# BY kerry (聆听未来)
# BLOG:http://kerry.blog.51cto.com

CentOS 6.0 在大家翘首以盼中姗姗来迟，但官方发布的DVD太过于庞大，很多组件其实在日常的生产环境中并用不上，所以基于此种情况，在这里我们就来对官方发布的DVD进行瘦身，只安装我们需要的组件，并实现自动安装，安装完毕后再对系统做基本的初始化，这样在生产环境中需要批量布署服务器的时候，显的效率非常高

1、定制安装系统，选择常用的组件
2、安装制作发行版所需的基本软件包
yum –y install createrepo mkisofs

3、生成安装系统所需的rpm文件列表
awk '/Installing/{print $2}' install.log |sed 's/^[0-9]*://g' >/root/packages.list

4、创建定制工作目录
mkdir -p /mnt/cdrom
mkdir -p /data/OS
mount /dev/cdrom /mnt/cdrom
rsync –a --exclude=Packages /mnt/cdrom /data/OS
mkdir /data/OS/Packages

5、复制精简后的RPM包
vi /data/cprmps.sh #创建自动复制RPM包脚本

1. #!/bin/bash
2. DEBUG=0
3. CentOS_DVD=/mnt/cdrom
4. ALL_RPMS_DIR=/mnt/cdrom/Packages #源光盘RPM包存放的目录
5. KOS_RPMS_DIR=/data/OS/Packages #精简后RPM包存放的目录
6. packages_list=/root/packages.list #精简后的RPM包列表
7. number_of_packages=`cat $packages_list | wc -l`
8. i=1
9. while [ $i -le $number_of_packages ] ; do
10. line=`head -n $i $packages_list | tail -n -1`
11. name=`echo $line | awk '{print $1}'`
12. version=`echo $line | awk '{print $3}' | cut -f 2 -d :`
13. if [ $DEBUG -eq "1" ] ; then
14. echo $i: $line
15. echo $name
16. echo $version
17. fi
18. if [ $DEBUG -eq "1" ] ; then
19. ls $ALL_RPMS_DIR/$name-$version*
20. if [ $? -ne 0 ] ; then
21. echo "cp $ALL_RPMS_DIR/$name-$version* "
22. fi
23. else
24. echo "cp $ALL_RPMS_DIR/$name-$version* $KOS_RPMS_DIR/"
25. cp $ALL_RPMS_DIR/$name-$version* $KOS_RPMS_DIR/
26. # in case the copy failed
27. if [ $? -ne 0 ] ; then
28. echo "cp $ALL_RPMS_DIR/$name-$version* "
29. cp $ALL_RPMS_DIR/$name* $KOS_RPMS_DIR/
30. fi
31. fi
32. i=`expr $i + 1`
33. done

