配置yum源

[root@localhost network-scripts]# rpm -ivh http://dl.fedoraproject.org/pub/epel/7/x86_64/Packages/e/epel-release-7-11.noarch.rpm
[root@localhost network-scripts]# yum makecache

开始安装Cobbler

安装cobbler以及相关的软件

[root@localhost network-scripts]# yum -y install httpd dhcp tftp python-ctypes cobbler  xinetd cobbler-web

#启动服务

[root@localhost network-scripts]# systemctl start httpd
[root@localhost network-scripts]# systemctl enable httpd
[root@localhost network-scripts]# systemctl enable cobblerd
[root@localhost network-scripts]# systemctl start cobblerd

#cobbler check 检查相关配置

[root@localhost network-scripts]# cobbler check
The following are potential configuration items that you may want to fix:

1 : The 'server' field in /etc/cobbler/settings must be set to something other than localhost, or kickstarting features will not work.  This should be a resolvable hostname or IP for the boot server as reachable by all machines that will use it.
2 : For PXE to be functional, the 'next_server' field in /etc/cobbler/settings must be set to something other than 127.0.0.1, and should match the IP of the boot server on the PXE network.
3 : change 'disable' to 'no' in /etc/xinetd.d/tftp
4 : Some network boot-loaders are missing from /var/lib/cobbler/loaders, you may run 'cobbler get-loaders' to download them, or, if you only want to handle x86/x86_64 netbooting, you may ensure that you have installed a *recent* version of the syslinux package installed and can ignore this message entirely.  Files in this directory, should you want to support all architectures, should include pxelinux.0, menu.c32, elilo.efi, and yaboot. The 'cobbler get-loaders' command is the easiest way to resolve these requirements.
5 : enable and start rsyncd.service with systemctl
6 : debmirror package is not installed, it will be required to manage debian deployments and repositories
7 : The default password used by the sample templates for newly installed machines (default_password_crypted in /etc/cobbler/settings) is still set to 'cobbler' and should be changed, try: "openssl passwd -1 -salt 'random-phrase-here' 'your-password-here'" to generate new one
8 : fencing tools were not found, and are required to use the (optional) power management features. install cman or fence-agents to use them

Restart cobblerd and then run 'cobbler sync' to apply changes.


#问题4(先做此步骤)

[root@localhost network-scripts]# cobbler get-loaders

#问题1
#一定要填入当前联网的那个网卡IP,不然后面cobbler get-loaders时候无法联网，这里后面还会再改

[root@localhost network-scripts]# sed -i 's/^server: 127.0.0.1/server: 10.0.0.2/' /etc/cobbler/settings

#问题2
#一定要填入当前联网的那个网卡IP,不然后面cobbler get-loaders时候无法联网，这里后面还会再改

[root@localhost network-scripts]# sed -i 's/^next_server: 127.0.0.1/next_server: 10.0.0.2/' /etc/cobbler/settings 

#问题3

[root@localhost network-scripts]# vim /etc/xinetd.d/tftp


service tftp
{
        socket_type             = dgram
        protocol                = udp
        wait                    = yes
        user                    = root
        server                  = /usr/sbin/in.tftpd
        server_args             = -s /var/lib/tftpboot
        disable                 = no           #修改项
        per_source              = 11
        cps                     = 100 2
        flags                   = IPv4
}



#问题5

[root@localhost ~]# systemctl enable rsyncd

[root@localhost ~]# systemctl start rsyncd

#问题6

可以忽略

#问题7

[root@localhost ~]# openssl passwd -1 -salt '123456' '123456'
$1$123456$wOSEtcyiP2N/IfIl15W6Z0
[root@localhost ~]# vim /etc/cobbler/settings

default_password_crypted: "$1$123456$wOSEtcyiP2N/IfIl15W6Z0"

配置cobbler-DHCP

#修改cobbler配置

[root@localhost ~]# vim /etc/cobbler/settings

manage_dhcp: 1

#修改dhcp.templates配置文件

[root@localhost network-scripts]# vim /etc/cobbler/dhcp.template

#10.0.0.0为网段地址

subnet 10.0.0.0 netmask 255.255.255.0 {
     option routers             10.0.0.2;
     option domain-name-servers 10.0.0.2;
     option subnet-mask         255.255.255.0;
     range dynamic-bootp        10.0.0.100 10.0.0.254;
     default-lease-time         21600;
     max-lease-time             43200;
     next-server                $next_server;

