Inserisci Infobox


Documentation, examples and use of Cobbler Linux Provisioning System

Introduction to Cobbler
Autore: lab42 - Ultimo Aggiornamento: 2009-04-16 10:11:49 - Data di creazione: 2008-09-01 14:02:57

Cobbler is a provisioning tool that glues different technologies in order to make easy to build up the components of an efficient provisioning server, perfect for mass or frequent deployment of RedHat/Centos/Fedora Linux systems.
It's done for RedHat based distributions even if it's supposed to work also for Suse and Debian.
It provides in an easy way:
- PXE server support
- DHCP server integration
- Kickstart server with templates  
- Easy yum repository management.
It's client, Koan, can install virtual machines or reinstall an existing metal system.

Official Site      
Cobbler is mainly developed by Michael DeHaan of RedHat.       
The Official site is , rpm packages for RedHat / Centos are available in the EPEL repository.      

Basic setup
yum install cobbler                            

Logic is easy:                            
1- you add / import distributions from CD or network                            
2- you add profiles and subprofiles for different kind of installations and kickstart templates                            
3- you may create systems based on existing profiles (MAC or IP addesses can be defined)                            
4- you can add Yum repositories to use with profiles                            
5- cobbler does the rest                            

1 - Import (makes a local copy of files) a distribution CD or ISO to provision with Cobbler                              
mount -t auto -o loop /data/iso/CentOS-5.1-i386-bin-DVD.iso /mnt/                              
cobbler import --mirror=/mnt/ --name=Centos5.1-i386                              
umount /mnt                              
Alternatively add a distro specifying where to find kernel and inird files (less common option).                            
cobbler distro add --name=RedHat5 --kernel=/path/to/vmlinuz--initrd=/path/to/initrd.img                            
2 - Cobbler makes 2 default profiles (normal and xen), you can add more profiles with a command like:                            
cobbler profile add --name=rhel5-base --distro=RHEL-5-i386                      

3- You can  also create specific systems using defined profiles:                            
cobbler system add --name=mailserver --profile=rhel5-base
4- Add repositories to manage with cobbler (you can automatically mirror them):                          
cobbler repo add --name=Centos-5.1-i386-CENTOSPLUS --mirror=
To refresh the local mirror and recreate repodata  type or place in cron:          
cobbler reposync

5- To apply all the configurations (stored in /var/lib/cobbler ) type cobbler sync
This updates files in:
/tftpboot  (accordind to templates in /etc/cobbler/pxe/*)  
  (if dhcp support active, according to /etc/cobbler/dhcp.template )
/var/www/cobbler (Visible via web, should not be touched, it's mantained and "cleaned" by Cobbler):  The whole content of imported distros is copied in /var/www/cobbler/ks_mirror.
External repositories file (see below) are copied in /var/www/cobbler/repo_mirror  , kickstart files are generated in /var/www/cobbler/kickstarts  and  /var/www/cobbler/kickstarts_sys

Common commands
cobbler check (verifies if there are problems with current setup)
cobbler list (lists all the cobbler elements)
cobbler report (detailed list of elements)
cobbler sync (syncronizes the configuration to dhcp/pxe and data directories)
cobbler reposync (syncronizes the configured mirrors of external repositories)

Cobbler configuration
Configurations are in /etc/cobbler/settings
Interesting parameters:  
server: '<ip_server>' (the IP of Kickstart server, commonly the cobbler server)  
next_server: '<ip_server>' (the IP of the PXE server, commonly the cobbler server)  
manage_dhcp: 1 (default is "0". Activate it if you want to manage Dhcpd with cobbler. Edit, according to your needs, the template file /etc/cobbler/dhcp.template )  
snippetsdir: /var/lib/cobbler/snippets (Add here custom snippets for kickstart templates)
A separate file is available for the configuration of modules and third party addons. In /etc/cobbler/modules.conf you can define what kind of DNS/DHCP server to want to manage and authentication and authorization logics.  

