Pxe +ks+ cobbler+ cobbler-web 实现centos6.7,centos7.2无人值守全自动化网络安装系统。

实验环境：一台centos7.2 主机 一块网卡 vnet1 10.0.0.10/8 静态ip地址。两台测试安装centos6.7及centos7.2的虚拟机，网卡各1块，都是vnet1，网卡启动（bios里调）

由于cobbler软件包，是epel源的，所以安装epel源。

Wget http://mirrors.sohu.com/fedora-epel/epel-release-latest-7.noarch.rpm（centos7与centos6的epel源不同）

Rpm -ivh epel-lease-latest.noarch

安装的结果：加了一个yum创库配置文件及配置和此创库软件包校验签名的公钥文件/etc/pki/rpm-gpg/RPM_GPG_KEY_EPEL-7

[epel]

name=Extra Packages for Enterprise Linux 7 - $basearch

#baseurl=http://download.fedoraproject.org/pub/epel/6/$basearch

mirrorlist=https://mirrors.fedoraproject.org/metalink?repo=epel-7&arch=$basearch

failovermethod=priority

enabled=1

gpgcheck=0

gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-EPEL-7

安装相关软件：

Yum  -y  install cobbler cobbler-web bind dhcp syslinux (httpd,tftp-server........会关联安装上）

Systemctl stop firewalld   setenforce 0

[root@localhost Desktop]# nmcli connection modify eno16777728 ipv4.method manual ipv4.addresses 10.0.0.10/8

[root@localhost Desktop]# systemctl restart network

配置cobbler  其主配置文件/etc/cobbler/setting

server:10.0.0.10

next_server:10.0.0.10----------是dhcp里配置next-server的地址即为tftp-server地址

default_password_crypted:"$1$love$sMbBwgqmuHcawBZ7sh04c0"

[root@localhost Desktop]# openssl passwd -1 -salt 'love' '11qq```'

$1$love$sMbBwgqmuHcawBZ7sh04c0

Manage_dhcp:1

Manage_dns:1

Manage_tftpd:1

Bind_master:10.0.0.10

配置cobbler管理的服务的配置模板文件：

Vim /etc/cobbler/dhcp-template------------dhcp模板文件

subnet 10.0.0.0 netmask 255.0.0.0 {

#     option routers             192.168.1.5;

option domain-name-servers 10.0.0.10;

option subnet-mask         255.0.0.0;

range dynamic-bootp       10.0.0.100 10.0.0.200;

default-lease-time         21600;

max-lease-time             43200;

next-server                $next_server;

filename  "pxelinux.0";

}

[root@localhost Desktop]# cat /etc/cobbler/zone.template---------------dns模板文件

$TTL 1D

@         IN      SOA    ns1.wudang.com. admin.wudang.com. (

2016081401   ; Serial

600         ; Refresh

1800         ; Retry

604800       ; Expire

300   )       ; TTL

IN      NS     ns1

ns1                            IN      A      10.0.0.10

www                             IN      A       10.0.0.10

Systemctl start httpd

Systemctl start cobbler

如果能上互联网：cobbler get-loaders (去cobbler的自己专门的网站下载loaders文件到自己本地的数据目录/var/lib/cobbler/loaders)

如果不能上互联网：可以cp syslinux提供的文件

Cp /usr/share/syslinux/pxelinux.0   /var/lib/cobbler/loaders

Cp /usr/share/syslinux/menu.c32   /var/lib/cobbler/loaders

Cp /usr/share/syslinux/memdisk   /var/lib/cobbler/loaders

安装cobbler

在tftp-server的根目录下安装了几个空目录：[root@localhost Desktop]# ls /var/lib/tftpboot/*

/var/lib/tftpboot/boot:

/var/lib/tftpboot/etc:

/var/lib/tftpboot/grub:

/var/lib/tftpboot/p_w_picpaths:

/var/lib/tftpboot/p_w_picpaths2:

/var/lib/tftpboot/ppc:

/var/lib/tftpboot/pxelinux.cfg:

/var/lib/tftpboot/s390x:

在httpd 的/var/www/cobbler下安装了几个目录，有些目录下还有几个文件：

[root@localhost Desktop]# ls /var/www/cobbler/*（站点的cobbler静态数据）

/var/www/cobbler/aux:

anamon  anamon.init

/var/www/cobbler/p_w_picpaths:

/var/www/cobbler/ks_mirror:

config

/var/www/cobbler/links:

/var/www/cobbler/localmirror:

/var/www/cobbler/pub:

/var/www/cobbler/rendered:

/var/www/cobbler/repo_mirror:

/var/www/cobbler/svc:

services.py  services.pyc  services.pyo

自己的数据目录：

[root@localhost Desktop]# ls /var/lib/cobbler/*

/var/lib/cobbler/distro_signatures.json

/var/lib/cobbler/config:

distros.d  files.d  p_w_picpaths.d  mgmtclasses.d  packages.d  profiles.d  repos.d  systems.d

