您好,欢迎来到思海网络,我们将竭诚为您提供优质的服务! 诚征网络推广 | 网站备案 | 帮助中心 | 软件下载 | 购买流程 | 付款方式 | 联系我们 [ 会员登录/注册 ]
促销推广
客服中心
业务咨询
有事点击这里…  531199185
有事点击这里…  61352289
点击这里给我发消息  81721488
有事点击这里…  376585780
有事点击这里…  872642803
有事点击这里…  459248018
有事点击这里…  61352288
有事点击这里…  380791050
技术支持
有事点击这里…  714236853
有事点击这里…  719304487
有事点击这里…  1208894568
有事点击这里…  61352289
在线客服
有事点击这里…  531199185
有事点击这里…  61352288
有事点击这里…  983054746
有事点击这里…  893984210
当前位置:首页 >> 技术文章 >> 文章浏览
技术文章

CentOS自动化安装实战

添加时间:2019-4-21 2:08:46  添加: 思海网络 
定制自动化安装盘

# 安装所需要的软件包:
 


yum -y install createrepo mkisofs isomd5sum
# 生成精简后的rpm列表
 


awk '/安装/{print $2}' install.log |sed 's/^[0-9]*://g' >/root/packages.list //我的是中文环境具体看log里是什么
# 约束目录结构



mkdir -p /mnt/cdrom
mkdir -p /data/OS
mount /dev/cdrom /mnt/cdrom
rsync –a --exclude=Packages /mnt/cdrom/* /data/OS
mkdir /data/OS/Packages
 

# 将精简后的rpm文件 拷贝到新的系统目录里
 
# 拷贝到新的系统目录方法很多,这里省事儿就用了替换命令 但是结果都一样啊 呵呵



cp /mnt/cdrom/Packages/libgcc-4.4.7-3.el6.x86_64
cp /mnt/cdrom/Packages/setup-2.8.14-20.el6.noarch
cp /mnt/cdrom/Packages/filesystem-2.4.30-3.el6.x86_64
cp /mnt/cdrom/Packages/xml-common-0.6.3-32.el6.noarch
cp /mnt/cdrom/Packages/cjkuni-fonts-common-0.2.20080216.1-35.el6.noarch
cp /mnt/cdrom/Packages/iso-codes-3.16-2.el6.noarch
cp /mnt/cdrom/Packages/basesystem-10.0-4.el6.noarch
cp /mnt/cdrom/Packages/dmz-cursor-themes-0.4-4.el6.noarch
cp /mnt/cdrom/Packages/libX11-common-1.5.0-4.el6.noarch
cp /mnt/cdrom/Packages/ca-certificates-2010.63-3.el6_1.5.noarch
cp /mnt/cdrom/Packages/ncurses-base-5.7-3.20090208.el6.x86_64
cp /mnt/cdrom/Packages/tzdata-2012j-1.el6.noarch
cp /mnt/cdrom/Packages/glibc-common-2.12-1.107.el6.x86_64
cp /mnt/cdrom/Packages/nss-softokn-freebl-3.12.9-11.el6.x86_64
cp /mnt/cdrom/Packages/glibc-2.12-1.107.el6.x86_64
cp /mnt/cdrom/Packages/ncurses-libs-5.7-3.20090208.el6.x86_64
cp /mnt/cdrom/Packages/bash-4.1.2-14.el6.x86_64
cp /mnt/cdrom/Packages/libattr-2.4.44-7.el6.x86_64
cp /mnt/cdrom/Packages/libcap-2.16-5.5.el6.x86_64
cp /mnt/cdrom/Packages/zlib-1.2.3-29.el6.x86_64
cp /mnt/cdrom/Packages/dbus-libs-1.2.24-7.el6_3.x86_64
cp /mnt/cdrom/Packages/info-4.13a-8.el6.x86_64
cp /mnt/cdrom/Packages/libxml2-2.7.6-8.el6_3.4.x86_64
:%s/^/cp \/mnt\/cdrom\/Packages\//g

