• 幕客老师召集小伙伴
  • 运维高手36项修炼
  • python自动化运维项目实战
  • nginx从入门到实战
  • 阿里云与Centos7实战

基于kickstart制作无人值守安装源

一、安装tftp

yum install tftp-server –y

#修改配置文件,将disable 设置为no

[root@linux ~]# cat /etc/xinetd.d/tftp 

# default: off

# description: The tftp server serves files using the trivial file transfer \

#protocol.  The tftp protocol is often used to boot diskless \

#workstations, download configuration files to network-aware printers, \

#and to start the installation process for some operating systems.

service tftp

{

disable= no

bind= 192.168.8.0

socket_type= dgram

protocol= udp

wait= yes

user= root

server= /usr/sbin/in.tftpd

server_args= -s /var/lib/tftpboot

per_source= 11

cps= 100 2

flags= IPv4

}

#重启xinetd服务

[root@linux ~]# /etc/init.d/xinetd restart

停止 xinetd:                                              [失败]

正在启动 xinetd:                                          [确定]

[root@linux ~]# netstat -luntp

Active Internet connections (only servers)

Proto Recv-Q Send-Q Local Address               Foreign Address             State       PID/Program name   

tcp        0      0 0.0.0.0:20022               0.0.0.0:*                   LISTEN      33875/sshd          

udp        0      0 192.168.8.0:69              0.0.0.0:*                               33509/xinetd  

 

二、配置支持PXE的启动程序

#复制pxelinux.0 文件至/var/lib/tftpboot/ 文件夹中

[root@linux ~]# cp /usr/share/syslinux/pxelinux.0 /var/lib/tftpboot/

说明:syslinux是一个功能强大的引导加载程序,而且兼容各种介质。更加确切地说:SYSLINUX是一个小型的Linux操作系统,它的目的是简化首次安装Linux的时间,并建立修护或其它特殊用途的启动盘。

6.2 复制iso 镜像中的/image/pxeboot/initrd.img 和vmlinux 至/var/lib/tftpboot/ 文件夹中

# cp /var/www/html/cdrom/images/pxeboot/{initrd.img,vmlinuz} /var/lib/tftpboot/

6.3 复制iso 镜像中的/isolinux/*.msg 至/var/lib/tftpboot/ 文件夹中

# cp /var/www/html/cdrom/isolinux/*.msg /var/lib/tftpboot/

6.4 在/var/lib/tftpboot/ 中新建一个pxelinux.cfg目录

# mkdir /var/lib/tftpboot/pxelinux.cfg

6.5 将iso 镜像中的/isolinux 目录中的isolinux.cfg复制到pxelinux.cfg目录中,同时更改文件名称为default

# cp /var/www/html/cdrom/isolinux/isolinux.cfg /var/lib/tftpboot/pxelinux.cfg/default

 

三、编辑default文件

default menu.c32 //默认的主菜单启动方式

prompt 0 //显示 'boot: ' 提示符。为 '0' 时则不提示,将会直接启动 'default' 参数中指定的内容。

timeout 30 //在用户输入之前的超时时间,单位为 1/10 秒

ONTIMEOUT local //设置超时默认操作为本地启动

 

MENU TITLE Main Menu //设置主菜单标题

 

LABEL local

    MENU LABEL Boot local hard drive

    LOCALBOOT 0

 

LABEL centos6  //设置标签

    MENU LABEL CentOS auto install 6.x86_64

    KERNEL vmlinuz //设置跳转需要的主菜单程序路径 

    APPEND initrd=initrd.img ks=http://linux.xxx.net/centos6.ks //

 

四、简历http数据包获取源

/usr/local/tengine/conf/nginx.conf #添加如下下载配置

        listen       80;

        server_name  linux.xxx.net localhost;

 

        #charset koi8-r;

 

        #access_log  logs/host.access.log  main;

 

        location / {

            root   /var/source/linux;

            autoindex on;

        }

 

