KICKSTART实战

最新推荐文章于 2021-10-18 23:27:13 发布

weixin_33967071

最新推荐文章于 2021-10-18 23:27:13 发布

阅读量75

点赞数

文章标签：开发工具网络 awk

原文链接：http://blog.51cto.com/wtlinux/1786276

版权

第1章系统环境准备

1.1 命令集：

cat /etc/redhat-release

uname -r

getenforce

/etc/init.d/iptables status

ifconfig eth0|awk -F "[ :]+" 'NR==2 {print $4}'

hostname

1.2 操作过程：

[root@m01 ~]# cat /etc/redhat-release

CentOS release 6.7 (Final)

[root@m01 ~]# uname -r

2.6.32-573.26.1.el6.x86_64

[root@m01 ~]# getenforce

Disabled

[root@m01 ~]# /etc/init.d/iptables status

ifconfig eth0|awk -F "[ :]+" 'NR==2 {print $4}'

iptables: Firewall is not running.

[root@m01 ~]# ifconfig eth0|awk -F "[ :]+" 'NR==2 {print $4}'

10.0.0.61

[root@m01 ~]# hostname

m01

第2章安装DHCP服务

2.1 命令集：

yum -y install dhcp

rpm -ql dhcp |grep "dhcpd.conf"

vim /etc/dhcp/dhcpd.conf

# DHCP Server Configuration file.

# see /usr/share/doc/dhcp*/dhcpd.conf.sample

# see 'man 5 dhcpd.conf'

subnet 172.16.1.0 netmask 255.255.255.0 {

range 172.16.1.100 172.16.1.200;

option subnet-mask 255.255.255.0;

default-lease-time 21600;

max-lease-time 43200;

next-server 172.16.1.61;

filename "/pxelinux.0";

}

保存并退出，启动并检查

cat /etc/dhcp/dhcpd.conf

/etc/init.d/dhcpd start

netstat -tunlp|grep dhcp

2.2 操作过程：

[root@m01 ~]# yum -y install dhcp

[root@m01 ~]# rpm -ql dhcp |grep "dhcpd.conf"

/etc/dhcp/dhcpd.conf

/usr/share/doc/dhcp-4.1.1/dhcpd-conf-to-ldap

/usr/share/doc/dhcp-4.1.1/dhcpd.conf.sample

/usr/share/man/man5/dhcpd.conf.5.gz

[root@m01 ~]# cat /etc/dhcp/dhcpd.conf

# DHCP Server Configuration file.

# see /usr/share/doc/dhcp*/dhcpd.conf.sample

# see 'man 5 dhcpd.conf'

subnet 172.16.1.0 netmask 255.255.255.0 {

range 172.16.1.100 172.16.1.200;

option subnet-mask 255.255.255.0;

default-lease-time 21600;

max-lease-time 43200;

next-server 172.16.1.61;

filename "/pxelinux.0";

}

[root@m01 ~]# /etc/init.d/dhcpd start

netstat -tunlp|grep dhcp

[root@m01 ~]# netstat -tunlp|grep dhcp

udp 0 0 0.0.0.0:67 0.0.0.0:* 19195/dhcpd

第3章安装TFTP服务

3.1 命令集

yum -y install tftp-server

sed -i '14s#yes#no#gp' /etc/xinetd.d/tftp

cat /etc/xinetd.d/tftp

/etc/init.d/xinetd restart

netstat -tunlp|grep 69

3.2 操作过程

[root@m01 ~]# yum -y install tftp-server

[root@m01 ~]# sed -i '14s#yes#no#gp' /etc/xinetd.d/tftp

[root@m01 ~]# cat /etc/xinetd.d/tftp

# default: off

# description: The tftp server serves files using the trivial file transfer \

# protocol. The tftp protocol is often used to boot diskless \

# workstations, download configuration files to network-aware printers, \

# and to start the installation process for some operating systems.

service tftp

{

socket_type = dgram

protocol = udp

wait = yes

user = root

server = /usr/sbin/in.tftpd

server_args = -s /var/lib/tftpboot

disable = no

per_source = 11

cps = 100 2

flags = IPv4

}

[root@m01 ~]# /etc/init.d/xinetd restart

netstat -tunlp|grep 69 [FAILED]

