet_certs_automatically: 0 | |
| # location of the puppet signing utility puppetca | |
| puppetca_path: "/usr/sbin/puppetca" | |
| # when a puppet managed machine is reinstalled it is necessary to | |
| # remove the puppet certificate from the puppet master server before a | |
| # new certificate is signed (see above). Enabling the following | |
| # feature will ensure that the certificate for the machine to be | |
| # installed is removed from the puppet master server if the puppet | |
| # master server is running on the same machine as cobbler. This | |
| # requires puppet_auto_setup above to be enabled | |
| remove_old_puppet_certs_automatically: 0 | |
| # set to 1 to enable Cobbler's DHCP management features. | |
| # the choice of DHCP management engine is in /etc/cobbler/modules.conf | |
| manage_dhcp: 0 | |
| # set to 1 to enable Cobbler's DNS management features. | |
| # the choice of DNS mangement engine is in /etc/cobbler/modules.conf | |
| manage_dns: 0 | |
| # set to path of bind chroot to create bind-chroot compatible bind | |
| # configuration files. This should be automatically detected. | |
| bind_chroot_path: "" | |
| # set to the ip address of the master bind DNS server for creating secondary | |
| # bind configuration files | |
| bind_master: 127.0.0.1 | |
| # set to 1 to enable Cobbler's TFTP management features. | |
| # the choice of TFTP mangement engine is in /etc/cobbler/modules.conf | |
| manage_tftpd: 1 | |
| # set to 1 to enable Cobbler's RSYNC management features. | |
| manage_rsync: 0 | |
| # if using BIND (named) for DNS management in /etc/cobbler/modules.conf | |
| # and manage_dns is enabled (above), this lists which zones are managed | |
| # See the Wiki (https://github.com/cobbler/cobbler/wiki/Dns-management) for more info | |
| manage_forward_zones: [] | |
| manage_reverse_zones: [] | |
| # if using cobbler with manage_dhcp, put the IP address | |
| # of the cobbler server here so that PXE booting guests can find it | |
| # if you do not set this correctly, this will be manifested in TFTP open timeouts. | |
| #next_server: 127.0.0.1 | |
| next_server: 172.16.30.68 | |
| # settings for power management features. optional. | |
| # see https://github.com/cobbler/cobbler/wiki/Power-management to learn more | |
| # choices (refer to codes.py): | |
| # apc_snmp bladecenter bullpap drac ether_wake ilo integrity | |
| # ipmilan ipmitool lpar rsa virsh wti | |
| power_management_default_type: 'ipmitool' | |
| # the commands used by the power management module are sourced | |
| # from what directory? | |
| power_template_dir: "/etc/cobbler/power" | |
| # if this setting is set to 1, cobbler systems that pxe boot | |
| # will request at the end of their installation to toggle the | |
| # --netboot-enabled record in the cobbler system record. This eliminates | |
| # the potential for a PXE boot loop if the system is set to PXE | |
| # first in it's BIOS order. Enable this if PXE is first in your BIOS | |
| # boot order, otherwise leave this disabled. See the manpage | |
| # for --netboot-enabled. | |
| pxe_just_once: 0 | |
| # the templates used for PXE config generation are sourced | |
| # from what directory? | |
| pxe_template_dir: "/etc/cobbler/pxe" | |
| # Path to where system consoles are | |
| consoles: "/var/consoles" | |
| # Are you using a Red Hat management platform in addition to Cobbler? | |
| # Cobbler can help you register to it. Choose one of the following: | |
| # "off" : I'm not using Red Hat Network, Satellite, or Spacewalk | |
| # "hosted" : I'm using Red Hat Network | |
| # "site" : I'm using Red Hat Satellite Server or Spacewalk | |
| # You will also want to read: https://github.com/cobbler/cobbler/wiki/Tips-for-RHN | |
| redhat_management_type: "off" | |
| # if redhat_management_type is enabled, choose your server | |
| # "management.example.org" : For Satellite or Spacewalk | |
| # "xmlrpc.rhn.redhat.com" : For Red Hat Network | |
| # This setting is also used by the code that supports using Spacewalk/Satellite users/passwords | |
| # within Cobbler Web and Cobbler XMLRPC. Using RHN Hosted for this is not supported. | |
| # This feature can be used even if redhat_management_type is off, you just have | |
| # to have authn_spacewalk selected in modules.conf | |
| redhat_management_server: "xmlrpc.rhn.redhat.com" | |
| # specify the default Red Hat authorization key to use to register | |
| # system. If left blank, no registration will be attempted. Similarly | |
| # you can set the --redhat-management-key to blank on any system to | |
| # keep it from trying to register. | |
| redhat_management_key: "" | |
| # if using authn_spacewalk in modules.conf to let cobbler authenticate | |
| # against Satellite/Spacewalk's auth system, by default it will not allow per user | |
| # access into Cobbler Web and Cobbler XMLRPC. | |
