CentOS自动化安装实战

技术文章

客服中心

业务咨询

531199185
61352289
81721488
376585780
872642803
459248018
61352288
380791050

技术支持

714236853

719304487

1208894568

61352289

在线客服

531199185

61352288

983054746

893984210

当前位置：首页 >> 技术文章 >> 文章浏览

添加时间：2019-4-21 2:08:46　添加：思海网络　

定制自动化安装盘

# 安装所需要的软件包:

yum -y install createrepo mkisofs isomd5sum

# 生成精简后的rpm列表

awk '/安装/{print $2}' install.log |sed 's/^[0-9]*://g' >/root/packages.list //我的是中文环境具体看log里是什么

＃约束目录结构

mkdir -p /mnt/cdrom

mkdir -p /data/OS

mount /dev/cdrom /mnt/cdrom

rsync –a --exclude=Packages /mnt/cdrom/* /data/OS

mkdir /data/OS/Packages

# 将精简后的rpm文件拷贝到新的系统目录里

# 拷贝到新的系统目录方法很多,这里省事儿就用了替换命令但是结果都一样啊呵呵

cp /mnt/cdrom/Packages/libgcc-4.4.7-3.el6.x86_64

cp /mnt/cdrom/Packages/setup-2.8.14-20.el6.noarch

cp /mnt/cdrom/Packages/filesystem-2.4.30-3.el6.x86_64

cp /mnt/cdrom/Packages/xml-common-0.6.3-32.el6.noarch

cp /mnt/cdrom/Packages/cjkuni-fonts-common-0.2.20080216.1-35.el6.noarch

cp /mnt/cdrom/Packages/iso-codes-3.16-2.el6.noarch

cp /mnt/cdrom/Packages/basesystem-10.0-4.el6.noarch

cp /mnt/cdrom/Packages/dmz-cursor-themes-0.4-4.el6.noarch

cp /mnt/cdrom/Packages/libX11-common-1.5.0-4.el6.noarch

cp /mnt/cdrom/Packages/ca-certificates-2010.63-3.el6_1.5.noarch

cp /mnt/cdrom/Packages/ncurses-base-5.7-3.20090208.el6.x86_64

cp /mnt/cdrom/Packages/tzdata-2012j-1.el6.noarch

cp /mnt/cdrom/Packages/glibc-common-2.12-1.107.el6.x86_64

cp /mnt/cdrom/Packages/nss-softokn-freebl-3.12.9-11.el6.x86_64

cp /mnt/cdrom/Packages/glibc-2.12-1.107.el6.x86_64

cp /mnt/cdrom/Packages/ncurses-libs-5.7-3.20090208.el6.x86_64

cp /mnt/cdrom/Packages/bash-4.1.2-14.el6.x86_64

cp /mnt/cdrom/Packages/libattr-2.4.44-7.el6.x86_64

cp /mnt/cdrom/Packages/libcap-2.16-5.5.el6.x86_64

cp /mnt/cdrom/Packages/zlib-1.2.3-29.el6.x86_64

cp /mnt/cdrom/Packages/dbus-libs-1.2.24-7.el6_3.x86_64

cp /mnt/cdrom/Packages/info-4.13a-8.el6.x86_64

cp /mnt/cdrom/Packages/libxml2-2.7.6-8.el6_3.4.x86_64

:%s/^/cp \/mnt\/cdrom\/Packages\//g

cp /mnt/cdrom/Packages/cjkuni-uming-fonts-0.2.20080216.1-35.el6.noarch.rpm

cp /mnt/cdrom/Packages/cjkuni-ukai-fonts-0.2.20080216.1-35.el6.noarch.rpm

cp /mnt/cdrom/Packages/man-pages-3.22-20.el6.noarch.rpm

cp /mnt/cdrom/Packages/words-3.0-17.el6.noarch.rpm

cp /mnt/cdrom/Packages/centos-indexhtml-6-1.el6.centos.noarch.rpm

cp /mnt/cdrom/Packages/ql2400-firmware-5.08.00-1.el6.noarch.rpm