Starting xinetd: [ OK ]

[root@m01 ~]# netstat -tunlp|grep 69

udp 0 0 0.0.0.0:69 0.0.0.0:* 19404/xinetd

第4章配置HTTP服务

4.1 命令集

yum -y install httpd

sed -i "277i ServerName 127.0.0.1:80" /etc/httpd/conf/httpd.conf

/etc/init.d/httpd start

mkdir /var/www/html/CentOS-6.7

mount /dev/cdrom /var/www/html/CentOS-6.7/

df -h

4.2 操作过程

[root@m01 ~]# yum -y install httpd

[root@m01 ~]# sed -i "277i ServerName 127.0.0.1:80" /etc/httpd/conf/httpd.conf

[root@m01 ~]# mkdir /var/www/html/CentOS-6.7

[root@m01 ~]# mount /dev/cdrom /var/www/html/CentOS-6.7/

mount: block device /dev/sr0 is write-protected, mounting read-only

[root@m01 ~]# df -h

Filesystem Size Used Avail Use% Mounted on

/dev/sda3 19G 1.9G 16G 11% /

tmpfs 238M 0 238M 0% /dev/shm

/dev/sda1 190M 69M 112M 38% /boot

/dev/sr0 3.7G 3.7G 0 100% /var/www/html/CentOS-6.7

4.3 浏览器确认：

http://10.0.0.61/CentOS-6.7/

第5章配置支持PXE的启动程序

5.1 命令集

yum -y install syslinux

cp /usr/share/syslinux/pxelinux.0 /var/lib/tftpboot/

cp -a /var/www/html/CentOS-6.7/isolinux/* /var/lib/tftpboot/

ls /var/lib/tftpboot/

mkdir -p /var/lib/tftpboot/pxelinux.cfg

cp /var/www/html/CentOS-6.7/isolinux/isolinux.cfg /var/lib/tftpboot/pxelinux.cfg/default

5.2 操作过程

[root@m01 ~]# cp /usr/share/syslinux/pxelinux.0 /var/lib/tftpboot/

[root@m01 ~]# cp -a /var/www/html/CentOS-6.7/isolinux/* /var/lib/tftpboot/

[root@m01 ~]# ls /var/lib/tftpboot/

TRANS.TBL boot.msg initrd.img isolinux.cfg pxelinux.0 vesamenu.c32

boot.cat grub.conf isolinux.bin memtest splash.jpg vmlinuz

[root@m01 ~]# mkdir -p /var/lib/tftpboot/pxelinux.cfg

[root@m01 ~]# cp /var/www/html/CentOS-6.7/isolinux/isolinux.cfg /var/lib/tftpboot/pxelinux.cfg/default

第6章编写ks文件

6.1 命令集

grub-crypt

输入密码

123456

mkdir /var/www/html/ks_config

cd /var/www/html/ks_config

rz上传两个附件

mv optimization.sh 1optimization.sh

tar xfP ks_config.tar|ì?

\mv 1optimization.sh optimization.sh

vim /var/www/html/ks_config/CentOS-6.7-ks.cfg

cat /var/www/html/ks_config/CentOS-6.7-ks.cfg

6.2 操作过程：

[root@m01 ~]# mkdir /var/www/html/ks_config

[root@m01 ~]# cd /var/www/html/ks_config

[root@m01 ks_config]# rz

rz waiting to receive.

???a? zmodem ??????ê ???? Ctrl+C ????ê

?[root@m01 ks_config]# ls

[root@m01 ks_config]# rz

rz waiting to receive.

???a? zmodem ??????ê ???? Ctrl+C ????ê

?????? ks_config.tar|ì?...

100% 5 KB 5 KB/s 00:00:01 0 ???

?????? optimization.sh...

100% 3 KB 3 KB/s 00:00:01 0 ???

?[root@m01 ks_config]# ls

ks_config.tar??????.gz optimization.sh

[root@m01 ks_config]# mv optimization.sh 1optimization.sh

[root@m01 ks_config]# tar xfP ks_config.tar|ì?

[root@m01 ks_config]# ls

1optimization.sh CentOS-Base.repo etiantian.repo ks_config.tar??????.gz sshd_config

CentOS-6.7-ks.cfg epel.repo hosts optimization.sh sysctl.conf

[root@m01 ks_config]# \mv 1optimization.sh optimization.sh

[root@m01 ks_config]# ls

CentOS-6.7-ks.cfg epel.repo hosts optimization.sh sysctl.conf

CentOS-Base.repo etiantian.repo ks_config.tar??????.gz sshd_config

[root@m01 ks_config]# vim /var/www/html/ks_config/CentOS-6.7-ks.cfg

# Kickstart Configurator for CentOS 6.7 by wang tian

install

url --url="http://172.16.1.61/CentOS-6.7/"

text

lang en_US.UTF-8

keyboard us

zerombr

bootloader --location=mbr --driveorder=sda --append="crashkernel=auto rhgb quiet"

network --bootproto=dhcp --device=eth0 --onboot=yes --noipv6 --hostname=CentOS6

timezone --utc Asia/Shanghai

authconfig --enableshadow --passalgo=sha512

rootpw --iscrypted $6$X20eRtuZhkHznTb4$dK0BJByOSAWSDD8jccLVFz0CscijS9ldMWwpoCw/ZEjYw2BTQYGWlgKsn945fFTjRC658UXjuocwJbAjVI5D6/

clearpart --all --initlabel

part /boot --fstype=ext4 --asprimary --size=200

part swap --size=1024

part / --fstype=ext4 --grow --asprimary --size=200

firstboot --disable

selinux --disabled

firewall --disabled

logging --level=info

reboot

%packages

@base

@compat-libraries

@debugging

@development

tree

nmap

sysstat

lrzsz

dos2unix

telnet

%post

wget -O /tmp/optimization.sh http://172.16.1.61/ks_config/optimization.sh &>/dev/null

/bin/sh /tmp/optimization.sh

%end

第7章开机优化脚本

压缩包少sysstat开机启动，编辑加。也可以sed替换

7.1 命令集

vim /var/www/html/ks_config/optimization.sh

7.2 操作过程：

[root@m01 ks_config]# vim /var/www/html/ks_config/optimization.sh

#!/bin/bash

. /etc/init.d/functions

Ip=172.16.1.61

Port=80

ConfigDir=ks_config

# Judge Http server is ok?

PortNum=`nmap $Ip -p $Port 2>/dev/null|grep open|wc -l`

[ $PortNum -lt 1 ] && {

echo "Http server is bad!"

exit 1

}

# Defined result function

function Msg(){

if [ $? -eq 0 ];then

action "$1" /bin/true

else

action "$1" /bin/false

}

# Defined IP function

function ConfigIP(){

Suffix=`ifconfig eth1|awk -F "[ .]+" 'NR==2 {print $6}'`

cat >/etc/sysconfig/network-scripts/ifcfg-eth0 <<-END

DEVICE=eth0

TYPE=Ethernet

ONBOOT=yes

NM_CONTROLLED=yes

BOOTPROTO=none

IPADDR=10.0.0.$Suffix

PREFIX=24

GATEWAY=10.0.0.2

DNS1=10.0.0.2

DEFROUTE=yes

IPV4_FAILURE_FATAL=yes

IPV6INIT=no

NAME="System eth0"

END

Msg "config eth0"

cat >/etc/sysconfig/network-scripts/ifcfg-eth1 <<-END

DEVICE=eth1

TYPE=Ethernet

ONBOOT=yes

NM_CONTROLLED=yes

BOOTPROTO=none

IPADDR=172.16.1.$Suffix

PREFIX=24

DEFROUTE=yes

IPV4_FAILURE_FATAL=yes

IPV6INIT=no

NAME="System eth1"

