Fix Cobbler configuration

Ok still in cobbler, now I will explain how to fix the configuration.
[root@lb-1 ~]# cobbler check
The following are potential configuration items that you may want to fix:

1 : The 'server' field in /etc/cobbler/settings must be set to something other than localhost, or kickstarting features will not work.  This should be a resolvable hostname or IP for the boot server as reachable by all machines that will use it.
2 : For PXE to be functional, the 'next_server' field in /etc/cobbler/settings must be set to something other than 127.0.0.1, and should match the IP of the boot server on the PXE network.
3 : SELinux is enabled. Please review the following wiki page for details on ensuring cobbler works correctly in your SELinux environment:
    https://github.com/cobbler/cobbler/wiki/Selinux
4 : some network boot-loaders are missing from /var/lib/cobbler/loaders, you may run 'cobbler get-loaders' to download them, or, if you only want to handle x86/x86_64 netbooting, you may ensure that you have installed a *recent* version of the syslinux package installed and can ignore this message entirely.  Files in this directory, should you want to support all architectures, should include pxelinux.0, menu.c32, elilo.efi, and yaboot. The 'cobbler get-loaders' command is the easiest way to resolve these requirements.
5 : change 'disable' to 'no' in /etc/xinetd.d/rsync
6 : since iptables may be running, ensure 69, 80/443, and 25151 are unblocked
7 : debmirror package is not installed, it will be required to manage debian deployments and repositories
8 : ksvalidator was not found, install pykickstart
9 : The default password used by the sample templates for newly installed machines (default_password_crypted in /etc/cobbler/settings) is still set to 'cobbler' and should be changed, try: "openssl passwd -1 -salt 'random-phrase-here' 'your-password-here'" to generate new one

Restart cobblerd and then run 'cobbler sync' to apply changes.

1 : The 'server' field in /etc/cobbler/settings must be set to something other than localhost, or kickstarting features will not work. This should be a resolvable hostname or IP for the boot server as reachable by all machines that will use it.
[root@lb-1 ~]# cat /etc/hosts
# Do not remove the following line, or various programs
# that require network functionality will fail.
127.0.0.1  localhost.localdomain localhost
::1  localhost6.localdomain6 localhost6
172.16.90.128 lb-1.fazries.com lb-1

[root@lb-1 ~]# vi /etc/cobbler/settings 

# this is the address of the cobbler server -- as it is used
# by systems during the install process, it must be the address
# or hostname of the system as those systems can see the server.
# if you have a server that appears differently to different subnets
# (dual homed, etc), you need to read the --server-override section
# of the manpage for how that works.
#server: 127.0.0.1
server: 172.16.129.128

2 : For PXE to be functional, the 'next_server' field in /etc/cobbler/settings must be set to something other than 127.0.0.1, and should match the IP of the boot server on the PXE network.
# if using cobbler with manage_dhcp, put the IP address
# of the cobbler server here so that PXE booting guests can find it
# if you do not set this correctly, this will be manifested in TFTP open timeouts.
#next_server: 127.0.0.1
next_server: 172.16.129.128

3 : SELinux is enabled. Please review the following wiki page for details on ensuring cobbler works correctly in your SELinux environment: https://github.com/cobbler/cobbler/wiki/Selinux
[root@lb-1 ~]# setsebool -P httpd_can_network_connect true

4 : some network boot-loaders are missing from /var/lib/cobbler/loaders, you may run 'cobbler get-loaders' to download them, or, if you only want to handle x86/x86_64 netbooting, you may ensure that you have installed a *recent* version of the syslinux package installed and can ignore this message entirely. Files in this directory, should you want to support all architectures, should include pxelinux.0, menu.c32, elilo.efi, and yaboot. The 'cobbler get-loaders' command is the easiest way to resolve these requirements.
[root@lb-1 ~]# cobbler get-loaders
task started: 2012-09-20_060150_get_loaders
task started (id=Download Bootloader Content, time=Thu Sep 20 06:01:50 2012)
downloading http://dgoodwin.fedorapeople.org/loaders/README to /var/lib/cobbler/loaders/README
downloading http://dgoodwin.fedorapeople.org/loaders/COPYING.elilo to /var/lib/cobbler/loaders/COPYING.elilo
downloading http://dgoodwin.fedorapeople.org/loaders/COPYING.yaboot to /var/lib/cobbler/loaders/COPYING.yaboot
downloading http://dgoodwin.fedorapeople.org/loaders/COPYING.syslinux to /var/lib/cobbler/loaders/COPYING.syslinux
downloading http://dgoodwin.fedorapeople.org/loaders/elilo-3.8-ia64.efi to /var/lib/cobbler/loaders/elilo-ia64.efi
downloading http://dgoodwin.fedorapeople.org/loaders/yaboot-1.3.14-12 to /var/lib/cobbler/loaders/yaboot
downloading http://dgoodwin.fedorapeople.org/loaders/pxelinux.0-3.61 to /var/lib/cobbler/loaders/pxelinux.0
downloading http://dgoodwin.fedorapeople.org/loaders/menu.c32-3.61 to /var/lib/cobbler/loaders/menu.c32
downloading http://dgoodwin.fedorapeople.org/loaders/grub-0.97-x86.efi to /var/lib/cobbler/loaders/grub-x86.efi
downloading http://dgoodwin.fedorapeople.org/loaders/grub-0.97-x86_64.efi to /var/lib/cobbler/loaders/grub-x86_64.efi
*** TASK COMPLETE ***

