您的位置:首页 > 运维架构 > Linux

定制安装centos6.4系统 上汽集团线上环境

2014-01-21 08:04 453 查看
准备环境:先手动安装一台centos6.4系统

①建立目录iso,挂载镜像
yum -y install createrepo mkisofs
mkdir /iso
mount /dev/cdrom /media
②copy镜像文件到 iso目录
cp -a /media/ /iso
③ 编辑ks.cfg文件
cat /iso/media/ks.cfg
#######################################################################################################
install
cdrom
keyboard us
lang en_US.UTF-8
network --device eth0 --bootproto static --ip 10.32.119.167 --netmask 255.255.248.0 --gateway 10.32.119.1 --hostname=s2-mb01.dds.com
text
key --skip
reboot --eject
rootpw Ad@sd119
firewall --enabled --port=22:tcp --port=80:tcp
authconfig --enableshadow --enablemd5
selinux --disabled
timezone Asia/Shanghai
#bootloader --location=mbr --driveorder=sda,sdb --append="crashkernel=auto rhgb quiet"
bootloader --location=mbr --driveorder=sda --append="crashkernel=auto rhgb quiet"
# Partitioning
clearpart --all --initlabel
zerombr yes
part /boot --fstype="ext2" --size=200
part / --fstype="ext4" --size=20480
part /data --fstype="ext4" --size=1024 --grow
part swap --fstype="swap" --size=8192
%packages --ignoremissing
@ core
@ admin-tools
@ system-tools
@ text-internet
@ development-tools
openssl-devel
gcc
e2fsprogs
grub
lvm2
net-snmp
sysstat
iptraf
zlib
xinetd
lrzsz
cmake
make
automake
autoconf
libtool
telnet
tree

%post
#set DNS
echo "nameserver 10.32.119.89" >> /etc/resolv.conf
echo "nameserver 10.32.119.169" >> /etc/resolv.conf
#set ulimit
echo "ulimit -SHn 204800" >> /etc/rc.local
echo "ulimit -SHu 204800" >> /etc/rc.local
cat >> /etc/security/limits.conf << EOF
* soft nofile 204800
* hard nofile 204800
* soft nproc 204800
* hard nproc 204800
EOF
#add application
useradd application -d /data/application -u 500
echo application|passwd --stdin application
#set ntp
echo "*/50 * * * * /usr/sbin/ntpdate 10.33.0.81 > /dev/null 2>&1" > /var/spool/cron/root
service crond restart
/usr/sbin/ntpdate 10.33.0.81
# turnoff the control-alt-delete
sed -i 's#exec /sbin/shutdown -r now#\#exec /sbin/shutdown -r now#' /etc/init/control-alt-delete.conf
#config ssh
sed -i 's%#UseDNS yes%UseDNS no%' /etc/ssh/sshd_config
#sed -i 's%#PermitRootLogin yes%PermitRootLogin no%' /etc/ssh/sshd_config
sed -i 's/^GSSAPIAuthentication yes$/GSSAPIAuthentication no/' /etc/ssh/sshd_config
sed -i 's/#Port 22/Port 58422/' /etc/ssh/sshd_config
###authorized#####
if [ ! -d /root/.ssh ];then
mkdir /root/.ssh/
fi
if [ ! -f /root/.ssh/authorized_keys ];then
touch /root/.ssh/authorized_keys
fi
cat <<EOF > /root/.ssh/authorized_keys
ssh-dss AAAAB3NzaC1kc3MAAACBAOjLFumEeTJC6JMGQCT5eGu1QQ88AUs/qFplU3CYCeZfhlEH7rylYBdKFYXSCX/+4FGGKT8hHqcULlQX/bOLQNRJtJ5XWaJSMjipDM/q7W3d/oWCvjeFnYO2e/XecpTZcsHxBWyTdpz0kmbsPbptMH5jSrlQgVjMHDR3FB8J5PtDAAAAFQDo0T9ooVFKDJesdl1k96rHruv3BwAAAIEArIB3TbFlHbibTWIuiw/3mtAO+kaxDfyk1TisDOBO4eLundc5BZRJmve16vTPiZotEFMvsIvwBur8du8YHwUDVswaQwcxwozU0sr/KffDIMTT8nWRDMJMjaIKVN2SfgN7pBk2ThY0ppOgqlGNPcFu3qR25yXATiGxfICaqBrddggAAACATFp7yRoEw2msQata9ak2ZqM7sSURvNm2xTjrN0TtnE1wgQaovIIkJR7tLGWx4hy3jSjmyfbvfiPR83oCwqvxZvtifg87JMTi0FoNHi+aUUPP7u7WByjVUI1m6Fxsdo7qIDXjXZg8wIVWWS5Lo1tSBCHMFJLNpUCbEMLPqqNO8x0= root@b5msb
EOF