chmod +x cprpm.sh
./cprpm.sh

6、配置kickstart脚本
vi /data/OS/isolinux/kerry.cfg

1. # Kickstart file automatically generated by anaconda.
2. #Install OS instead of upgrade
3. install
4. #Use text mode install
5. text
6. #Use CDROM installation media
7. cdrom
8. lang en_US.UTF-8
9. keyboard us
11. #Skip the X Configuration
12. skipx
13. #Network information
14. #network --device eth0 --onboot yes --bootproto static --ip 192.168.9.226 --netmask 255.255.255.0 --gateway 192.168.9.1 --nameserver 192.168.9.1 --noipv6 --hostname kerry-web-001
15. network --bootproto dhcp --noipv6 --onboot=yes --hostname kerry-web-001
16. #root -- 1q2w3e
17. rootpw --iscrypted $6$ZVQx8trb4JB693IS$tdwYvbnrNLgAv9xyQTMm2/0IV5pmZWwa0dD.GWh69/LK0Ls4aUXUl3xJiPRyzVuRZDUdEzw0h26zRS5KOdbBl1
18. firewall --disabled
19. #System authorization information
20. authconfig --enableshadow --enablemd5
21. selinux --disabled
22. timezone --utc Asia/Shanghai
23. #System bootloader configuration
24. bootloader --location=mbr
25. #Clear the Master Boot Record
26. zerombr yes
28. # The following is the partition information you requested
29. # Note that any partitions you deleted are not expressed
30. # here so unless you clear all partitions first, this is
31. # not guaranteed to work
33. #Partition clearing information
34. clearpart --all --initlabel
35. part /boot --fstype ext4 --size=200 --asprimary
36. part / --fstype ext4 --size=10000
37. part swap --size=4096
38. part /data --fstype ext4 --size=1 --grow
41. #--- Reboot the host after installation is done
42. reboot
44. %packages
45. @base
46. @core
47. @development
48. @server-policy
49. sgpio
50. nmap
51. iptraf
52. ntp
54. %post --nochroot
55. # Mount CDROM
56. mkdir -p /mnt/cdrom
57. mount -r -t iso9660 /tmp/cdrom /mnt/cdrom
58. cp /mnt/cdrom/ipmod.tar.gz /mnt/sysimage/tmp/ipmod.tar.gz > /dev/null
59. cd /mnt/sysimage/tmp/
60. tar -zxvf ipmod.tar.gz > /dev/null
61. cp -R /mnt/sysimage/tmp/ipmod/* /mnt/sysimage/root/ > /dev/null 2>/dev/null
63. cp -R /mnt/sysimage/tmp/etc/* /mnt/sysimage/etc/ > /dev/null 2>/dev/null
64. cp -R /mnt/sysimage/tmp/usr/* /mnt/sysimage/usr/ > /dev/null 2>/dev/null
65. cp -R /mnt/sysimage/tmp/var/* /mnt/sysimage/var/ > /dev/null 2>/dev/null
66. cp -R /mnt/sysimage/tmp/boot/* /mnt/sysimage/boot/ > /dev/null 2>/dev/null
67. cp -R /mnt/sysimage/tmp/sbin/* /mnt/sysimage/sbin/ > /dev/null 2>/dev/null
69. umount /mnt/cdrom
71. %post
72. #vim syntax on
73. sed -i "8 s/^/alias vi='vim'/" /root/.bashrc 2>/dev/null
74. echo 'syntax on' > /root/.vimrc 2>/dev/null
76. #init_ssh
77. ssh_cf="/etc/ssh/sshd_config"
78. sed -i -e '74 s/^/#/' -i -e '76 s/^/#/' $ssh_cf
79. sed -i "s/#UseDNS yes/UseDNS no/" $ssh_cf
81. #client
82. sed -i -e '44 s/^/#/' -i -e '48 s/^/#/' $ssh_cf
84. # Remove the ISO File translation files
85. find / -name TRANS.TBL -exec rm {} \; /dev/null 2>/dev/null
87. # Remove some unneeded services
88. #--------------------------------------------------------------------------------
89. cat << EOF
90. +--------------------------------------------------------------+
91. | === Welcome to Tunoff services === |
92. +--------------------------------------------------------------+
93. EOF
94. #---------------------------------------------------------------------------------
95. for i in `ls /etc/rc3.d/S*`
96. do
97. CURSRV=`echo $i|cut -c 15-`
98. echo $CURSRV
99. case $CURSRV in
100. crond | irqbalance | microcode_ctl | network | random | sshd | syslog | local )
101. echo "Base services, Skip!"
102. ;;
103. *)
104. echo "change $CURSRV to off"
105. chkconfig --level 235 $CURSRV off
106. service $CURSRV stop
107. ;;
108. esac
109. done
111. # file descriptors
112. ulimit -HSn 65535
114. echo -ne "
115. * soft nofile 65536
116. * hard nofile 65536
117. " >>/etc/security/limits.conf
119. #set sysctl
120. true > /etc/sysctl.conf
121. cat >> /etc/sysctl.conf << EOF
122. net.ipv4.ip_forward = 0
123. net.ipv4.conf.default.rp_filter = 1
124. net.ipv4.conf.default.accept_source_route = 0
125. kernel.sysrq = 0
126. kernel.core_uses_pid = 1
127. net.ipv4.tcp_syncookies = 1
128. kernel.msgmnb = 65536
129. kernel.msgmax = 65536
130. kernel.shmmax = 68719476736
131. kernel.shmall = 4294967296
132. net.ipv4.tcp_max_tw_buckets = 6000
133. net.ipv4.tcp_sack = 1
134. net.ipv4.tcp_window_scaling = 1
135. net.ipv4.tcp_rmem = 4096 87380 4194304
136. net.ipv4.tcp_wmem = 4096 16384 4194304
137. net.core.wmem_default = 8388608
138. net.core.rmem_default = 8388608
139. net.core.rmem_max = 16777216
140. net.core.wmem_max = 16777216
141. net.core.netdev_max_backlog = 262144
142. net.core.somaxconn = 262144
143. net.ipv4.tcp_max_orphans = 3276800
144. net.ipv4.tcp_max_syn_backlog = 262144
145. net.ipv4.tcp_timestamps = 0
146. net.ipv4.tcp_synack_retries = 1
147. net.ipv4.tcp_syn_retries = 1
148. net.ipv4.tcp_tw_recycle = 1
149. net.ipv4.tcp_tw_reuse = 1
150. net.ipv4.tcp_mem = 94500000 915000000 927000000
151. net.ipv4.tcp_fin_timeout = 1
152. net.ipv4.tcp_keepalive_time = 1200
153. net.ipv4.ip_local_port_range = 1024 65535
154. EOF
156. /sbin/sysctl -p
158. #close ctrl+alt+del
159. sed -i "s/ca::ctrlaltdel:\/sbin\/shutdown -t3 -r now/#ca::ctrlaltdel:\/sbin\/shutdown -t3 -r now/" /etc/inittab
161. #set purview
162. chmod 600 /etc/passwd
163. chmod 600 /etc/shadow
164. chmod 600 /etc/group
165. chmod 600 /etc/gshadow

7、生成comps.xml
cd /data/OS
createrepo –g repodata/*-comps.xml /data/OS/

8、让系统从kickstart配置启动安装
vi /data/OS/isolinux/isolinux.cfg

default auto
label auto
kernel vmlinuz
append ks=cdrom:/isolinux/kerry.cfg initrd=initrd.img

9、生成ISO文件
cd /data/OS
declare -x discinfo=`head -1 .discinfo`
createrepo -u "media://$discinfo" -g repodata/*-comps.xml /data/OS/
mkisofs -R -J -T -r -l -d -joliet-long -allow-multidot -allow-leading-dots -no-bak -o /data/KerryOS-1.0-i386.iso -b isolinux/isolinux.bin -c isolinux/boot.cat -no-emul-boot -boot-load-size 4 -boot-info-table /data/OS

10、生成MD5检验码
/usr/bin/implantisomd5 /data/KerryOS-1.0-i386.iso

本文出自 “聆听未来” 博客，请务必保留此出处http://blog.chinaunix.net/space.php?uid=9419692&do=blog&id=3184120