[root@localhost ~]# systemctl restart cobblerd.service

[root@localhost ~]# cobbler sync
task started: 2018-06-28_125356_sync
task started (id=Sync, time=Thu Jun 28 12:53:56 2018)
running pre-sync triggers
cleaning trees
removing: /var/lib/tftpboot/grub/images
copying bootloaders
trying hardlink /var/lib/cobbler/loaders/pxelinux.0 -> /var/lib/tftpboot/pxelinux.0
trying hardlink /var/lib/cobbler/loaders/menu.c32 -> /var/lib/tftpboot/menu.c32
trying hardlink /var/lib/cobbler/loaders/yaboot -> /var/lib/tftpboot/yaboot
trying hardlink /usr/share/syslinux/memdisk -> /var/lib/tftpboot/memdisk
trying hardlink /var/lib/cobbler/loaders/grub-x86.efi -> /var/lib/tftpboot/grub/grub-x86.efi
trying hardlink /var/lib/cobbler/loaders/grub-x86_64.efi -> /var/lib/tftpboot/grub/grub-x86_64.efi
copying distros to tftpboot
copying images
generating PXE configuration files
generating PXE menu structure
rendering DHCP files
generating /etc/dhcp/dhcpd.conf
rendering TFTPD files
generating /etc/xinetd.d/tftp
cleaning link caches
running post-sync triggers
running python triggers from /var/lib/cobbler/triggers/sync/post/*
running python trigger cobbler.modules.sync_post_restart_services
running: dhcpd -t -q
received on stdout:
received on stderr:
running: service dhcpd restart
received on stdout:
received on stderr: Redirecting to /bin/systemctl restart dhcpd.service

running shell triggers from /var/lib/cobbler/triggers/sync/post/*
running python triggers from /var/lib/cobbler/triggers/change/*
running python trigger cobbler.modules.scm_track
running shell triggers from /var/lib/cobbler/triggers/change/*
*** TASK COMPLETE ***

#检查

[root@localhost ~]# netstat -lnup|grep dhcp
udp        0      0 0.0.0.0:67              0.0.0.0:*                           6668/dhcpd

更改nat让所有机器都能上网

iptables -F
iptables -t nat -F

#下面改成自己能连接外网的那个网卡
iptables -t nat -A POSTROUTING -o wlp4s0 -j MASQUERADE
#或者用SNAT
iptables -t nat -A POSTROUTING -s  192.168.80.0/24 -j SNAT --to-source 10.144.235.10
#也可以转发到网卡
iptables-t nat -A POSTROUTING -s 192.168.80.0/24 -o eth0 -j MASQUERADE

echo "1" > /proc/sys/net/ipv4/ip_forward

导入镜像

[root@localhost ~]# ls /root/ubuntu-18.04-server-amd64.iso
/root/ubuntu-18.04-server-amd64.iso

[root@localhost ~]# mkdir -p /mnt/ubuntu-18.04-server-amd64

[root@localhost ~]# mount -o loop /root/ubuntu-18.04-server-amd64.iso /mnt/ubuntu-18.04-server-amd64/

[root@localhost ~]# cobbler import --path=/mnt/ubuntu-18.04-server-amd64/ --name=ubuntu-18.04-7.9 --arch=x86_64

[root@localhost ~]# cobbler repo remove --name=ubuntu-18.04-7.2-x86_64

[root@PXE-Server ~]# cobbler list
distros:
   ubuntu-18.04-7.2-x86_64

profiles:
   ubuntu-18.04-7.9-x86_64


systems:

repos:


images:


mgmtclasses:

packages:

files:


[root@localhost kickstarts]# cobbler report

Name                           : ubuntu-18.04-7.9-x86_64
TFTP Boot Files                : {}
Comment                        :
DHCP Tag                       : default
Distribution                   : ubuntu-18.04-7.2-x86_64
Enable gPXE?                   : 0
Enable PXE Menu?               : 1
Fetchable Files                : {}
Kernel Options                 : {}
Kernel Options (Post Install)  : {}
Kickstart                      : /var/lib/cobbler/kickstarts/sample.seed
Kickstart Metadata             : {}
Management Classes             : []
Management Parameters          : <<inherit>>
Name Servers                   : []
Name Servers Search Path       : []
Owners                         : ['admin']
Parent Profile                 :
Internal proxy                 :
Red Hat Management Key         : <<inherit>>
Red Hat Management Server      : <<inherit>>
Repos                          : []
Server Override                : <<inherit>>
Template Files                 : {}
Virt Auto Boot                 : 1
Virt Bridge                    : xenbr0
Virt CPUs                      : 1
Virt Disk Driver Type          : raw
Virt File Size(GB)             : 5
Virt Path                      :
Virt RAM (MB)                  : 512
Virt Type                      : xenpv

