1、系统环境准备
[root@m01 ~]# cat /etc/redhat-release
CentOS release 6.5 (Final)
[root@m01 ~]# uname -r
2.6.32-431.el6.x86_64
[root@m01 ~]# getenforce
Disabled
[root@m01 ~]# /etc/init.d/iptables status
iptables: Firewall is not running.
[root@m01 ~]# ifconfig eth0|awk -F "[ :]+" 'NR==2 {print $4}'
10.0.0.61
[root@m01 ~]# hostname
m01
[root@m01 ~]# mkdir /server/yum /mnt/cdrom/ -p
[root@m01 ~]# mount /dev/cdrom /mnt/cdrom/
[root@m01 ~]# cp -r /mnt/cdrom/* /server/yum/
注意:
1)虚拟机网卡采用NAT模式,不要使用桥接模式,因为稍要搭建DHCP服务器,同一局域网用一个DHCP服务。
2)VMware的NAT模式的dhcp服务也关闭,避免干扰。
2、DHCP服务安装配置
[root@m01 ~]# yum install dhcp -y
[root@m01 ~]# echo 'subnet 10.0.0.0 netmask 255.255.255.0 {
range 10.0.0.100 10.0.0.200;
option subnet-mask 255.255.255.0;
default-lease-time 21600;
max-lease-time 43200;
next-server 10.0.0.61;
filename "/pxelinux.0";
}'>/etc/dhcp/dhcpd.conf
[root@m01 ~]# /etc/init.d/dhcpd start
Starting dhcpd: [ OK ]
[root@m01 ~]# netstat -lntup|grep dhcpd
udp 0 0 0.0.0.0:67 0.0.0.0:* 1987/dhcpd
注意:
1)软件装完后应加入开机自启动,但Kickstart系统就不能开机自启动,且用完后要关闭,防止未来重启服务器自动重装系统。
2)若机器数量过多,注意dhcp服务器的地址池,不要因为耗尽IP导致dhcpd服务器没有IP地址release的情况。
3、TFTP服务安装及配置支持PXE的启动程序
3.1、安装TFTP服务
[root@m01 ~]# yum install tftp-server -y
[root@m01 ~]# sed -i '14s#yes#no#g' /etc/xinetd.d/tftp
[root@m01 ~]# /etc/init.d/xinetd start
Starting xinetd:
[root@m01 ~]# netstat -lntup|grep xinetd
udp 0 0 0.0.0.0:69 0.0.0.0:* 2025/xinetd
3.2、PXE引导配置(bootstrap)
[root@m01 ~]# yum install syslinux -y
[root@m01 ~]# cp /usr/share/syslinux/pxelinux.0 /var/lib/tftpboot/
[root@m01 isolinux]# cp -a /server/yum/isolinux/* /var/lib/tftpboot/
[root@m01 isolinux]# ls /var/lib/tftpboot/
boot.cat boot.msg grub.conf initrd.img isolinux.bin isolinux.cfg memtest pxelinux.0 splash.jpg TRANS.TBL vesamenu.c32 vmlinuz
[root@m01 ~]# mkdir /var/lib/tftpboot/pxelinux.cfg -p
[root@m01 ~]# mv /var/lib/tftpboot/isolinux.cfg /var/lib/tftpboot/pxelinux.cfg/
[root@m01 ~]# mv /var/lib/tftpboot/pxelinux.cfg/isolinux.cfg /var/lib/tftpboot/pxelinux.cfg/default
3.3、整合编辑default配置文件
# 最精简配置
[root@linux-node1 ~]# vim /var/lib/tftpboot/pxelinux.cfg/default
default ks
prompt 0
label ks
kernel vmlinuz
append initrd=initrd.img ks=ftp://10.0.0.61/ks_config/CentOS-6.5-ks.cfg ##告诉安装程序ks.cfg文件在哪里
# append initrd=initrd.img ks=ftp://10.0.0.61/ks_config/CentOS-6.5-ks.cfg ksdevice=eth0
# ksdevice=eth0代表当客户端有多块网卡的时候,要实现自动化需要设置从eth1安装,不指定的话,安装的时候系统会让你选择,那就不叫全自动化了。
4、VSFTP服务安装
4.1、安装VSFTP服务
[root@m01 ~]# yum install vsftp -y
[root@m01 ~]# sed -i "13i anon_root=/server/yum" /etc/vsftpd/vsftpd.conf
[root@m01 ~]# /etc/init.d/vsftpd start
[root@m01 ~]# echo '/etc/init.d/vsftpd start' >>/etc/rc.local
[root@m01 ~]# netstat -lntup|grep 21
4.2、新建虚拟机进行测试
5、创建ks.cfg文件
生成kickstart配置文件的三种方法:
方法1、 每安装好一台Centos机器,Centos安装程序都会创建一个kickstart配置文件,记录你的真实安装配置。如果你希望实现和某系统类似的安装,可以基于该系统的kickstart配置文件来生成你自己的kickstart配置文件。(生成的文件名字叫anaconda-ks.cfg位于/root/anaconda-ks.cfg)
方法2、Centos提供了一个图形化的kickstart配置工具。在任何一个安装好的Linux系统上运行该工具,就可以很容易地创建你自己的kickstart配置文件。kickstart配置工具命令为redhat-config-kickstart(RHEL3)或system-config-kickstart(RHEL4,RHEL5).网上有很多用CentOS桌面版生成ks文件的文章,如果有现成的系统就没什么可说。但没有现成的,也没有必要去用桌面版,命令行也很简单。
方法3、阅读kickstart配置文件的手册。用任何一个文本编辑器都可以创建你自己的kickstart配置文件。
5.1、编写ks文件
[root@m01 pxelinux.cfg]# grub-crypt ##生成密码备用
Password: 123456
Retype password:123456
$6$zLAVMvEnNOs7cfRl$/07E6Mw1GrBrfh1owO2mBPAUMNaGspmYHfIt12iLNJV34bSvvFqemd9vvGdF6ZLIdbX1xIkZOJcDci5uVIiXB1
[root@m01 ~]# mkdir /server/yum/ks_config -p
[root@m01 pxelinux.cfg]# vim /server/yum/ks_config/CentOS-6.5-ks.cfg
# Kickstart Configurator for CentOS 6.5 by yyc
install
url --url="ftp://10.0.0.61"
text
lang en_US.UTF-8
keyboard us
zerombr
bootloader --location=mbr --driveorder=sda --append="crashkernel=auto rhgb quiet"
network --bootproto=dhcp --device=eth0 --onboot=yes --noipv6 --hostname=CentOS6
timezone --utc Asia/Shanghai
authconfig --enableshadow --passalgo=sha512
rootpw --iscrypted $6$zLAVMvEnNOs7cfRl$/07E6Mw1GrBrfh1owO2mBPAUMNaGspmYHfIt12iLNJV34bSvvFqemd9vvGdF6ZLIdbX1xIkZOJcDci5uVIiXB1
clearpart --all --initlabel
part /boot --fstype=ext4 --asprimary --size=200
part swap --size=1024
part / --fstype=ext4 --grow --asprimary --size=200
firstboot --disable
selinux --disabled
firewall --disabled
logging --level=info
reboot
%packages
@base
@compat-libraries
@debugging
@development
tree
nmap
sysstat
lrzsz
dos2unix
telnet
%post
wget -O /tmp/optimization.sh ftp://10.0.0.61/ks_config/optimization.sh &>/dev/null
/bin/sh /tmp/optimization.sh
%end
5.2、开机优化脚本
[root@m01 pxelinux.cfg]# vim /server/yum/ks_config/optimization.sh
#!/bin/bash
##############################################################
# File Name: /server/yum/ks_config/optimization.sh
# Version: V1.0
# Author: yyc
# Organization: www.yyc.com
# Created Time : 2018-1-07 00:09:08
# Description: Linux system initialization
##############################################################
. /etc/init.d/functions
Ip=10.0.0.61
Port=21
ConfigDir=ks_config
# Judge ftp server is ok?
PortNum=`nmap $Ip -p $Port 2>/dev/null|grep open|wc -l`
[ $PortNum -lt 1 ] && {
echo "ftp server is bad!"
exit 1
}
# Defined result function
function Msg(){
if [ $? -eq 0 ];then
action "$1" /bin/true
else
action "$1" /bin/false
fi
}
# Defined IP function
function ConfigIP(){
Suffix=`ifconfig eth0|awk -F "[ .]+" 'NR==2 {print $6}'`
cat >/etc/sysconfig/network-scripts/ifcfg-eth0 <
DEVICE=eth0
TYPE=Ethernet
ONBOOT=yes
NM_CONTROLLED=yes
BOOTPROTO=none
IPADDR=10.0.0.$Suffix
PREFIX=24
GATEWAY=10.0.0.2
DNS1=10.0.0.2
DEFROUTE=yes
IPV4_FAILURE_FATAL=yes
IPV6INIT=no
NAME="System eth0"
EOF
Msg "config eth0"
}
# Defined Yum source Functions
function yum(){
YumDir=/etc/yum.repos.d
[ -f "$YumDir/CentOS-Base.repo" ] && cp $YumDir/CentOS-Base.repo{,.ori}
wget -O $YumDir/CentOS-Base.repo ftp://$Ip/wenjian/CentOS-Base.repo &>/dev/null &&\
wget -O $YumDir/epel.repo ftp://$Ip/wenjian/epel.repo &>/dev/null &&\
Msg "YUM source"
}
# Defined Hide the system version number Functions
function HideVersion(){
[ -f "/etc/issue" ] && >/etc/issue
Msg "Hide issue"
[ -f "/etc/issue.net" ] && > /etc/issue.net
Msg "Hide issue.net"
}
# Defined OPEN FILES Functions
function openfiles(){
[ -f "/etc/security/limits.conf" ] && {
echo '* - nofile 65535' >> /etc/security/limits.conf
Msg "open files"
}
}
# Defined Kernel parameters Functions
function kernel(){
KernelDir=/etc
[ -f "$KernelDir/sysctl.conf" ] && /bin/mv $KernelDir/sysctl.conf{,.ori}
wget -O $KernelDir/sysctl.conf ftp://$Ip/wenjian/sysctl.conf &>/dev/null
Msg "Kernel config"
}
# Defined System Startup Services Functions
function boot(){
for oldboy in `chkconfig --list|grep "3:on"|awk '{print $1}'|grep -vE "crond|network|rsyslog|sshd|sysstat"`
do
chkconfig $oldboy off
done
Msg "BOOT config"
}
# Defined Time Synchronization Functions
function Time(){
echo "#time sync by yyc at $(date +%F)" >>/var/spool/cron/root
echo '*/5 * * * * /usr/sbin/ntpdate ntp1.aliyun.com &>/dev/null' >>/var/spool/cron/root
Msg "Time Synchronization"
}
# Defined main Functions
function main(){
ConfigIP
yum
HideVersion
openfiles
kernel
boot
Time
}
main $*
5、客户机安装完成后验证
[root@CentOS6 ~]# df -h
Filesystem Size Used Avail Use% Mounted on
/dev/sda2 19G 1.5G 17G 9% /
tmpfs 491M 0 491M 0% /dev/shm
/dev/sda1 194M 29M 155M 16% /boot
[root@CentOS6 ~]# free -m
total used free shared buffers cached
Mem: 980 122 857 0 11 44
-/+ buffers/cache: 67 913
Swap: 1023 0 1023
[root@CentOS6 ~]# getenforce
Disabled
[root@CentOS6 ~]# /etc/init.d/iptables status
iptables: Firewall is not running.
[root@CentOS6 ~]# ifconfig eth0|awk -F "[ :]+" 'NR==2 {print $4}'
10.0.0.103
[root@CentOS6 ~]# chkconfig --list|grep "3:on"
crond 0:off 1:off 2:on 3:on 4:on 5:on 6:off
network 0:off 1:off 2:on 3:on 4:on 5:on 6:off
rsyslog 0:off 1:off 2:on 3:on 4:on 5:on 6:off
sshd 0:off 1:off 2:on 3:on 4:on 5:on 6:off
sysstat 0:off 1:on 2:on 3:on 4:on 5:on 6:off
文中部分参考了老男孩,在此表示感谢!