| # in order to permit this, the following setting must be enabled HOWEVER | |
| # doing so will permit all Spacewalk/Satellite users of certain types to edit all | |
| # of cobbler's configuration. | |
| # these roles are: config_admin and org_admin | |
| # users should turn this on only if they want this behavior and | |
| # do not have a cross-multi-org seperation concern. If you have | |
| # a single org in your satellite, it's probably safe to turn this | |
| # on and then you can use CobblerWeb alongside a Satellite install. | |
| redhat_management_permissive: 0 | |
| # if set to 1, allows /usr/bin/cobbler-register (part of the koan package) | |
| # to be used to remotely add new cobbler system records to cobbler. | |
| # this effectively allows for registration of new hardware from system | |
| # records. | |
| register_new_installs: 0 | |
| # Flags to use for yum's reposync. If your version of yum reposync | |
| # does not support -l, you may need to remove that option. | |
| reposync_flags: "-l -m -d" | |
| # when DHCP and DNS management are enabled, cobbler sync can automatically | |
| # restart those services to apply changes. The exception for this is | |
| # if using ISC for DHCP, then omapi eliminates the need for a restart. | |
| # omapi, however, is experimental and not recommended for most configurations. | |
| # If DHCP and DNS are going to be managed, but hosted on a box that | |
| # is not on this server, disable restarts here and write some other | |
| # script to ensure that the config files get copied/rsynced to the destination | |
| # box. This can be done by modifying the restart services trigger. | |
| # Note that if manage_dhcp and manage_dns are disabled, the respective | |
| # parameter will have no effect. Most users should not need to change | |
| # this. | |
| restart_dns: 1 | |
| restart_dhcp: 1 | |
| # install triggers are scripts in /var/lib/cobbler/triggers/install | |
| # that are triggered in kickstart pre and post sections. Any | |
| # executable script in those directories is run. They can be used | |
| # to send email or perform other actions. They are currently | |
| # run as root so if you do not need this functionality you can | |
| # disable it, though this will also disable "cobbler status" which | |
| # uses a logging trigger to audit install progress. | |
| run_install_triggers: 1 | |
| # enables a trigger which version controls all changes to /var/lib/cobbler | |
| # when add, edit, or sync events are performed. This can be used | |
| # to revert to previous database versions, generate RSS feeds, or for | |
| # other auditing or backup purposes. "git" and "hg" are currently suported, | |
| # but git is the recommend SCM for use with this feature. | |
| scm_track_enabled: 0 | |
| scm_track_mode: "git" | |
| # this is the address of the cobbler server -- as it is used | |
| # by systems during the install process, it must be the address | |
| # or hostname of the system as those systems can see the server. | |
| # if you have a server that appears differently to different subnets | |
| # (dual homed, etc), you need to read the --server-override section | |
| # of the manpage for how that works. | |
| #server: 127.0.0.1 | |
| server: 172.16.30.68 | |
| # If set to 1, all commands will be forced to use the localhost address | |
| # instead of using the above value which can force commands like | |
| # cobbler sync to open a connection to a remote address if one is in the | |
| # configuration and would traceback. | |
| client_use_localhost: 0 | |
| # this is a directory of files that cobbler uses to make | |
| # templating easier. See the Wiki for more information. Changing | |
| # this directory should not be required. | |
| snippetsdir: /var/lib/cobbler/snippets | |
| # Normally if a kickstart is specified at a remote location, this | |
| # URL will be passed directly to the kickstarting system, thus bypassing | |
| # the usual snippet templating Cobbler does for local kickstart files. If | |
| # this option is enabled, Cobbler will fetch the file contents internally | |
| # and serve a templated version of the file to the client. | |
| template_remote_kickstarts: 0 | |
| # should new profiles for virtual machines default to auto booting with the physical host when the physical host reboots? | |
| # this can be overridden on each profile or system object. | |
| virt_auto_boot: 1 | |
| # cobbler's web directory. Don't change this setting -- see the | |
| # Wiki on "relocating your cobbler install" if your /var partition | |
| # is not large enough. | |
| webdir: /var/www/cobbler | |
| # cobbler's public XMLRPC listens on this port. Change this only | |
| # if absolutely needed, as you'll have to start supplying a new | |
| # port option to koan if it is not the default. | |
| xmlrpc_port: 25151 | |