#disable ipv6
sed -i '2d' /etc/hosts
echo "alias net-pf-10 off" >> /etc/modprobe.d/dist.conf
echo "alias ipv6 off" >> /etc/modprobe.d/dist.conf
/sbin/chkconfig ip6tables off
#set inittab
sed -i '/tty[2-6]/s/^/#/' /etc/inittab
#services off
for svc in `chkconfig --list|grep 3:on|awk '{print $1}'`
do
chkconfig --level 3 $svc off
done
#services on
for svc in crond rsyslog sshd network
do
chkconfig --level 3 $svc on
done
#set sysctl
cat > /etc/sysctl.conf << EOF
net.ipv4.ip_forward = 0
net.ipv4.conf.default.rp_filter = 1
net.ipv4.conf.default.accept_source_route = 0
kernel.sysrq = 0
kernel.core_uses_pid = 1
net.ipv4.tcp_syncookies = 1
kernel.msgmnb = 65536
kernel.msgmax = 65536
kernel.shmmax = 68719476736
kernel.shmall = 4294967296
net.ipv4.tcp_max_tw_buckets = 6000
net.ipv4.tcp_sack = 1
net.ipv4.tcp_window_scaling = 1
net.ipv4.tcp_rmem = 4096 87380 4194304
net.ipv4.tcp_wmem = 4096 16384 4194304
net.core.wmem_default = 8388608
net.core.rmem_default = 8388608
net.core.rmem_max = 16777216
net.core.wmem_max = 16777216
net.core.netdev_max_backlog = 262144
net.core.somaxconn = 262144
net.ipv4.tcp_max_orphans = 3276800
net.ipv4.tcp_max_syn_backlog = 262144
net.ipv4.tcp_timestamps = 0
net.ipv4.tcp_synack_retries = 1
net.ipv4.tcp_syn_retries = 1
net.ipv4.tcp_tw_recycle = 1
net.ipv4.tcp_tw_reuse = 1
net.ipv4.tcp_mem = 94500000 915000000 927000000
net.ipv4.tcp_fin_timeout = 1
net.ipv4.tcp_keepalive_time = 1200
net.ipv4.ip_local_port_range = 1024 65535
vm.swappiness = 0
EOF
/sbin/sysctl -p
echo "sysctl set OK!!"
###SET YUM###
cat <<EOF > /etc/yum.repos.d/CentOS-Base.repo
# CentOS-Base.repo
#
# The mirror system uses the connecting IP address of the client and the
# update status of each mirror to pick mirrors that are updated to and
# geographically close to the client. You should use this for CentOS updates
# unless you are manually picking other mirrors.
#
# If the #mirrorlist= does not work for you, as a fall back you can try the
# remarked out baseurl= line instead.
[base]
name=CentOS-\$releasever - Base
#mirrorlist=http://mirrorlist.centos.org/?release=$releasever&arch=$basearch&repo=os
baseurl=http://10.32.119.8:81/centos/\$releasever/os/\$basearch/
gpgcheck=1
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-6
#released updates
[updates]
name=CentOS-\$releasever - Updates
#mirrorlist=http://mirrorlist.centos.org/?release=$releasever&arch=$basearch&repo=updates
baseurl=http://10.32.119.8:81/centos/\$releasever/updates/\$basearch/
gpgcheck=1
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-6
#additional packages that may be useful
[extras]
name=CentOS-\$releasever - Extras
#mirrorlist=http://mirrorlist.centos.org/?release=$releasever&arch=$basearch&repo=extras
baseurl=http://10.32.119.8:81/centos/\$releasever/extras/\$basearch/
gpgcheck=1
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-6
#additional packages that extend functionality of existing packages
[centosplus]
name=CentOS-\$releasever - Plus
#mirrorlist=http://mirrorlist.centos.org/?release=$releasever&arch=$basearch&repo=centosplus
baseurl=http://10.32.119.8:81/centos/\$releasever/centosplus/\$basearch/
gpgcheck=1
enabled=0
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-6
EOF
###SET EPEL###
cat <<EOF > /etc/yum.repos.d/epel.repo
[epel]
name=Extra Packages for Enterprise Linux 6 - \$basearch
baseurl=http://10.32.119.8:81/epel/6/\$basearch
#mirrorlist=https://mirrors.fedoraproject.org/metalink?repo=epel-6&arch=$basearch
failovermethod=priority
enabled=1
gpgcheck=0
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-EPEL-6
[epel-debuginfo]
name=Extra Packages for Enterprise Linux 6 - \$basearch - Debug
baseurl=http://10.32.119.8:81/epel/6/\$basearch/debug
#mirrorlist=https://mirrors.fedoraproject.org/metalink?repo=epel-debug-6&arch=$basearch
failovermethod=priority
enabled=0
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-EPEL-6
gpgcheck=1
[epel-source]
name=Extra Packages for Enterprise Linux 6 - \$basearch - Source
baseurl=http://10.32.119.8:81/epel/6/SRPMS
#mirrorlist=https://mirrors.fedoraproject.org/metalink?repo=epel-source-6&arch=$basearch
failovermethod=priority
enabled=0
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-EPEL-6
gpgcheck=1
EOF
###rpm###
cat <<EOF > /etc/yum.repos.d/rpmforge.repo
### Name: RPMforge RPM Repository for RHEL 6 - dag
### URL: http://rpmforge.net/ [rpmforge]
name = RHEL \$releasever - RPMforge.net - dag
baseurl = http://10.32.119.8:81/rpmforge/mirror/dag.wieers/redhat/el6/en/\$basearch/rpmforge #mirrorlist = http://mirrorlist.repoforge.org/el6/mirrors-rpmforge #mirrorlist = file:///etc/yum.repos.d/mirrors-rpmforge
enabled = 1
protect = 0
gpgkey = file:///etc/pki/rpm-gpg/RPM-GPG-KEY-rpmforge-dag
gpgcheck = 1
[rpmforge-extras]
name = RHEL \$releasever - RPMforge.net - extras
baseurl = http://10.32.119.8:81/rpmforge/mirror/dag.wieers/redhat/el6/en/\$basearch/extras #mirrorlist = http://mirrorlist.repoforge.org/el6/mirrors-rpmforge-extras #mirrorlist = file:///etc/yum.repos.d/mirrors-rpmforge-extras
enabled = 0
protect = 0
gpgkey = file:///etc/pki/rpm-gpg/RPM-GPG-KEY-rpmforge-dag
gpgcheck = 1
[rpmforge-testing]
name = RHEL \$releasever - RPMforge.net - testing
baseurl = http://10.32.119.8:81/rpmforge/mirror/dag.wieers/redhat/el6/en/\$basearch/testing #mirrorlist = http://mirrorlist.repoforge.org/el6/mirrors-rpmforge-testing #mirrorlist = file:///etc/yum.repos.d/mirrors-rpmforge-testing
enabled = 0
protect = 0
gpgkey = file:///etc/pki/rpm-gpg/RPM-GPG-KEY-rpmforge-dag
gpgcheck = 1
EOF
%end

