## Cobbler 介绍
Cobbler 是一个免费开源系统安装部署软件,用于自动化网络安装操作系统。 Cobbler 集成了 DNS, DHCP 软件包更新, 带外管理以及配置管理, 方便操作系统安装自动化。Cobbler 可以支持 PXE 启动, 操作系统重新安装, 以及虚拟化客户机创建,包括 Xen, KVM or VMware. Cobbler 透过 koan 程序以支持虚拟化客户机安装。

### Cobbler 功能
- 使用一个以前定义的模板来配置 DHCP 服务(如果启用了管理 DHCP)
- 将一个存储库(yum 或 rsync)建立镜像或解压缩一个媒介,以注册一个新操作系统
- 在 DHCP 配置文件中为需要安装的机器创建一个条目,并使用您指定的参数(IP 和 MAC 地址)
- 在 TFTFP 服务目录下创建适当的 PXE 文件
- 重新启动 DHCP 服务以反映更改
- 重新启动机器以开始安装(如果电源管理已启用)

### Cobbler 工作流程
![](https://cos.slonefan.net/wp-content/uploads/2019/04/201904151433011.jpg)
#### Server
第一步,启动 Cobbler 服务
第二步,进行 Cobbler 错误检查,执行 cobbler check 命令
第三步,进行配置同步,执行 cobbler sync 命令
第四步,复制相关启动文件文件到 TFTP 目录中
第五步,启动 DHCP 服务,提供地址分配
第六步,DHCP 服务分配 IP 地址
第七步,TFTP 传输启动文件
第八步,Server 端接收安装信息
第九步,Server 端发送 ISO 镜像和 Kickstart 文件

#### Client
第一步,客户端以 PXE 模式启动
第二步,客户端获取 IP 地址
第三步,通过 TFTP 服务器获取启动文件
第四步,进入 Cobbler 安装选择界面
第五步,客户端确定加载信息
第六步,根据配置信息准备安装系统
第七步,加载 Kickstart 文件
第八步,传输系统安装的其它文件
第九步,进行安装系统

## Cobbler 安装配置
### 基础环境
```bash
[root@RM ~]# cat /etc/redhat-release # 查看系统版本
CentOS Linux release 7.6.1810 (Core)

[root@RM ~]# uname -a # 查看主机名及内核版本
Linux RM.SLONEFAN.COM 3.10.0-957.10.1.el7.x86_64 #1 SMP Mon Mar 18 15:06:45 UTC 2019 x86_64 x86_64 x86_64 GNU/Linux

[root@RM ~]# getenforce # 关闭 SELinux
Disabled

[root@RM ~]# systemctl status firewalld # 关闭防火墙
● firewalld.service - firewalld - dynamic firewall daemon
Loaded: loaded (/usr/lib/systemd/system/firewalld.service; disabled; vendor preset: enabled)
Active: inactive (dead)
Docs: man:firewalld(1)

[root@RM ~]# ip a | grep ens # 确认网卡 IP 信息
2: ens192: mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
inet 192.168.10.3/24 brd 192.168.10.255 scope global noprefixroute ens192
3: ens224: mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
inet 192.168.22.3/24 brd 192.168.11.255 scope global noprefixroute ens224
```