5 : change 'disable' to 'no' in /etc/xinetd.d/rsync
[root@lb-1 ~]# vi /etc/xinetd.d/rsync

# default: off
# description: The rsync server is a good addition to an ftp server, as it \
#       allows crc checksumming etc.
service rsync
{
        disable = no
        socket_type     = stream
        wait            = no
        user            = root
        server          = /usr/bin/rsync
        server_args     = --daemon
        log_on_failure  += USERID
}

6 : since iptables may be running, ensure 69, 80/443, and 25151 are unblocked
[root@lb-1 ~]# iptables -I INPUT -p tcp -m multiport --dports 69,80,443,25151 -j ACCEPT

8 : ksvalidator was not found, install pykickstart
[root@lb-1 ~]# yum install pykickstart
Loaded plugins: fastestmirror, security
Loading mirror speeds from cached hostfile
 * base: mirror.optus.net
 * epel: ftp.riken.jp
 * extras: mirror.optus.net
 * updates: mirror.optus.net
base                                                                                                                                  | 1.1 kB     00:00     
epel                                                                                                                                  | 3.7 kB     00:00     
extras                                                                                                                                | 2.1 kB     00:00     
updates                                                                                                                               | 1.9 kB     00:00     
Setting up Install Process
Resolving Dependencies
--> Running transaction check
---> Package pykickstart.noarch 0:0.43.9-1.el5 set to be updated
--> Finished Dependency Resolution

Dependencies Resolved

=============================================================================================================================================================
 Package                                 Arch                               Version                                   Repository                        Size
=============================================================================================================================================================
Installing:
 pykickstart                             noarch                             0.43.9-1.el5                              base                             129 k

Transaction Summary
=============================================================================================================================================================
Install       1 Package(s)
Upgrade       0 Package(s)

Total download size: 129 k
Is this ok [y/N]: y
Downloading Packages:
pykickstart-0.43.9-1.el5.noarch.rpm                                                                                                   | 129 kB     00:02     
Running rpm_check_debug
Running Transaction Test
Finished Transaction Test
Transaction Test Succeeded
Running Transaction
  Installing     : pykickstart                                                                                                                           1/1 

Installed:
  pykickstart.noarch 0:0.43.9-1.el5                                                                                                                          

Complete!

9 : The default password used by the sample templates for newly installed machines (default_password_crypted in /etc/cobbler/settings) is still set to 'cobbler' and should be changed, try: "openssl passwd -1 -salt 'random-phrase-here' 'your-password-here'" to generate new one
[root@lb-1 ~]# openssl passwd -1 salt fazrie123 admin123
$1$2N2OndWN$xVh/uGUgPwJStFT0tzwhQ.
$1$MNBFknbm$4FbTKGNZR4oAZqF40Sks4.
$1$RcEnFPPR$wOdIo55IlPfDFDCWJ9X0i/

[root@lb-1 ~]# vi /etc/cobbler/settings 

# cobbler has various sample kickstart templates stored
# in /var/lib/cobbler/kickstarts/.  This controls
# what install (root) password is set up for those
# systems that reference this variable.  The factory
# default is "cobbler" and cobbler check will warn if
# this is not changed.
# The simplest way to change the password is to run
# openssl passwd -1
# and put the output between the "" below.
#default_password_crypted: "$1$mF86/UHC$WvcIcX2t6crBz2onWxyac."
default_password_crypted: "$1$2N2OndWN$xVh/uGUgPwJStFT0tzwhQ.
$1$MNBFknbm$4FbTKGNZR4oAZqF40Sks4.
$1$RcEnFPPR$wOdIo55IlPfDFDCWJ9X0i/"