###################################################################################################################
④编辑isolinux.cfg
cat /iso/media/isolinux/isolinux.cfg
###############################################################################################################
default elive
prompt 1
timeout 50
display boot.msg
menu background splash.jpg
menu title Welcome to CentOS 6.4!
menu color border 0 #ffffffff #00000000
menu color sel 7 #ffffffff #ff000000
menu color title 0 #ffffffff #00000000
menu color tabmsg 0 #ffffffff #00000000
menu color unsel 0 #ffffffff #00000000
menu color hotsel 0 #ff000000 #ffffffff
menu color hotkey 7 #ffffffff #ff000000
menu color scrollbar 0 #ffffffff #00000000
label elive
kernel vmlinuz
append ks=cdrom:/ks.cfg initrd=initrd.img
label linux
menu label ^Install or upgrade an existing system
menu default
kernel vmlinuz
append initrd=initrd.img
label vesa
menu label Install system with ^basic video driver
kernel vmlinuz
append initrd=initrd.img xdriver=vesa nomodeset
label rescue
menu label ^Rescue installed system
kernel vmlinuz
append initrd=initrd.img rescue
label local
menu label Boot from ^local drive
localboot 0xffff
label memtest86
menu label ^Memory test
kernel memtest
append -
##################################################################################################################
⑤精简rpm包缩小iso镜像文件,删除java、eclipse的rpm包,寻找占用空间大且不必要的rpm包删除
cd /iso/media/Packages/
ls|grep ^java |xargs rm -f
ls|grep ^eclipse|xargs rm -f
⑥ copy需要的comps.xml文件
cd /iso/media
createrepo -g repodata/*-comps.xml /iso/media/

注(如果是oracle Linux,就执行下面的命令)
createrepo -g repodata/*-comps-rhel6-Server.xml /iso/media/

⑦ 生成iso文件,在tmp目录下
mkisofs -r -T -V "CentOS" -input-charset utf-8 -b isolinux/isolinux.bin -c isolinux/boot.cat -no-emul-boot -boot-load-size 4 -boot-info-table -o /tmp/CENTOS_6.4_FINAL-NEW.iso /iso/media/

本文出自 “运维人生” 博客,请务必保留此出处http://jinyan2049.blog.51cto.com/881440/1353320
内容来自用户分享和网络整理,不保证内容的准确性,如有侵权内容,可联系管理员处理 点击这里给我发消息
标签: 
相关文章推荐
新的分享
章节导航