### 安装系统组件
```bash
[root@RM ~]# yum install -y epel-release # 安装 epel 源

# 安装 FTP HTTP cobbler 等组件
[root@RM ~]# yum install -y dhcp tftp-server xinetd httpd cobbler cobbler-web pykickstart

[root@RM ~]# rpm -qa | grep -E "dhcp|tftp-server|xinetd|httpd|cobbler|cobbler-web|pykickstart"
dhcp-4.2.5-68.el7.centos.1.x86_64 # dchp 服务
dhcp-libs-4.2.5-68.el7.centos.1.x86_64
httpd-tools-2.4.6-88.el7.centos.x86_64
cobbler-2.8.4-4.el7.x86_64 # Cobbler 程序包
pykickstart-1.99.66.19-2.el7.noarch # Cobbler 检查 kickstart 语法错误
cobbler-web-2.8.4-4.el7.noarch # Cobbler 的 Web 程序包
httpd-2.4.6-88.el7.centos.x86_64 # Apache Web 服务
tftp-server-5.2-22.el7.x86_64 # tftp 服务
xinetd-2.3.15-13.el7.x86_64
dhcp-common-4.2.5-68.el7.centos.1.x86_64

[root@RM ~]# rpm -ql cobbler # 查看安装的文件
/etc/cobbler # 配置文件目录
/etc/cobbler/settings # Cobbler 主配置文件,这个文件是 YAML 格式,Cobbler 是 Python 写的程序
/etc/cobbler/dhcp.template # DHCP 服务的配置模板
/etc/cobbler/tftpd.template # tftp 服务的配置模板
/etc/cobbler/rsync.template # rsync 服务的配置模板
/etc/cobbler/iso # ISO 模板配置文件目录
/etc/cobbler/pxe # PXE 模板文件目录
/etc/cobbler/power # 电源的配置文件目录
/etc/cobbler/users.conf # Web 服务授权配置文件
/etc/cobbler/users.digest # 用于 Web 访问的用户名密码配置文件
/etc/cobbler/dnsmasq.template # DNS 服务的配置模板
/etc/cobbler/modules.conf # Cobbler 模块配置文件
/var/lib/cobbler # Cobbler 数据目录
/var/lib/cobbler/config # 配置文件
/var/lib/cobbler/kickstarts # 默认存放 kickstart 文件目录
/var/lib/cobbler/loaders # 存放的各种引导程序
/var/www/cobbler # 系统安装镜像目录
/var/www/cobbler/ks_mirror # 导入的系统镜像列表
/var/www/cobbler/images # 导入的系统镜像启动文件
/var/www/cobbler/repo_mirror # yum 源存储目录
/var/log/cobbler # 日志目录
/var/log/cobbler/install.log # 客户端系统安装日志
/var/log/cobbler/cobbler.log # Cobbler 日志
```

### 配置 Cobbler
```bash
[root@RM ~]# systemctl start httpd # 启动 Apache httpd 服务
[root@RM ~]# systemctl start cobblerd # 启动 Cobbler 服务
[root@RM ~]# systemctl start xinetd # 启动 xinetd 服务
[root@RM ~]# systemctl start tftp # 启动 tftp 服务
[root@RM ~]# systemctl enable tftp
[root@RM ~]# systemctl enable cobblerd
[root@RM ~]# systemctl enable httpd
[root@RM ~]# systemctl enable xinetd

[root@RM ~]# cobbler check # 初始化检查 Cobbler
The following are potential configuration items that you may want to fix:
1 : The 'server' field in /etc/cobbler/settings must be set to something other than localhost, or kickstarting features will not work. This should be a resolvable hostname or IP for the boot server as reachable by all machines that will use it.
2 : For PXE to be functional, the 'next_server' field in /etc/cobbler/settings must be set to something other than 127.0.0.1, and should match the IP of the boot server on the PXE network.
3 : change 'disable' to 'no' in /etc/xinetd.d/tftp
4 : Some network boot-loaders are missing from /var/lib/cobbler/loaders, you may run 'cobbler get-loaders' to download them, or, if you only want to handle x86/x86_64 netbooting, you may ensure that you have installed a *recent* version of the syslinux package installed and can ignore this message entirely. Files in this directory, should you want to support all architectures, should include pxelinux.0, menu.c32, elilo.efi, and yaboot. The 'cobbler get-loaders' command is the easiest way to resolve these requirements.
5 : enable and start rsyncd.service with systemctl
6 : debmirror package is not installed, it will be required to manage debian deployments and repositories
7 : The default password used by the sample templates for newly installed machines (default_password_crypted in /etc/cobbler/settings) is still set to 'cobbler' and should be changed, try: "openssl passwd -1 -salt 'random-phrase-here' 'your-password-here'" to generate new one
8 : fencing tools were not found, and are required to use the (optional) power management features. install cman or fence-agents to use them

Restart cobblerd and then run 'cobbler sync' to apply changes.

# 对以上问题进行修复
1.修改 Cobbler 文件服务器地址
[root@RM ~]# vim /etc/cobbler/settings
next_server: 192.168.22.3

2.修改 Cobbler 主机地址
[root@RM ~]# vim /etc/cobbler/settings
server: 192.168.22.3

3.开启 TFTP 服务
[root@RM ~]# vim /etc/xinetd.d/tftp
disable = no

4.加载引导文件
[root@RM ~]# cobbler get-loaders

5.开启rsyncd服务
[root@RM ~]# systemctl start rsyncd
[root@RM ~]# systemctl enable rsyncd

6.安装 debian 组件
[root@RM ~]# yum install -y debmirror

7.创建系统初始化后的 root 密码(后续自动安装系统的 root 密码)
[root@RM ~]# openssl passwd -1 -salt 'nopassword' 'nopassword'
$1$nopasswo$q5XmZitEwfDMwF88jEbF21
[root@RM ~]# vim /etc/cobbler/settings
default_password_crypted: "$1$nopasswo$q5XmZitEwfDMwF88jEbF21"

8.安装电源模块组件(可以忽略
[root@RM ~]# yum install fence-agents -y

[root@RM ~]# systemctl restart cobblerd # 修复完成后重启并再次检查
[root@RM ~]# cobbler check # 以下错误可以忽略也可以修复
The following are potential configuration items that you may want to fix:
1 : comment out 'dists' on /etc/debmirror.conf for proper debian support
2 : comment out 'arches' on /etc/debmirror.conf for proper debian support
Restart cobblerd and then run 'cobbler sync' to apply changes.

修复该提示
[root@RM ~]# vim /etc/debmirror.conf
#@dists="sid"; # 添加`#`注释掉这两行的配置
#@arches="i386";

[root@RM ~]# cobbler check # 再次确认
No configuration problems found. All systems go.
```