Web Interface  
Most of the options available via the cobbler command line are available via Web. Cobbler web interface can be reached at: http://yourserver/cobbler/web/ .
(Note that in versions somehow older than Cobbler 0.8 it was http://yourserver/cobbler/webui/wui.html).
You can control access to the web interface in different ways, the easiest is to set in /etc/cobbler/modules.conf something like:  
module = authn_configfile  
module = authz_allowall
these settings don't set any particular per user authorization scheme and use file based Digest authentication.
To redefine the password of the default "cobbler" user to access the web interface use the command (then restart apache and cobbler):
htdigest /etc/cobbler/users.digest "Cobbler" cobbler

Client side usage
Koan is cobbler's client:
yum install koan
koan --server= --list-profiles
(lists available profiles on the Cobbler server)
koan --server= --list-systems
(lists available systems, if any)
koan --virt --server= --profile=RHEL5-i386  --virt-name=web01 (installs a virtual guest using the indicated profile)
koan --virt --server= --profile=RHEL5-i386  --virt-name=web01 --nogfx (installs a virtual guest from a console without graphic support).

Note: Default cobbler installations set "cobbler"  as root password.

Quick Cobbler Configuration settings
Autore: lab42 - Ultimo Aggiornamento: 2009-04-16 10:38:35 - Data di creazione: 2009-04-16 08:57:15
Tipo Infobox: DESCRIPTION - Skill:

A brief overview of the configurations settings you may activate on Cobbler, according to your needs.

Cobbler's configuration settings have evolved in its various versions, introducing new features and relative parameters.
In the /etc/cobbler/settings file they are defined somehow without an apparent order and might seem more confusing than what they actually are.  
These settings are generally relative to Cobbler 1.0 and later versions, most of them actually apply also to ealier versions, others have been introduced in more recent versions and some old settings have been deprecated.  
Here we refer to production releases (evem numbers, so 0.9 is the development version of 1.0, 1.1 is devel of 1.2, 1.3 is devel of 1.4) but consider that the relevant features may have been introduced in the relative devel versions.  

Here we consider what you have to define according to what you need.  

Probably the most important and, for default behaviour, the only parameter to set it the IP of your cobbler server  

To enable web access you should edit /etc/cobbler/modules.conf and activate an authentication module.  
For a DIGEST local authentication set:  
module = authn_configfile
(Then use htdigest /etc/cobbler/users.digest "Cobbler" yourusername to set the password for yourusername )  
More info:  

If you want to manage a local DHCP server with Cobbler set:  
manage_dhcp: 1  
Other options related to DHCP:  
restart_dhcp: 1  
next_server: # PXE server address (generally the Cobbler server)  
dhcpd_bin: /usr/sbin/dhcpd  
dhcpd_conf: /etc/dhcpd.conf  
dnsmasq_bin: /usr/sbin/dnsmasq  
dnsmasq_conf: /etc/dnsmasq.conf
In /etc/cobbler/modules.conf you decide which DHCP program to use (isc or dnsmasq):  
module = manage_isc
More info:  

If you want to manage a local DNS server with Cobbler set:  
manage_dns: 1  
Other options related to DNS;  
restart_dns: 1  
bind_bin: /usr/sbin/named  
manage_forward_zones: []  
manage_reverse_zones: []
In /etc/cobbler/modules.conf you define which DNS program to use (bind or dnsmasq):  
module = manage_bind
More info:  

Settings applied to the installed hosts  
The root's password (default: "cobbler"):  
default_password_crypted: "$1$mF86/UHC$WvcIcX2t6crBz2onWxyac."  
Default DNS servers set on installed hosts (useless in DHCP environment):  
default_name_servers: [ ]  
If you want to configure on the installed host the yum repo used during installation, set:  
yum_post_install_mirror: 1  

Define Cobbler behaviour for installed systems: Set the following parameters to 1 if you plan to reinstall the same servers, otherwise leave them to 0:  
allow_duplicate_hostnames: 0 # (Version 1.4)  
allow_duplicate_ips: 0  
allow_duplicate_macs: 0