/var/lib/cobbler/kickstarts:

default.ks    install_profiles  sample_autoyast.xml  sample_esxi4.ks  sample_old.seed

esxi4-ks.cfg  legacy.ks         sample_end.ks        sample_esxi5.ks  sample.seed

esxi5-ks.cfg  pxerescue.ks      sample_esx4.ks       sample.ks

/var/lib/cobbler/loaders:

memdisk  menu.c32  pxelinux.0

/var/lib/cobbler/scripts:

preseed_early_default  preseed_late_default

/var/lib/cobbler/snippets:

cobbler_register           kickstart_done         networking.xml                   pre_partition_select

download_config_files      kickstart_start        partition_select                 preseed_apt_repo_config

download_config_files_deb  koan_environment       post_anamon                      proxy.xml

func_install_if_enabled    late_apt_repo_config   post_install_kernel_options      puppet_install_if_enabled

func_register_if_enabled   log_ks_post            post_install_network_config      puppet_register_if_enabled

hosts.xml                  log_ks_post_nochroot   post_install_network_config_deb  redhat_register

kdump.xml                  log_ks_pre             post_koan_add_reinstall_entry    restore_boot_device

keep_cfengine_keys         main_partition_select  post_run_deb                     rhn_certificate_based_register

keep_files                 network_config         post_s390_reboot                 save_boot_device

keep_rhn_keys              network_config_esx     pre_anamon                       suse_scriptwrapper.xml

keep_ssh_host_keys         network_config_esxi    pre_install_network_config

/var/lib/cobbler/triggers:

add  change  delete  install  sync

/var/lib/cobbler/webui_sessions:

Vim /etc/xinetd/tftp   disable  = no

[root@localhost Desktop]# systemctl start tftp.socket

[root@localhost Desktop]#

[root@localhost Desktop]# systemctl start rsyncd.socket

注意：所有的服务的ip地址要相同。

Cobbler check 检查cobbler 工作环境是否满足条件。不满足，按照提示配置使其满足条件即可。

[root@localhost Desktop]# cobbler sync

task started: 2016-08-14_154703_sync

task started (id=Sync, time=Sun Aug 14 15:47:03 2016)

running pre-sync triggers

cleaning trees

removing: /var/lib/tftpboot/grub/p_w_picpaths

copying bootloaders

copying: /var/lib/cobbler/loaders/pxelinux.0 -> /var/lib/tftpboot/pxelinux.0

copying: /var/lib/cobbler/loaders/menu.c32 -> /var/lib/tftpboot/menu.c32

copying: /usr/share/syslinux/memdisk -> /var/lib/tftpboot/memdisk

copying distros to tftpboot

copying p_w_picpaths

generating PXE configuration files

generating PXE menu structure

rendering DHCP files

generating /etc/dhcp/dhcpd.conf

rendering TFTPD files

generating /etc/xinetd.d/tftp

cleaning link caches

running post-sync triggers

running python triggers from /var/lib/cobbler/triggers/sync/post/*

running python trigger cobbler.modules.sync_post_restart_services

running: dhcpd -t -q

received on stdout:

received on stderr:

running: service dhcpd restart

received on stdout:

received on stderr: Redirecting to /bin/systemctl restart  dhcpd.service

running shell triggers from /var/lib/cobbler/triggers/sync/post/*

running python triggers from /var/lib/cobbler/triggers/change/*

running python trigger cobbler.modules.scm_track

running shell triggers from /var/lib/cobbler/triggers/change/*

*** TASK COMPLETE ***

Systemctl start dhcpd  systemctl start tftp.service

[root@localhost Desktop]# cp /etc/cobbler/zone.template /var/named/wudang

[root@localhost Desktop]# named-checkzone "wudang.com"  /var/named/wudang

zone wudang.com/IN: loaded serial 2016081401

OK

[root@localhost Desktop]# named-checkconf /etc/named.conf

Systemclt start named

所有服务一切正常工作，万事俱备，只欠东风，只差distro和ks文件，先用cobbler-web 来管理。(python写的动态网站程序）

Vim /etc/httpd/conf.d/cobbler_web.conf

#            SSLRequireSSL

#            N×××equireSSL

#            SSLRequireSSL

#            N×××equireSSL

注释掉上述四行，不能提示没有权限。（Centos6.7，不用注释）

Cobbler-web的管理账号：

[root@localhost Desktop]# htdigest -c /etc/cobbler/users.digest Cobbler lili

Adding password for lili in realm Cobbler.

