centos7 封装ks文件到iso

一、步骤整理

1、挂载镜像

mkdir /mnt/cdrom
mount -o loop  CentOS-7-x86_64-Minimal-2009.iso    /mnt/cdrom

2、安装工具

yum -y install anaconda createrepo mkisofs rsync syslinux

3、 同步/mnt/cdrom/下的文件到/ISO/路径下,除了Packages和repodata文件夹 

/usr/bin/rsync -a --exclude=Packages/  --exclude=repodata/  /mnt/cdrom/ /ISO/

4、 在/ISO/文件夹下新建Packages和repodata文件夹

 mkdir -p /ISO/{Packages,repodata}

5、cp 全部 rpm 包

# 以下内容为,缩减rpm包数量,减少不必须的安装文件
# 问题:这类做法安装时提示--Error Checking Software Selection--导致安装失败
# 预估为安装包不完整,当把/mnt/cdrom/Packages下全部的rpm包放到/ISO/Packages中,安装完成
cat > copy_rpm.sh <<EOF
#!/bin/bash

cd /root
rpm -qa > package.txt
DVD='/mnt/cdrom/Packages'
NEW_DVD='/ISO/Packages'
while read LINE 
do
cp \${DVD}/\${LINE}*.rpm /\${NEW_DVD} || echo "\$LINE don't cp......."
done < package.txt 
rm -rf package.txt
EOF

chmod +x copy_rpm.sh

./copy_rpm.sh

# 全部rpm包
###定制化安装docker、ansible,把相关的离线依赖rpm包也移动到/ISO/Packages/
cp /mnt/cdrom/Packages/* /ISO/Packages/

6、制作ks文件

[root@root isolinux]#cat  ks.cfg
auth --enableshadow --passalgo=sha512
# Use CDROM installation media
cdrom
# Use graphical install
graphical
# Run the Setup Agent on first boot
firstboot --enable
ignoredisk --only-use=sda
# Keyboard layouts
keyboard --vckeymap=us --xlayouts='us'
# System language
lang en_US.UTF-8

# Network information
network  --bootproto=static --device=ens33 --gateway=192.168.40.2 --ip=192.168.40.118 --nameserver=114.114.114.114 --netmask=255.255.255.0 --ipv6=auto --activate  ##指定网卡静态IP信息
network  --hostname=moqi

# Root password
rootpw  moqi!233
user --groups=wheel --name=op_admin --password=123456  --gecos="op_admin"

selinux --disabled
firewall --disabled

# System services
services --disabled="chronyd"
# System timezone
timezone Asia/Shanghai --isUtc --nontp  # 设置时区
# System bootloader configuration
bootloader --append=" crashkernel=auto" --location=mbr --boot-drive=sda   # 选择磁盘分区
# Partition clearing information
clearpart --none --initlabel
# Disk partitioning information
#part swap --fstype="swap" --ondisk=sda --size=65536
#part /boot --fstype="xfs" --ondisk=sda --size=500
#part /boot/efi --fstype="efi" --ondisk=sda --size=500 --fsoptions="umask=0077,shortname=winnt"
#part /usr/local --fstype="xfs" --ondisk=sda --size=102400
#part / --fstype="xfs" --ondisk=sda --size=102400
#part /home --fstype="xfs" --ondisk=sda --size=51200
#part /var --fstype="xfs" --ondisk=sda --size=1 --grow   # 剩余全部给 /var下

part /boot --fstype="xfs" --ondisk=sda --size=1024
part /boot/efi --fstype="efi" --ondisk=sda --size=500
part pv.1 --fstype="lvmpv" --ondisk=sda --size=1 --grow --asprimary
volgroup rootvg --pesize=4096 pv.1
logvol swap --fstype="swap" --size=16384 --name=lv02 --vgname=rootvg
logvol / --fstype="xfs"  --size=1 --grow --name=lv01 --vgname=rootvg
logvol /home --fstype="xfs"  --size=20480 --grow --name=lv03 --vgname=rootvg

