11月 14 2014

Kickstart | CentOS 6.6定制自动化安装盘

一、简介

最近在研究kickstart自动化安装，为了以后自己建IDC的时候装系统能够更加地快捷，当然后期肯定会用cobbler来做，毕竟更加强大便捷。

二、定制前的环境准备

1、安装所需要的软件包

# yum -y install createrepo mkisofs isomd5sum

2、生成精简后的rpm列表

# awk '/Installing/{print $2}' install.log | sed 's/$/.rpm/g' > /tmp/packages.list

3、定义目录结构

# mkdir -p /mnt/cdrom
# mkdir -p /data/{os,iso}
# mount /dev/cdrom /mnt/cdrom
# mkdir /data/os/Packages
# rsync -a --exclude=Packages /mnt/cdrom/* /data/os

备注
这里需要注意的是在复制iso镜像里面的东西的时候一定要把这两个隐藏文件复制出来，要不然在安装的时候会提示：The CentOS CD was not found in any of your Cdrom drives.

# ls -al /data/os/ | grep '.*info'
-r--r--r--  1 root root    31 Oct 24 22:16 .discinfo
-r--r--r--  1 root root   338 Oct 24 22:17 .treeinfo

4、复制rpm包

# for package in `cat /tmp/packages.list`;do cp /mnt/iso/Packages/$package /data/os/Packages;done

三、创建kickstart文件

1、定制kickstart

# vim /data/os/isolinux/ks.cfg
# Install OS instead of upgrade
install
 
# Use text mode install
text
 
# Use CDROM installation media
cdrom
 
# Language environment
lang en_US.UTF-8
keyboard us
 
# Skip the X configuration
skipx
 
# Disable firstboot
firstboot --disable
 
# Logging
logging --level=info
 
# Network information
network --onboot no --device eth0 --bootproto dhcp --noipv6
 
# Root password
authconfig --enableshadow --passalgo=sha512
rootpw  --iscrypted $6$16_CHARACTER_SAL$xQvb5PCdNoiB1nqv19r5uAfjm73lZvuZsczpx2uVgHgdqzwiYfj.PYrvUZCSpz/qejyVwYeDMrOS64n9H.Tv5/
 
# Disable firewall and selinux
firewall --disabled
selinux --disabled
 
# Set the timezone
timezone --utc Asia/Shanghai
 
# System bootloader configuration
bootloader --location=mbr --driveorder=sda --append="rhgb crashkernel=auto quiet"
 
# Clear the Master Boot Record
zerombr yes
 
# Partition clearing information
clearpart --all --initlabel
 
# Disk partitioning information
part /boot --fstype=ext4 --size=300 --asprimary
part / --fstype=ext4 --size=20000 --asprimary
part swap --fstype=swap --recommended
part /var --fstype=ext4 --size=5000
 
part pv.0001 --size=1 --grow
volgroup VolGroup --pesize=4096 pv.0001
logvol /data --fstype=ext4 --name=lv_data --vgname=VolGroup --size=1 --grow
 
# Reboot the host after installation is done
reboot
 
# List of rpms to install
%packages
@core
@server-policy
@workstation-policy
%end
 
%post
# Alias vi to vim
echo -e "\n# Alias vi to vim\nalias vi='vim'" >> /etc/bashrc
 
# Set DNS
cat > /etc/resolv.conf << _resolv
options timeout:1 attempts:1 rotate
nameserver 10.31.90.11
nameserver 10.31.90.12
_resolv
 
# Disable Ipv6
echo -e "\n# Disable Ipv6\nalias net-pf-10 off" >> /etc/modprobe.d/dist.conf
echo "options ipv6 disable=1" >> /etc/modprobe.d/dist.conf
echo "NETWORKING_IPV6=no" >> /etc/sysconfig/network
 
# Init ssh
sed -i 's/#Port 22/Port 55555/' /etc/ssh/sshd_config
sed -i 's/#UseDNS yes/UseDNS no/' /etc/ssh/sshd_config
 
# Append lib
echo "/usr/local/lib/" >> /etc/ld.so.conf
 
# Modify system auto mail
echo "unset MAILCHECK" >> /etc/profile
 
# Modify history
sed -i "s/HISTSIZE=1000/HISTSIZE=9999999/" /etc/profile
echo 'HISTTIMEFORMAT="%F %T `whoami` "' >> /etc/profile
 
# Disable selinux
sed -i 's/SELINUX=enforcing/SELINUX=disabled/' /etc/selinux/config
setenforce 0
 
# Set sysctl
cat >> /etc/sysctl.conf << _sysctl
 
net.ipv4.neigh.default.gc_stale_timei = 120
net.ipv4.conf.all.rp_filter=0
net.ipv4.conf.default.rp_filter=0
net.ipv4.conf.default.arp_announce = 2
net.ipv4.conf.all.arp_announce=2
net.ipv4.tcp_max_tw_buckets = 5000
net.ipv4.tcp_syncookies = 1
net.ipv4.tcp_max_syn_backlog = 1024
net.ipv4.tcp_synack_retries = 2
net.ipv4.conf.lo.arp_announce = 2
_sysctl
/sbin/sysctl -p
 
# File descriptors
ulitmit -HSn 65535
 
# Modify core ulimit
echo -e "*\tsoft\tnofile\t65535" >> /etc/security/limits.conf
echo -e "*\thard\tnofile\t65535" >> /etc/security/limits.conf
 
echo -e "*\tsoft\tnofile\t65535" >> /etc/security/limits.d/90-nproc.conf
echo -e "*\thard\tnofile\t65535" >> /etc/security/limits.d/90-nproc.conf
 
# Set purview
chmod 600 /etc/passwd
chmod 600 /etc/shadow
chmod 600 /etc/group
chmod 600 /etc/gshadow
 
# Disable all services
for i in $(ls /etc/rc3.d/S*)
do
    CURSRV=$(echo $i | cut -c 15-)
    chkconfig $CURSRV off
done
 
# Enable necessary services
for j in crond rsyslog iptables network ntpd sshd sysstat
do
    chkconfig $j on
done

2、让系统从kickstart配置启动安装

# vim /data/os/isolinux/isolinux.cfg
default auto
label auto
  kernel vmlinuz
  append ks=cdrom:/isolinux/ks.cfg initrd=initrd.img

3、生成rpm包的依赖关系

# cd /data/os
# createrepo -g repodata/*-comps.xml /data/iso/

4、生成ISO镜像

# mkisofs -R -J -T -r -l -d -joliet-long -allow-multidot \
-allow-leading-dots -no-bak -o /data/iso/CentOS-6.6-x86_64-mini.iso \
-b isolinux/isolinux.bin -c isolinux/boot.cat -no-emul-boot \
-boot-load-size 4 -boot-info-table /data/os

5、生成MD5校验码

# implantisomd5 /data/iso/CentOS-6.6-x86_64-mini.iso