### 配置 DHCP
```bash
# 配置使用 Cobbler 管理 DHCP
[root@RM ~]# sed -i "s/manage_dhcp: 0/manage_dhcp: 1/" /etc/cobbler/settings
[root@RM ~]# sed -i "s/pxe_just_once: 0/pxe_just_once: 1/" /etc/cobbler/settings #仅安装一次

[root@RM ~]# vim /etc/cobbler/dhcp.template
subnet 192.168.22.0 netmask 255.255.255.0 {
option routers 192.168.22.3;
option domain-name-servers 192.168.22.3;
option subnet-mask 255.255.255.0;
range dynamic-bootp 192.168.22.200 192.168.22.209;
default-lease-time 21600;
max-lease-time 43200;
next-server $next_server;
# 注意 DHCP 的 IP 地址段网卡对应
```

### 同步 Cobbler 配置
```bash
[root@RM ~]# systemctl restart cobblerd
[root@RM ~]# cobbler sync
[root@RM ~]# systemctl start dhcpd # 启动 DHCP 服务
[root@RM ~]# systemctl enable dhcpd
```

## 命令行管理
### 帮助命令
```bash
[root@RM ~]# cobbler
usage
=====
cobbler ...
[add|edit|copy|getks*|list|remove|rename|report] [options|--help]
cobbler [options|--help]

[root@RM ~]# cobbler list --help
Usage: cobbler list [options]
Options:
-h, --help show this help message and exit
[root@RM ~]# cobbler import --help
Usage: cobbler import [options]
Options:
-h, --help show this help message and exit
--arch=ARCH OS architecture being imported
--breed=BREED the breed being imported
--os-version=OS_VERSION
the version being imported
--path=PATH local path or rsync location
--name=NAME name, ex 'RHEL-5'
--available-as=AVAILABLE_AS
tree is here, don't mirror
--kickstart=KICKSTART_FILE
assign this kickstart file
--rsync-flags=RSYNC_FLAGS
pass additional flags to rsync

cobbler check 核对当前设置是否有问题
cobbler list 列出所有的 cobbler 元素
cobbler report 列出元素的详细信息
cobbler sync 同步配置到数据目录,更改配置最好都要执行下
cobbler reposync 同步 yum 仓库
cobbler distro 查看导入的发行版系统信息
cobbler profile 查看配置信息
cobbler system 查看添加的系统信息
```

### 管理 distro
Cobbler 变得可用的第一步为定义 distro,其可以通过为其指定外部的安装引导内核及 ramdisk 文件的方式实现。
如果已经有完成的安装树(如 OS 的安装镜像)则推荐使用 improt 导入的方式进行。

导入新镜像
```bash
[root@RM ~]# mkdir /mnt/centos/
[root@RM ~]# mount /dev/sr0 /mnt/centos/
mount: /dev/sr0 is write-protected, mounting read-only

[root@RM ~]# cobbler import --path=/mnt/centos --name=CentOS7-x86_64 --arch=x86_64
# --path 镜像路径
# --name 为安装源定义一个名字
# --arch 指定安装源是 32 位、64 位、ia64, 目前支持的选项有: x86│x86_64│ia64
# 安装源的唯一标示就是根据 name 参数来定义,本例导入成功后,安装源的唯一标示就是:CentOS7-x86_64,如果重复,系统会提示导入失败
# 如果有 kickstart 文件,也可以使用 `--kickstart=/path/to/kickstart_file` 进行导入,import 会自动为导入的 distro 生成一个 profile
```

