Cobbler(补鞋匠)搭建：

使用的系统为centos 7.5 mini

注意：

虚拟机网卡采用NAT模式，不要使用桥接模式，因为稍后我们会搭建DHCP服务器，在同一局域网多个DHCP服务会有冲突。

VMware的NAT模式的dhcp服务也关闭，避免干扰。

1、系统环境准备

1.1 关闭防火墙

systemctl stop firewalld  && systemctl disable firewalld

1.2 关闭selinux

#关闭seliunx
setenforce 0
sed  -i 's/SELINUX=.*/SELINUX=disabled/' /etc/selinux/config

1.3 配置阿里云yum源

mkdir /etc/yum.repos.d/bak && mv /etc/yum.repos.d/*  /etc/yum.repos.d/bak
curl -o /etc/yum.repos.d/CentOS-Base.repo https://mirrors.aliyun.com/repo/Centos-7.repo
sed -i -e '/mirrors.cloud.aliyuncs.com/d' -e '/mirrors.aliyuncs.com/d' /etc/yum.repos.d/CentOS-Base.repo
curl -o /etc/yum.repos.d/epel.repo http://mirrors.aliyun.com/repo/epel-7.repo
yum clean all

2、安装cobbler

2.1 安装软件

yum -y install httpd dhcp tftp bind bind-chroot caching-nameserver python-ctypes cobbler cobbler-web pykickstart xinetd lsof net-tools 

rpm -ql cobbler         #查看安装的文件，下面列出部分。

/etc/cobbler                   # 配置文件目录
/etc/cobbler/settings          # cobbler主配置文件，这个文件是YAML格式，Cobbler是python写的程序。
/etc/cobbler/dhcp.template     # DHCP服务的配置模板
/etc/cobbler/tftpd.template    # tftp服务的配置模板
/etc/cobbler/rsync.template    # rsync服务的配置模板
/etc/cobbler/iso               # iso模板配置文件目录
/etc/cobbler/pxe               # pxe模板文件目录
/etc/cobbler/power             # 电源的配置文件目录
/etc/cobbler/users.conf        # Web服务授权配置文件
/etc/cobbler/users.digest      # 用于web访问的用户名密码配置文件
/etc/cobbler/dnsmasq.template  # DNS服务的配置模板
/etc/cobbler/modules.conf      # Cobbler模块配置文件

/var/lib/cobbler               # Cobbler数据目录
/var/lib/cobbler/config        # 配置文件
/var/lib/cobbler/kickstarts    # 默认存放kickstart文件
/var/lib/cobbler/loaders       # 存放的各种引导程序

/var/www/cobbler               # 系统安装镜像目录
/var/www/cobbler/ks_mirror     # 导入的系统镜像列表
/var/www/cobbler/images        # 导入的系统镜像启动文件
/var/www/cobbler/repo_mirror   # yum源存储目录

/var/log/cobbler                # 日志目录
/var/log/cobbler/install.log    # 客户端系统安装日志
/var/log/cobbler/cobbler.log    # cobbler日志

2.2 启动aoache和cobbler

#启动服务开启自启
systemctl start httpd cobblerd   &&    systemctl enable httpd  cobblerd

netstat -ntlpua|grep httpd
tcp6  0 0 :::80  :::*LISTEN 2329/httpd
tcp6  0 0 :::443 :::*LISTEN 2329/httpd

ps -ef|grep cobbler
apache 2330  2329 0 11:05 ?00:00:00 (wsgi:cobbler_w -DFOREGROUND
root  2359 1 0 11:06 ?00:00:00 /usr/bin/python2 -s /usr/bin/cobblerd -F
root  2481  2064 0 11:10 pts/000:00:00 grep --color=auto cobbler

3、配置cobbler

运行cobbler check，根据显示提示，进行下一步操作

cobbler check

The following are potential configuration items that you may want to fix:

1 : The 'server' field in /etc/cobbler/settings must be set to something other than localhost, or kickstarting features will not work.  This should be a resolvable hostname or IP for the boot server as reachable by all machines that will use it.
2 : For PXE to be functional, the 'next_server' field in /etc/cobbler/settings must be set to something other than 127.0.0.1, and should match the IP of the boot server on the PXE network.
3 : change 'disable' to 'no' in /etc/xinetd.d/tftp
4 : Some network boot-loaders are missing from /var/lib/cobbler/loaders, you may run 'cobbler get-loaders' to download them, or, if you only want to handle x86/x86_64 netbooting, you may ensure that you have installed a *recent* version of the syslinux package installed and can ignore this message entirely.  Files in this directory, should you want to support all architectures, should include pxelinux.0, menu.c32, elilo.efi, and yaboot. The 'cobbler get-loaders' command is the easiest way to resolve these requirements.
5 : enable and start rsyncd.service with systemctl
6 : debmirror package is not installed, it will be required to manage debian deployments and repositories
7 : The default password used by the sample templates for newly installed machines (default_password_crypted in /etc/cobbler/settings) is still set to 'cobbler' and should be changed, try: "openssl passwd -1 -salt 'random-phrase-here' 'your-password-here'" to generate new one
8 : fencing tools were not found, and are required to use the (optional) power management features. install cman or fence-agents to use them

Restart cobblerd and then run 'cobbler sync' to apply changes.