cp /mnt/cdrom/Packages/cjkuni-uming-fonts-0.2.20080216.1-35.el6.noarch.rpm
cp /mnt/cdrom/Packages/cjkuni-ukai-fonts-0.2.20080216.1-35.el6.noarch.rpm
cp /mnt/cdrom/Packages/man-pages-3.22-20.el6.noarch.rpm
cp /mnt/cdrom/Packages/words-3.0-17.el6.noarch.rpm
cp /mnt/cdrom/Packages/centos-indexhtml-6-1.el6.centos.noarch.rpm
cp /mnt/cdrom/Packages/ql2400-firmware-5.08.00-1.el6.noarch.rpm
cp /mnt/cdrom/Packages/iwl5000-firmware-8.83.5.1_1-1.el6_1.1.noarch.rpm
cp /mnt/cdrom/Packages/ql2100-firmware-1.19.38-3.1.el6.noarch.rpm
cp /mnt/cdrom/Packages/ivtv-firmware-20080701-20.2.noarch.rpm
cp /mnt/cdrom/Packages/libertas-usb8388-firmware-5.110.22.p23-3.1.el6.noarch.rpm
cp /mnt/cdrom/Packages/xorg-x11-drv-ati-firmware-6.99.99-1.el6.noarch.rpm
cp /mnt/cdrom/Packages/ql2500-firmware-5.08.00-1.el6.noarch.rpm
cp /mnt/cdrom/Packages/atmel-firmware-1.3-7.el6.noarch.rpm
cp /mnt/cdrom/Packages/zd1211-firmware-1.4-4.el6.noarch.rpm
cp /mnt/cdrom/Packages/iwl4965-firmware-228.61.2.24-2.1.el6.noarch.rpm
cp /mnt/cdrom/Packages/rt61pci-firmware-1.2-7.el6.noarch.rpm
cp /mnt/cdrom/Packages/iwl3945-firmware-15.32.2.9-4.el6.noarch.rpm
cp /mnt/cdrom/Packages/ql2200-firmware-2.02.08-3.1.el6.noarch.rpm
cp /mnt/cdrom/Packages/rt73usb-firmware-1.8-7.el6.noarch.rpm
cp /mnt/cdrom/Packages/ipw2100-firmware-1.3-11.el6.noarch.rpm
cp /mnt/cdrom/Packages/ql23xx-firmware-3.03.27-3.1.el6.noarch.rpm
cp /mnt/cdrom/Packages/ipw2200-firmware-3.1-4.el6.noarch.rpm
cp /mnt/cdrom/Packages/rootfiles-8.1-6.1.el6.noarch.rpm
:%s/$/.rpm/g

cp /mnt/cdrom/Packages/cjkuni-uming-fonts-0.2.20080216.1-35.el6.noarch.rpm /data/OS/Packages
cp /mnt/cdrom/Packages/cjkuni-ukai-fonts-0.2.20080216.1-35.el6.noarch.rpm /data/OS/Packages
cp /mnt/cdrom/Packages/man-pages-3.22-20.el6.noarch.rpm /data/OS/Packages
cp /mnt/cdrom/Packages/words-3.0-17.el6.noarch.rpm /data/OS/Packages
cp /mnt/cdrom/Packages/centos-indexhtml-6-1.el6.centos.noarch.rpm /data/OS/Packages
cp /mnt/cdrom/Packages/ql2400-firmware-5.08.00-1.el6.noarch.rpm /data/OS/Packages
cp /mnt/cdrom/Packages/iwl5000-firmware-8.83.5.1_1-1.el6_1.1.noarch.rpm /data/OS/Packages
cp /mnt/cdrom/Packages/ql2100-firmware-1.19.38-3.1.el6.noarch.rpm /data/OS/Packages
cp /mnt/cdrom/Packages/ivtv-firmware-20080701-20.2.noarch.rpm /data/OS/Packages
cp /mnt/cdrom/Packages/libertas-usb8388-firmware-5.110.22.p23-3.1.el6.noarch.rpm /data/OS/Packages
cp /mnt/cdrom/Packages/xorg-x11-drv-ati-firmware-6.99.99-1.el6.noarch.rpm /data/OS/Packages
cp /mnt/cdrom/Packages/ql2500-firmware-5.08.00-1.el6.noarch.rpm /data/OS/Packages
cp /mnt/cdrom/Packages/atmel-firmware-1.3-7.el6.noarch.rpm /data/OS/Packages
cp /mnt/cdrom/Packages/zd1211-firmware-1.4-4.el6.noarch.rpm /data/OS/Packages
cp /mnt/cdrom/Packages/iwl4965-firmware-228.61.2.24-2.1.el6.noarch.rpm /data/OS/Packages
cp /mnt/cdrom/Packages/rt61pci-firmware-1.2-7.el6.noarch.rpm /data/OS/Packages
cp /mnt/cdrom/Packages/iwl3945-firmware-15.32.2.9-4.el6.noarch.rpm /data/OS/Packages
cp /mnt/cdrom/Packages/ql2200-firmware-2.02.08-3.1.el6.noarch.rpm /data/OS/Packages
cp /mnt/cdrom/Packages/rt73usb-firmware-1.8-7.el6.noarch.rpm /data/OS/Packages
cp /mnt/cdrom/Packages/ipw2100-firmware-1.3-11.el6.noarch.rpm /data/OS/Packages
cp /mnt/cdrom/Packages/ql23xx-firmware-3.03.27-3.1.el6.noarch.rpm /data/OS/Packages
cp /mnt/cdrom/Packages/ipw2200-firmware-3.1-4.el6.noarch.rpm /data/OS/Packages
cp /mnt/cdrom/Packages/rootfiles-8.1-6.1.el6.noarch.rpm /data/OS/Packages
:%s/$/ \/data\/OS\/Packages/g
# 创建ks.cfg文件  默认安装完系统就会安装所有的定制软件包了
 
