Ease Linux Deployments With Cobbler
As soon as you start administering more than a couple of Linux machines you become aware of two things: You need to be able to reinstall machines quickly and easily, and you need to be able to customize the load of each machine without starting from scratch.
The first requirement — repeatability — comes into play with hardware or software upgrades and disaster recovery. The second — customization — allows you to take a load you have worked up and revise it to deploy a Web server or mail server with appropriate disk layout, initial packages, etc. The kickstart tool set is widely supported by a number of Linux distributions including Red Hat and its derivatives and, more recently, Ubuntu. Previously there was not a commonly used system to manage this installation environment and most sysadmins relied on homebrew scripts. Cobbler is a new project from Red Hat that aims to provide turnkey support for provisioning kickstart installs and setting up the needed services to load your systems.
Cobbler supports new installations — both physical and virtual — and reinstalls of existing systems. Cobbler’s main use is to provide a network booting environment via PXE, but for reinstalls and virtual machines a client-side program called Koan helps out. If you are reinstalling a system, grub will be configured to boot the installation environment. If you are creating a virtual machine, Koan will configure and start the new instance. Koan can create Xen, KVM, and VMWare images, and you don’t need to worry about the details or differences between them. Cobbler includes both a Web GUI and a command line client to manipulate resources such as systems and profiles.
So, what does it take to get started? First, you import a distro from installation media, which can currently be a rsync server or a local directory (most likely a mounted ISO image). The import command will copy all of the RPMs to your Web root and the install kernel and ramdisk image to the tftpboot directory. Yum configuration files to be used both during the install and for updating are generated and a Cobbler profile is created. Your next step is to create a system resource, providing MAC address, hostname, and network configuration. At this point you would be able to kickstart your first client and you should have only spent about 10 minutes setting things up. This will give you the instant gratification we all look for from new tools, but much more is possible.
One of the many tasks facing a sysadmin setting up a PXE network install environment is managing the required services such as tftp and DHCP. If you have a small network, you can rely on Cobbler to maintain your DHCP environment with either ISC DHCP or dnsmasq, but most users needing a provisioning server of this caliber will just use it for an installation network and continue to use their existing infrastructure for their production network. Either of these tools will generate the DHCP server configuration with static addresses and provide the needed information for PXE booting. Cobbler will also link the proper kernel and ramdisk image per system in the tftpboot directory.
If you work in an environment where you are limited by not being able to run your own PXE/DHCP infrastructure, you can still use cobbler for benefit. Cobbler has two options for building ISO images for boot CDs. The live CD is a bit tougher to make, since you still need to checkout the development version of koan to get the script, but it provides the ability to install a custom system just like you can with PXE. Basically the live CD is just providing you with a Linux environment where you can run the koan
--replace-self command. The other option, informally called the dead CD is created on the cobbler server with the buildiso command. This CD has copies of all the kernels and ramdisk images for your distros and only allows you to install a generic profile build without the benefit of per-system customization.
Much of the power of Cobbler comes from its kickstart templating system and the use of triggers and snippets. When performing actions such as adding, deleting, and installing resources, or whenever a cobbler sync is performed, triggers are activated. A trigger is a script tied to any of these actions and can be executed either before or after. The default cobbler install uses a trigger to restart needed services such as DHCP. We have used triggers to generate SSH keys and SSL certificates for each newly added system. These scripts can be written in any language but if you want to interact with the cobbler resources directly, you will need to use the python API. Snippets are reusable blocks of code that you can include in a kickstart file. This has the advantage of making each main kickstart template smaller and more manageable and allows you to include common functionality in different templates with out having to maintain it in multiple places. We use a number of snippets for tasks such as installing some environment specific symlinks and certificates. Using this templating system your actual kickstart files are very small and it is quite easy to adapt to a new distro or version changing the few specific lines.
Using Cobbler in our environment has replaced a large number of custom scripts we hacked together over previous years and has reduced the workload of loading new machines to almost zero. We have greatly increased our use of virtual machines for testing, now that we can automatically load them in about 5 minutes by running a single command. Newer versions of RedHat and Fedora have support for yum repositories during install, so we include the updates repository in the kickstart configuration. This saves a lot of time since the machine will already have the newest version of all packages after the install completes and we don’t have to run a lengthy ‘yum update’ in the post install. There is a lot of great documentation and sample snippets and triggers on the wiki and there is an active mailing list and irc channel, so you shouldn’t have any trouble getting up and running. Cobbler has been the best new tool discovery for us in quite some time and I hope that you give it a try.