五、编辑跟新合理kickstart文件

https://github.com/mv/kickstart.git

# Kickstart file automatically generated by anaconda.

# Used for imoocc companny

# Add by Jeson(jeson@imoocc.com)

# version=RHEL6

#

install

text

#url --url ftp://linux.imoocc.net/centos/6/os/x86_64

url --url http://linux.imoocc.net/linux/centos/6/os/x86_64

keyboard us

lang en_US.UTF-8

logging --level=warning

network --onboot=on --bootproto=dhcp --nameserver=192.168.8.15

selinux --disabled

firewall --disabled

firstboot --disable

timezone  Asia/Shanghai

authconfig --enableshadow --passalgo=md5

rootpw  --iscrypted $5$_ok_ooo_$XMGkagiCEr2qYSQhp10dcu/ClJmuoCw9RFZhaoP7h/4

zerombr

bootloader --location=mbr --driveorder=sda

clearpart  --drives=sda --all --initlabel

part /boot --asprimary --fstype=ext4 --size=256 --ondisk=sda

part pv.01 --size=1 --grow

volgroup vg_root pv.01

logvol /   --vgname=vg_root --fstype=ext4 --name=lv_root --size=8192

 

#

#reboot

#

%packages

@base

@core

#@development

#@performance

#%end

 

####################

#system optimization

####################

%post

 

/bin/sed -i 's/mingetty tty/mingetty --noclear tty/' /etc/inittab

/bin/sed -i 's/SELINUX=permissive/SELINUX=disabled/' /etc/selinux/config

/bin/sed -i 's/SELINUX=enforcing/SELINUX=disabled/'  /etc/selinux/config

 

/bin/cat<<EOF >> /etc/profile

 

export PS1='\u@\h:\w\n\\$ '

 

EOF

 

# selinux

chkconfig --level 12345 mcstrans      off

 

# others

chkconfig --del         rawdevices        # /bin/raw: util-linux

chkconfig --del         rdisc             # /sbin/rdisc: iputils

# }

 

#add imoocc user

groupadd -g 20000 imoocc

 

useradd  -g imoocc -u 20000 -s /bin/bash -c "Dev user" -m -d /home/imoocc imoocc

echo Ok0k123 | passwd --stdin imoocc

 

#

sed -i 's/^Defaults    requiretty/#Defaults    requiretty/' /etc/sudoers

sed -i 's/^Defaults    env_keep = "COLORS DISPLAY HOSTNAME HISTSIZE INPUTRC KDEDIR \\/Defaults    env_keep = "COLORS DISPLAY HOSTNAME HISTSIZE INPUTRC KDEDIR SSH_AUTH_SOCK \\/' /etc/sudoers

 

cat<<EOF >>/etc/sudoers

 

# imoocc using sudo

%imoocc        ALL=(ALL)       NOPASSWD: ALL

 

EOF

 

 

###

#Bash Aliases 

###

cat > /etc/profile.d/Je.sh <<EOF

alias ls='ls -hAF --color=auto --time-style=long-iso'

alias ll='ls -l'

alias cp='cp -i'

alias mv='mv -i'

alias rm='rm -i'

alias ds='ds -h'

alias df='df -h'

alias grep='egrep --color'

 

EOF

 

chmod 775 /etc/profile.d/Je.sh

 

###

#Public key

###

mkdir /root/.ssh

pub_key='ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEA4mvukv4f5seBuzrCnCCm1DpSgYw/kvq+XgsUP8mnzUpyaQ6D8BKfbOn6T20tUU/ksiJwSuUQHfw5v9JsnBACto3o/RmId0Ltn4DCq19sSwMP3YJb9dRb8SA/Pc5Xl7MPwPoSYyuY20ztMfo1GBx5N9dDuQ3j1MdKYTY9SdfFwPr0ZQvesKT1ozfQ9HHrcUi1CLJw+irYW9+jU39CsMrrZmCjb/n53gP77Do0lj9TkqXK2SYNdA88cmK2IQJP3LfFWWrwYH01FkImZbt7ODDQ21BqGccLY7xCbsNaniBlT8Mpy4/Wlg1qqnNPxBbw1nrs9A+2MnAfGDHXYhkFC/n6wQ== root@linux.imoocc.net'

echo $pub_key > /root/.ssh/authorized_keys

chmod 700 /root/.ssh

chmod 600 /root/.ssh/authorized_keys

chown -R root:root /root/.ssh

 