cp /mnt/cdrom/Packages/iwl5000-firmware-8.83.5.1_1-1.el6_1.1.noarch.rpm

cp /mnt/cdrom/Packages/ql2100-firmware-1.19.38-3.1.el6.noarch.rpm

cp /mnt/cdrom/Packages/ivtv-firmware-20080701-20.2.noarch.rpm

cp /mnt/cdrom/Packages/libertas-usb8388-firmware-5.110.22.p23-3.1.el6.noarch.rpm

cp /mnt/cdrom/Packages/xorg-x11-drv-ati-firmware-6.99.99-1.el6.noarch.rpm

cp /mnt/cdrom/Packages/ql2500-firmware-5.08.00-1.el6.noarch.rpm

cp /mnt/cdrom/Packages/atmel-firmware-1.3-7.el6.noarch.rpm

cp /mnt/cdrom/Packages/zd1211-firmware-1.4-4.el6.noarch.rpm

cp /mnt/cdrom/Packages/iwl4965-firmware-228.61.2.24-2.1.el6.noarch.rpm

cp /mnt/cdrom/Packages/rt61pci-firmware-1.2-7.el6.noarch.rpm

cp /mnt/cdrom/Packages/iwl3945-firmware-15.32.2.9-4.el6.noarch.rpm

cp /mnt/cdrom/Packages/ql2200-firmware-2.02.08-3.1.el6.noarch.rpm

cp /mnt/cdrom/Packages/rt73usb-firmware-1.8-7.el6.noarch.rpm

cp /mnt/cdrom/Packages/ipw2100-firmware-1.3-11.el6.noarch.rpm

cp /mnt/cdrom/Packages/ql23xx-firmware-3.03.27-3.1.el6.noarch.rpm

cp /mnt/cdrom/Packages/ipw2200-firmware-3.1-4.el6.noarch.rpm

cp /mnt/cdrom/Packages/rootfiles-8.1-6.1.el6.noarch.rpm

:%s/$/.rpm/g

cp /mnt/cdrom/Packages/cjkuni-uming-fonts-0.2.20080216.1-35.el6.noarch.rpm /data/OS/Packages

cp /mnt/cdrom/Packages/cjkuni-ukai-fonts-0.2.20080216.1-35.el6.noarch.rpm /data/OS/Packages

cp /mnt/cdrom/Packages/man-pages-3.22-20.el6.noarch.rpm /data/OS/Packages

cp /mnt/cdrom/Packages/words-3.0-17.el6.noarch.rpm /data/OS/Packages

cp /mnt/cdrom/Packages/centos-indexhtml-6-1.el6.centos.noarch.rpm /data/OS/Packages

cp /mnt/cdrom/Packages/ql2400-firmware-5.08.00-1.el6.noarch.rpm /data/OS/Packages

cp /mnt/cdrom/Packages/iwl5000-firmware-8.83.5.1_1-1.el6_1.1.noarch.rpm /data/OS/Packages

cp /mnt/cdrom/Packages/ql2100-firmware-1.19.38-3.1.el6.noarch.rpm /data/OS/Packages

cp /mnt/cdrom/Packages/ivtv-firmware-20080701-20.2.noarch.rpm /data/OS/Packages

cp /mnt/cdrom/Packages/libertas-usb8388-firmware-5.110.22.p23-3.1.el6.noarch.rpm /data/OS/Packages

cp /mnt/cdrom/Packages/xorg-x11-drv-ati-firmware-6.99.99-1.el6.noarch.rpm /data/OS/Packages

cp /mnt/cdrom/Packages/ql2500-firmware-5.08.00-1.el6.noarch.rpm /data/OS/Packages

cp /mnt/cdrom/Packages/atmel-firmware-1.3-7.el6.noarch.rpm /data/OS/Packages

cp /mnt/cdrom/Packages/zd1211-firmware-1.4-4.el6.noarch.rpm /data/OS/Packages

cp /mnt/cdrom/Packages/iwl4965-firmware-228.61.2.24-2.1.el6.noarch.rpm /data/OS/Packages