# 关键字


%post --nochroot %post
[root@test OS]# pwd
/data/OS
[root@test OS]# cat ks.cfg
firewall --disabled
install
cdrom
rootpw --iscrypted $1$stMs72eG$G3f0zhGBjp6/SioZ28CxQ0
auth --useshadow --passalgo=md5
text
firstboot --disable
keyboard us
lang en_US.UTF-8
selinux --disabled
# Do not configure the X Window System
skipx
logging --level=info
reboot --eject
timezone Asia/Shanghai
network --device em1 --bootproto=static --ip=192.168.7.123 --netmask=255.255.248.0 --gateway=192.1s
bootloader --location=mbr --driveorder=sda

# Clear the Master Boot Record
zerombr yes

# Partition clearing information
clearpart --all --initlabel

# Disk partitioning information
part / --fstype="ext4" --size=10240
part swap --size=4096
part /data --fstype="ext4" --grow --size=1

%packages
@base
@core
@server-policy
sgpio
device-mapper-persistent-data
ntp

%post --nochroot
mkdir -p /mnt/sysimage/tmp/custom_data >> /tmp/custom.log 2>&1
cp /mnt/source/Packages/lnmp_pack.tar.gz /mnt/sysimage/tmp/custom_data >> /tmp/custom.log 2>&1
cp /mnt/source/Packages/install_packages.sh /mnt/sysimage/tmp/custom_data >> /tmp/custom.log 2>&1
cp /mnt/source/Packages/ncftp-3.2.5-src.tar.gz /mnt/sysimage/tmp/custom_data >>/tmp/custom.log 2>&1
cp /mnt/source/Packages/rarlinux-3.8.0.tar.gz /mnt/sysimage/tmp/custom_data >>/tmp/custom.log 2>&1
cp /mnt/source/Packages/nmon_linux_14i.tar.gz /mnt/sysimage/tmp/custom_data >>/tmp/custom.log 2>&1

%post
cd /tmp/custom_data >> /tmp/custom.log 2>&1
chmod +x install_packages.sh
sh install_packages.sh

# remove custom_data
rm -rf /tmp/custom_data

#vim syntax on
echo alias vi='vim' >> /etc/bashrc

# disable ipv6
echo "alias net-pf-10 off" >> /etc/modprobe.d/dist.conf
echo -e "options\tipv6\tdisable=1" >> /etc/modprobe.d/dist.conf
echo "NETWORKING_IPV6=no" >> /etc/sysconfig/network

#append lib
echo "/usr/local/lib/" >> /etc/ld.so.conf

#modify lang
echo 'export LANG=zh_CN.UTF8' >> /etc/profile

#disable system auto mail
echo "unset MAILCHECK" >> /etc/profile

#modify history
echo 'export HISTTIMEFORMAT="%F %T `whoami` "' >> /etc/profile
sed -i "s/HISTSIZE=1000/HISTSIZE=999999999/" /etc/profile