###

#Sysctl config 

###

found=`grep -c net.ipv4.tcp_tw_recycle /etc/sysctl.conf`

if ! [ $found -gt "0" ]

then

cat > /etc/sysctl.conf << EOF

net.core.rmem_max = 16777216

net.core.wmem_max = 16777216

net.ipv4.tcp_rmem = 4096 87380 16777216

net.ipv4.tcp_wmem = 4096 65536 16777216

net.ipv4.tcp_timestamps = 0

net.ipv4.tcp_window_scaling = 1

net.ipv4.tcp_sack = 1

net.ipv4.tcp_no_metrics_save = 1

net.core.netdev_max_backlog = 3072

net.ipv4.tcp_max_syn_backlog = 4096

net.ipv4.tcp_max_tw_buckets = 720000

net.ipv4.ip_local_port_range = 1024 65000

net.ipv4.tcp_fin_timeout = 5

net.ipv4.tcp_tw_recycle = 1

net.ipv4.tcp_retries1 = 2

net.ipv4.tcp_retries2 = 10

net.ipv4.tcp_synack_retries = 2

net.ipv4.tcp_syn_retries = 2

net.ipv4.tcp_syncookies = 1

fs.file-max = 131072

kernel.panic=1

 

net.ipv4.ip_forward = 1

net.ipv4.conf.lo.arp_ignore = 1

net.ipv4.conf.lo.arp_announce = 2

net.ipv4.conf.all.arp_ignore = 1

net.ipv4.conf.all.arp_announce = 2

EOF

fi

 

sysctl -p

 

###

#Max open files

###

found=`grep -c "^* soft nproc" /etc/security/limits.conf`

if ! [ $found -gt "0" ]

then

cat >> /etc/security/limits.conf << EOF

* soft nproc 2048

* hard nproc 16384

* soft nofile 8192

* hard nofile 65536

EOF

fi

 

###

# Command History

###

found=`grep -c HISTTIMEFORMAT /etc/profile`

if ! [ $found -gt "0" ]

then

echo "export HISTSIZE=2000" >> /etc/profile

echo "export HISTTIMEFORMAT='%F %T:'" >> /etc/profile

fi

 

###

#auto configure IP

###

 

cd /root

wget http://linux.imoocc.net/script/autoip.sh

sh /root/autoip.sh

 

###

#imoocc yum souce

###

cat > /etc/yum.repos.d/Jimoocc.repo << EOF

#-----------------

#Add by Jeson(jeson@imoocc.com)

#released base

[c6]

name=CentOS Linux 6x - $basearch

baseurl=http://linux.imoocc.net/linux/centos/6/os/x86_64/

enabled=1

gpgcheck=0

gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-EPEL-6

 

[c6-update]

name=CentOS Linux 6x - $basearch - security updates

baseurl=http://linux.imoocc.net/linux/centos/$releasever/updates/$basearch/

enabled=1

gpgcheck=0

gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-EPEL-6

 

[c6-extras]

name=CentOS-$releasever - Extras

baseurl=http://linux.imoocc.net/linux/centos/$releasever/extras/$basearch/

enabled=1

gpgcheck=0

gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-EPEL-6

 

EOF

 

%end

 

reboot

#测试配置文件

ksvalidator ./centos6_8.ks 

#自动配置IP脚本

#!/bin/sh

#Add by jeson

#Auto configure ip address

 

DEV_NAME=$(ls /sys/class/net/|grep -oP 'eth0|em0')

 

#if [ ! -n ${DEV_NAME} -o "${DEV_NAME}" == "" ];then

if [ "${DEV_NAME}" == "" ];then

    DEV_NAME=$(ls /sys/class/net/|grep -oP 'eth1|em1')

    if [ "${DEV_NAME}" == "" ];then

        exit

    fi  

fi  

ROUTE=$(route -n|grep "^0.0.0.0"|awk '{print $2}')

BROADCAST=$(/sbin/ifconfig ${DEV_NAME}|grep -i bcast|awk '{print $3}'|awk -F":" '{print $2}')

HWADDR=$(/sbin/ifconfig ${DEV_NAME}|grep -i HWaddr|awk '{print $5}')

IPADDR=$(/sbin/ifconfig ${DEV_NAME}|grep "inet addr"|awk '{print $2}'|awk -F":" '{print $2}')

NETMASK=$(/sbin/ifconfig ${DEV_NAME}|grep "inet addr"|awk '{print $4}'|awk -F":" '{print $2}')

 

