当前位置：网站首页>Compilation of kickstart file

Compilation of kickstart file

2022-07-07 00:12:00 【rtoax】

Kickstart Compilation of documents
Rong Tao 2022 year 1 month 27 Japan

Document modification log

date	Modify the content	Modifier	remarks
2022 year 1 month 27 Japan	establish	Rong Tao
2022 year 2 month 11 Japan	user	Rong Tao

Kickstart brief introduction

Kickstart The utility model provides a device which can be installed partially or completely automatically OS Process approach . Created by .

Kickstart The file contains some or all OS Installation options . for example , The time zone 、 How to partition the drive , Or which packages should be installed . Provide a ready Kickstart Files can be installed without any user intervention . This is deployed on a large number of systems at the same time OS Especially useful when .

Kickstart You can use local DVD, The local hard disk , perhaps NFS,FTP,HTTP(s).

Automate the installation process

establish Kickstart file ;
send Kickstart Documents are available ;
Create bootable media / Install source or PXE;
Make the installation source available ;
Use ks File and boot media installation ;

Use Kickstart file

stay /var/lib/tftpboot/pxelinux/pxelinux.cfg/default Add... To the corresponding location of the configuration file inst.ks=http://192.168.122.174/kickstart/cclinux-2203-x86_64.cfg Options .

Depending on the kickstart The configuration file is specified in the following table HTTP Depending on the location in the server .

establish Kickstart file

Chapter 4, Creating Kickstart files.

You can use the following method to get ks file ：

Use the online configuration tool ;
Copy ks file ;
Write by hand ks file ;
Convert from lower version ;
Virtualized environment , Create custom OS Mirror image , Yes, that Image Builder.

Online generation kickstart file

Visit red hat Kickstart Generator

Write by hand Kickstart file

According to red hat Kickstart Generator As a directory structure , And add some supplements .

1. Basic configuration

1.1. default language

#  American English 
lang en_US
lang en_US.UTF-8
#  Simplified Chinese 
lang zh_CN
lang zh_CN.UTF-8

1.2. keyboard

keyboard us

1.3. The time zone

--isUtc Indicates whether to use UTC

timezone Asia/Shanghai --isUtc
timezone Asia/Shanghai --utc

1.4. root User password

rootpw $2b$10$xtBFXV8dXm5y1Cz0vEnKSODi4eGUgtmapMGHEe7icZL/qyNVrOO/C --iscrypted
#  lock 
rootpw --iscrypted --lock $6$rMt1qgFxWxQ//N2X$SJlNvEJDVEx7fMWfgBWDsyczBtRmueR820jR5Gd/fDrjibR/o65t3KKv/4dM47dDwrFacsfwiZcch6xpIUJ1I0

1.5. Create user

grammar ：

user --name=username [options]

Example ：

#  Create user rongtao
user --groups=wheel --name=rongtao --password=$6$hTwcIUUv.UAuaAbW$Ceb8LL.I.hgmWnvAt9t8olV0N8c18xUgBNXM5qxuJvhnkMH9tU9pUVLDUNQ0MyC.8UCqVe9hn0VFeoEszsWAI/ --iscrypted --gecos="rongtao"

More parameters ：

–name= – Provides the name of the user. This option is required.
–gecos= – Provides the GECOS information for the user. This is a string of various system-specific fields separated by a comma. It is frequently used to specify the user’s full name, office number, and so on. See the passwd(5) man page for more details.
–groups= – In addition to the default group, a comma separated list of group names the user should belong to. The groups must exist before the user account is created. See the group command.
–homedir= – The home directory for the user. If not provided, this defaults to /home/username.
–lock – If this option is present, this account is locked by default. This means that the user will not be able to log in from the console. This option will also disable the Create User screens in both the graphical and text-based manual installation.
–password= – The new user’s password. If not provided, the account will be locked by default.
–iscrypted – If this option is present, the password argument is assumed to already be encrypted. This option is mutually exclusive with –plaintext.
–shell= – The user’s login shell. If not provided, the system default is used.
–uid= – The user’s UID (User ID). If not provided, this defaults to the next available non-system UID.
–gid= – The GID (Group ID) to be used for the user’s group. If not provided, this defaults to the next available non-system group ID.

1.5.1. root User password

grammar :

rootpw [--iscrypted|--plaintext] [--lock] password

Set up directly

rootpw "password here"

Or use a hash value

rootpw --iscrypted "password_hash"

This hash How values are generated

MD5

$ openssl passwd -1
Password:  Input 
Verifying - Password:  Confirm input 
$1$HJt71Ctj$OLbT94PMwQz8XXkBn6fZB/

sha256

$ openssl passwd -5
Password:  Input 
Verifying - Password:  Confirm input 
$5$UTlAHAYXij9kL0ID$nJazXmEI8aYV0b3iYv6WxPKjMuz6dISH0LyvWK6v2h1

sha512

$ openssl passwd -6
Password:  Input 
Verifying - Password:  Confirm input 
$6$7OSrg1wIHvakPCs3$EdBenUucQ17Hv1TX2CbO/mfOqmjTP1mAnQSmrg7d9WlA/ZVYzzf934ZP1e9FWWW5EquAkVF/qkzt4ATWu29Cf0

1.5.2. Set user sshkey Public key

#  Create user examples 
user --name=myuser
#  Set... For this user key
sshkey --username=myuser "ssh-pub-key-value"

The key pair passes ssh-keygen -t rsa -C "[email protected]" Command to generate ,"ssh-pub-key-value" Corresponding generated ~/.ssh/id_rsa.pub The contents of the document .

