cobbler的安装配置（坑多，行人请闪避~~）（修订版）

                cobbler的安装配置（坑多，行人请闪避！！~~）

如果没有记错的话，cobbler又称为修补匠、修鞋匠，据说，cobbler将网克技术降低到了初中生的水平（完全放p，好多的坑初中生跳进去人就找不见了好吧）。目前来说，主流的网刻也就cobbler和pxe+kickstart和onekeysrv这么三种技术路线，onekeysrv是Windows平台下的工具，不在Linux的讨论范围，pxe+kickstar相比cobbler是复杂一些，但效果是最好的一种方式，cobbler应该算是中等水平的一个工具。

以上工具一般使用在校园机房系统快速安装（对于系统的分区，文件系统类型等等方面要求比较低，因此可以满足需求）。

今天这个cobbler使用的实验是在虚拟机上做的，也就是搭建一个cobbler服务器，通过这个服务器给局域网内其他的没有安装系统的机器快速安装一个centos7系统。其中使用到的技术有tftp，httpd共享文件，kickstart自动应答，DHCP动态IP，rsync同步文件这些技术（重点说一下，仍然是基于网卡远程唤醒的pxe，也就是说该项目需要网卡和主板pxe功能的支持）。

当然了，在局域网的物理机上不仅需要网卡和主板的支持（pxe功能），还需要在自动安装前设置启动顺序为网卡，这一点切记！！！！~~~

环境准备：

cobbler的服务器：

192.168.0.19，centos7版本，仓库为阿里云和阿里的epel源，虚拟机自带光驱。

开始安装cobbler服务器：

1，#添加aliyun Base仓库及epel仓库 
 

wget -O /etc/yum.repos.d/CentOS-Base.repo http://mirrors.aliyun.com/repo/Centos-7.repo 
wget -O /etc/yum.repos.d/epel.repo http://mirrors.aliyun.com/repo/epel-7.repo

———————————————————————————————————————————————————————————————————————

2，yum install cobbler dhcp -y && systemctl enable cobblerd && systemctl start cobblerd #cobbler 的服务

3，yum install pykickstart cman fence-agents -y#检查cobbler的应答文件是否正确

4，cobbler get-loaders &&yum install xinetd tftp -y && systemctl enable xinetd && systemctl start xinetd#安装tftp，xinetd守护它。

5，yum install rsync -y && systemctl enable rsyncd && systemctl start rsyncd#同步工具

6，yum install autofs -y && systemctl enable autofs && systemctl start autofs#自动挂载服务，虚拟机用这个方便挂载光驱

7，yum install httpd -y && systemctl enable httpd && systemctl start httpd#共享文件用的httpd服务（其实在第二步的时候就已经作为依赖安装了，但是服务没有启动的哦）

以上安装包安装完毕后，运行命令 ：cobbler check（服务环境检查）

[root@centos8 ~]# cobbler check
The following are potential configuration items that you may want to fix:

#我翻译一下，以下的各个组件选项需要你配置

---

1 : The 'server' field in /etc/cobbler/settings must be set to something other than localhost, or kickstarting features will not work.  This should be a resolvable hostname or IP for the boot server as reachable by all machines that will use it.

#/etc/cobbler/setting这个文件的server选项的值不能localhost，需要设置为本机IP或者本机域名，以确保别的所有机器可访问
# of the manpage for how that works.这一行下面server写本机IP
server: 192.168.0.19



2 : For PXE to be functional, the 'next_server' field in /etc/cobbler/settings must be set to something other than 127.0.0.1, and should match the IP of the boot server on the PXE network.

#这个文件/etc/cobbler/settings的关于pxe的选项，其中  next_server 的值应该为cobbler服务器的IP。
## if you do not set this correctly, this will be manifested in TFTP open timeouts.这一行下面
server: 192.168.0.19



3 : change 'disable' to 'no' in /etc/xinetd.d/tftp

#/etc/xinetd.d/tftp这个文件的disable 那一行的值改为no，原来为yes，打开文件一眼就可以看到哦


4 : Some network boot-loaders are missing from /var/lib/cobbler/loaders, you may run 'cobbler get-loaders' to download them, or, if you only want to handle x86/x86_64 netbooting, you may ensure that you have installed a *recent* version of the syslinux package installed and can ignore this message entirely.  Files in this directory, should you want to support all architectures, should include pxelinux.0, menu.c32, elilo.efi, and yaboot. The 'cobbler get-loaders' command is the easiest way to resolve these requirements.

#cobbler服务需要一些文件，要么你安装syslinux然后忽略这些文件，要么执行命令cobbler get-loaders，这个是最简单的方法了。包括的文件为：pxelinux.0, menu.c32, elilo.efi, and yaboot


5 : enable and start rsyncd.service with systemctl

#安装并启动rsyncd服务


6 : debmirror package is not installed, it will be required to manage debian deployments and repositories

#deb包管理器没安装，可能某些软件安装的时候需要它。（自作多情了，这是centos，该项可以忽略）


7 : ksvalidator was not found, install pykickstart

#命令 ksvalidator没有找到，需要安装pykickstart
#yum install pykickstart -y 即可


8 : The default password used by the sample templates for newly installed machines (default_password_crypted in /etc/cobbler/settings) is still set to 'cobbler' and should be changed, try: "openssl passwd -1 -salt 'random-phrase-here' 'your-password-here'" to generate new one

#默认密码设置太简单了，请使用openssl passwd -1 -salt 'random-phrase-here‘'我的密码'’ 生成一个新密码，并将该密码放入/etc/cobbler/settings文件内的default_password_crypted的值。-------salt后面是常用的加盐方式加密，我的密码是系统安装后的默认密码,建议使用复杂度高的密码

random-phrase-here为干扰码，可以自行设定。
例如：[root@master CentOS7.1]# openssl passwd -1 -salt 'random-phrase-here' 123456
\$1$random-p$mzxQ/Sx848sXgvfwJCoZM0
123456这个密码被加密成了\$1$random-p$mzxQ/Sx848sXgvfwJCoZM0，然后找到setting文件内的default_password_crypted字段，替换它后面的值就可以啦，系统安装完密码就是123456啦


9 : fencing tools were not found, and are required to use the (optional) power management features. install cman or fence-agents to use them

#需要安装fencing tools，以管理optional，安装cman 或者fence-agents  并使用它们。
#yum install fence-agents -y

Restart cobblerd and then run 'cobbler sync' to apply changes.

#以上九个选项修改后，重启cobblerd服务，并运行cobbler  sync命令以使改动生效。

九个提示项修改完毕后，修改两个文件

vim /etc/cobbler/settings

#将manage_dhcp的值改成1，这个是说使用cobbler服务接管管理DHCP

vim /etc/cobbler/dhcp.template

#这个文件是cobbler的DHCP模板文件，它修改了，DHCP这个服务的配置文件就修改了

subnet 192.168.0.0 netmask 255.255.255.0 {#表示网段
     option routers             192.168.0.1;#本网段的路由gate
     option domain-name-servers 61.128.114.166;#希望客户机的dns
     option subnet-mask         255.255.255.0;#子网掩码
     range dynamic-bootp        192.168.0.100 192.168.0.254;#DHCP的范围，100到254  192.168.0.  这些IP提供给客户端
     default-lease-time         21600;#默认租约时间（没什么好解释的，不懂就百度）
     max-lease-time             43200;#最长租约时间
     next-server                $next_server;

执行命令（安装文件挂载）：

因为我是虚拟机，因此mount是这样的，如果是真实物理机，根据自己的情况调整挂载哦。

mkdir /mnt/CentOS7.1
mount /dev/sr0 /mnt/CentOS7.1/
cobbler import --path=/mnt/CentOS7.1 --name=Centos-7.1 --arch=x86_64
cobbler profile edit --name=CentOS-7.1-x86_64 --kopts='net.ifnames=0 biosdevname=0'

查看cobbler服务器的状态

[root@master CentOS7.1]# cobbler profile report
Name                           : CentOS-7.1-x86_64
TFTP Boot Files                : {}
Comment                        : 
DHCP Tag                       : default
Distribution                   : Centos-7.1-x86_64
Enable gPXE?                   : 0
Enable PXE Menu?               : 1
Fetchable Files                : {}
Kernel Options                 : {'biosdevname': '0', 'net.ifnames': '0'}
Kernel Options (Post Install)  : {}
Kickstart                      : /var/lib/cobbler/kickstarts/sample_end.ks
Kickstart Metadata             : {}
Management Classes             : []
Management Parameters          : <<inherit>>
Name Servers                   : []
Name Servers Search Path       : []
Owners                         : ['admin']
Parent Profile                 : 
Internal proxy                 : 
Red Hat Management Key         : <<inherit>>
Red Hat Management Server      : <<inherit>>
Repos                          : []
Server Override                : <<inherit>>
Template Files                 : {}
Virt Auto Boot                 : 1
Virt Bridge                    : xenbr0
Virt CPUs                      : 1
Virt Disk Driver Type          : raw
Virt File Size(GB)             : 5
Virt Path                      : 
Virt RAM (MB)                  : 512
Virt Type                      : kvm

[root@centos9 kickstarts]# cobbler profile
usage
=====
cobbler profile add
cobbler profile copy
cobbler profile dumpvars
cobbler profile edit
cobbler profile find
cobbler profile getks
cobbler profile list
cobbler profile remove
cobbler profile rename
cobbler profile report