New password:

Re-type new password:

Systemctl restart httpd

http://10.0.0.10/cobbler_web (脚本路径别名）

Yum -y install system-config-kickstart

Systemctl-config-kickstarts（在gui下运行），生成kickstart文件

生成Centos6.7的ks文件：/var/lib/cobbler/kickstarts/centos6ks.cfg

#platform=x86, AMD64, or Intel EM64T

#version=DEVEL

# Firewall configuration

firewall --disabled

# Install OS instead of upgrade

install

# Use network installation

url --url="http://www.wudang.com/cobbler/links/centos6.7-x86_64"

# Root password

rootpw --iscrypted $1$xVtPuisx$X3B4rqKlzJKYLO7JiceSG1

# System authorization information

auth  --useshadow  --passalgo=sha512

# Use graphical install

text

firstboot --disable

# System keyboard

keyboard us

# System language

lang en_US

# SELinux configuration

selinux --disabled

# Installation logging level

logging --level=info

# Reboot after installation

Reboot# System timezone

timezone  Africa/Abidjan

# System bootloader configuration

bootloader --location=mbr --md5pass="$1$ipBQVdC5$.8/AhDSGAzf10urvR6rcm."

# Clear the Master Boot Record

zerombr

# Partition clearing information

clearpart --all --initlabel

# Disk partitioning information

part / --fstype="ext4" --size=10240

part swap --fstype="swap" --ondisk=sda --size=1024

%post

useradd tom

echo '11qq```' | passwd --stdin tom

%end

%packages

@base

@basic-desktop

@x11

1,1           Top

生成centos7.2的ks文件：/var/lib/cobbler/kickstarts/centos7ks.cfg

#platform=x86, AMD64, or Intel EM64T

#version=DEVEL

# Install OS instead of upgrade

install

# Keyboard layouts

keyboard 'us'

# Root password

rootpw --iscrypted $1$LYe2x3i4$n/fkJEqo//QaFYUQAYvmk/

# System timezone

timezone Africa/Abidjan

# Use network installation

url --url="http://www.wudang.com/cobbler/links/centos7.2-x86_64"

# System language

lang en_US

# Firewall configuration

firewall --disabled

# System authorization information

auth  --useshadow  --passalgo=sha512

# Use graphical install

#graphical

text

firstboot --disable

# SELinux configuration

selinux --disabled

# Reboot after installation

reboot

# System bootloader configuration

bootloader --location=mbr

# Clear the Master Boot Record

zerombr

# Partition clearing information

clearpart --all --initlabel

# Disk partitioning information

autopart --type=lvm

%packages

@^graphical-server-environment

@base

@core

@desktop-debugging

@dial-up

@fonts@guest-desktop-agents

@input-methods

@internet-browser

@multimedia

@print-client

@x11

kexec-tools

%end

%post

useradd jack

echo '11qq```' | passwd --stdin jack

%end

@gnome-desktop

@guest-agents

1,1           Top

Cobbler导入distro

Mount /dev/sr0 /mnt  挂载centos7.2安装光盘

Cobble import --name=centos7.2  --path=/mnt

删除默认的profile

[root@localhost Desktop]# cobbler profile remove --name=centos7.2-x86_64

添加一个profile   /var/lib/cobbler/kickstarts/centos7ks.cfg

[root@localhost Desktop]# cobbler profile add --name=7.2 --distro=centos7.2-x86_64 kickstart=/var/lib/cobbler/kickstarts/centos7ks.cfg

同理：

Umount  /dev/sr0

Mount /dev/sr0 /mnt 挂载centos6.7的光盘

Cobbler import --name=centos6.7 --path=/mnt

删除默认的profile

[root@localhost Desktop]# cobbler profile remove --name=centos6.7-x86_64

添加一个profile   /var/lib/cobbler/kickstarts/centos7ks.cfg

[root@localhost Desktop]# cobbler profile add --name=6.7 --distro=centos6.7-x86_64 kickstart=/var/lib/cobbler/kickstarts/centos6ks.cfg

测试dns

dig www.wudang.com @10.0.0.10

[root@localhost Desktop]# dig www.wudang.com @10.0.0.10

; <<>> DiG 9.9.4-RedHat-9.9.4-29.el7 <<>> www.wudang.com @10.0.0.10

;; global options: +cmd

;; Got answer:

;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 48102

;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 1, ADDITIONAL: 2

;; OPT PSEUDOSECTION:

; EDNS: version: 0, flags:; udp: 4096

;; QUESTION SECTION:

;www.wudang.com.INA

;; ANSWER SECTION:

www.wudang.com.86400INA10.0.0.10

;; AUTHORITY SECTION:

wudang.com.86400INNSns1.wudang.com.

;; ADDITIONAL SECTION:

ns1.wudang.com.86400INA10.0.0.10

;; Query time: 0 msec

;; SERVER: 10.0.0.10#53(10.0.0.10)

;; WHEN: Sun Aug 14 16:55:48 CST 2016

;; MSG SIZE  rcvd: 93

Dns工作正常。

安装测试：centos6.7虚拟机：

网卡启动:

Centos7.2虚拟机安装：

网卡启动:

总结：一个distro 可以结合多个不同的ks文件，生成这个发行版的多个不同的profile文件，满足多个不同的安装需要。

Cobbler 可以让配置更加简单，/var/lib/tftpboot/pxelinux.cfg/default自动生成，profile自动生成。