cp /mnt/cdrom/Packages/rt61pci-firmware-1.2-7.el6.noarch.rpm /data/OS/Packages

cp /mnt/cdrom/Packages/iwl3945-firmware-15.32.2.9-4.el6.noarch.rpm /data/OS/Packages

cp /mnt/cdrom/Packages/ql2200-firmware-2.02.08-3.1.el6.noarch.rpm /data/OS/Packages

cp /mnt/cdrom/Packages/rt73usb-firmware-1.8-7.el6.noarch.rpm /data/OS/Packages

cp /mnt/cdrom/Packages/ipw2100-firmware-1.3-11.el6.noarch.rpm /data/OS/Packages

cp /mnt/cdrom/Packages/ql23xx-firmware-3.03.27-3.1.el6.noarch.rpm /data/OS/Packages

cp /mnt/cdrom/Packages/ipw2200-firmware-3.1-4.el6.noarch.rpm /data/OS/Packages

cp /mnt/cdrom/Packages/rootfiles-8.1-6.1.el6.noarch.rpm /data/OS/Packages

:%s/$/ \/data\/OS\/Packages/g

# 创建ks.cfg文件默认安装完系统就会安装所有的定制软件包了

＃关键字

%post --nochroot %post

[root@test OS]# pwd

/data/OS

[root@test OS]# cat ks.cfg

firewall --disabled

install

cdrom

rootpw --iscrypted $1$stMs72eG$G3f0zhGBjp6/SioZ28CxQ0

auth --useshadow --passalgo=md5

text

firstboot --disable

keyboard us

lang en_US.UTF-8

selinux --disabled

# Do not configure the X Window System

skipx

logging --level=info

reboot --eject

timezone Asia/Shanghai

network --device em1 --bootproto=static --ip=192.168.7.123 --netmask=255.255.248.0 --gateway=192.1s

bootloader --location=mbr --driveorder=sda

# Clear the Master Boot Record

zerombr yes

# Partition clearing information

clearpart --all --initlabel

# Disk partitioning information

part / --fstype="ext4" --size=10240

part swap --size=4096

part /data --fstype="ext4" --grow --size=1

%packages

@base

@core

@server-policy

sgpio

device-mapper-persistent-data

ntp

%post --nochroot

mkdir -p /mnt/sysimage/tmp/custom_data >> /tmp/custom.log 2>&1

cp /mnt/source/Packages/lnmp_pack.tar.gz /mnt/sysimage/tmp/custom_data >> /tmp/custom.log 2>&1

cp /mnt/source/Packages/install_packages.sh /mnt/sysimage/tmp/custom_data >> /tmp/custom.log 2>&1

cp /mnt/source/Packages/ncftp-3.2.5-src.tar.gz /mnt/sysimage/tmp/custom_data >>/tmp/custom.log 2>&1

cp /mnt/source/Packages/rarlinux-3.8.0.tar.gz /mnt/sysimage/tmp/custom_data >>/tmp/custom.log 2>&1

cp /mnt/source/Packages/nmon_linux_14i.tar.gz /mnt/sysimage/tmp/custom_data >>/tmp/custom.log 2>&1

%post

cd /tmp/custom_data >> /tmp/custom.log 2>&1

chmod +x install_packages.sh

sh install_packages.sh

# remove custom_data

rm -rf /tmp/custom_data

#vim syntax on

echo alias vi='vim' >> /etc/bashrc

# disable ipv6

echo "alias net-pf-10 off" >> /etc/modprobe.d/dist.conf

echo -e "options\tipv6\tdisable=1" >> /etc/modprobe.d/dist.conf

echo "NETWORKING_IPV6=no" >> /etc/sysconfig/network

#append lib

echo "/usr/local/lib/" >> /etc/ld.so.conf

#modify lang

echo 'export LANG=zh_CN.UTF8' >> /etc/profile

#disable system auto mail

echo "unset MAILCHECK" >> /etc/profile

#modify history

echo 'export HISTTIMEFORMAT="%F %T `whoami` "' >> /etc/profile

sed -i "s/HISTSIZE=1000/HISTSIZE=999999999/" /etc/profile

#modifu ssh port on 3389

echo 'Port 3389' >> /etc/ssh/sshd_config

echo 'UseDNS no' >> /etc/ssh/sshd_config

for i in `ls /etc/rc3.d/S*`

CURSRV=`echo $i|cut -c 15-`

chkconfig --level 3 $CURSRV off

done

for i in crond rsyslog iptables network ntpd sshd sysstat;do chkconfig --level 3 $i on;done