#cobbler配置时所使用的参数，上一个命令就使用了最后一个参数。

编辑上面命令所查询出来的应答文件，
var/lib/cobbler/kickstarts/sample_end.ks

[root@master CentOS7.1]# cat /var/lib/cobbler/kickstarts/sample_end.ks
#Kickstart Configurator for cobbler by Jason Zhao
#platform=x86, AMD64, or Intel EM64T
#System  language
lang en_US
#System keyboard
keyboard us
#Sytem timezone
timezone Asia/Shanghai
#Root password
rootpw --iscrypted $default_password_crypted
#Use text mode install
text
#Install OS instead of upgrade
install
#Use NFS installation Media
url --url=$tree
#System bootloader configuration
bootloader --location=mbr
#Clear the Master Boot Record
zerombr
#Partition clearing information
clearpart --all --initlabel
#Disk partitioning information
part /boot --fstype xfs --size 10240 --ondisk sda
part swap --size 1024 --ondisk sda
part / --fstype xfs --size 1 --grow --ondisk sda
#System authorization infomation
auth  --useshadow  --enablemd5
#Network information
$SNIPPET('network_config')
#network --bootproto=dhcp --device=em1 --onboot=on
# Reboot after installation
reboot
#Firewall configuration
firewall --disabled
#SELinux configuration
selinux --disabled
#Do not configure XWindows
skipx
#Package install information
%pre
$SNIPPET('log_ks_pre')
$SNIPPET('kickstart_start')
$SNIPPET('pre_install_network_config')
# Enable installation monitoring
$SNIPPET('pre_anamon')
%end
 
%packages
@ base
@ core
sysstat
iptraf
ntp
lrzsz
ncurses-devel
openssl-devel
zlib-devel
OpenIPMI-tools
mysql
nmap
screen
%end
 
%post
systemctl disable postfix.service
%end

再一次执行cobbler sync 命令 ，命令输出一般如下：

[root@master CentOS7.1]# cobbler sync
task started: 2022-09-16_180006_sync
task started (id=Sync, time=Fri Sep 16 18:00:06 2022)
running pre-sync triggers
cleaning trees
removing: /var/www/cobbler/images/Centos-7.1-x86_64
removing: /var/lib/tftpboot/pxelinux.cfg/default
removing: /var/lib/tftpboot/grub/images
removing: /var/lib/tftpboot/grub/efidefault
removing: /var/lib/tftpboot/images/Centos-7.1-x86_64
removing: /var/lib/tftpboot/s390x/profile_list
copying bootloaders
copying: /usr/share/syslinux/pxelinux.0 -> /var/lib/tftpboot/pxelinux.0
copying: /usr/share/syslinux/menu.c32 -> /var/lib/tftpboot/menu.c32
copying: /usr/share/syslinux/memdisk -> /var/lib/tftpboot/memdisk
copying distros to tftpboot
copying files for distro: Centos-7.1-x86_64
trying hardlink /var/www/cobbler/ks_mirror/Centos-7.1-x86_64/images/pxeboot/vmlinuz -> /var/lib/tftpboot/images/Centos-7.1-x86_64/vmlinuz
trying hardlink /var/www/cobbler/ks_mirror/Centos-7.1-x86_64/images/pxeboot/initrd.img -> /var/lib/tftpboot/images/Centos-7.1-x86_64/initrd.img
copying images
generating PXE configuration files
generating PXE menu structure
copying files for distro: Centos-7.1-x86_64
trying hardlink /var/www/cobbler/ks_mirror/Centos-7.1-x86_64/images/pxeboot/vmlinuz -> /var/www/cobbler/images/Centos-7.1-x86_64/vmlinuz
trying hardlink /var/www/cobbler/ks_mirror/Centos-7.1-x86_64/images/pxeboot/initrd.img -> /var/www/cobbler/images/Centos-7.1-x86_64/initrd.img
Writing template files for Centos-7.1-x86_64
rendering DHCP files
generating /etc/dhcp/dhcpd.conf
rendering TFTPD files
generating /etc/xinetd.d/tftp
processing boot_files for distro: Centos-7.1-x86_64
cleaning link caches
running post-sync triggers
running python triggers from /var/lib/cobbler/triggers/sync/post/*
running python trigger cobbler.modules.sync_post_restart_services
running: dhcpd -t -q
received on stdout: 
received on stderr: 
running: service dhcpd restart
received on stdout: 
received on stderr: Redirecting to /bin/systemctl restart dhcpd.service

running shell triggers from /var/lib/cobbler/triggers/sync/post/*
running python triggers from /var/lib/cobbler/triggers/change/*
running python trigger cobbler.modules.manage_genders
running python trigger cobbler.modules.scm_track
running shell triggers from /var/lib/cobbler/triggers/change/*
*** TASK COMPLETE ***

至此，cobbler服务器搭建完毕，可以新建一个虚拟机实验网克了。

新建的虚拟机需要内存至少2g，硬盘至少20g，这是centos7对于硬件的要求。如果不满足，会报各种错哦，比如，kernel offset disable这样的错误（内存不足的时候）。

最为重要的文件是应答文件，这个需要注意的地方太多啦，难点就在这，以后专开一篇详细介绍吧。

成果展示：

 

 

 

 

 网克的速度着实快，5分钟就安装好了。