#modifu ssh port on 3389
echo 'Port 3389' >> /etc/ssh/sshd_config
echo 'UseDNS no' >> /etc/ssh/sshd_config

for i in `ls /etc/rc3.d/S*`
do
CURSRV=`echo $i|cut -c 15-`
chkconfig --level 3 $CURSRV off
done

for i in crond rsyslog iptables network ntpd sshd sysstat;do chkconfig --level 3 $i on;done

sed -i '/HOSTNAME=/d' /etc/sysconfig/network
echo 'HOSTNAME=test' >> /etc/sysconfig/network

# sysctl
echo "net.core.netdev_max_backlog = 32768" >> /etc/sysctl.conf
echo "net.core.rmem_default = 8388608" >> /etc/sysctl.conf
echo "net.core.rmem_max = 16777216" >> /etc/sysctl.conf
echo "net.core.somaxconn = 32768" >> /etc/sysctl.conf
echo "net.core.wmem_default = 8388608" >> /etc/sysctl.conf
echo "net.core.wmem_max = 16777216" >> /etc/sysctl.conf
echo "net.ipv4.ip_local_port_range = 5000 65000" >> /etc/sysctl.conf
echo "net.ipv4.tcp_fin_timeout = 30" >> /etc/sysctl.conf
echo "net.ipv4.tcp_keepalive_time = 300" >> /etc/sysctl.conf
echo "net.ipv4.tcp_max_orphans = 3276800" >> /etc/sysctl.conf
echo "net.ipv4.tcp_max_syn_backlog = 65536" >> /etc/sysctl.conf
echo "net.ipv4.tcp_max_tw_buckets = 5000" >> /etc/sysctl.conf
echo "net.ipv4.tcp_mem = 94500000 915000000 927000000" >> /etc/sysctl.conf
echo "net.ipv4.tcp_syn_retries = 2" >> /etc/sysctl.conf
echo "net.ipv4.tcp_synack_retries = 2" >> /etc/sysctl.conf
echo "net.ipv4.tcp_syncookies = 1" >> /etc/sysctl.conf
echo "net.ipv4.tcp_timestamps = 0" >> /etc/sysctl.conf
echo "net.ipv4.tcp_tw_recycle = 1" >> /etc/sysctl.conf
echo "net.ipv4.tcp_tw_reuse = 1" >> /etc/sysctl.conf
/sbin/sysctl -p

# modify core ulimt
echo -e "*\tsoft\tnofile\t65535" >> /etc/security/limits.conf
echo -e "*\thard\tnofile\t65535" >> /etc/security/limits.conf

echo -e "*\tsoft\tnofile\t65535" >> /etc/security/limits.d/90-nproc.conf
echo -e "*\thard\tnofile\t65535" >> /etc/security/limits.d/90-nproc.conf

# ntpd
cat > /etc/sysconfig/clock < /etc/sysconfig/iptables <<EOF
*filter

#############################################
# disabled (INPUT,FORWARD,OUTPUT)
:INPUT DROP
:FORWARD DROP
:OUTPUT DROP
 
# enabled lo
-A INPUT -i lo -j ACCEPT
-A OUTPUT -o lo -j ACCEPT
-A FORWARD -o lo -j ACCEPT
 
# enabled em2
# Be careful of the network adapter name
-A INPUT -i em2 -j ACCEPT
-A OUTPUT -o em2 -j ACCEPT
-A FORWARD -o em2 -j ACCEPT
 
# enabled ping
-A INPUT -p icmp -j ACCEPT
-A OUTPUT -p icmp -j ACCEPT
 
# enabled ntp
-A INPUT -p udp -m udp --dport 123 -j ACCEPT
-A OUTPUT -p udp -m udp --sport 123 -j ACCEPT
 
# dns
-A INPUT -p tcp -m tcp --sport 53 -j ACCEPT
-A OUTPUT -p tcp -m tcp --dport 53 -j ACCEPT
 
-A INPUT -p udp -m udp --sport 53 -j ACCEPT
-A OUTPUT -p udp -m udp --dport 53 -j ACCEPT
 