sed -i '/HOSTNAME=/d' /etc/sysconfig/network

echo 'HOSTNAME=test' >> /etc/sysconfig/network

# sysctl

echo "net.core.netdev_max_backlog = 32768" >> /etc/sysctl.conf

echo "net.core.rmem_default = 8388608" >> /etc/sysctl.conf

echo "net.core.rmem_max = 16777216" >> /etc/sysctl.conf

echo "net.core.somaxconn = 32768" >> /etc/sysctl.conf

echo "net.core.wmem_default = 8388608" >> /etc/sysctl.conf

echo "net.core.wmem_max = 16777216" >> /etc/sysctl.conf

echo "net.ipv4.ip_local_port_range = 5000 65000" >> /etc/sysctl.conf

echo "net.ipv4.tcp_fin_timeout = 30" >> /etc/sysctl.conf

echo "net.ipv4.tcp_keepalive_time = 300" >> /etc/sysctl.conf

echo "net.ipv4.tcp_max_orphans = 3276800" >> /etc/sysctl.conf

echo "net.ipv4.tcp_max_syn_backlog = 65536" >> /etc/sysctl.conf

echo "net.ipv4.tcp_max_tw_buckets = 5000" >> /etc/sysctl.conf

echo "net.ipv4.tcp_mem = 94500000 915000000 927000000" >> /etc/sysctl.conf

echo "net.ipv4.tcp_syn_retries = 2" >> /etc/sysctl.conf

echo "net.ipv4.tcp_synack_retries = 2" >> /etc/sysctl.conf

echo "net.ipv4.tcp_syncookies = 1" >> /etc/sysctl.conf

echo "net.ipv4.tcp_timestamps = 0" >> /etc/sysctl.conf

echo "net.ipv4.tcp_tw_recycle = 1" >> /etc/sysctl.conf

echo "net.ipv4.tcp_tw_reuse = 1" >> /etc/sysctl.conf

/sbin/sysctl -p

# modify core ulimt

echo -e "*\tsoft\tnofile\t65535" >> /etc/security/limits.conf

echo -e "*\thard\tnofile\t65535" >> /etc/security/limits.conf

echo -e "*\tsoft\tnofile\t65535" >> /etc/security/limits.d/90-nproc.conf

echo -e "*\thard\tnofile\t65535" >> /etc/security/limits.d/90-nproc.conf

# ntpd

cat > /etc/sysconfig/clock < /etc/sysconfig/iptables <<EOF

*filter

#############################################

# disabled (INPUT,FORWARD,OUTPUT)

:INPUT DROP

:FORWARD DROP

:OUTPUT DROP

# enabled lo

-A INPUT -i lo -j ACCEPT

-A OUTPUT -o lo -j ACCEPT

-A FORWARD -o lo -j ACCEPT

# enabled em2

# Be careful of the network adapter name

-A INPUT -i em2 -j ACCEPT

-A OUTPUT -o em2 -j ACCEPT

-A FORWARD -o em2 -j ACCEPT

# enabled ping

-A INPUT -p icmp -j ACCEPT

-A OUTPUT -p icmp -j ACCEPT

# enabled ntp

-A INPUT -p udp -m udp --dport 123 -j ACCEPT

-A OUTPUT -p udp -m udp --sport 123 -j ACCEPT

# dns

-A INPUT -p tcp -m tcp --sport 53 -j ACCEPT

-A OUTPUT -p tcp -m tcp --dport 53 -j ACCEPT

-A INPUT -p udp -m udp --sport 53 -j ACCEPT

-A OUTPUT -p udp -m udp --dport 53 -j ACCEPT

#############################################

# team ssh

# all

-A INPUT -p tcp -m tcp --dport 3389 -j ACCEPT

-A OUTPUT -p tcp -m tcp --sport 3389 -j ACCEPT

# suzhouqiao

-A INPUT -s 118.145.x.xx -p tcp -m tcp --dport 3389 -j ACCEPT