1.6. Target architecture

1.7. Whether to restart after installation

reboot

1.8. Install in graphical mode

graphical

1.9. Use text Mode installation

text

2. install

2.1. Location of installation source and installation tree

# DVD install 
cdrom
# http
url --url=http://192.168.122.22/CCLinux-2203-x86_64-rc1/
# ftp
url --url=ftp://192.168.122.22/CCLinux-2203-x86_64-rc1/
# nfs
nfs --server=nfs://nfstest.com --dir=/CCLinux-2203-x86_64-rc1
# harddrive
harddrive --partition=/dev/sda1 --dir=/CCLinux-2203-x86_64-rc1

3. Partition

3.1. Clean up the primary partition records

zerombr

3.2. Remove existing partitions and initialize disk labels

clearpart --all --initlabel

3.3. Ignore disk

#  Can only make  vds
ignoredisk --only-use=vda

3.4. Use automatic partitioning

autopart

4. BootLoader

4.1. Grub password

bootloader --append="rhgb quiet crashkernel=auto" --iscrypted --password=grub.pbkdf2.sha512.10000.A98B43E3F163821C5395AAD07FD44FA508AE0FB6A55873FACD49228D90496A9012033FEEAC0E795ACAEB71F5B3DEB2D9B69323A43DBD2D5DA6309967188BE347.6F792B5C7DEF1865B82F44A100FC398032CA3C8D51A5BD856D87D19FFE31DC81FCEF452ABCD125074D844F706E9F88592ECEF99BF625DB6631D5D9EB25E88330

4.2. Use UEFI

4.3. Kernel parameters

bootloader --append="rhgb quiet crashkernel=auto"

5. Data packets

Depending on the architecture , The distribution is different , Installation packages are also quite different .

%packages
@^graphical-server-environment
@debugging
@network-server
@performance
@remote-desktop-clients
@virtualization-tools
%end

Data packets graphical-server-environment stay AppStream/comps.xml In the definition of , This is a repodata data .

5.1. CentOS-Stream-9 Packet type

Specific see ISO in comps.xml file .

6. Authentication

6.1. cryptographic algorithm

auth --passalgo=sha512 --useshadow

7. The Internet

7.1. Use the default network DHCP

8. Security

8.1. SELinux

Whether to activate

selinux --enforcing
selinux --permissive
selinux --disabled

8.2. Enable firewall

Whether to allow http,ftp,smtp,ssh;
Allow other ports ;

firewall --enabled --http --ftp --smtp --ssh --port=1234,2345,3456

9. Exhibition Display

Do not install the graphics environment (skipx)

skipx

First boot , Appoint agent

firstboot --enable
firstboot --disable

10. Pre install script

%pre
#!/bin/bash
ls
%end

11. Post install scripts

%post --interpreter=#!/bin/bash
#!/bin/bash
echo hello world > /hello.txt
%end

12. A completed example

# Generated by Anaconda 34.25.0.17
# Generated by pykickstart v3.32
#version=RHEL9
# Use graphical install
graphical

# http installation source
url --url=http://192.168.122.22/CCLinux-2203-x86_64-rc1/

%addon com_redhat_kdump --enable --reserve-mb='auto'

%end

# Keyboard layouts
keyboard --xlayouts='cn'
# System language
lang zh_CN.UTF-8

# Use CDROM installation media
#cdrom

# Reboot after installation
reboot

%packages
@^graphical-server-environment
@debugging
@network-server
@performance
@remote-desktop-clients
@virtualization-tools

%end

# Run the Setup Agent on first boot
firstboot --enable

# Generated using Blivet version 3.4.0
ignoredisk --only-use=vda
autopart
# Partition clearing information
clearpart --none --initlabel

# System timezone
timezone Asia/Shanghai --utc

# Root password
rootpw --iscrypted --lock $6$rMt1qgFxWxQ//N2X$SJlNvEJDVEx7fMWfgBWDsyczBtRmueR820jR5Gd/fDrjibR/o65t3KKv/4dM47dDwrFacsfwiZcch6x
pIUJ1I0
user --groups=wheel --name=rongtao --password=$6$hTwcIUUv.UAuaAbW$Ceb8LL.I.hgmWnvAt9t8olV0N8c18xUgBNXM5qxuJvhnkMH9tU9pUVLDUNQ
0MyC.8UCqVe9hn0VFeoEszsWAI/ --iscrypted --gecos="rongtao"

selinux --permissive
firewall --enabled --http --ftp --smtp --ssh --port=1234,2345,3456

%pre
#!/bin/bash
echo ">>>>>>>>>>>>>> Just Do It <<<<<<<<<<<<<"
%end

%post --interpreter=/bin/bash
#!/bin/bash
echo hello world > /hello.txt
%end