#############################################
 
#############################################
# team ssh
 
# all
-A INPUT -p tcp -m tcp --dport 3389 -j ACCEPT
-A OUTPUT -p tcp -m tcp --sport 3389 -j ACCEPT
 
# suzhouqiao
-A INPUT -s 118.145.x.xx -p tcp -m tcp --dport 3389 -j ACCEPT
-A OUTPUT -d 118.145.x.xx -p tcp -m tcp --sport 3389 -j ACCEPT
 
-A INPUT -s 115.182.x.xx -p tcp -m tcp --dport 3389 -j ACCEPT
-A OUTPUT -d 115.182.x.xxx -p tcp -m tcp --sport 3389 -j ACCEPT
 
# corporate
-A INPUT -s 119.253.59.x -p tcp -m tcp --dport 3389 -j ACCEPT
-A OUTPUT -d 119.253.xx.1x0 -p tcp -m tcp --sport 3389 -j ACCEPT
 
-A INPUT -s 203.187.xx1.x -p tcp -m tcp --dport 3389 -j ACCEPT
-A OUTPUT -d 203.x7.x1.x -p tcp -m tcp --sport 3389 -j ACCEPT
 
-A INPUT -s 211.103.xxs.x0 -p tcp -m tcp --dport 3389 -j ACCEPT
-A OUTPUT -d 211.103.xx.xxx -p tcp -m tcp --sport 3389 -j ACCEPT
 
-A INPUT -s 119.253.x9.xx -p tcp -m tcp --dport 3389 -j ACCEPT
-A OUTPUT -d 119.253.xx.xx -p tcp -m tcp --sport 3389 -j ACCEPT
 
-A INPUT -s 119.253.xx.xx2 -p tcp -m tcp --dport 3389 -j ACCEPT
-A OUTPUT -d 119.253.x.xx -p tcp -m tcp --sport 3389 -j ACCEPT
 
-A INPUT -s 203.187.xx.1xx -p tcp -m tcp --dport 3389 -j ACCEPT
-A OUTPUT -d 203.187.1xx.xx -p tcp -m tcp --sport 3389 -j ACCEPT
#############################################
 
#############################################
# jiankongbao
-A INPUT -s 60.xx.249.xx -p udp -m udp --dport 161 -j ACCEPT
-A OUTPUT -d 60.xx.xx.x3 -p udp -m udp --sport 161 -j ACCEPT
 
-A INPUT -s 60.195.252.xx -p udp -m udp --dport 161 -j ACCEPT
-A OUTPUT -d 60.195.xx.107 -p udp -m udp --sport 161 -j ACCEPT
 
-A INPUT -s 60.195.x.xx -p udp -m udp --dport 161 -j ACCEPT
-A OUTPUT -d 60.195.x.1xx -p udp -m udp --sport 161 -j ACCEPT
 
-A INPUT -s 125.76.sxx -p udp -m udp --dport 161 -j ACCEPT
-A OUTPUT -d 125.76.xx.xx -p udp -m udp --sport 161 -j ACCEPT
#############################################
 
#############################################
# project port
#############################################
COMMIT
EOF
 
%end
# 让系统从kickstart配置启动安装



[root@test isolinux]# pwd
/data/OS/isolinux
[root@test isolinux]# cat isolinux.cfg
default linux ks=cdrom:/ks.cfg
prompt 1
timeout 100 
display boot.msg
F1 boot.msg
F2 options.msg
F3 general.msg
F4 param.msg
F5 rescue.msg
label linux
kernel vmlinuz
append initrd=initrd.img 
label text
kernel vmlinuz
append initrd=initrd.img text 
label ks
kernel vmlinuz
append ks initrd=initrd.img
label local
localboot 1
label memtest86
kernel memtest
append -
# 生成rpm包的依赖关系



[root@test ~]# cd /data/OS/
[root@test OS]# createrepo -g repodata/*-comps.xml /data/OS/
# 生成iso镜像



mkisofs -R -J -T -r -l -d -joliet-long -allow-multidot \
-allow-leading-dots -no-bak -o /data/CentOS-6.4-x86_64-mini.iso \
-b isolinux/isolinux.bin -c isolinux/boot.cat -no-emul-boot \
-boot-load-size 4 -boot-info-table /data/OS
# 生成MD5校验码 //本人没有执行这条命令原因是如果需要修改iso里的内容会导致光盘无法使用




implantisomd5 /data/CentOS-6.4-x86_64-mini.iso
基于Kisckstart的安装

安装软件包

yum -y install createrepo mkisofs
制作流程
目录结构
拷贝CentOS原始镜像内容,不做任何精简




mkdir /mnt/centos
mount /dev/sr0 /mnt/centos
mkdir /tmp/iso
cp -r /mnt/centos/* /tmp/iso