-A OUTPUT -d 118.145.x.xx -p tcp -m tcp --sport 3389 -j ACCEPT

-A INPUT -s 115.182.x.xx -p tcp -m tcp --dport 3389 -j ACCEPT

-A OUTPUT -d 115.182.x.xxx -p tcp -m tcp --sport 3389 -j ACCEPT

# corporate

-A INPUT -s 119.253.59.x -p tcp -m tcp --dport 3389 -j ACCEPT

-A OUTPUT -d 119.253.xx.1x0 -p tcp -m tcp --sport 3389 -j ACCEPT

-A INPUT -s 203.187.xx1.x -p tcp -m tcp --dport 3389 -j ACCEPT

-A OUTPUT -d 203.x7.x1.x -p tcp -m tcp --sport 3389 -j ACCEPT

-A INPUT -s 211.103.xxs.x0 -p tcp -m tcp --dport 3389 -j ACCEPT

-A OUTPUT -d 211.103.xx.xxx -p tcp -m tcp --sport 3389 -j ACCEPT

-A INPUT -s 119.253.x9.xx -p tcp -m tcp --dport 3389 -j ACCEPT

-A OUTPUT -d 119.253.xx.xx -p tcp -m tcp --sport 3389 -j ACCEPT

-A INPUT -s 119.253.xx.xx2 -p tcp -m tcp --dport 3389 -j ACCEPT

-A OUTPUT -d 119.253.x.xx -p tcp -m tcp --sport 3389 -j ACCEPT

-A INPUT -s 203.187.xx.1xx -p tcp -m tcp --dport 3389 -j ACCEPT

-A OUTPUT -d 203.187.1xx.xx -p tcp -m tcp --sport 3389 -j ACCEPT

#############################################

# jiankongbao

-A INPUT -s 60.xx.249.xx -p udp -m udp --dport 161 -j ACCEPT

-A OUTPUT -d 60.xx.xx.x3 -p udp -m udp --sport 161 -j ACCEPT

-A INPUT -s 60.195.252.xx -p udp -m udp --dport 161 -j ACCEPT

-A OUTPUT -d 60.195.xx.107 -p udp -m udp --sport 161 -j ACCEPT

-A INPUT -s 60.195.x.xx -p udp -m udp --dport 161 -j ACCEPT

-A OUTPUT -d 60.195.x.1xx -p udp -m udp --sport 161 -j ACCEPT

-A INPUT -s 125.76.sxx -p udp -m udp --dport 161 -j ACCEPT

-A OUTPUT -d 125.76.xx.xx -p udp -m udp --sport 161 -j ACCEPT

#############################################

# project port

#############################################

COMMIT

EOF

%end

# 让系统从kickstart配置启动安装

[root@test isolinux]# pwd

/data/OS/isolinux

[root@test isolinux]# cat isolinux.cfg

default linux ks=cdrom:/ks.cfg

prompt 1

timeout 100

display boot.msg

F1 boot.msg

F2 options.msg

F3 general.msg

F4 param.msg

F5 rescue.msg

label linux

kernel vmlinuz

append initrd=initrd.img

label text

kernel vmlinuz

append initrd=initrd.img text

label ks

kernel vmlinuz

append ks initrd=initrd.img

label local

localboot 1

label memtest86

kernel memtest

append -

# 生成rpm包的依赖关系

[root@test ~]# cd /data/OS/

[root@test OS]# createrepo -g repodata/*-comps.xml /data/OS/

# 生成iso镜像

mkisofs -R -J -T -r -l -d -joliet-long -allow-multidot \

-allow-leading-dots -no-bak -o /data/CentOS-6.4-x86_64-mini.iso \

-b isolinux/isolinux.bin -c isolinux/boot.cat -no-emul-boot \

-boot-load-size 4 -boot-info-table /data/OS

# 生成MD5校验码 //本人没有执行这条命令原因是如果需要修改iso里的内容会导致光盘无法使用

implantisomd5 /data/CentOS-6.4-x86_64-mini.iso

