PEX+Kickstart無人值守安裝centos6.9
1.ks文件
2.DHCP服務器
3.TFTP服務器
4.HTTP服務器(NFS.FTP)
5.網卡起啟
6.YUM倉庫安裝源
#系統盤掛載
[root@PXE-Kickstart ~]# mount /dev/cdrom /mnt
#安裝http服務器和創yum的包
[root@PXE-Kickstart ~]# yum install -y httpd createrepo
#系統盤文件復制到安裝目錄
[root@PXE-Kickstart ~]# mkdir -p /var/www/html/centos6.9
[root@PXE-Kickstart # cp -a /mnt/* /var/www/html/centos6.9/
#搭建dhcp tftp服務
[root@PXE-Kickstart]# rpm -ev dhcp-common-4.1.1-53.P1.el6.centos.3.x86_64 --nodeps
[root@PXE-Kickstart ~]# yum install -y tftp-server dhcp xinetd
#開啟tftp服務
[root@PXE-Kickstart ~]# vim /etc/xinetd.d/tftp
改前 disable = yes
改後 disable = no
#需要從/usr/share/doc/dhcp*/dhcpd.conf.sample復制1份配置文件過來
see /usr/share/doc/dhcp*/dhcpd.conf.sample
[root@PXE-Kickstart ~]# cp /usr/share/doc/dhcp-4.1.1/dhcpd.conf.sample /etc/dhcp/dhcpd.conf
#修改DHCP分配地址的範圍
[root@PXE-Kickstart ~]# vim /etc/dhcp/dhcpd.conf
This declaration allows BOOTP clients to get dynamic addresses,
which we don‘t really recommend.
subnet 192.168.44.0 netmask 255.255.255.0 {
range dynamic-bootp 192.168.44.210 192.168.44.230;
option subnet-mask 255.255.255.0;
next-server 192.168.44.21;
filename "pxelinux.0";
}
[root@PXE-Kickstart ~]# /etc/init.d/dhcpd start
[root@PXE-Kickstart ~]# /etc/init.d/httpd start
[root@PXE-Kickstart ~]# /etc/init.d/xinetd start
[root@PXE-Kickstart ~]# chkconfig dhcpd on
[root@PXE-Kickstart ~]# chkconfig httpd on
[root@PXE-Kickstart ~]# chkconfig xinetd on
#查看一下服務的開啟的狀態
[root@PXE-Kickstart centos6.9]# netstat -luntp
tcp 0 0 :::80 ::: LISTEN 1579/httpd
udp 0 0 0.0.0.0:67 0.0.0.0: 2015/dhcpd
udp 0 0 0.0.0.0:69 0.0.0.0:* 2032/xinetd
先生成一個密碼備用
[root@linux-node1 ~]# grub-crypt
Password:123456
Retype password:123456
$6$X20eRtuZhkHznTb4$dK0BJByOSAWSDD8jccLVFz0CscijS9ldMWwpoCw/ZEjYw2BTQYGWlgKsn945fFTjRC658UXjuocwJbAjVI5D6/
#配置文件內容,系統初始化
[root@PXE-Kickstart centos6.9]# cat /var/www/html/centos6.9/ks.cfg
Kickstart Configurator for CentOS 6.9
install
url --url="http://192.168.44.21/centos6.9/"
text
lang en_US.UTF-8
keyboard us
zerombr
bootloader --location=mbr --driveorder=sda --append="crashkernel=auto rhgb quiet"
network --bootproto=dhcp --device=eth0 --onboot=yes --noipv6 --hostname=CentOS6
timezone --utc Asia/Shanghai
authconfig --enableshadow --passalgo=sha512
rootpw --iscrypted $6$X20eRtuZhkHznTb4$dK0BJByOSAWSDD8jccLVFz0CscijS9ldMWwpoCw/ZEjYw2BTQYGWlgKsn945fFTjRC658UXjuocwJbAjVI5D6/
clearpart --all --initlabel
part /boot --fstype=ext4 --asprimary --size=200
part swap --size=1024
part / --fstype=ext4 --grow --asprimary --size=200
firstboot --disable
selinux --disabled
firewall --disabled
logging --level=info
reboot
%post
#備份源有的yum倉庫
mv /etc/yum.repos.d/CentOS-Base.repo{,.ori}
mv /etc/yum.repos.d/CentOS-Debuginfo.repo{,.ori}
mv /etc/yum.repos.d/CentOS-fasttrack.repo{,.ori}
mv /etc/yum.repos.d/CentOS-Media.repo{,.ori}
mv /etc/yum.repos.d/CentOS-Vault.repo{,.ori}
#創建局域網yum倉庫
cat > /etc/yum.repos.d/yum-http.repo << EOF
[yumserver]
name=yum01
baseurl=http://192.168.44.71/centos6.9/
enabled=1
gpgcheck=0
EOF
cat > /etc/yum.repos.d/yum-ftp.repo << EOF
[yumserver]
name=yum01
baseurl=ftp://192.168.44.71/centos6.9/
enabled=1
gpgcheck=0
EOF
#安裝常用工具
yum -y install tree links samba-client cifs-utils lrzsz wget vim
#安裝服務軟件
yum -y install zabbix-agent rsync salt-minion ntp httpd
#安裝nginx依賴包
yum -y install gcc gcc-c++ glibc make autoconf openssl openssl-devel pcre pcre-devel zlib zlib-devel
#安裝mysql依賴包
yum -y install gcc gcc-c++ ncurses ncurses-devel cmake bison
#安裝php相關包
yum -y install libmcrypt libmcrypt-devel mhash mhash-devel php-mcrypt libevent libevent-devel libxml2 libxml2-devel bzip2-devel libpng-devel freetype-devel libxslt-devel net-snmp-devel readline-devel aspell-devel unixODBC-devel libicu-devel libc-client libc-client-devel libXpm-devel libvpx-devel enchant-devel openldap openldap-devel postgresql-devel db4-devel gmp-devel sqlite-devel pcre-devel mysql-devel openssl-devel swig libjpeg-turbo libjpeg-turbo-devel libpng freetype zlib zlib-devel
#開啟所需要的服務
chkconfig --list |egrep "ntpd|ntpdate|salt-minion|zabbix-agent|crond|httpd|sshd|network|rsyslog|sysstal"|awk ‘{print "chkconfig",$1,"on"}‘ |bash
#關閉不必要的服務
chkconfig --list |egrep -v "ntpd|ntpdate|salt-minion|zabbix-agent|crond|httpd|sshd|network|rsyslog|sysstal" |awk ‘{print "chkconfig",$1,"off"}‘|bash
#命令別名
echo "alias rm=‘echo Please backup before deleting‘" >>/root/.bashrc
echo "alias grep=‘grep --color=auto‘" >>/root/.bashrc
echo "namedate=.terry.$(date +%F)v1" >> /root/.bash_profile
#系統優化
/etc/issue && > /etc/issue.net
echo ‘welcome to linux‘ > /etc/motd
sed -i ‘s#SELINUX=enforcing#SELINUX=disabled#g‘ /etc/selinux/config
sed -i ‘13 iPort 52222\nPermitRootLogin yes\nPermitEmptyPasswords no\nUseDNS no\nGSSAPIAuthentication no‘ /etc/ssh/sshd_config
/etc/init.d/iptables stop >/dev/null
chkconfig iptables off >/dev/null
#內核參數優化
[ -f /etc/sysctl.conf.bak ] && /bin/cp /etc/sysctl.conf.bak /etc/sysctl.conf.bak.$(date +%F) ||/bin/cp /etc/sysctl.conf /etc/sysctl.conf.bak
cat >> /etc/sysctl.conf <<EOF
net.ipv4.tcp_fin_timeout = 2
net.ipv4.tcp_tw_reuse = 1
net.ipv4.tcp_tw_recycle = 1
net.ipv4.tcp_syncookies = 1
net.ipv4.tcp_keepalive_time = 600
net.ipv4.ip_local_port_range = 4000 65000
net.ipv4.tcp_max_syn_backlog = 16384
net.ipv4.tcp_max_tw_buckets = 36000
net.ipv4.route.gc_timeout = 100
net.ipv4.tcp_syn_retries = 1