增加Kickstart配置文件
文件路径和安装方式可自由定义



cd /tmp/iso/isolinux
#修改引导,注意ks=部分
vi isolinux.cfg

label linux
menu label ^Install or upgrade an existing system
menu default
kernel vmlinuz
append initrd=initrd.img ks=cdrom:/isolinux/ks.cfg

#手动增加Kickstart配置文件
vi ks.cfg
#Kickstart file automatically generated by anaconda.
#version=DEVEL

#Install OS instead of upgrade
#表示是安装,而不是升级
install

#Use text mode install
#文本方式安装
text

#Use network installation
#使用网络安装
#url --url=ftp://ip/centos
#Local installation Use CDROM installation media
#使用光盘安装
cdrom

#Installation Number configuration
#如果是RedHat的系统,会要求输入key,这里配置为跳过,如果不配置安装时会停在那里要求用户输入key
#key –skip

#System language
#语言环境
#lang en_US.UTF-8
lang zh_CN.UTF-8

#System keyboard
#键盘类型
keyboard us

#Network information
#网络配置
#network --device eth0 --bootproto dhcp --onboot yes

#Root password
#root密码
rootpw chinaums

#Firewall configuration
#禁用防火墙
firewall --disabled

#SELinux configuration
#禁用selinux
selinux --disabled

#Run the Setup Agent on first boot
#禁用第一次启动时设置系统的向导
firstboot --disable

#System authorization information
#用户认证配置,useshadow表示使用本地认证,--passalgo表示密码加密算法
authconfig --enableshadow --passalgo=sha512

#System timezone
#设置时区为上海
timezone --isUtc Asia/Shanghai

#System bootloader configuration
#指明bootloader的安装位置,指明驱动器的排序,指明操作系统安装完成之后,向内核传递的参数
bootloader --location=mbr --driveorder=sda --append="crashkernel=auto rhgb quiet"

#Clear the Master Boot Record
#清除MBR引导记录
zerombr yes

#Partition clearing information
#清除硬盘上的所有数据
clearpart --all --initlabel

#Disk partitioning information
#自定义分区

#创建一个200M大小的分区挂载/boot类型为ext4
part /boot --fstype=ext4 --size=200 --ondisk=sda

#创建一个20000M大小的SWAP分区
part swap --size=20000 --ondisk=sda

#创建/目录
part / --fstype=ext4 --grow --size=1 --ondisk=sda

#Reboot after installation
#设置完成之后重启
reboot --eject

#This packages is for CentOS 6.4
#为CentOS 6.4定制的软件包
%packages
@base
@core
@chinese-support

#增加安装后运行脚本 
%post
#config service 
#自定义服务
service NetworkManager stop
chkconfig NetworkManager off

#eject cdrom
#安装完成弹出光碟 
#eject

#reboot
#执行完毕后重启 
#reboot -f 

#结束自动化部署
%end

生成依赖关系和ISO文件
注意路径和命令的准确性



cd /tmp/iso
createrepo -g repodata/*comps.xml . 
mkisofs -o /tmp/CentOS-6.4_64_auto.iso -b isolinux/isolinux.bin -c isolinux/boot.cat -no-emul-boot -boot-load-size 4 -boot-info-table -joliet-long -R -J -v -T /tmp/iso/


关键字:CentOS、自动化安装、软件包
分享到:

顶部 】 【 关闭
版权所有:佛山思海电脑网络有限公司 ©1998-2019 All Rights Reserved.
联系电话:(0757)22630313、22633833
公司地址: 广东省佛山市顺德区大良国际商业城A区4座3楼106号   邮编:528300
机房7x24小时服务热线:(0757)23628508、23628509
中华人民共和国增值电信业务经营许可证: 粤B1.B2-20030321 备案号:粤B2-20030321-1
网站公安备案编号:44060602000007 交互式栏目专项备案编号:200303DD003  
察察 工商 网安 举报有奖  警警  手机打开网站