Difference between revisions of "Cobbler installation on Ubuntu"
Jump to navigation
Jump to search
| (8 intermediate revisions by the same user not shown) | |||
| Line 26: | Line 26: | ||
== Add a few more packages to satisfy some cobbler requirements == | == Add a few more packages to satisfy some cobbler requirements == | ||
| − | Install '''debmirror''' with | + | Install '''debmirror''' with apt-get (needed to manage debian deployments): |
<syntaxhighlight> | <syntaxhighlight> | ||
root@ubuntu:~# apt-get install debmirror | root@ubuntu:~# apt-get install debmirror | ||
</syntaxhighlight> | </syntaxhighlight> | ||
| − | Install '''pykickstart''' with | + | Install '''createrepo''' with apt-get (needed for Redhat-based deployments): |
| + | <syntaxhighlight> | ||
| + | root@ubuntu:~# apt-get install createrepo | ||
| + | </syntaxhighlight> | ||
| + | |||
| + | Install '''pykickstart''' with apt-get (A python library for manipulating kickstart files): | ||
<syntaxhighlight> | <syntaxhighlight> | ||
root@ubuntu:~# apt-get install pykickstart | root@ubuntu:~# apt-get install pykickstart | ||
| Line 47: | Line 52: | ||
next_server: 172.28.0.100 | next_server: 172.28.0.100 | ||
server: 172.28.0.100 | server: 172.28.0.100 | ||
| + | </syntaxhighlight> | ||
| + | |||
| + | Define domain name to use/manage in '''/etc/cobbler/settings''': | ||
| + | <syntaxhighlight> | ||
| + | # if using BIND (named) for DNS management in /etc/cobbler/modules.conf | ||
| + | # and manage_dns is enabled (above), this lists which zones are managed | ||
| + | # See the Wiki (https://fedorahosted.org/cobbler/wiki/ManageDns) for more info | ||
| + | manage_forward_zones: [domain.name.com] | ||
| + | manage_reverse_zones: [192.168.42.0] | ||
</syntaxhighlight> | </syntaxhighlight> | ||
| Line 58: | Line 72: | ||
</syntaxhighlight> | </syntaxhighlight> | ||
| − | Edit '''/etc/cobbler/dhcp.template''' with relevant network information (for example): | + | Edit '''/etc/cobbler/dhcp.template''' with relevant network information including the domain-search option which doesn't seem to be added automatically (for example): |
<syntaxhighlight> | <syntaxhighlight> | ||
# ****************************************************************** | # ****************************************************************** | ||
| Line 88: | Line 102: | ||
next-server $next_server; | next-server $next_server; | ||
} | } | ||
| − | . . . . . | + | |
| + | #for dhcp_tag in $dhcp_tags.keys(): | ||
| + | ## group could be subnet if your dhcp tags line up with your subnets | ||
| + | ## or really any valid dhcpd.conf construct ... if you only use the | ||
| + | ## default dhcp tag in cobbler, the group block can be deleted for a | ||
| + | ## flat configuration | ||
| + | # group for Cobbler DHCP tag: $dhcp_tag | ||
| + | group { | ||
| + | #for mac in $dhcp_tags[$dhcp_tag].keys(): | ||
| + | #set iface = $dhcp_tags[$dhcp_tag][$mac] | ||
| + | host $iface.name { | ||
| + | hardware ethernet $mac; | ||
| + | #if $iface.ip_address: | ||
| + | fixed-address $iface.ip_address; | ||
| + | #end if | ||
| + | #if $iface.hostname: | ||
| + | option host-name "$iface.hostname"; | ||
| + | #end if | ||
| + | #if $iface.netmask: | ||
| + | option subnet-mask $iface.netmask; | ||
| + | #end if | ||
| + | #if $iface.gateway: | ||
| + | option routers $iface.gateway; | ||
| + | #end if | ||
| + | filename "$iface.filename"; | ||
| + | ## Cobbler defaults to $next_server, but some users | ||
| + | ## may like to use $iface.system.server for proxied setups | ||
| + | option domain-search "domain.name.com"; # <-- Domain name goes here | ||
| + | next-server $next_server; | ||
| + | ## next-server $iface.next_server; | ||
| + | } | ||
| + | #end for | ||
| + | } | ||
| + | #end for | ||
| + | </syntaxhighlight> | ||
| + | |||
| + | Again, ensure '''domain-name''' and '''domain-search''' options are defined, otherwise simple DNS name resolution won't work from the clients: | ||
| + | <syntaxhighlight> | ||
| + | subnet 192.168.42.0 netmask 255.255.255.0 { | ||
| + | option routers 192.168.42.1; | ||