%packages
@^minimal
@core
ansible
docker-ce-19.03.6
kexec-tools
%end

%addon com_redhat_kdump --enable --reserve-mb='auto'

%end

%anaconda
pwpolicy root --minlen=6 --minquality=1 --notstrict --nochanges --notempty
pwpolicy user --minlen=6 --minquality=1 --notstrict --nochanges --emptyok
pwpolicy luks --minlen=6 --minquality=1 --notstrict --nochanges --notempty
%end

%post --nochroot
$SNIPPET('log_ks_post_nochroot')
%end

%post
#config sudo nopasswd
echo "op_admin ALL = (ALL:ALL) NOPASSWD: ALL" > /etc/sudoers.d/op_admin
sed -ri "/secure_path/c\Defaults    secure_path = /usr/local/share/miniconda3/bin:/sbin:/bin:/usr/sbin:/usr/bin" /etc/sudoers
#config sshd
sed -ri "/^#UseDNS/c\UseDNS no" /etc/ssh/sshd_config
sed -ri "/^GSSAPIAuthentication/c\GSSAPIAuthentication no" /etc/ssh/sshd_config
#sed -ri "/^PasswordAuthentication/c\PasswordAuthentication no" /etc/ssh/sshd_config
#sed -ri "s@ChallengeResponseAuthentication yes@ChallengeResponseAuthentication no@g" /etc/ssh/sshd_config
#ssh key
echo -e '\n' | ssh-keygen -t rsa -N ''
echo 'ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCoc5j97eTfqIJcsTxqyGd8HU5VDIkxuD0P2kueZH62IeX7oOSQ3hAMWMDR219GJStu30Y1bv6b1MEmYxDmTTGgbWYH/AvDeAXUBfmAMR/+IiqNRNsSph4Ny04KYc+qL+PZLYnhUMlQJCB8Q7FkQUMGUKrZYfxvy1HLbsNsNojlz/gwMuJ6prPivvO7xNo88hqr44QWIMwtNPtFg1PRiz2VfMJbdCDL0O4RommqlZnFB0d8KTvm4FqawhNZqhNTcQfgIoTP5DVE2JXHdTE6cXXHHIqEji78AFD+3yeHvFx/VVJRsT5T/GTk4DsKoBXzN+vzQdSUBxQZ/t0QHp8X1fVt shenlel@localhost' > /root/.ssh/authorized_keys
echo 'ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDGZCIocYuZu8QrqeYxq2yiPrdN+kEK4iBt+llVdnYXK+62y1FisabYI/UwcvQ+gsNKjEnZLYhFVMbBUfJxYTVqO70kcW1kXzuP/vFBjM5k/VJy7/BrmnA1svFPxsWkmB1lu01QihSkxBTlB6AQFrfBduDtI4Yrmh3cuHEKDbpUJsHYA7JSyuIxGtCz1Qikv6L02j/NIny6X8FfWVwYz8FiwLVH7LrIuSPgESbqHwx9x/l3e6Z5KFQoxUy8QNy7vZVVWLiwJ6655SilwpOTR/a6BLyl94g5Fi7EytWPpIP+VoH7STLjXu7Emq8gZhK48CvTNR/locZg6OMCmr+0I/xn kp-2m3b3h9f' >> /root/.ssh/authorized_keys
echo 'ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCspH8koTOWHD1hOsHGv5LYzHQWs/bN4wyvXXF16X/ZFNNMngwgaFpZq2p8Y1pKiSIoQ9/ePROPBNV/Xs5TQFej8QMud9lmLfM0x9VoyYRNVIDbgOegduNVkT0n3Xw3HR+y5MpuS26aHaLs9bjJ1IsxlPj9dXH5WfV2Zqa+63uldtsAxCsU0CJ4yBIHjtW5q4PAlDKLwc8ylGEdN/kenkuBE98oOfks0h1yQnXvo5zgWxr/uV3usClwvlZ7IacS23G66dehHOHaso6Zl9dLjqKtXxvfp19kY9GnTqR5TAEBDV8ElNJaqSWfdffpLLOMbgvpDMUub9gIEFNcL/Pxqszd xinhuitian@XinhuiTiandeMacBook-Pro.local' >> /root/.ssh/authorized_keys
chmod 0600 /root/.ssh/authorized_keys
cp -r /root/.ssh /home/op_admin/.ssh
chown -R op_admin.op_admin /home/op_admin/.ssh
# manager yum repo
rm -f /etc/yum.repos.d/CentOS-*
#yum install -y gdisk nmap-ncat xfsprogs docker-ce-19.03.6 docker-ce-cli-19.03.6 nfs-utils dkms kernel-devel mcelog
# manager user groups
usermod -aG docker op_admin
# manager service
systemctl enable docker && systemctl restart docker
# config chrony: chrony server 172.16.0.1
sed -ri "/0.centos.pool.ntp.org/c\server 10.1.1.3 iburst prefer" /etc/chrony.conf
sed -ri "/centos.pool.ntp.org/d" /etc/chrony.conf
# mount
mkdir /opt/home && mkdir /mnt/{nfs,ssd,data}
#sgdisk --zap-all /dev/sdb
#sgdisk -n 0:0:0 --mbrtogpt -- /dev/sdb
#sgdisk --zap-all /dev/sdc
#sgdisk -n 0:0:0 --mbrtogpt -- /dev/sdc
#partprobe
#mkfs.xfs /dev/sdb1
#mkfs.xfs /dev/sdc1
#SDBUUID=$(blkid | grep -E '/dev/sdb1' | awk '{print $2}')
#SDCUUID=$(blkid | grep -E '/dev/sdc1' | awk '{print $2}')
#echo -e "${SDBUUID} /mnt/data xfs defaults 0 0" >> /etc/fstab
#echo -e "${SDCUUID} /mnt/ssd xfs defaults 0 0" >> /etc/fstab
#echo '10.1.1.2:/mnt/ssd1/nfs/groups/test/home /opt/home nfs defaults,_netdev 0 0' >> /etc/fstab
#echo '10.1.1.2:/mnt/data/nfs/public /mnt/nfs nfs defaults,_netdev 0 0' >> /etc/fstab
%end