END

Msg "config eth1"

}

# Defined Yum source Functions

function yum(){

YumDir=/etc/yum.repos.d

[ -f "$YumDir/CentOS-Base.repo" ] && cp $YumDir/CentOS-Base.repo{,.ori}

wget -O $YumDir/CentOS-Base.repo http://$Ip:$Port/$ConfigDir/CentOS-Base.repo &>/dev/null &&\

wget -O $YumDir/epel.repo http://$Ip:$Port/$ConfigDir/epel.repo &>/dev/null &&\

wget -O $YumDir/etiantian.repo http://$Ip:$Port/$ConfigDir/etiantian.repo &>/dev/null

Msg "YUM source"

}

# Defined Close selinux Functions

function selinux(){

[ -f "/etc/selinux/config" ] && {

sed -i 's#SELINUX=enforcing#SELINUX=disabled#g' /etc/selinux/config

Msg "Close selinux"

} || Msg "Close selinux"

}

# Defined add Ordinary users Functions

function AddUser(){

useradd oldboy &>/dev/null &&\

echo "123456"|passwd --stdin oldboy &>/dev/null &&\

sed -i '98a oldboy ALL=(ALL) NOPASSWD:ALL' /etc/sudoers &&\

visudo -c &>/dev/null

Msg "AddUser oldboy"

}

# Defined Hide the system version number Functions

function HideVersion(){

[ -f "/etc/issue" ] && >/etc/issue

Msg "Hide issue"

[ -f "/etc/issue.net" ] && > /etc/issue.net

Msg "Hide issue.net"

}

# Defined SSHD config Functions

function sshd(){

SshdDir=/etc/ssh

[ -f "$SshdDir/sshd_config" ] && /bin/mv $SshdDir/sshd_config{,.ori}

wget -O $SshdDir/sshd_config http://$Ip:$Port/$ConfigDir/sshd_config &>/dev/null &&\

chmod 600 $SshdDir/sshd_config

Msg "sshd config"

}

# Defined OPEN FILES Functions

function openfiles(){

[ -f "/etc/security/limits.conf" ] && {

echo '* - nofile 65535' >> /etc/security/limits.conf

Msg "open files"

}

# Defined Kernel parameters Functions

function kernel(){

KernelDir=/etc

[ -f "$KernelDir/sysctl.conf" ] && /bin/mv $KernelDir/sysctl.conf{,.ori}

wget -O $KernelDir/sysctl.conf http://$Ip:$Port/$ConfigDir/sysctl.conf &>/dev/null

Msg "Kernel config"

}

# Defined hosts file Functions

function hosts(){

HostsDir=/etc

[ -f "$HostsDir/hosts" ] && /bin/mv $HostsDir/hosts{,.ori}

wget -O $HostsDir/hosts http://$Ip:$Port/$ConfigDir/hosts &>/dev/null

Msg "Hosts config"

}

# Defined System Startup Services Functions

function boot(){

for oldboy in `chkconfig --list|grep "3:on"|awk '{print $1}'|grep -vE "crond|network|rsyslog|sshd|sysstat"`

chkconfig $oldboy off

done

Msg "BOOT config"

}

# Defined Time Synchronization Functions

function Time(){

echo "#time sync by zhangyao at $(date +%F)" >>/var/spool/cron/root

echo '*/5 * * * * /usr/sbin/ntpdate time.etiantian.org &>/dev/null' >>/var/spool/cron/root

Msg "Time Synchronization"

}

# Defined main Functions

function main(){

ConfigIP

yum

AddUser

HideVersion

sshd

openfiles

kernel

hosts

boot

Time

}

main

第8章整合编辑default配置文件

8.1 命令集

[root@m01 ks_config]# vim /var/lib/tftpboot/pxelinux.cfg/default

8.2 操作过程：

[root@linux-node1 ~]# vim /var/lib/tftpboot/pxelinux.cfg/default

default ks

prompt 0

label ks

kernel vmlinuz

append initrd=initrd.img ks=http://172.16.1.61/ks_config/CentOS-6.7-ks.cfg ksdevice=eth1