| # "cobbler repo add" commands set cobbler up with repository | |
| # information that can be used during kickstart and is automatically | |
| # set up in the cobbler kickstart templates. By default, these | |
| # are only available at install time. To make these repositories | |
| # usable on installed systems (since cobbler makes a very convient) | |
| # mirror, set this to 1. Most users can safely set this to 1. Users | |
| # who have a dual homed cobbler server, or are installing laptops that | |
| # will not always have access to the cobbler server may wish to leave | |
| # this as 0. In that case, the cobbler mirrored yum repos are still | |
| # accessable at http://cobbler.example.org/cblr/repo_mirror and yum | |
| # configuration can still be done manually. This is just a shortcut. | |
| yum_post_install_mirror: 1 | |
| # the default yum priority for all the distros. This is only used | |
| # if yum-priorities plugin is used. 1=maximum. Tweak with caution. | |
| yum_distro_priority: 1 | |
| # Flags to use for yumdownloader. Not all versions may support | |
| # --resolve. | |
| yumdownloader_flags: "--resolve" | |
| # sort and indent JSON output to make it more human-readable | |
| serializer_pretty_json: 0 | |
| modules.conf: | |
| ============= | |
| [root@spaceclient cobbler]# | |
| [root@spaceclient cobbler]# cat modules.conf | |
| # cobbler module configuration file | |
| # ================================= | |
| # authentication: | |
| # what users can log into the WebUI and Read-Write XMLRPC? | |
| # choices: | |
| # authn_denyall -- no one (default) | |
| # authn_configfile -- use /etc/cobbler/users.digest (for basic setups) | |
| # authn_passthru -- ask Apache to handle it (used for kerberos) | |
| # authn_ldap -- authenticate against LDAP | |
| # authn_spacewalk -- ask Spacewalk/Satellite (experimental) | |
| # authn_pam -- use PAM facilities | |
| # authn_testing -- username/password is always testing/testing (debug) | |
| # (user supplied) -- you may write your own module | |
| # WARNING: this is a security setting, do not choose an option blindly. | |
| # for more information: | |
| # https://github.com/cobbler/cobbler/wiki/Cobbler-web-interface | |
| # https://github.com/cobbler/cobbler/wiki/Security-overview | |
| # https://github.com/cobbler/cobbler/wiki/Kerberos | |
| # https://github.com/cobbler/cobbler/wiki/Ldap | |
| [authentication] | |
| #module = authn_denyall | |
| module = authn_configfile | |
| # authorization: | |
| # once a user has been cleared by the WebUI/XMLRPC, what can they do? | |
| # choices: | |
| # authz_allowall -- full access for all authneticated users (default) | |
| # authz_ownership -- use users.conf, but add object ownership semantics | |
| # (user supplied) -- you may write your own module | |
| # WARNING: this is a security setting, do not choose an option blindly. | |
| # If you want to further restrict cobbler with ACLs for various groups, | |
| # pick authz_ownership. authz_allowall does not support ACLs. configfile | |
| # does but does not support object ownership which is useful as an additional | |
| # layer of control. | |
| # for more information: | |
| # https://github.com/cobbler/cobbler/wiki/Cobbler-web-interface | |
| # https://github.com/cobbler/cobbler/wiki/Security-overview | |
| # https://github.com/cobbler/cobbler/wiki/Web-authorization | |
| [authorization] | |
| module = authz_allowall | |
| # dns: | |
| # chooses the DNS management engine if manage_dns is enabled | |
| # in /etc/cobbler/settings, which is off by default. | |
| # choices: | |
| # manage_bind -- default, uses BIND/named | |
| # manage_dnsmasq -- uses dnsmasq, also must select dnsmasq for dhcp below | |
| # NOTE: more configuration is still required in /etc/cobbler | |
| # for more information: | |
| # https://github.com/cobbler/cobbler/wiki/Dns-management | |
| [dns] | |
| module = manage_bind | |
| # dhcp: | |
| # chooses the DHCP management engine if manage_dhcp is enabled | |
| # in /etc/cobbler/settings, which is off by default. | |
| # choices: | |
| # manage_isc -- default, uses ISC dhcpd | |
| # manage_dnsmasq -- uses dnsmasq, also must select dnsmasq for dns above | |
| # NOTE: more configuration is still required in /etc/cobbler | |
| # for more information: | |
| # https://github.com/cobbler/cobbler/wiki/Dhcp-management | |
| [dhcp] | |
| module = manage_isc | |
| # tftpd: | |
| # chooses the TFTP management engine if manage_tftp is enabled | |
| # in /etc/cobbler/settings, which is ON by default. | |
| # | |
| # choices: | |
| # manage_in_tftpd -- default, uses the system's tftp server | |
| # manage_tftpd_py -- uses cobbler's tftp server | |
| # | |
| [tftpd] | |
| module = manage_in_tftpd | |
| #-------------------------------------------------- | |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment