最近正好跳槽,新公司要装机,又没有cobbler,做了新的更好的kickstart配置,解决了以前公司的很多问题,同时也带来新的问题还没能解决,总之是测试之后目前可以制作成支持BIOS模式,并且支持2T以上分区的镜像了
制作镜像其实很简单啊,只需要把centos7 iso的文件挂载到文件系统,拷贝出来,然后添加一个新文件,修改我们的isolinux.cfg就可以了
挂载镜像的命令
mount centos7.iso -o loop /mnt cp -r /mnt/* /tmp/
把写好的ks.cfg放到isolinux下面,修改isolinux.cfg,然后对镜像进行打包
isolinux.cfg添加类似的内容就可以了
label custom menu label ^Custom CentOS 7 by Jinxiao2010 kernel vmlinuz append initrd=initrd.img inst.stage2=hd:LABEL=CENTOS7 inst.ks=cdrom:/isolinux/ks.cfg
打包命令如下:
genisoimage -v -cache-inodes -joliet-long -R -J -T -V CENTOS7 -o /tmp/centos7.iso \ -c isolinux/boot.cat -bisolinux/isolinux.bin \ -no-emul-boot -boot-load-size 4 -boot-info-table \ -eltorito-alt-boot -b images/efiboot.img -no-emul-boot .
kickstart文件比较复杂,主要配置好最开始的预处理,pre模块,package模块以及我们的post模块就可以了,镜像在安装的时候会自动读取我们的配置文件
下面是我的配置文件
增加了biosboot分区,所有分区使用GPT,避免2T以上硬盘无法自动分区,默认会自动安装到第一块硬盘上面,默认关闭了selinux和firewalld,还有一些针对内核的优化,都在里面了,也可以关注我的github主页进行了解,本项目主页:https://github.com/jinxiao/kickstart.git
#install
logging --level=info
auth --useshadow --passalgo=sha512
text
firewall --disabled
firstboot --enable
keyboard us
lang en_US
reboot
#ignoredisk --only-use=sda
rootpw --iscrypted $6$/yBjnp4lrShR8MLa$Pd85qNTFdMl6aodzLXMa0p2NAyhyRTS.d1vHml1zxeywF1Z/0wznk7T0MOxH0nFW2IxAlcK108Ly2DqpHsyAD.
#add new user
user --groups=hadoop --name=hadoop --password=$6$3yBSAdpuAKvUzvSC$a4LoOtLdUaaj1uaUhFqwpRKsUpiq5cL8D3xUYE9jNiuZ2t.n8voenu8TwA2G9gT.DLXMtzMWbzJLbpnjKzmXp1 --iscrypted --gecos="hadoop"
network --bootproto=dhcp --device=eth0 --onboot=on --noipv6
selinux --disabled
skipx
timezone --utc Asia/Shanghai
install
zerombr
bootloader --location=mbr
clearpart --drives=sda --all --initlabel
part biosboot --fstype="biosboot" --size=2
part /boot --fstype="xfs" --size=1024
part swap --fstype="swap" --size=4000
part / --fstype="xfs" --grow --size=1
%pre
!/bin/sh
drives=""
for drv in `ls -1 /sys/block | grep "sd\|hd\|vd\|cciss"`; do
if (grep -q 0 /sys/block/${drv}/removable); then
d=`echo ${drv} | sed -e 's/!/\//'`
drives="${drives} ${d}"
fi
done
drive=`echo $drives | awk '{print $1}'`
echo "/usr/sbin/parted --script /dev/sd${d} mklabel gpt"
/usr/sbin/parted -s /dev/sda mklabel gpt
/usr/sbin/parted -s /dev/sda mkpart primary xfs 100M 102M
/usr/sbin/parted -s /dev/sda set 1 bios_grub on
/usr/sbin/parted -s /dev/sda mkpart primary linux-swap 102M 1126M
/usr/sbin/parted -s /dev/sda set 2 boot on
/usr/sbin/parted -s /dev/sda mkpart primary xfs 1126M 17126M
/usr/sbin/parted -s /dev/sda mkpart primary xfs 17126M -1
%end
%packages
@base
@core
@development
@system-admin-tools
lrzsz
ipmitool
git
subversion
bind-utils
net-tools
openssl-devel
zlib-devel
pcre-devel
%end
%post
!/bin/bash
cat >/etc/yum.repos.d/CentOS-Base.repo <<EOF
[base]
name=CentOS-$releasever - Base - 163.com
#mirrorlist=http://mirrorlist.centos.org/?release=\$releasever&arch=$basearch&repo=os
baseurl=http://mirrors.163.com/centos/\$releasever/os/\$basearch/
gpgcheck=1
enabled=1
gpgkey=http://mirrors.163.com/centos/RPM-GPG-KEY-CentOS-7
#released updates
[updates]
name=CentOS-$releasever - Updates - 163.com
#mirrorlist=http://mirrorlist.centos.org/?release=\$releasever&arch=\$basearch&repo=updates
baseurl=http://mirrors.163.com/centos/\$releasever/updates/\$basearch/
gpgcheck=1
enabled=1
gpgkey=http://mirrors.163.com/centos/RPM-GPG-KEY-CentOS-7
#additional packages that may be useful
[extras]
name=CentOS-$releasever - Extras - 163.com
#mirrorlist=http://mirrorlist.centos.org/?release=\$releasever&arch=\$basearch&repo=extras
baseurl=http://mirrors.163.com/centos/\$releasever/extras/\$basearch/
gpgcheck=1
enabled=1
gpgkey=http://mirrors.163.com/centos/RPM-GPG-KEY-CentOS-7
#additional packages that extend functionality of existing packages
[centosplus]
name=CentOS-$releasever - Plus - 163.com
baseurl=http://mirrors.163.com/centos/\$releasever/centosplus/\$basearch/
gpgcheck=1
enabled=0
gpgkey=http://mirrors.163.com/centos/RPM-GPG-KEY-CentOS-7
[epel]
name=Extra Packages for Enterprise Linux 7 - $basearch
baseurl=https://mirrors.tuna.tsinghua.edu.cn/epel/7/\$basearch
#mirrorlist=https://mirrors.fedoraproject.org/metalink?repo=epel-7\&arch=\$basearch
failovermethod=priority
enabled=1
gpgcheck=0
#gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-EPEL-7
[epel-debuginfo]
name=Extra Packages for Enterprise Linux 7 - $basearch - Debug
baseurl=https://mirrors.tuna.tsinghua.edu.cn/epel/7/\$basearch/debug
#mirrorlist=https://mirrors.fedoraproject.org/metalink?repo=epel-debug-7\&arch=\$basearch
failovermethod=priority
enabled=0
#gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-EPEL-7
gpgcheck=1
EOF
cat >> /etc/sysctl.conf <<EOF
net.ipv4.tcp_tw_reuse = 1
net.ipv4.tcp_tw_recycle = 0
net.ipv4.tcp_fin_timeout = 15
net.ipv4.tcp_keepalive_time = 30
net.ipv4.tcp_syncookies = 1
net.ipv4.icmp_echo_ignore_broadcasts = 1
net.ipv4.icmp_ignore_bogus_error_responses = 1
net.ipv4.conf.all.log_martians = 1
net.ipv4.tcp_max_syn_backlog = 4096
net.ipv4.tcp_max_tw_buckets = 1440000
net.core.rmem_default = 262144
net.core.wmem_default = 262144
net.core.rmem_max = 16777216
net.core.wmem_max = 16777216
net.ipv4.tcp_rmem = 10240 4194304 16777216
net.ipv4.tcp_wmem = 10240 4194304 16777216
net.ipv4.tcp_window_scaling=1
net.ipv4.tcp_keepalive_intvl = 2
net.ipv4.tcp_keepalive_probes = 2
net.ipv4.tcp_retries2 = 5
fs.file-max = 655350
net.core.somaxconn = 4096
net.nf_conntrack_max = 99999999
net.netfilter.nf_conntrack_tcp_timeout_established = 300
net.netfilter.nf_conntrack_tcp_timeout_time_wait = 12
net.netfilter.nf_conntrack_tcp_timeout_close_wait = 60
net.netfilter.nf_conntrack_tcp_timeout_fin_wait = 120
vm.swappiness = 0
kernel.msgmni = 16384
kernel.sem = 250 32000 100 1024
net.ipv6.conf.all.disable_ipv6=1
net.ipv6.conf.default.disable_ipv6 =1
EOF
#yum update -y
%end