mgmtclasses:
==========

packages:
==========

files:
==========



#修改ks文件
[root@localhost kickstarts]# cobbler profile remove --name=ubuntu-18.04-7.6-x86_64
[root@localhost kickstarts]# cobbler profile add --name="ubuntu-18.04-7.6-x86_64" --distro=ubuntu-18.04-7.2-x86_64 --kickstart=/var/lib/cobbler/kickstarts/sample.seed.7.3
[root@localhost kickstarts]# cobbler sync

seed文件

由于自带源太慢了，我们删除了repo,所以只安装了自带的ssh,其它的可以等系统安装好后自行安装，同时文件中还添加了一个普通用户

d-i debian-installer/locale string en_US
d-i console-setup/ask_detect boolean false
d-i keyboard-configuration/layoutcode string us
d-i keyboard-configuration/variantcode string
d-i netcfg/choose_interface select auto
d-i netcfg/get_hostname string $myhostname
d-i time/zone string US/Eastern
d-i clock-setup/utc boolean true
d-i clock-setup/ntp boolean true
d-i clock-setup/ntp-server  string ntp.ubuntu.com
d-i mirror/country string manual
d-i mirror/http/hostname string $http_server
d-i mirror/http/directory string $install_source_directory
d-i mirror/http/proxy string
d-i live-installer/net-image string http://$http_server/cobbler/links/$distro_name/install/filesystem.squashfs
d-i partman-auto/disk string /dev/sda
d-i partman-auto/method string regular
d-i partman-auto/choose_recipe select fsm
d-i partman-lvm/device_remove_lvm boolean true
d-i partman-md/device_remove_md boolean true
d-i partman-auto/expert_recipe string \
fsm :: \
1024 100% 1024 linux-swap method{ swap } \
format{ } \
. \
20480 20480 20480 ext4 method{ format } \
mountpoint{ /tmp } \
format{ } use_filesystem{ } filesystem{ ext4 } \
options/relatime{ relatime } \
. \
1 2048 1000000000 ext4 method{ format } \
mountpoint{ /data } \
format{ } use_filesystem{ } filesystem{ ext4 } \
options/relatime{ relatime } \
.
d-i partman-lvm/confirm_nooverwrite boolean true
d-i partman-lvm/confirm boolean true
d-i partman-partitioning/confirm_write_new_label boolean true
d-i partman/confirm_nooverwrite boolean true
d-i partman/confirm boolean true
d-i partman/choose_partition \
select Finish partitioning and write changes to disk
d-i passwd/root-login boolean true
d-i passwd/root-password-crypted paddssword $default_password_crypted
d-i passwd/make-user boolean true
d-i passwd/user-fullname    string ksuser
d-i passwd/username string ksuser
d-i passwd/user-password-crypted    password $1$GzKX2YeQ$0e1.0/A6SvTuVE0l8C3eT1
d-i passwd/user-uid string
d-i user-setup/allow-password-weak  boolean false
d-i user-setup/encrypt-home boolean false
d-i passwd/user-default-groups      string  sudo adm cdrom dialout lpadmin plugdev sambashare
d-i apt-setup/services-select       multiselect security
d-i apt-setup/security_host string mirrors.aliyun.com
d-i apt-setup/security_path string /ubuntu
d-i debian-installer/allow_unauthenticated  string false
$SNIPPET('preseed_apt_repo_config')
# d-i pkgsel/include string ntp ssh wget vim
d-i pkgsel/include string ssh
d-i grub-installer/only_debian boolean true
d-i finish-install/reboot_in_progress note
d-i preseed/early_command string wget -O- \
   http://$http_server/cblr/svc/op/script/$what/$name/?script=preseed_early_default | \
   /bin/sh -s
d-i preseed/late_command string   wget -O /target/etc/apt/sources.list    http://$http_server/sources.list ; \
 wget -O /target/etc/locale.conf   http://$http_server/locale.conf ; \
 wget -O /target/etc/default/locale   http://$http_server/locale ; \
 cd /target ; \
 chroot ./ apt-get update

seed文件最后下载了三个文件，sources.list locale.conf locale
三个文件放在httpd的目录/var /www/html/中，
sources.list 存放apt的源
locale.conf locale 编码

