cobbler實現，cobbler_web管理

cobbler:
快速安裝linux操作系統的服務，支持衆多的Linux發行版：Red Hat、Fedora、Centos、Debian、Ubuntu和SuSE,同時也支持網絡安裝windows
PXE的二次封裝，將多種安裝參數封裝到一個菜單，使用Python編寫，提供了CLI和Web管理形式

cobbler實現

系統：centos7.10 1810
cobbler 基於epel源，先打開epel源，使用1804版本的epel，較新版本會有問題（本次實驗進行的時候）

1、安裝cobbler

yum install cobbler 安裝cobbler時會自動安裝tftp,http這兩個服務以及相關的其他工具包，但不會安裝dhcp服務，實現cobbler還需要dhcp服務，手動安裝
yum install dhcp

2、開啓服務

開啓除了dhcp外的所有服務並設置爲開機啓動(實際工作中)。tftp、http、cobbler
systemctl start tftp httpd cobblerd
systemctl enable tftp httpd dhcpd cobblerd
使用cobbler check命令檢查cobbler的相關配置，並根據提示逐個修改爲正確配置

3、修改配置文件

修改/etc/cobbler/settings進行配置

第101行“default_password_crypted:”爲cobbler密碼，默認爲cobbler(此密碼爲系統密碼),用MD5加密,將新密碼加密後覆蓋原來的加密密碼
第242行 “manage_dhcp: 0” 將0改爲1 自動配置dhcp
第272行“next_server: 127.0.0.1”爲tftp服務器地址，修改爲正確的tftp服務器地址。可以是本機地址，也可以是同網絡中的tftp服務器地址
第384行“server: 127.0.0.1”爲cobbler服務器的地址，修改爲本機地址

運行cobbler get-loader自動安裝cobbler需要的文件，如pxelinux,syslinux等

[root@CentOS7 yum.repos.d]#cobbler get-loaders
task started: 2019-04-21_175857_get_loaders
task started (id=Download Bootloader Content, time=Sun Apr 21 17:58:57 2019)
downloading https://cobbler.github.io/loaders/README to /var/lib/cobbler/loaders/README
downloading https://cobbler.github.io/loaders/COPYING.elilo to /var/lib/cobbler/loaders/COPYING.elilo
downloading https://cobbler.github.io/loaders/COPYING.yaboot to /var/lib/cobbler/loaders/COPYING.yaboot
downloading https://cobbler.github.io/loaders/COPYING.syslinux to /var/lib/cobbler/loaders/COPYING.sysl
downloading https://cobbler.github.io/loaders/elilo-3.8-ia64.efi to /var/lib/cobbler/loaders/elilo-ia64
downloading https://cobbler.github.io/loaders/yaboot-1.3.17 to /var/lib/cobbler/loaders/yaboot
downloading https://cobbler.github.io/loaders/pxelinux.0-3.86 to /var/lib/cobbler/loaders/pxelinux.0
downloading https://cobbler.github.io/loaders/menu.c32-3.86 to /var/lib/cobbler/loaders/menu.c32
downloading https://cobbler.github.io/loaders/grub-0.97-x86.efi to /var/lib/cobbler/loaders/grub-x86.ef
downloading https://cobbler.github.io/loaders/grub-0.97-x86_64.efi to /var/lib/cobbler/loaders/grub-x86
*** TASK COMPLETE ***

修改完成後運行cobbler sync更新配置

[root@CentOS7 yum.repos.d]#cobbler sync
task started: 2019-04-21_181905_sync
task started (id=Sync, time=Sun Apr 21 18:19:05 2019)
running pre-sync triggers
cleaning trees
removing: /var/lib/tftpboot/grub/images
copying bootloaders
trying hardlink /var/lib/cobbler/loaders/pxelinux.0 -> /var/lib/tftpboot/pxelinux.0
trying hardlink /var/lib/cobbler/loaders/menu.c32 -> /var/lib/tftpboot/menu.c32
trying hardlink /var/lib/cobbler/loaders/yaboot -> /var/lib/tftpboot/yaboot
trying hardlink /usr/share/syslinux/memdisk -> /var/lib/tftpboot/memdisk
trying hardlink /var/lib/cobbler/loaders/grub-x86.efi -> /var/lib/tftpboot/grub/grub-x86.efi
trying hardlink /var/lib/cobbler/loaders/grub-x86_64.efi -> /var/lib/tftpboot/grub/grub-x86_64.efi
copying distros to tftpboot
copying images
generating PXE configuration files
generating PXE menu structure
rendering TFTPD files
generating /etc/xinetd.d/tftp
cleaning link caches
running post-sync triggers
running python triggers from /var/lib/cobbler/triggers/sync/post/*
running python trigger cobbler.modules.sync_post_restart_services
running shell triggers from /var/lib/cobbler/triggers/sync/post/*
running python triggers from /var/lib/cobbler/triggers/change/*
running python trigger cobbler.modules.scm_track
running shell triggers from /var/lib/cobbler/triggers/change/*
*** TASK COMPLETE ***