Default kernel options when kickstarting (can be overriden):  
    ksdevice: eth0  
    lang: ' '  
    text: ~
To enable syslogging of kickstart operations to the cobbler server, add something like:   
    syslog: ''

Default settings for virt installations (can be overriden):  
default_virt_bridge: xenbr0  
default_virt_type: xenpv  
default_virt_file_size: 5  
default_virt_ram: 512

PXE related settings:  
enable_menu: 1 # (Version 1.2)  
pxe_just_once: 0  
pxe_template_dir: "/etc/cobbler/pxe"  
tftpd_bin: /usr/sbin/in.tftpd  
tftpd_conf: /etc/xinetd.d/tftp

Settings related to Cobbler server internals:  
xmlrpc_port: 25151  
register_new_installs: 0  
run_install_triggers: 1  
snippetsdir: /var/lib/cobbler/snippets

yumreposync_flags: "-l" # (Version 1.2)
yumdownloader_flags: "--resolve"

If you enable the authn_ldap module for Web authentication, here you define your LDAP settings:  
ldap_server: ""  
ldap_base_dn: "DC=example,DC=com"  
ldap_port: 389  
ldap_tls: 1  
ldap_anonymous_bind: 1  
ldap_search_bind_dn: ''  
ldap_search_passwd: ''  
ldap_search_prefix: 'uid='

(Version 1.6) To enable auto-tracking via a scm of changes in /var/lib/cobbler set:  
scm_track_enabled: 1  
You can define which scm to use with:  
scm_track_mode: "git"  

(Version 1.4) To enable func installation and configuration on installed hosts set:  
func_auto_setup: 1  
You should then define you func master:  
More info:  

(Version 1.4) Integration with Configuration management systems (such as Puppet)  
More info:  
mgmt_classes: []  
   from_cobbler: 1

(Version 1.4) Power management settings:  
More info:  
power_management_default_type: 'ipmitool'  
power_template_dir: "/etc/cobbler/power"

(Version 1.6) To enable the sending of a report email after an installation set:  
build_reporting_enabled: 1  
Mail content is based on /etc/cobbler/reporting/build_report_email.template, other related options:  
build_reporting_sender: ""  
build_reporting_email: [ '[email protected]' ]  
build_reporting_smtp_server: "localhost"  
build_reporting_subject: ""

Settings to integrate Cobbler with RHN or Spacewalk  
More info:  
redhat_management_type: "off"  
redhat_management_server: ""  
redhat_management_key: ""  
redhat_management_permissive: 0

(Version 1.6) If you want to record installations log on the cobbler server's /var/log/cobbler/anamon directory (the kickstart templates must have the pre_anamon snippet ) set:  
anamon_enabled: 1

Cobbler directories and files
Autore: lab42 - Ultimo Aggiornamento: 2009-04-16 10:16:37 - Data di creazione: 2008-09-03 19:24:18
Tipo Infobox: TIPS - Skill: 5- SENIOR

At first sight Cobbler logic about configuration and data files can be confusing.
Let's explore the most important locations of Cobbler world.
What's reported here applies to version 1.x, should work also for future versions and mostly works also for earlier versions, even if Cobbler developers have introduced not irrelevant changes in some files locations.

Configuration Files in /etc/cobbler    
Configuration related items are placed in /etc/cobbler    
Here you find the main configuration file: /etc/cobbler/settings (note that this applies since version 1.x, earlier it was in an ankward /var/lib/cobbler/settings - consider this when upgrading).    
In /etc/cobbler you find also the various default templaces for dhcp, dns, pxe, dnsmasq configuration.
In this directory you find also /etc/cobbler/users.digest where are defined the usernames and passwords for web access, /etc/cobbler/modules.conf for some modules settings (edit this to enable web access) and /etc/cobbler/users.conf for more fine grained settings of users authorizations logics.