net.ipv4.tcp_synack_retries = 1
net.core.somaxconn = 16384
net.core.netdev_max_backlog = 16384
net.ipv4.tcp_max_orphans = 16384
EOF
sysctl -p >/dev/null 2>&1
#更新別名配置文件
source /root/.bash_profile
source /etc/profile
source /root/.bashrc
#配置rsync密碼文件
echo "yehaixiao" >/etc/rsync.password
chmod 600 /etc/rsync.password
#配置備份
mkdir /backup
mkdir -p /srv/scripts
wget -O /srv/scripts/backup.sh http://192.168.44.21/centos6.9/backup.sh
chmod +x /srv/scripts/backup.sh
#計劃任務
echo ‘/5 /usr/sbin/ntpdate -u time.nist.gov >/dev/null 2>&1‘ >> /var/spool/cron/root
echo ‘00 10 /bin/sh /srv/scripts/backup.sh >/dev/null 2>&1‘ >> /var/spool/cron/root
#調整文件描述符數量
/bin/cp /etc/security/limits.conf /etc/security/limits.conf.bak
echo ‘* - nofile 65535‘>>/etc/security/limits.conf
%end
#備份腳本
[root@PXE-Kickstart centos6.9]# cat /var/www/html/centos6.9/backup.sh
#/bin/sh
#backup
hostn=$(hostname)
ip=$(ifconfig eth0|awk ‘NR==2‘ |awk -F " B" ‘{print $1}‘|awk -F ":" ‘{print $2}‘)
Path="/backup/$hostn-$ip"
if [ $(date +%w) -eq 0 ]
then
Time="week$(date +%F%w -d "-1day")"
else
Time=$(date +%F)
fi
mkdir -p /$Path
#tar
tar zcf /$Path/www$Time.tar.gz /var/www/html/ &&\
tar zcf /$Path/log$Time.tar.gz /var/log/ &&\
tar zcf /$Path/conf$Time.tar.gz /var/spool/cron/root /etc/rc.local /etc/sysconfig/iptables /srv/scripts/ &&\
find /$Path/ -type f -name "$Time.tar.gz"|xargs md5sum > /$Path/flag_$Time.txt
rsync -avz --password-file=/etc/rsync.password /backup/ rsync@BACKUP::backup
find /backup/ -type f -mtime +7 ( -name ".tar.gz" -o -name "*.txt" )|xargs rm -f
#配置啟動安裝時的配置文件
[root@PXE-Kickstart ~]# yum install -y syslinux
[root@PXE-Kickstart ~]# cp /usr/share/syslinux/pxelinux.0 /var/lib/tftpboot/
[root@PXE-Kickstart ~]# cp /mnt/isolinux/* /var/lib/tftpboot/
[root@PXE-Kickstart ~]# mkdir -p /var/lib/tftpboot/pxelinux.cfg
[root@PXE-Kickstart ]# cp /mnt/isolinux/isolinux.cfg /var/lib/tftpboot/pxelinux.cfg/default
[root@PXE-Kickstart centos6.9]# cat /var/lib/tftpboot/pxelinux.cfg/default
default ks
prompt 0
label ks
kernel vmlinuz
append initrd=initrd.img ks=http://192.168.44.21/centos6.9/ks.cfg # 告訴安裝程序ks.cfg文件在哪裏
append initrd=initrd.img ks=http://192.168.44.21/centos6.9/ks.cfg ksdevice=eth0
ksdevice=eth0代表當客戶端有多塊網卡的時候,要實現自動化需要設置從eth1安裝,不指定的話,安裝的時候系統會讓你選擇,那就不叫全自動化了。
#測試一下配置文件
[root@YUM01 ~]# curl --head http://192.168.44.21/centos6.9/ks.cfg
HTTP/1.1 200 OK
Date: Mon, 04 Jun 2018 21:25:41 GMT
Server: Apache/2.2.15 (CentOS)
Last-Modified: Mon, 04 Jun 2018 21:25:12 GMT
ETag: "1b604a0-a6c-56dd791a23ac4"
Accept-Ranges: bytes
Content-Length: 2668
Connection: close
Content-Type: text/plain; charset=UTF-8
#完成配置-新建虛擬測試-無需要操作-系統安裝-優化完成
PEX+Kickstart無人值守安裝centos6.9