| + | option domain-name-servers 192.168.42.1; | ||
| + | option domain-name "pxe.bostonlabs.co.uk"; | ||
| + | option domain-search "pxe.bostonlabs.co.uk"; | ||
| + | . . . | ||
</syntaxhighlight> | </syntaxhighlight> | ||
| Line 108: | Line 165: | ||
</syntaxhighlight> | </syntaxhighlight> | ||
| − | == Import a | + | == Confirm DNS server options == |
| + | Ensure '''DNSSEC''' is disabled and '''auth-nxdomain''' is enabled in '''/etc/bind/named.conf.options''': | ||
| + | <syntaxhighlight> | ||
| + | options { | ||
| + | directory "/var/cache/bind"; | ||
| + | |||
| + | // If there is a firewall between you and nameservers you want | ||
| + | // to talk to, you may need to fix the firewall to allow multiple | ||
| + | // ports to talk. See http://www.kb.cert.org/vuls/id/800113 | ||
| + | |||
| + | // If your ISP provided one or more IP addresses for stable | ||
| + | // nameservers, you probably want to use them as forwarders. | ||
| + | // Uncomment the following block, and insert the addresses replacing | ||
| + | // the all-0's placeholder. | ||
| + | |||
| + | // forwarders { | ||
| + | // 0.0.0.0; | ||
| + | // }; | ||
| + | |||
| + | //======================================================================== | ||
| + | // If BIND logs error messages about the root key being expired, | ||
| + | // you will need to update your keys. See https://www.isc.org/bind-keys | ||
| + | //======================================================================== | ||
| + | dnssec-validation no; | ||
| + | |||
| + | auth-nxdomain yes; # conform to RFC1035 | ||
| + | listen-on-v6 { any; }; | ||
| + | }; | ||
| + | </syntaxhighlight> | ||
| + | |||
| + | == Import a Ubuntu Server ISO for deployment == | ||
| − | Mount a the | + | Mount a the Ubuntu Server ISO file to a local folder, for example: |
<syntaxhighlight> | <syntaxhighlight> | ||
mount -o loop ./ubuntu-12.04-server-amd64.iso /media/cdrom | mount -o loop ./ubuntu-12.04-server-amd64.iso /media/cdrom | ||
Latest revision as of 11:05, 4 November 2013
Pre-Requisits
For this installation, we will need to have the following services installed: dhcp, bind & apache.
Install with the following yum command:
root@ubuntu:~# apt-get install apache2 isc-dhcp-server bind9If necessary, the dhcpd service can be restricted to servicing dhcp requests on just one port. To do this, edit the /etc/default/isc-dhcp-server file and set the following line:
INTERFACES="eth1"Install Cobbler
root@ubuntu:~# apt-get install cobbler cobbler-webRestart Apache
root@ubuntu:~# service apache2 restart
* Restarting web server apache2
apache2: Could not reliably determine the server's fully qualified domain name, using 127.0.1.1 for ServerName
... waiting apache2: Could not reliably determine the server's fully qualified domain name, using 127.0.1.1 for ServerNameAdd a few more packages to satisfy some cobbler requirements
Install debmirror with apt-get (needed to manage debian deployments):
root@ubuntu:~# apt-get install debmirrorInstall createrepo with apt-get (needed for Redhat-based deployments):
root@ubuntu:~# apt-get install createrepoInstall pykickstart with apt-get (A python library for manipulating kickstart files):
root@ubuntu:~# apt-get install pykickstartConfigure cobbler
Get cobbler to manage dhcp and dns by setting the following in /etc/cobbler/settings:
manage_dhcp: 1
manage_dns: 1Set server ip addresses in /etc/cobbler/settings:
next_server: 172.28.0.100
server: 172.28.0.100Define domain name to use/manage in /etc/cobbler/settings:
# if using BIND (named) for DNS management in /etc/cobbler/modules.conf
# and manage_dns is enabled (above), this lists which zones are managed
# See the Wiki (https://fedorahosted.org/cobbler/wiki/ManageDns) for more info
manage_forward_zones: [domain.name.com]
manage_reverse_zones: [192.168.42.0]Confirm the following are set in /etc/cobbler/modules.conf:
[dns]
module = manage_bind
[dhcp]
module = manage_iscEdit /etc/cobbler/dhcp.template with relevant network information including the domain-search option which doesn't seem to be added automatically (for example):
# ******************************************************************
# Cobbler managed dhcpd.conf file
#
# generated from cobbler dhcp.conf template ($date)
# Do NOT make changes to /etc/dhcpd.conf. Instead, make your changes
# in /etc/cobbler/dhcp.template, as /etc/dhcpd.conf will be
# overwritten.
#
# ******************************************************************
ddns-update-style interim;
allow booting;
allow bootp;
ignore client-updates;
set vendorclass = option vendor-class-identifier;
subnet 192.168.42.0 netmask 255.255.255.0 {
option routers 192.168.42.1;
option domain-name-servers 192.168.42.1;
option subnet-mask 255.255.255.0;
range dynamic-bootp 192.168.42.100 192.168.42.150;
filename "/pxelinux.0";
default-lease-time 21600;
max-lease-time 43200;
next-server $next_server;
}
#for dhcp_tag in $dhcp_tags.keys():
## group could be subnet if your dhcp tags line up with your subnets
## or really any valid dhcpd.conf construct ... if you only use the
## default dhcp tag in cobbler, the group block can be deleted for a
## flat configuration
# group for Cobbler DHCP tag: $dhcp_tag
group {
#for mac in $dhcp_tags[$dhcp_tag].keys():
#set iface = $dhcp_tags[$dhcp_tag][$mac]
host $iface.name {
hardware ethernet $mac;
#if $iface.ip_address:
fixed-address $iface.ip_address;
#end if
#if $iface.hostname:
option host-name "$iface.hostname";
#end if
#if $iface.netmask:
option subnet-mask $iface.netmask;
#end if
#if $iface.gateway:
option routers $iface.gateway;
#end if
filename "$iface.filename";
## Cobbler defaults to $next_server, but some users
## may like to use $iface.system.server for proxied setups
option domain-search "domain.name.com"; # <-- Domain name goes here
next-server $next_server;
## next-server $iface.next_server;
}
#end for
}
#end forAgain, ensure domain-name and domain-search options are defined, otherwise simple DNS name resolution won't work from the clients:
subnet 192.168.42.0 netmask 255.255.255.0 {
option routers 192.168.42.1;
option domain-name-servers 192.168.42.1;
option domain-name "pxe.bostonlabs.co.uk";
option domain-search "pxe.bostonlabs.co.uk";
. . .Attempt to start dhcpd:
service dhcpd restartNB: if the dhcpd service isn't running and it fails to start, it may be because the default /etc/dhcpd.conf file is blank. Enter the above information and start the dhcpd service (it needs to be running for cobbler sync (below) to complete fully). The content of /etc/dhcpd.conf will be overwritten with the contents of /etc/cobbler/dhcp.template once cobbler sync has been performed.
Run cobbler check:
cobbler checkRun cobbler sync:
cobbler syncConfirm DNS server options
Ensure DNSSEC is disabled and auth-nxdomain is enabled in /etc/bind/named.conf.options:
options {
directory "/var/cache/bind";
// If there is a firewall between you and nameservers you want
// to talk to, you may need to fix the firewall to allow multiple
// ports to talk. See http://www.kb.cert.org/vuls/id/800113
// If your ISP provided one or more IP addresses for stable
// nameservers, you probably want to use them as forwarders.
// Uncomment the following block, and insert the addresses replacing
// the all-0's placeholder.
// forwarders {
// 0.0.0.0;
// };
//========================================================================
// If BIND logs error messages about the root key being expired,
// you will need to update your keys. See https://www.isc.org/bind-keys
//========================================================================
dnssec-validation no;
auth-nxdomain yes; # conform to RFC1035
listen-on-v6 { any; };
};Import a Ubuntu Server ISO for deployment
Mount a the Ubuntu Server ISO file to a local folder, for example:
mount -o loop ./ubuntu-12.04-server-amd64.iso /media/cdromImport the ISO into cobbler:
root@ubuntu:~# cobbler import --name=ubuntu1204 --path=/media/cdrom/ breed=ubuntu --arch=x86_64Finish with a cobbler sync:
cobbler sync