Repo data in /var/www/cobbler    
The distros imported, the repos mirrored, the generated repo and kickstart files are all placed in  /var/www/cobbler . Be sure to have enough disk space available under this directory and consider it as something that shouldn't be touched by hand, as most of its parts are regenerated when you type cobbler sync or updated you type cobbler import or cobbler reposync.  
The contents of this directory are browsable at the address: here you find these directories:  
images/ - Kernel and initrd images of all the imported distros for network bootstrap.  
ks_mirror/ - The mirrors of all the imported distros  
repo_mirror/ - The mirrors of all the defined repos   

Logs in /var/log/cobbler  
Cobbler main log is /var/log/cobbler/cobbler.log    
If it's enabled a syslog server for kickstarts in /var/log/cobbler/syslog you find all the installation messages of your systems.    

Cobbler data in /var/lib/cobbler  
All the configurations you make with Cobbler about profiles, systems, distros and so on are placed in this directory. Backup it and you have your cobbler data safe (excluded the mirrors of distros and repos in /var/www/cobbler).  
More precisely you find here:  
configs/ - A directory where info about distros, repos, systems and profiles are saved  
backup/ - A directory where the above files are automatically copied  
snippets/  - A directory where you can place snippets to import in your kickstarts  
triggers/  - A directory where you can place scripts to be executed as triggers on certain operations
kickstarts/  - A directory where there are the kickstart templates (previously in /etc/cobbler)

Using Cobbler Web Interface
Autore: lab42 - Ultimo Aggiornamento: 2009-04-16 10:18:02 - Data di creazione: 2008-09-03 18:57:04
Tipo Infobox: TIPS - Skill:

Cobbler Web Interface is a good frontend to easily manage most Cobbler operations. It permits to list, add and edit distros, profiles, subprofiles, systems, repos and kickstart files.  
The setup of the WebUI has changed since version 0.7.x, what follows refers to the "new" way of set up, working from version > 0.7.x.

The Web  Interface can be seen at the address: http://your.cobbler.server/cobbler/web  

You need Apache and Cobbler services running.  

You need to setup a username for accessing it (digest authentication).  
You can change the password for the existing cobbler user:  
htdigest /etc/cobbler/users.digest "Cobbler" cobbler  
Or you can add other usernames/passwords:  
htdigest /etc/cobbler/users.digest "Cobbler" yourname  

Be sure to have in /etc/cobbler/modules the following values:  
module = authn_configfile  
module = authz_allowall

For old Cobbler pre 1.0  versions be sure to have in /etc/cobbler/settings the following values:  
xmlrpc_rw_enabled: 1  
xmlrpc_rw_port: 25152

Restart cobbler service in you changed any of the above settings:
service cobblerd restart

For debugging check these logs:

More complex setups are possible for managing authorization and authentication policies, refer to official documentation for details.

Setting up Cobbler for Centos 5
Autore: lab42 - Ultimo Aggiornamento: 2009-03-27 13:09:38 - Data di creazione: 2008-09-01 14:06:56
Tipo Infobox: TIPS - Skill: 4- ADVANCED

Here follows an example of a Cobbler setup for provisioning Centos 5 with x86 architecture, using the most known extra repositories and some sample public mirror.
The same procedure can be easily adapted to other Centos versions or architectures, changing the specified urls and arch options.
You need at least 5Gb of space in /var/www/cobbler for importing the official DVD and not less that 30Gb of space for mirroring the additional repositories.

1 - Initial import from a Centos DVD. Place the DVD in your CD drive:
mount -t auto /dev/hdc /media/cdrom (if not autmounted)
cobbler import --mirror=/media/cdrom --name=Centos5 --arch=x86

If you have an ISO, you can import directly from it:
mount -t auto -o loop  /path/to/file.iso /mnt/
cobbler import --mirror=/mnt --name=Centos5 --arch=x86
umount /mnt

After this import, that can last some minutes, the iso or DVD is no longer necessary for cobbler: all its files are copied.