Restart the service
[root@lb-1 ~]# /etc/init.d/cobblerd restart
Stopping cobbler daemon:                                   [  OK  ]
Starting cobbler daemon:                                   [  OK  ]

Do a cobbler check
[root@lb-1 ~]# cobbler check
The following are potential configuration items that you may want to fix:

1 : SELinux is enabled. Please review the following wiki page for details on ensuring cobbler works correctly in your SELinux environment:
    https://github.com/cobbler/cobbler/wiki/Selinux
2 : since iptables may be running, ensure 69, 80/443, and 25151 are unblocked
3 : debmirror package is not installed, it will be required to manage debian deployments and repositories

Restart cobblerd and then run 'cobbler sync' to apply changes.

Run cobbler sync
[root@lb-1 ~]# cobbler sync
task started: 2012-09-20_061647_sync
task started (id=Sync, time=Thu Sep 20 06:16:47 2012)
running pre-sync triggers
cleaning trees
mkdir: /tftpboot/pxelinux.cfg
mkdir: /tftpboot/grub
mkdir: /tftpboot/s390x
mkdir: /tftpboot/ppc
mkdir: /tftpboot/etc
removing: /tftpboot/grub/images
copying bootloaders
copying: /var/lib/cobbler/loaders/pxelinux.0 -> /tftpboot/pxelinux.0
copying: /var/lib/cobbler/loaders/menu.c32 -> /tftpboot/menu.c32
copying: /var/lib/cobbler/loaders/yaboot -> /tftpboot/yaboot
copying: /usr/lib/syslinux/memdisk -> /tftpboot/memdisk
copying: /var/lib/cobbler/loaders/grub-x86_64.efi -> /tftpboot/grub/grub-x86_64.efi
copying: /var/lib/cobbler/loaders/grub-x86.efi -> /tftpboot/grub/grub-x86.efi
copying distros to tftpboot
copying images
generating PXE configuration files
generating PXE menu structure
rendering TFTPD files
generating /etc/xinetd.d/tftp
cleaning link caches
running post-sync triggers
running python triggers from /var/lib/cobbler/triggers/sync/post/*
running python trigger cobbler.modules.sync_post_restart_services
running shell triggers from /var/lib/cobbler/triggers/sync/post/*
running python triggers from /var/lib/cobbler/triggers/change/*
running python trigger cobbler.modules.scm_track
running shell triggers from /var/lib/cobbler/triggers/change/*
*** TASK COMPLETE ***

Comments

  1. Can't install the cobbler-loaders . Here is the error.

    [root@spvsw001 xinetd.d]# yum install cobbler-loaders
    Loaded plugins: fastestmirror, langpacks, product-id, search-disabled-repos, subscription-manager
    This system is registered with an entitlement server, but is not receiving updates. You can use subscription-manager to assign subscriptions.
    Loading mirror speeds from cached hostfile
    * base: mirror.cc.columbia.edu
    * extras: mirror.sesp.northwestern.edu
    * updates: bay.uchicago.edu
    Resolving Dependencies
    --> Running transaction check
    ---> Package cobbler-loaders.noarch 0:1.0.3-1.el7 will be installed
    --> Finished Dependency Resolution

    Dependencies Resolved

    =====================================================================================================================
    Package Arch Version Repository Size
    =====================================================================================================================
    Installing:
    cobbler-loaders noarch 1.0.3-1.el7 spacewalk 383 k

    Transaction Summary
    =====================================================================================================================
    Install 1 Package

    Total size: 383 k
    Installed size: 1.4 M
    Is this ok [y/d/N]: y
    Downloading packages:
    Running transaction check
    Running transaction test


    Transaction check error:
    file /var/lib/cobbler/loaders from install of cobbler-loaders-1.0.3-1.el7.noarch conflicts with file from package cobbler20-2.0.11-63.el7.noarch

    Error Summary
    -------------

    [root@spvsw001 xinetd.d]#

    ReplyDelete
  2. Hi, it seem you have a conflict packages.

    ReplyDelete

Post a Comment

Popular posts from this blog

authentication failure using SSH pam_unix(sshd:auth): authentication failure;

Howto configure SPLUNK Universal Forwarder

openvpn howto make OCSP server using OpenSSL [Part2]