基于Kisckstart的安装

安装软件包

yum -y install createrepo mkisofs

制作流程

目录结构

拷贝CentOS原始镜像内容，不做任何精简

mkdir /mnt/centos

mount /dev/sr0 /mnt/centos

mkdir /tmp/iso

cp -r /mnt/centos/* /tmp/iso

增加Kickstart配置文件

文件路径和安装方式可自由定义

cd /tmp/iso/isolinux

#修改引导，注意ks=部分

vi isolinux.cfg

label linux

menu label ^Install or upgrade an existing system

menu default

kernel vmlinuz

append initrd=initrd.img ks=cdrom:/isolinux/ks.cfg

#手动增加Kickstart配置文件

vi ks.cfg

#Kickstart file automatically generated by anaconda.

#version=DEVEL

#Install OS instead of upgrade

#表示是安装，而不是升级

install

#Use text mode install

#文本方式安装

text

#Use network installation

#使用网络安装

#url --url=ftp://ip/centos

#Local installation Use CDROM installation media

#使用光盘安装

cdrom

#Installation Number configuration

#如果是RedHat的系统，会要求输入key，这里配置为跳过，如果不配置安装时会停在那里要求用户输入key

#key –skip

#System language

#语言环境

#lang en_US.UTF-8

lang zh_CN.UTF-8

#System keyboard

#键盘类型

keyboard us

#Network information

#网络配置

#network --device eth0 --bootproto dhcp --onboot yes

#Root password

#root密码

rootpw chinaums

#Firewall configuration

#禁用防火墙

firewall --disabled

#SELinux configuration

#禁用selinux

selinux --disabled

#Run the Setup Agent on first boot

#禁用第一次启动时设置系统的向导

firstboot --disable

#System authorization information

#用户认证配置，useshadow表示使用本地认证，--passalgo表示密码加密算法

authconfig --enableshadow --passalgo=sha512

#System timezone

#设置时区为上海

timezone --isUtc Asia/Shanghai

#System bootloader configuration

#指明bootloader的安装位置，指明驱动器的排序，指明操作系统安装完成之后，向内核传递的参数

bootloader --location=mbr --driveorder=sda --append="crashkernel=auto rhgb quiet"

#Clear the Master Boot Record

#清除MBR引导记录

zerombr yes

#Partition clearing information

#清除硬盘上的所有数据

clearpart --all --initlabel

#Disk partitioning information

#自定义分区

#创建一个200M大小的分区挂载/boot类型为ext4

part /boot --fstype=ext4 --size=200 --ondisk=sda

#创建一个20000M大小的SWAP分区

part swap --size=20000 --ondisk=sda

#创建/目录

part / --fstype=ext4 --grow --size=1 --ondisk=sda

#Reboot after installation

#设置完成之后重启

reboot --eject

#This packages is for CentOS 6.4

#为CentOS 6.4定制的软件包

%packages

@base

@core

@chinese-support

#增加安装后运行脚本

%post

#config service

#自定义服务

service NetworkManager stop

chkconfig NetworkManager off

#eject cdrom

#安装完成弹出光碟

#eject

#reboot

#执行完毕后重启

#reboot -f

#结束自动化部署

%end

生成依赖关系和ISO文件

注意路径和命令的准确性

cd /tmp/iso

createrepo -g repodata/*comps.xml .

mkisofs -o /tmp/CentOS-6.4_64_auto.iso -b isolinux/isolinux.bin -c isolinux/boot.cat -no-emul-boot -boot-load-size 4 -boot-info-table -joliet-long -R -J -v -T /tmp/iso/

关键字：CentOS、自动化安装、软件包

分享到：

【顶部】【关闭】

CentOS自动化安装实战

新文章: