Lab cobbler

Recovered from the older tannerjc.net wiki snapshot dated January 23, 2016.

• Create RHEL6 server guest with install DVD
• Set eth0 to static based on IP pulled from DHCP
• Create eth1 device on a private virtual network

Virtual Network Setup

[root@sasha ~]# cat virbr-cobbler.xml
network
	namevirbr-cobbler/name
		uuid/uuid
		bridge forwarddelay=0 stp=on name=virbr6
			ip netmask=255.0.0.0 address=10.0.0.1
			/ip
		/bridge
/network

[root@sasha ~]# virsh
Welcome to virsh, the virtualization interactive terminal.

Type:  'help' for help with commands
       'quit' to quit

virsh # net-define /root/virbr-cobbler.xml
Network virbr-cobbler defined from /root/virbr-cobbler.xml

virsh # net-start virbr-cobbler
Network virbr-cobbler started

virsh # net-list
Name                 State      Autostart
-----------------------------------------
default              active     yes
virbr-cluster1       active     yes
virbr-cobbler        active     no
virbr-iscsi          active     yes
virbr-rac            active     yes
virbr-sat4           active     yes
virbr-sat5           active     yes

virsh # net-autostart virbr-cobbler
Network virbr-cobbler marked as autostarted

Packages

• mount the install dvd and copy the contents to /var/repos/rhel6_x86-64/
• ssh + scp

[root@cobbler Packages]# rpm -ivh libedit-2.11-4.20080712cvs.1.el6.x86_64.rpm
warning: libedit-2.11-4.20080712cvs.1.el6.x86_64.rpm: Header V3 RSA/SHA256 Signature, key ID fd431d51: NOKEY
Preparing...                ########################################### [100%]
   1:libedit                ########################################### [100%]
[root@cobbler Packages]# rpm -ivh openssh-clients-5.3p1-20.el6.x86_64.rpm
warning: openssh-clients-5.3p1-20.el6.x86_64.rpm: Header V3 RSA/SHA256 Signature, key ID fd431d51: NOKEY
Preparing...                ########################################### [100%]
   1:openssh-clients        ########################################### [100%]

• httpd

[root@cobbler Packages]# rpm -ivh apr-1.3.9-3.el6.x86_64.rpm
warning: apr-1.3.9-3.el6.x86_64.rpm: Header V3 RSA/SHA256 Signature, key ID fd431d51: NOKEY
Preparing...                ########################################### [100%]
   1:apr                    ########################################### [100%]
[root@cobbler Packages]# rpm -ivh apr-util-1.3.9-3.el6.x86_64.rpm
warning: apr-util-1.3.9-3.el6.x86_64.rpm: Header V3 RSA/SHA256 Signature, key ID fd431d51: NOKEY
Preparing...                ########################################### [100%]
   1:apr-util               ########################################### [100%]
[root@cobbler Packages]# rpm -ivh apr-util-ldap-1.3.9-3.el6.x86_64.rpm
warning: apr-util-ldap-1.3.9-3.el6.x86_64.rpm: Header V3 RSA/SHA256 Signature, key ID fd431d51: NOKEY
Preparing...                ########################################### [100%]
   1:apr-util-ldap          ########################################### [100%]
[root@cobbler Packages]# rpm -ivh httpd-tools-2.2.15-5.el6.x86_64.rpm
warning: httpd-tools-2.2.15-5.el6.x86_64.rpm: Header V3 RSA/SHA256 Signature, key ID fd431d51: NOKEY
Preparing...                ########################################### [100%]
   1:httpd-tools            ########################################### [100%]
[root@cobbler Packages]# rpm -ivh mailcap-2.1.31-1.1.el6.noarch.rpm
warning: mailcap-2.1.31-1.1.el6.noarch.rpm: Header V3 RSA/SHA256 Signature, key ID fd431d51: NOKEY
Preparing...                ########################################### [100%]
   1:mailcap                ########################################### [100%]
[root@cobbler Packages]# rpm -ivh httpd-2.2.15-5.el6.x86_64.rpm
warning: httpd-2.2.15-5.el6.x86_64.rpm: Header V3 RSA/SHA256 Signature, key ID fd431d51: NOKEY
Preparing...                ########################################### [100%]
   1:httpd                  ########################################### [100%]

• Creating repos

• ln -s /var/repos /var/www/html/repos

• service httpd start

• chkconfig httpd on

• service iptables stop

• chkconfig iptables off

• echo 192.168.2.91 cobbler.lab.net cobbler /etc/hosts

[root@cobbler ~]# cat /etc/yum.repos.d/rhel6.repo
[rhel6]
name=rhel6
baseurl=http://cobbler.lab.net/repos/rhel6_x86-64/
enabled=1
gpgcheck=0

[root@cobbler ~]# cat /etc/yum.repos.d/rhel6-HA.repo
[rhel6-HA]
name=rhel6-HA
baseurl=http://cobbler.lab.net/repos/rhel6_x86-64/HighAvailability
enabled=1
gpgcheck=0

Network

[root@cobbler ~]# cat /etc/sysconfig/network-scripts/ifcfg-eth1
DEVICE=eth1
HWADDR=52:54:00:28:58:1A
NM_CONTROLLED=no
ONBOOT=yes
BOOTPROTO=none
IPADDR=10.0.0.1
NETMASK=255.255.255.0

Cobbler

• rpm -ivh http://download.fedora.redhat.com/pub/epel/beta/6/i386/epel-release-6-5.noarch.rpm

• yum install dhcp bind-chroot cobbler

• https://fedorahosted.org/cobbler/wiki/ManageDns

• service httpd restart

• cobbler check

[root@cobbler cobbler]# cobbler check
The following are potential configuration items that you may want to fix:

1 : Must enable a selinux boolean to enable vital web services components, run: setsebool -P httpd_can_network_connect true
2 : you need to set some SELinux content rules to ensure cobbler serves content correctly in your SELinux environment, run the following: /usr/sbin/semanage fcontext -a -t public_content_t /var/lib/tftpboot/.*  /usr/sbin/semanage fcontext -a -t public_content_t /var/www/cobbler/images/.*
3 : you need to set some SELinux rules if you want to use cobbler-web (an optional package), run the following: /usr/sbin/semanage fcontext -a -t httpd_sys_content_rw_t /var/lib/cobbler/webui_sessions/.*
4 : service dhcpd is not running
5 : service named is not running
6 : some network boot-loaders are missing from /var/lib/cobbler/loaders, you may run 'cobbler get-loaders' to download them, or, if you only want to handle x86/x86_64 netbooting, you may ensure that you have installed a *recent* version of the syslinux package installed and can ignore this message entirely.  Files in this directory, should you want to support all architectures, should include pxelinux.0, menu.c32, elilo.efi, and yaboot. The 'cobbler get-loaders' command is the easiest way to resolve these requirements.
7 : change 'disable' to 'no' in /etc/xinetd.d/tftp
8 : change 'disable' to 'no' in /etc/xinetd.d/rsync
9 : debmirror package is not installed, it will be required to manage debian deployments and repositories
10 : The default password used by the sample templates for newly installed machines (default_password_crypted in /etc/cobbler/settings) is still set to 'cobbler' and should be changed, try: openssl passwd -1 -salt 'random-phrase-here' 'your-password-here' to generate new on

• setsebool -P httpd_can_network_connect true

• /usr/sbin/semanage fcontext -a -t public_content_t /var/lib/tftpboot/.* /usr/sbin/semanage fcontext -a -t public_content_t /var/www/cobbler/images/.*

• edit /etc/cobbler/dhcp.template, comment the example subnet block and add one for 10.0.0.X

• chkconfig named on; chkconfig dhcpd on; service named start; service dhcpd start

• edit /etc/xinetd.d/tftp and rsync

• cobbler get-loaders

• cobbler import –path=/mnt/dvd –name=rhel6u0 –arch=x86_64

• yum install cobbler-web

• htdigest /etc/cobbler/users.digest Cobbler cobbler

• service httpd restart; service cobblerd restart

• vim /etc/cobbler/dhcp.template

• cobbler sync

NOTES

• anamon only works with system records
• cobbler-2.0.10-1.el6.noarch has a bug in /var/lib/cobbler/kickstarts/sample.ks on line 137 which causes python exception errors if any snippets are included in the kickstart

Appendix

dhcp.template

[root@cobbler ~]# cat /etc/cobbler/dhcp.template
# ******************************************************************
# Cobbler managed dhcpd.conf file
#
# generated from cobbler dhcp.conf template ($date)
# Do NOT make changes to /etc/dhcpd.conf. Instead, make your changes
# in /etc/cobbler/dhcp.template, as /etc/dhcpd.conf will be
# overwritten.
#
# ******************************************************************

ddns-update-style interim;

allow booting;
allow bootp;

ignore client-updates;
set vendorclass = option vendor-class-identifier;

#subnet 192.168.1.0 netmask 255.255.255.0 {
#     option routers             192.168.1.5;
#     option domain-name-servers 192.168.1.1;
#     option subnet-mask         255.255.255.0;
#     range dynamic-bootp        192.168.1.100 192.168.1.254;
#     filename                   /pxelinux.0;
#     default-lease-time         21600;
#     max-lease-time             43200;
#     next-server                $next_server;
#}

subnet 10.0.0.0 netmask 255.0.0.0 {
     option routers             10.0.0.1;
     option domain-name-servers 10.0.0.1;
     option subnet-mask         255.0.0.0;
     range dynamic-bootp        10.0.0.100 10.0.0.200;
     filename                   /pxelinux.0;
     default-lease-time         21600;
     max-lease-time             43200;
     next-server                $next_server;
}

#for dhcp_tag in $dhcp_tags.keys():
    ## group could be subnet if your dhcp tags line up with your subnets
    ## or really any valid dhcpd.conf construct ... if you only use the
    ## default dhcp tag in cobbler, the group block can be deleted for a
    ## flat configuration
# group for Cobbler DHCP tag: $dhcp_tag
group {
        #for mac in $dhcp_tags[$dhcp_tag].keys():
            #set iface = $dhcp_tags[$dhcp_tag][$mac]
    host $iface.name {
        hardware ethernet $mac;
        #if $iface.ip_address:
        fixed-address $iface.ip_address;
        #end if
        #if $iface.hostname:
        option host-name $iface.hostname;
        #end if
        #if $iface.netmask:
        option subnet-mask $iface.netmask;
        #end if
        #if $iface.gateway:
        option routers $iface.gateway;
        #end if
        filename $iface.filename;
        ## Cobbler defaults to $next_server, but some users
        ## may like to use $iface.system.server for proxied setups
        next-server $next_server;
        ## next-server $iface.next_server;
    }
        #end for
}
#end for