2-  Sync and show what has been done: you should  hve 2 distros and 2 profiles for normal and xen Centos provisioning.
cobbler sync
cobbler list
distro Centos5-x86
     profile Centos5-x86
distro Centos5-xen-x86
     profile Centos5-xen-x86

3- Add extra repositories from sample mirrors (find a list of official mirrors on Centos site)
cobbler repo add --name=Centos5-UPDATES --mirror= --priority=40 --createrepo-flags="-c cache" --arch=x86
cobbler repo add --name=Centos5-CENTOSPLUS --mirror= --priority=40 --createrepo-flags="-c cache" --arch=x86
cobbler repo add --name=Centos5-EXTRAS --mirror= --priority=40 --createrepo-flags="-c cache" --arch=x86
cobbler repo add --name=Centos5-EPEL --mirror= --priority=50 --createrepo-flags="-c cache"
RPMFORGE (Dag and Others):
cobbler repo add --name=Centos5-RPMFORGE --mirror= --priority=90 --createrepo-flags="-c cache"
Note that EPEL and RPMFORGE may have problems when used at the same time. The use of priorities should solve most of them. If you want to use both, decide which one has to be selected first (lower priority) in case of conflicting packages.

4- Mirror your mirrors
cobbler sync (syncs the newly added repos)
cobbler reposync (makes a local mirror or the defined mirrors, requires Internet connection and may take a lot of time, especially at the first run).
It's a good practice to make a daily cron run of "cobbler reposync" in order to have your mirrors automatically updated.

Autore: lab42 - Ultimo Aggiornamento: 2009-04-16 10:20:24 - Data di creazione: 2008-09-01 20:19:29
Tipo Infobox: PATH - Skill:

A sample Cobbler configuration file with the following features:
- Managing of DHCP
- Managing of PXE
- Web interface enabled
- Syslogging of installations

Refer to cobbler default settings file for documentation on the various options.
Here is a compact view of it. Note that it applies to Cobbler version 1.0 or earlier, in more recent versions new configuration settings have been introduced and others have been deprecated.

allow_duplicate_macs: 0  
allow_duplicate_ips: 0  
    ia64: /var/lib/cobbler/elilo-3.6-ia64.efi  
    standard: /usr/lib/syslinux/pxelinux.0  

default_kickstart: /etc/cobbler/default.ks  
default_virt_bridge: xenbr0  

# Default Virt type  Values: xenpv, xenfv, qemu, vmware  
default_virt_type: xenpv  
# use this as the default disk size for virt guests (GB)  
default_virt_file_size: 5  
# use this as the default memory size for virt guests (MB)  
default_virt_ram: 512  

default_ownership: "admin"  

httpd_bin: /usr/sbin/httpd  
http_port: 80  

# kernel options that should be present in every cobbler installation.  Note the syslog line, define it if you want to syslog kickstart logs
    ksdevice: eth0  
    lang: ' '  
    syslog: ''  
    text: ~  

ldap_server: ""  
ldap_base_dn: "DC=example,DC=com"  
ldap_port: 389  
ldap_tls: 1  
ldap_anonymous_bind: 1  
ldap_search_bind_dn: ''  
ldap_search_passwd: ''  
ldap_search_prefix: 'uid='  

# ISC DHCP is managed
manage_dhcp: 1  
manage_dhcp_mode: isc  
restart_dhcp: 1

dhcpd_bin: /usr/sbin/dhcpd  
dhcpd_conf: /etc/dhcpd.conf
dnsmasq_bin: /usr/sbin/dnsmasq  
dnsmasq_conf: /etc/dnsmasq.conf
omapi_enabled: 0  
omapi_port: 647  
omshell_bin: /usr/bin/omshell
# DNS in not managed
manage_dns: 0  
manage_forward_zones: []  
manage_reverse_zones: []  
restart_dns: 1  
bind_bin: /usr/sbin/named
# Ip of the cobbler server with TFTP enabled for PXE boot
next_server: ''  

pxe_just_once: 0  
register_new_installs: 0  
run_install_triggers: 1  
snippetsdir: /var/lib/cobbler/snippets  
  # Ip of Cobbler server
server: ''  
syslog_port: 25150  
yum_post_install_mirror: 1  
yumdownloader_flags: "--resolve"

#tftpboot: /tftpboot  
tftpd_bin: /usr/sbin/in.tftpd  
tftpd_conf: /etc/xinetd.d/tftp  

webdir: /var/www/cobbler  

# Enables Web Management interface (note that additional steps are necessary for WebUI setup
xmlrpc_rw_enabled: 1  
xmlrpc_rw_port: 25152  
xmlrpc_port: 25151

Cobbler template files
Autore: lab42 - Ultimo Aggiornamento: 2009-03-27 13:22:59 - Data di creazione: 2008-09-01 20:24:13
Tipo Infobox: PATH - Skill: 5- SENIOR

Cobbler provides template files for dhcp/pxe/bind/dnsmasq configuration.
If you decide to manage there relevant services via cobbler, their configuration files are based on these templates that can be customized according to own needs.
Note that Cobbler overwrites and updates these configuration files if is configured to do that (for dhcp/dns/dnsmasq) every time you type cobbler sync.

It's the main template file for PXE menu. Here you can change the PXE menus shown at boot time.  
This template replaces /tftpboot/pxelinus.cfg/default when cobbler sync is run.  
Important settings are:  
TIMEOUT: Idle Timeout. After this time PXE goes on with what is defined in ONTIMEOUT  
MENU TITLE: Just a string written at the beginning of the PXE menu  
DEFAULT: Default behaviour at PXE boot. Can be menu, to show the menu, the name of a label, to install what is defined in the label, local, to go on with a normal boot from local media.  
PROMPT: If set to 1 a simple prompt is shown.  
In the template $pxe_menu_items is replaced by all the systems and profiles configured in cobbler.    

LABEL local
MENU LABEL (local)


MENU end

The layout of the snippets of text to be inserted as single labels for a profile in place of    $pxe_menu_items in pxedefault.template
LABEL $profile_name
kernel $kernel_path

The layout of the snippets of text to be inserted as single labels for a system in place of $pxe_menu_items in pxedefault.template
default linux
prompt 0
timeout 1
label linux
kernel $kernel_path

Template for ISC dhcp configuration file. Here you can define custom settings for your network and leave cobbler automatically populate host definitions in $insert_cobbler_system_definitions for defined systems (Mac address of the system is necessary here).  
ISC dhcp config file is managed (overwritten) by Cobbler according to this template if you define  manage_dhcp: 1 and manage_dhcp_mode=isc  in /etc/cobbler/settings .  

# generated from cobbler dhcp.conf template ($date)    
ddns-update-style interim;    
ignore client-updates;    
allow booting;    
allow bootp;
#if $omapi_enabled
omapi-port $omapi_port;
#end if
ignore client-updates;    
set vendorclass = option vendor-class-identifier;    
subnet netmask {    
     option routers;    
     option domain-name-servers;    
     option domain-name      "";    
     option subnet-mask;    
     range dynamic-bootp;    
     filename                "/pxelinux.0";    
     default-lease-time      21600;    
     max-lease-time          43200;    
     server-name             "start";    
     next-server             $next_server;    

[ ... ]  
Template for dnsmasq configuration file.  
Dnsmasq config file is managed (overwritten) by Cobbler according to this template if you define  manage_dhcp: 1 and manage_dhcp_mode=dnsmasq  in /etc/cobbler/settings .
# Cobbler generated configuration file for dnsmasq
# $date

# resolve.conf .. ?
addn-hosts = /var/lib/cobbler/cobbler_hosts



Template for bind's named.conf .
It's overwritten by Cobbler if you define  manage_dns: 1 in /etc/cobbler/settings .

options {
listen-on port 53 {; };
directory       "/var/named";
dump-file       "/var/named/data/cache_dump.db";
statistics-file "/var/named/data/named_stats.txt";
memstatistics-file "/var/named/data/named_mem_stats.txt";
allow-query     { localhost; };
recursion yes;

logging {
channel default_debug {
file "data/";
severity dynamic;

[ ... ]

Privacy Policy