强制保存退出：

wq！

第9章开机、喝茶

检什么查！就是这么自信！！张导威武！！！

第10章验证

10.1 CRT连接

主机名：10.0.0.102

端口号：52113

用户名：oldboy

密码：123456

10.2 命令集

df -h

/etc/init.d/iptables status

getenforce

ifconfig eth0|awk -F "[ :]+" 'NR==2 {print $4}'

ifconfig eth1|awk -F "[ :]+" 'NR==2 {print $4}'

chkconfig --list|grep "3:on"

10.3 操作过程

[oldboy@CentOS6 ~]$ /etc/init.d/iptables status

iptables: Only usable by root.[WARNING]

[oldboy@CentOS6 ~]$ getenforce

Disabled

[oldboy@CentOS6 ~]$ ifconfig eth0|awk -F "[ :]+" 'NR==2 {print $4}'

10.0.0.102

[oldboy@CentOS6 ~]$ ifconfig eth1|awk -F "[ :]+" 'NR==2 {print $4}'

172.16.1.102

[oldboy@CentOS6 ~]$ chkconfig --list|grep "3:on"

crond 0:off 1:off 2:on 3:on 4:on 5:on 6:off

network 0:off 1:off 2:on 3:on 4:on 5:on 6:off

rsyslog 0:off 1:off 2:on 3:on 4:on 5:on 6:off

sshd 0:off 1:off 2:on 3:on 4:on 5:on 6:off

第11章增加开机自启动

11.1 命令集

sudo su -

chkconfig sysstat on

chkconfig --list|grep 3:on

11.2 操作过程

[oldboy@CentOS6 ~]$ sudo su -

[root@CentOS6 ~]# chkconfig sysstat on

[root@CentOS6 ~]# chkconfig --list|grep 3:on

crond 0:off 1:off 2:on 3:on 4:on 5:on 6:off

network 0:off 1:off 2:on 3:on 4:on 5:on 6:off

rsyslog 0:off 1:off 2:on 3:on 4:on 5:on 6:off

sshd 0:off 1:off 2:on 3:on 4:on 5:on 6:off

sysstat 0:off 1:on 2:on 3:on 4:on 5:on 6:off

第12章完善管理机配置脚本

12.1 12.1命令集

以为之前改过yum源为etiantian，所以如果需要下载的话要改掉etiantian.repo的名，然后清除缓存。

cd /etc/yum.repos.d/

mv etiantian.repo etiantian.repo.ori

yum clean all

wget -O /etc/yum.repos.d/CentOS-Base.repo http://mirrors.aliyun.com/repo/Centos-6.repo

12.2 12.2操作过程

for oldboy in `chkconfig --list|grep "3:on"|awk '{print $1}'|grep -vE "crond|network|rsyslog|sshd|sysstat"`

[root@CentOS6 ~]# cd /etc/yum.repos.d/

[root@CentOS6 yum.repos.d]# mv etiantian.repo etiantian.repo.ori

[root@CentOS6 yum.repos.d]# yum clean all

Loaded plugins: fastestmirror, security

Cleaning repos: base epel extras updates

Cleaning up Everything

Cleaning up list of fastest mirrors

[root@CentOS6 yum.repos.d]# wget -O /etc/yum.repos.d/CentOS-Base.repo http://mirrors.aliyun.com/repo/Centos-6.repo

感谢张导，感谢老男孩，感谢小伙伴们。

转载于:https://blog.51cto.com/wtlinux/1786276

weixin_33967071

关注

0
点赞
踩
0

收藏

觉得还不错? 一键收藏
0
评论
KICKSTART实战

第1章系统环境准备 1.1 命令集： cat /etc/redhat-release uname -r getenforce /etc/init.d/iptables status ifconfig eth0|awk -F "[ :]+" 'NR==2 {print $4}' hostname 1.2 操作过程： [root@m01 ~]# ...
复制链接

扫一扫