查看镜像信息
```bash
[root@RM ~]# cobbler distro list
CentOS7-x86_64
# 镜像存放目录,Cobbler 会将镜像中的所有安装文件拷贝到本地一份,放在 /var/www/cobbler/ks_mirror 下的 CentOS7-mini-x86_64目录下。因此 /var/www/cobbler 目录必须具有足够空间容纳安装文件

[root@RM ~]# ll /var/www/cobbler/ks_mirror/ # 导入 distro 会自动生成 profile
total 0
drwxrwxr-x 8 root root 254 Nov 26 07:53 CentOS7-x86_64
drwxr-xr-x 2 root root 33 Apr 12 18:08 config

[root@RM ~]# cobbler distro report --name=CentOS7-x86_64 # 查看安装镜像文件信息
Name : CentOS7-x86_64
Architecture : x86_64
TFTP Boot Files : {}
Breed : redhat
Comment :
Fetchable Files : {}
Initrd : /var/www/cobbler/ks_mirror/CentOS7-x86_64/images/pxeboot/initrd.img
Kernel : /var/www/cobbler/ks_mirror/CentOS7-x86_64/images/pxeboot/vmlinuz
Kernel Options : {}
Kernel Options (Post Install) : {}
Kickstart Metadata : {'tree': 'http://@@http_server@@/cblr/links/CentOS7-x86_64'}
Management Classes : []
OS Version : rhel6
Owners : ['admin']
Red Hat Management Key : <>
Red Hat Management Server : <>
Template Files : {}
```

### 管理 profile
Cobbler 使用 profile 来为特定的需求类别提供所需要安装的配置,即在 distro 的基础上通过提供 kiskstart 文件来生成一个特定的系统安装配置。 distro 的 profile 可以出现在 PXE 的引导菜单中作为安装的选择之一
```bash
[root@RM ~]# cobbler profile report # 查看所有的 profile 设置

[root@RM ~]# cobbler profile report --name=CentOS-7-x86_64 # 查看指定的 profile 设置
Name : CentOS7-x86_64
TFTP Boot Files : {}
Comment :
DHCP Tag : default
Distribution : CentOS7-x86_64
Enable gPXE? : 0
Enable PXE Menu? : 1
Fetchable Files : {}
Kernel Options : {}
Kernel Options (Post Install) : {}
Kickstart : /var/lib/cobbler/kickstarts/sample_end.ks
Kickstart Metadata : {}
Management Classes : []
Management Parameters : <>
Name Servers : []
Name Servers Search Path : []
Owners : ['admin']
Parent Profile :
Internal proxy :
Red Hat Management Key : <>
Red Hat Management Server : <>
Repos : []
Server Override : <>
Template Files : {}
Virt Auto Boot : 1
Virt Bridge : xenbr0
Virt CPUs : 1
Virt Disk Driver Type : raw
Virt File Size(GB) : 5
Virt Path :
Virt RAM (MB) : 512
Virt Type : kvm

[root@RM ~]# ls /var/lib/cobbler/kickstarts/ # Cobbler 的 ks.cfg 文件存放位置
esxi4-ks.cfg install_profiles pxerescue.ks sample_end.ks(默认使用的ks文件) sample_esxi4.ks sample.ks sample.seed
default.ks esxi5-ks.cfg legacy.ks sample_autoyast.xml sample_esx4.ks sample_esxi5.ks sample_old.seed
# 在第一次导入系统镜像后,Cobbler 会给镜像指定一个默认的 kickstart 自动安装文件在 /var/lib/cobbler/kickstarts 下的 sample_end.ks
```

#### 自定义 ks 文件
```bash
[root@RM ~]# cd /var/lib/cobbler/kickstarts/
[root@RM kickstarts]# rz # 上传准备好的 ks 文件

# 编辑 profile,修改关联的 ks 文件
[root@RM kickstarts]# cobbler profile edit --name=CentOS7-x86_64 --kickstart=/var/lib/cobbler/kickstarts/CentOS7-x86_64.cfg

[root@RM ~]# cobbler profile report CentOS7-x86_64
Name : CentOS7-x86_64
...
Distribution : CentOS7-x86_64
Enable gPXE? : 0
Enable PXE Menu? : 1
Fetchable Files : {}
Kernel Options : {}
Kernel Options (Post Install) : {}
Kickstart : /var/lib/cobbler/kickstarts/CentOS7-x86_64.cfg
# 可以看到 Kickstart 已和刚才上传的文件关联
Kickstart Metadata : {}
...

# 每次修改完都要同步一次
[root@RM ~]# cobbler sync
```