重啓cobbler服務，再次運行cobbler check檢查，如提示如下三行，可以不用管了

[root@CentOS7 yum.repos.d]#cobbler check
The following are potential configuration items that you may want to fix:

1 : enable and start rsyncd.service with systemctl
2 : debmirror package is not installed, it will be required to manage debian deployments and repositories
3 : fencing tools were not found, and are required to use the (optional) power management features. install cman or fence-agents to use them

Restart cobblerd and then run 'cobbler sync' to apply changes.

運行vim /etc/cobbler/dhcp.template 編輯DHCP模板文件，設置DHCP服務

根據實際情況設置圖片中的幾項就可以
運行 cobbler sync 更新配置，因爲前面將配置文件第242行 “manage_dhcp: 0” 的0改爲1，所以會自動更新dhcp服務的配置文件

4、拷貝文件到相應目錄

將安裝源文件拷貝到相應的目錄(/var/www/cobbler/ks_mirror/)中。實驗中用的光盤iso文件，已將光盤掛載到/mnt目錄下
運行cobbler improt --path=/mnt --name=Centos-7.6 --arch=x86_64(CPU架構) 開始自動拷貝文件，時間長短看拷貝文件的大小
拷貝完成後運行下面的命令可查看不同的信息：

cobbler profile list 查看啓動菜單項(ks文件和源文件的關聯)      
cobbler distro list 查看安裝源文件    

關聯自定義ks文件，修改ks文件中的設置

將自定義的應答文件拷貝到/var/lib/cobbler/kickstarts目錄下，並將文件權限修改爲644

5、關聯應答文件

cobbler profile add --name=Centos-7.6-x86_64_mini --distro=Centos7.6_mini-x86_64 --kickstart=/var/lib/cobbler/kickstarts/ks7_mini.cfg
--name爲顯示在啓動菜單中的名字
--distro爲安裝源文件名字(使用cobbler distro list查看)
--kickstart爲與源文件關聯的ks文件路徑
刪除不符合要求的菜單
cobbler profile remove --name=Centos7.6_mini-x86_64
到此已經完成cobbler的設置，測試用一臺機器通過網卡啓動找到服務器，選擇想要安裝的系統
如果有什麼服務不能用，重啓後測試

cobbler web 實現

cobbler 可以通過web界面設置
yum install cobbler-web
重新啓動HTTPD服務
systemctl restart httpd
通過瀏覽器訪問：https://ip/cobbler_web 來管理cobbler服務
用戶名cobbler,默認密碼爲cobbler

使用authn_configfiel模塊認證cobbler_web用戶(默認選項)

用戶名密碼保存在/etc/cobbler/users.digest 中通過cat命令可以查看
按照下面格式添用戶名：其中cobbler1爲新添加的用戶名，輸入兩次新密碼

[root@CentOS7 ~]#htdigest -c /etc/cobbler/users.digest Cobbler cobbler1
Adding user cobbler1 in realm Cobbler
New password: 
Re-type new password: 

參數 -c 表示刪除已有的第一個用戶並新建cobbler1 用於第一次設置用戶時使用,後續添加可以不用“-c”

使用authm_pam模塊認證cobbler_web用戶

vim /etc/cobbler/modules.conf
修改23行
將module = authn_configfile 修改爲moudle = authn_pam
創建cobbler 用戶: useradd cobbler2 並設置密碼 echo xxx | passwd --stdin cobbler2
可以將cobbler2用戶的shell 設置爲/sbin/nologin
vim /etc/cobbler/users.conf
修改admin = "" 爲admin = "cobbler2"
重啓cobbler服務，用cobbler2訪問web頁面

兩種方式在用戶不能同時使用，一種生效，別一種就無法登錄web頁面