#cat >/tmp/ifcfg-eth0<<EOF

cat >/etc/sysconfig/network-scripts/ifcfg-${DEV_NAME}<<EOF

DEVICE=${DEV_NAME}

BOOTPROTO=static

BROADCAST=$BROADCAST

HWADDR=$HWADDR

IPADDR=$IPADDR

NETMASK=$NETMASK

GATEWAY=$ROUTE

ONBOOT=yes

EOF

 

echo "nameserver 192.168.8.15" > /etc/resolv.conf

echo "nameserver 8.8.4.4" >> /etc/resolv.conf

 

六、配置DHCP

yum install dhcpd –y

 

#

# DHCP Server Configuration file.

#   see /usr/share/doc/dhcp*/dhcpd.conf.sample

#   see 'man 5 dhcpd.conf'

ddns-update-style none;

ignore client-updates;

default-lease-time 14400;

max-lease-time 86400;

allow bootp;

allow booting;

local-address 192.168.8.0;

local-port 67;

 

include "/etc/dhcp/dhcp-192.168";

 

#配置/etc/dhcp/dhcp-192.168文件

group {

subnet  192.168.0.0 netmask 255.255.240.0 {

option routers 192.168.8.1; 

option subnet-mask 255.255.240.0;

option domain-name-servers 192.168.8.15, 192.168.8.16; //DNS服务器

option ntp-servers 192.168.8.0; //时间服务器

filename "/pxelinux.0"; //系统启动文件

next-server 192.168.8.0; //tftp地址

pool {

range dynamic-bootp 192.168.6.40 192.168.6.240;

range dynamic-bootp 192.168.8.40 192.168.8.240;

default-lease-time 3600;

max-lease-time 72000;

allow unknown-clients;

}

} #END

}

 

七、配置yum源

 

八、Centos7修改自动配置地址修改网卡方式

#!/bin/sh

#Add by jeson

#Auto configure ip address

 

echo "nameserver 192.168.8.15" > /etc/resolv.conf

echo "nameserver 8.8.4.4" >> /etc/resolv.conf

DEF_DEV='eth0'

DEV_NAME=$(ls /sys/class/net/|grep en|awk 'NR==1')

if [ "${DEV_NAME}" == "" ];then

   DEV_NAME=$(ls /sys/class/net/|grep en|awk 'NR==2')

   if [ "${DEV_NAME}" == "" ];then

       exit

   fi

fi

#if [ ! -n ${DEV_NAME} -o "${DEV_NAME}" == "" ];then

#if [ "${DEV_NAME}" == "" ];then

#    DEV_NAME=$(ls /sys/class/net/|grep -oP 'eth|en')

#    if [ "${DEV_NAME}" == "" ];then

#        exit

#    fi

#fi

ROUTE=$(route -n|grep "^0.0.0.0"|awk '{print $2}')

#BROADCAST=$(/sbin/ifconfig ${DEV_NAME}|grep -i bcast|awk '{print $3}'|awk -F":" '{print $2}')

BROADCAST=$(/sbin/ifconfig ${DEV_NAME}|grep "inet "|grep -v "inet6"|awk '{print $6}')

#HWADDR=$(/sbin/ifconfig ${DEV_NAME}|grep -i HWaddr|awk '{print $5}')

HWADDR=$(/sbin/ifconfig ${DEV_NAME}|grep "ether"|awk '{print $2}')

#IPADDR=$(/sbin/ifconfig ${DEV_NAME}|grep "inet addr"|awk '{print $2}'|awk -F":" '{print $2}')

IPADDR=$(/sbin/ifconfig ${DEV_NAME}|grep "inet "|grep -v "inet6"|awk '{print $2}')

#NETMASK=$(/sbin/ifconfig ${DEV_NAME}|grep "inet addr"|awk '{print $4}'|awk -F":" '{print $2}')

NETMASK=$(/sbin/ifconfig ${DEV_NAME}|grep "inet "|grep -v "inet6"|awk '{print $4}')

#cat >/tmp/ifcfg-eth0<<EOF

cat >/etc/sysconfig/network-scripts/ifcfg-${DEF_DEV}<<EOF

DEVICE=${DEF_DEV}

BOOTPROTO=static

BROADCAST=$BROADCAST

HWADDR=$HWADDR

IPADDR=$IPADDR

NETMASK=$NETMASK

GATEWAY=$ROUTE

ONBOOT=yes

EOF

 

基于kickstart制作无人值守安装源

Pingbacks已打开。

引用地址

暂无评论

发表评论