修改过程如下

每次对cobbler相关配置文件的修改，都需要cobbler sync，才能使设置的参数生效

3.1 修改cobbler配置文件

#备份配置文件
cp /etc/cobbler/settings{,.ori}

#此IP为DHCP和TFTP服务的IP地址，一般同serverIP
sed -i 's#next_server: 127.0.0.1#next_server: 192.168.26.128#g' /etc/cobbler/settings                 

#此IP为cobbler服务的IP
sed -i 's#server: 127.0.0.1#server: 192.168.26.128#g' /etc/cobbler/settings                 

3.2 修改tftp文件

sed -i 's@disable.*=.*@disable = no@g' /etc/xinetd.d/tftp

grep disable /etc/xinetd.d/tftp
disable = no

systemctl start xinetd  && service xinetd reload

lsof -i udp:69
COMMAND  PID USER  FD  TYPE DEVICE SIZE/OFF NODE NAME
xinetd 11384 root5u IPv4 31162 0t0 UDP *:tftp

#设置cobbler密码
openssl passwd -1 -salt 'cobbler' '1'
$1$cobbler$2.z8.0oepSgisQVZGYC050

vi /etc/cobbler/settings
101 default_password_crypted: "$1$cobbler$2.z8.0oepSgisQVZGYC050"

#让cobbler管理dhcp
vi /etc/cobbler/settings 
 242 manage_dhcp: 1

#防止循环安装系统，适用于服务器第一启动项是PXE启动
sed -i 's/pxe_just_once: 0/pxe_just_once: 1/' /etc/cobbler/settings

#启动rsync
systemctl start rsyncd  && systemctl enable  rsyncd 

3.3 修改cobbler的dhcp模版

vi /etc/cobbler/dhcp.template
 
#注意：
1、所分配的地址必须和服务器在同一个网段内
2、不要直接修改dhcp本身的配置文件，因为cobbler会覆盖



subnet 192.168.26.0 netmask 255.255.255.0 {                 #此段是设置DHCP的网段
     option routers             192.168.26.128; #设置网关，如果给部署时cobbler服务器与目标主机之间是直连的则不需要网关
     option domain-name-servers 114.114.114.114;            #设置dns地址
     option subnet-mask         255.255.255.0;               #子网掩码
     range dynamic-bootp        192.168.26.200 192.168.26.254;   #DHCP分配的地址池    
 
 
cobbler get-loaders

#如果显示Could not resolve host,需检查dns

#如遇报错： Exception value: [Errno 14] curl#35 - "Peer reports incompatible or unsupported protocol version."
yum update -y nss curl libcurl
systemctl restart cobblerd


#重启cobbler服务并执行cobbler sync 让所有修改生效
systemctl restart cobblerd
cobbler sync

若执行cobbler get-loaders出现如上报错，导致下载安装文件失败
，解决方法是yum安装syslinux，然后将pxelinux.0和memu.c32复制到/var/lib/cobbler/loaders/里面就行了

cp /usr/share/syslinux/pxelinux.0 /var/lib/cobbler/loaders/
cp /usr/share/syslinux/menu.c32 /var/lib/cobbler/loaders/

3.4. 检查服务是否运行

netstat -ntlupa|egrep "httpd|dhcpd|rsync|xinetd"

tcp0 0 0.0.0.0:873 0.0.0.0:*  LISTEN 11481/rsync
tcp6  0 0 :::80  :::*LISTEN 11280/httpd
tcp6  0 0 :::443 :::*LISTEN 11280/httpd
tcp6  0 0 :::873 :::*LISTEN 11481/rsync
udp0 0 0.0.0.0:55026  0.0.0.0:*  11644/dhcpd
udp0 0 0.0.0.0:67 0.0.0.0:*  11644/dhcpd
udp0 0 0.0.0.0:69 0.0.0.0:*  11384/xinetd
udp6  0 0 :::19187:::*11644/dhcpd

3.5 设置服务开机启动

systemctl enable httpd  xinetd cobblerd dhcpd rsyncd

3.6 导入系统镜像

这里以导入centos7.5的镜像为例

#将centos7.5 mini 的镜像挂在到目录下
mount -o loop CentOS-7.5-x86_64-Minimal-1804.iso  /mnt/
cobbler import --path=/mnt/ --name=CentOS7.5-mini --arch=x86_64  --kickstart=/var/lib/cobbler/kickstarts/CentOS7.5_mini_x86_64.cfg

#导入完成的标志
*** TASK COMPLETE ***       

--path 镜像路径
--name 为安装源定义一个名字
--arch 指定安装源是32位、64位、ia64, 目前支持的选项有: x86│x86_64│ia64
ps:安装源的唯一标识就是根据name参数来定义，本例导入成功后，安装源的唯一标识就是：CentOS7.5-mini-x86_64，如果重复，系统会提示导入失败。

3.5 修改ks文件

cobbler profile edit --name=CentOS7.5-mini-x86_64 --kickstart=/var/lib/cobbler/kickstarts/CentOS7.5_mini_x86_64.cfg

注：首先自己编写ks文件并放在/var/lib/cobbler/kickstarts/下，--name项的名称可用
cobbler profile list
cobbler profile report



python -c 'import crypt,getpass;pw="输入你的密码";print(crypt.crypt(pw))'