### 管理 repo
新部署机器安装 yum 源,并同步
```bash
# 添加 repo
[root@RM ~]# cobbler repo add --name=centos-7.2-openstack-mitaka --mirror=http://mirrors.aliyun.com/centos/7.2.1511/cloud/x86_64/openstack-mitaka/ --arch=x86_64 --breed=yum

# 同步repo
[root@RM ~]# cobbler reposync

# 添加 repo 到对应的 profile
[root@RM ~]# cobbler profile edit --name=Centos7-x86_64 --repos="centos-7.2-openstack-mitaka"

# 修改 kickstart文件。添加 $yum_config_stanza 到 %post %end 中间,如下:
%post
$yum_config_stanza
%end

# 添加定时任务,定期同步 repo
echo "0 3 * * * /usr/bin/cobbler reposync --tries=3 --no-fail" >> /var/spool/cron/root

# 重装系统完成后的机器配置的 cobbler repo 如下:
[root@RM ~]# cat /etc/yum.repos.d/cobbler-config.repo
[core-0]
name=core-0
baseurl=http://192.168.11.3/cobbler/ks_mirror/CentOS-7-x86_64
enabled=1
gpgcheck=0
priority=1

[centos-7.2-openstack-mitaka]
name=centos-7.2-openstack-mitaka
baseurl=http://192.168.11.3/cobbler/repo_mirror/centos-7.2-openstack-mitaka
enabled=1
priority=99
gpgcheck=0
```

## Cobbler Web 使用
Cobbler 的 Web 使用的是 https 访问,登录 URL: https://server ipaddress/cobbler_web
如果在登录的时候遇到 `Internal Server Error` 的报错,请检查 pythone-django 的版本,可通过一下操作解决:
```bash
#下载pip.py
[root@RM ~]# wget https://bootstrap.pypa.io/get-pip.py

#调用本地python运行pip.py脚本
[root@RM ~]# python get-pip.py

#安装pip
[root@RM ~]# pip install Django==1.8.9

#查看pip版本号
[root@RM ~]# python -c "import django; print(django.get_version())"

#重启httpd
[root@RM ~]# systemctl restart httpd
```

登录,默认帐号密码为 `cobbler`
![](https://cos.slonefan.net/wp-content/uploads/2019/04/201904151433013.jpg)

![](https://cos.slonefan.net/wp-content/uploads/2019/04/201904151433014.jpg)

## 系统部署
### 新机部署系统
新建一台虚拟机开机即可。开机后可以看到网络引导过程

![](https://cos.slonefan.net/wp-content/uploads/2019/04/201904151433014.jpg)

选择对应的启动镜像即可安装
![](https://cos.slonefan.net/wp-content/uploads/2019/04/201904151433015.jpg)

### 系统重装
```bash
# 安装 koan 客户端
[root@RM ~]# yum install koan -y

# 查询 Cobbler 服务器上 profile
[root@RM ~]# koan --server=192.168.11.3 --list=profiles
- looking for Cobbler at http://192.168.11.3:80/cobbler_api
CentOS7-x86_64

# 指定要重装的系统
[root@RM ~]# koan --replace-self --server=192.168.11.3 --profile=CentOS7-x86_64

# 重启系统
[root@RM ~]# reboot
```

### 定制化安装
#### 个性化 TITLE
```bash
[root@RM ~]# vim /etc/cobbler/pxe/pxedefault.template
DEFAULT menu
PROMPT 0
MENU TITLE Cobbler | https://slonefan.net/
TIMEOUT 200
TOTALTIMEOUT 6000
ONTIMEOUT $pxe_timeout_profile
LABEL local
MENU LABEL (local)
MENU DEFAULT
LOCALBOOT 0
$pxe_menu_items
MENU end

[root@RM ~]# cobbler sync # 同步配置
```
再次进入系统安装界面,可以看到 TITLE 已经改变
![](https://cos.slonefan.net/wp-content/uploads/2019/04/201904151433016.jpg)

#### 自定义系统安装
确认安装信息:
- MAC
- IP
- GATEWAY
- NETMASK
- DNS
- HOSTNAME


```bash
[root@RM ~]# cobbler system add -name=pxe1.slonefan.com \
-profile=CentOS7-x86_64 -mac=00:0C:29:71:6B:2F -ip-address=192.168.11.240 \
-subnet=255.255.255.0 -gateway=192.168.11.1 -interface=eth0 \
-static=1 -hostname=pxe.slonefan.net -name-servers=”223.5.5.5 223.6.6.6” \
-profile=CentOS7-x86_64 -kickstart=/var/lib/cobbler/kickstarts/CentOS7-x86_64.cfg
```