sources.list

deb http://mirrors.aliyun.com/ubuntu/ bionic main restricted universe multiverse
deb http://mirrors.aliyun.com/ubuntu/ bionic-security main restricted universe multiverse
deb http://mirrors.aliyun.com/ubuntu/ bionic-updates main restricted universe multiverse
deb http://mirrors.aliyun.com/ubuntu/ bionic-proposed main restricted universe multiverse
deb http://mirrors.aliyun.com/ubuntu/ bionic-backports main restricted universe multiverse
deb-src http://mirrors.aliyun.com/ubuntu/ bionic main restricted universe multiverse
deb-src http://mirrors.aliyun.com/ubuntu/ bionic-security main restricted universe multiverse
deb-src http://mirrors.aliyun.com/ubuntu/ bionic-updates main restricted universe multiverse
deb-src http://mirrors.aliyun.com/ubuntu/ bionic-proposed main restricted universe multiverse
deb-src http://mirrors.aliyun.com/ubuntu/ bionic-backports main restricted universe multiverse

locale

#  File generated by update-locale
LANG="en_US"
LANGUAGE="en_US:"
LANG="en_US.UTF-8"

locale.conf

LANG="en_US.UTF-8"

安装完成，下面是自己记录的文件分发脚本

写了三个文件用来做文件批量分发
wsl1.sh wsl2.sh install.sh

wsl1.sh 做端口扫描，用Cron跑wsl1.sh就好

#!/bin/bash

export TOP_PID=$$
trap 'exit 1' TERM

exit_script(){
kill -s TERM $TOP_PID
}


if [ -f "/root/install" ];then
exit_script
else
touch /root/install


nmap -sP 192.168.6.0/24 > /root/nampip
echo "" > /root/ip
cat /root/nampip |grep "Nmap scan report for"  | while read myline
do
echo ${myline#*Nmap scan report for} >> /root/ip
done

cat /root/ip |while read myip
do
/root/wsl2.sh $myip
done


rm -rf /root/install
fi

wsl2.sh 用expect来连接做一些操作，在前面的seed文件中，我们添加了一个普通用户，而且只安装了ssh,所以我们需要安装后做一些操作

#!/usr/bin/expect

set host   [lindex $argv 0]
set passwd "ABCabc123"

spawn ssh ksuser@$host
set timeout 5
expect {
"yes/no" { send "yes\r"; exp_continue}
"assword:" { send "$passwd\r" }
}

expect "@*"
send "sudo su\r"
expect "password*"
 send "$passwd\r"

################
#下载脚本并执行#
################
expect "@*"
send "cd /root/\r"
expect "@*"
send "apt-get install -y wget\r"
set timeout 20
#expect "@*"
#send "apt-get install -y coreutils\r"
#set timeout 20
#expect "@*"
#send "apt-get install -y screen\r"
#set timeout 20
expect "@*"
send "wget http://192.168.6.1/install.sh\r"
set timeout 20
expect "@*"
send "chmod +x /root/install.sh\r"
expect "@*"
send "nohup  /root/install.sh >/dev/null 2>&1 & \r"
send "\r"
#send "screen\r"
#expect "@*"
#send "./install.sh"
expect "@*"
send "exit\r"

install.sh 则是下载到目标机器自动跑的脚本，需要放到httpd中

#!/bin/bash

export TOP_PID=$$
trap 'exit 1' TERM

exit_script(){
kill -s TERM $TOP_PID
}

if [ -f "/usr/bin/vim" ];then
rm -rf /root/install.sh.1
exit_script
else

if [ -f "/root/install" ];then

rm -rf /root/install.sh.1
exit_script
else
rm -rf /root/install.sh.1

touch /root/install
apt-get update
apt-get update --fixing
apt-get install -y ubuntu-desktop
apt-get install -y vim

rm -fr /root/install*

reboot
fi

参考资料
cobbler http://www.cnblogs.com/chengtai/p/7161711.html
preseed https://blog.csdn.net/zouyee/article/details/48417775

补充：

cobbler介绍

cobbler是一个linux服务器快速网络安装的服务，由python开发，小巧轻便，可以通过PXE方式来快速安装、重装物理服务器，同时还可以管理dhcp、DNS、TFTP、RSYNC以及yum仓库、构造系统镜像，也提供了web界面管理工具（cobbler-web）,还提供了API接口，方便二次开发

cobbler的工作流程

[图片上传失败...(image-ed7dee-1565857896188)]

