Synopsis: Cobbler是一个免费开源系统安装部署软件，用于自动化网络安装操作系统。Cobbler 集成了 DNS，DHCP，软件包更新，带外管理以及配置管理，方便操作系统安装自动化。Cobbler 可以支持PXE启动，操作系统重新安装，以及虚拟化客户机创建，包括Xen, KVM or VMware。Cobbler透过koan程序以支持虚拟化客户机安装。Cobbler 可以支持管理复杂网路环境，如创建在链路聚合以太网的桥接环境

Linux系统自动部署系列：

1. 安装Cobbler

Cobbler官网

Cobbler主要组件：

1 Cobbler实现多系统版本全自动批量部署

本次实验中，准备部署Cobbler的服务器OS版本为CentOS-7.2-1511-x86_64，并且禁用了Firewalld和SELinux

1.1 提供CentOS-Base.repo源和epel.repo源

# cp -r /etc/yum.repos.d /etc/yum.repos.d.bak
# rm -rf /etc/yum.repos.d/*
# wget -O /etc/yum.repos.d/CentOS-Base.repo http://mirrors.aliyun.com/repo/Centos-7.repo
# wget -O /etc/yum.repos.d/epel.repo http://mirrors.aliyun.com/repo/epel-7.repo

# yum makecache

1.2 安装Cobbler相关软件包

Cobbler默认以HTTP文件服务提供各系统的安装源Repository

# yum -y install httpd cobbler

将会安装Cobbler相关依赖，比如syslinux和tftp-server

几个重要的目录：

# rpm -ql cobbler

/var/lib/cobbler
/var/lib/tftpboot
/var/log/cobbler
/var/www/cobbler

2. 修改默认配置项

Cobbler的配置文件是一个YAML格式的数据文件，/etc/cobbler/settings，修改前先备份：

# cp /etc/cobbler/settings{,.bak}

2.1 Default Encrypted Password

这个配置项为通过Kickstart文件新安装的系统设置初始root密码：

1. 生成密码
# openssl passwd -1 -salt `openssl rand -hex 4`
Password: $1$73ab0f5a$cMeS9bHrfVZiEOlNmQ9rP0

2. 修改配置项
# vim /etc/cobbler/settings
将default_password_crypted的值修改为上一步骤中产生的$1$73ab0f5a$cMeS9bHrfVZiEOlNmQ9rP0

注意：如果以后要修改配置项，可在启动Cobbler的情况下执行类似如下命令:

1. 启用动态修改配置文件功能
# sed -i '/^allow_dynamic_settings:/ s/0/1/' /etc/cobbler/settings

2. 重启Cobbler
# systemctl restart httpd
# systemctl restart cobblerd

3. 修改某一配置项
# cobbler setting edit --name=default_password_crypted --value="$1$73ab0f5a$cMeS9bHrfVZiEOlNmQ9rP0"

2.2 Server and Next_Server

设置Cobbler服务器的监听IP地址和TFTP服务器的IP（一般部署在同一服务器上，所以IP相同）

# cobbler setting edit --name=server --value="192.168.80.10"
# cobbler setting edit --name=next_server --value="192.168.80.10"

2.3 DHCP Management and DHCP Server Template

为实现PXE网络引导，需要一个DHCP服务器来分配IP地址，并指明下一跳地址TFTP服务器所在位置。一般公司已经存在DHCP服务器了，所以不能再搭建，此时要取消Cobbler来管理DHCP服务，确保manage_dhcp: 0：

## default, don't manage
manage_dhcp: 0

如果公司没有DHCP服务器，则安装dhcp，并配置如下：

1. 安装dhcp
# yum -y install dhcp

2. 配置可用网段及IP范围，boot loader指定为pxelinux.0，并指定TFTP的地址
# vim /etc/dhcp/dhcpd.conf

内容如下:
#
# DHCP Server Configuration file.
#   see /usr/share/doc/dhcp*/dhcpd.conf.example
#   see dhcpd.conf(5) man page
#

# option definitions common to all supported networks...
ddns-update-style interim;
ignore client-updates;
authoritative;
allow booting;
allow bootp;
allow unknown-clients;

# A slightly different configuration for an internal subnet.
subnet 192.168.80.0 netmask 255.255.255.0 {
    range 192.168.80.100 192.168.80.200;
    option domain-name-servers 192.168.80.10; 
    option domain-name "cobbler.wangy.com"; 
    option routers 192.168.80.2; 
    option broadcast-address 192.168.80.255;
    default-lease-time 600; 
    max-lease-time 7200; 

    # TFTP Server Information
    next-server 192.168.80.10;
    filename "pxelinux.0";
}

3. 启动服务
# systemctl start dhcpd
# systemctl enable dhcpd

注意：

cobbler的运行依赖于dhcp、tftp、rsync及dns服务。其中dhcp可由dhcpd(isc)提供，也可由dnsmasq提供；tftp可由tftp-server程序包提供，也可由cobbler自带的tftp功能提供；rsync由rsync程序包提供；dns可由bind提供，也可由dnsmasq提供。

cobbler可自行管理这些服务中的部分甚至是全部，但需要配置/etc/cobbler/settings文件中的manage_dhcp、manage_tftpd、manage_rsync和manage_dns分别进行定义。另外，由于每种服务都有着不同的实现方式，如若需要进行自定义，需要通过修改/etc/cobbler/modules.conf配置文件中各服务的模块参数的值来实现。

本文采用了独立管理的方式，即不通过cobbler来管理这些服务。

启动Cobbler服务后，查询：
# cobbler setting report | grep -E '^(pxe_just_once|manage_|server|next_server)'

2 Cobbler实现多系统版本全自动批量部署

# cobbler setting edit --name=manage_tftp --value=0
# cobbler setting edit --name=manage_tftpd --value=0
# cobbler setting edit --name=pxe_just_once --value=1

3 Cobbler实现多系统版本全自动批量部署

3. 启动HTTP和Cobbler服务

# systemctl start httpd cobblerd
# systemctl enable httpd cobblerd
# systemctl status httpd cobblerd

4. 检查并解决问题

# cobbler check

The following are potential configuration items that you may want to fix:

1 : change 'disable' to 'no' in /etc/xinetd.d/tftp
2 : some network boot-loaders are missing from /var/lib/cobbler/loaders, you may run 'cobbler get-loaders' to download them, or, if you only want to handle x86/x86_64 netbooting, you may ensure that you have installed a *recent* version of the syslinux package installed and can ignore this message entirely.  Files in this directory, should you want to support all architectures, should include pxelinux.0, menu.c32, elilo.efi, and yaboot. The 'cobbler get-loaders' command is the easiest way to resolve these requirements.
3 : enable and start rsyncd.service with systemctl
4 : debmirror package is not installed, it will be required to manage debian deployments and repositories
5 : ksvalidator was not found, install pykickstart
6 : fencing tools were not found, and are required to use the (optional) power management features. install cman or fence-agents to use them

Restart cobblerd and then run 'cobbler sync' to apply changes.

Q1： tftp是由super daemon (xinetd) 所管理的服务

1. 安装 xinetd 服务
# yum -y install xinetd

2. 启动tftp并设置开机自启
# vim /etc/xinetd.d/tftp
将disabled的值修改为no

3. 启动服务
# systemctl start xinetd
# systemctl enable xinetd

4. 查看运行状态
# netstat -tunap | grep :69
udp        0      0 0.0.0.0:69              0.0.0.0:*                           1641/xinetd