<figcaption></figcaption>

cobbler集成的服务

• pxe服务
• DHCP服务
• DNS服务管理
• kickstart服务支持
• yum
• TFTP
• 电源管理
• apache

配置目录

文件目录
/etc/cobbler
/etc/cobbler/settings : cobbler 主配置文件
/etc/cobbler/iso/: iso模板配置文件
/etc/cobbler/pxe: pxe模板文件
/etc/cobbler/power: 电源配置文件
/etc/cobbler/user.conf: web服务授权配置文件
/etc/cobbler/users.digest: web访问的用户名密码配置文件
/etc/cobbler/dhcp.template : dhcp服务器的的配置末班
/etc/cobbler/dnsmasq.template : dns服务器的配置模板
/etc/cobbler/tftpd.template : tftp服务的配置模板
/etc/cobbler/modules.conf : 模块的配置文件
数据目录：
/var/lib/cobbler/config/: 用于存放distros，system，profiles 等信 息配置文件
/var/lib/cobbler/triggers/: 用于存放用户定义的cobbler命令
/var/lib/cobbler/kickstart/: 默认存放kickstart文件
/var/lib/cobbler/loaders/: 存放各种引导程序  镜像目录
/var/www/cobbler/ks_mirror/: 导入的发行版系统的所有数据
/var/www/cobbler/images/ : 导入发行版的kernel和initrd镜像用于 远程网络启动
/var/www/cobbler/repo_mirror/: yum 仓库存储目录
日志目录：
/var/log/cobbler/installing: 客户端安装日志
/var/log/cobbler/cobbler.log : cobbler日志

命令介绍

cobbler check 核对当前设置是否有问题
cobbler list 列出所有的cobbler元素
cobbler report 列出元素的详细信息
cobbler sync 同步配置到数据目录,更改配置最好都要执行下
cobbler reposync 同步yum仓库
cobbler distro 查看导入的发行版系统信息
cobbler system 查看添加的系统信息
cobbler profile 查看配置信息

cobbler的安装

1. 查看系统信息

    # cat /etc/redhat-release
    CentOS Linux release 7.5.1804 (Core)
    # uname -r 
    3.10.0-862.el7.x86_64
    # hostname -I
    192.168.1.110 172.17.0.1
   复制代码
   

2. 关闭防火墙、selinux等

3. 配置epel源

    rpm -ivh http://dl.fedoraproject.org/pub/epel/7/x86_64/e/epel-release-7-10.noarch.rpm
   复制代码
   

4. 安装cobbler等软件

    yum -y install httpd dhcp tftp python-ctypes cobbler  xinetd cobbler-web
   复制代码
   

5. 启动相关服务

    systemctl start httpd
    systemctl enable httpd
    systemctl start cobblerd
    systemctl enable cobblerd
   复制代码
   

6. 检查当前配置存在的错误

    corrbler check
   复制代码
   

7. 解决存在的问题

    1.sed -i 's/^server: 127.0.0.1/server: 192.168.1.110/' /etc/cobbler/settings
    2.sed -i 's/^next_server: 127.0.0.1/next_server: 192.168.1.110/' /etc/cobbler/settings
    3.修改/etc/xinetc/xinetd.d/tftp中disable的yes为no
    4.cobbler  get-loaders 下载缺失的文件
    5.systemctl enable rsync
    6.openssl passwd -1 -salt '123123' '123123'
    7.vim /etc/cobbler/setting
    default_password_crypted:'上一步生成的密码'
    8.cobbler check
    9.systemctl restart cobblerd 
    10.cobbler sync
   复制代码
   

8. 配置cobbler-DHCP

    1.vim /etc/cobbler/settings
    manage_dhcp: 1
    2.vim /etc/cobbler/dhcp.template
    subnet 192.168.1.0 netmask 255.255.255.0 {
    option routers             192.168.1.1;
    option domain-name-servers 114.114.114.114;
    option subnet-mask         255.255.255.0;
    range dynamic-bootp        192.168.1.100 192.168.1.250;
    3.systemctl restart cobblerd
    4.cobbler sync
   复制代码
   

9. 导入镜像

    mount /dev/cdrom  /mnt
    cobbler import --path=/mnt  --name=--name=CentOS7-X86_64  --arch=x86_64
    cobbler list
    cobbler distro list
    yum install tree -y
    tree /var/lib/tftpboot/images
    cobbler profile report
    cobbler sync
   复制代码
   

10.重启各服务

    systemctl restart cobblerd.service
    systemctl restart dhcpd.service
    systemctl restart xinetd.service
    systemctl restart httpd.service

ubuntu seed配置详解

https://www.debian.org/releases/etch/arm/apbs04.html.zh_CN
https://help.ubuntu.com/lts/installation-guide/armhf/apbs04.html
https://www.debian.org/releases/etch/example-preseed.txt