%post

echo "                                                                 " >> /etc/motd
echo " ▄████▄   ██░ ██ ▓█████ ███▄    █  ▄▄▄██▀▀▀██▓▄▄▄      ███▄    █ " >> /etc/motd
echo "▒██▀ ▀█  ▓██░ ██▒▓█   ▀ ██ ▀█   █    ▒██  ▓██▒████▄    ██ ▀█   █ " >> /etc/motd
echo "▒▓█    ▄ ▒██▀▀██░▒███  ▓██  ▀█ ██▒   ░██  ▒██▒██  ▀█▄ ▓██  ▀█ ██▒" >> /etc/motd
echo "▒▓▓▄ ▄██▒░▓█ ░██ ▒▓█  ▄▓██▒  ▐▌██▒▓██▄██▓ ░██░██▄▄▄▄██▓██▒  ▐▌██▒" >> /etc/motd
echo "▒ ▓███▀ ░░▓█▒░██▓░▒████▒██░   ▓██░ ▓███▒  ░██░▓█   ▓██▒██░   ▓██░" >> /etc/motd
echo "░ ░▒ ▒  ░ ▒ ░░▒░▒░░ ▒░ ░ ▒░   ▒ ▒  ▒▓▒▒░  ░▓  ▒▒   ▓▒█░ ▒░   ▒ ▒ " >> /etc/motd
echo "  ░  ▒    ▒ ░▒░ ░ ░ ░  ░ ░░   ░ ▒░ ▒ ░▒░   ▒ ░ ▒   ▒▒ ░ ░░   ░ ▒░" >> /etc/motd
echo "░         ░  ░░ ░   ░     ░   ░ ░  ░ ░ ░   ▒ ░ ░   ▒     ░   ░ ░ " >> /etc/motd
echo "░ ░       ░  ░  ░   ░  ░        ░  ░   ░   ░       ░  ░        ░ " >> /etc/motd
echo "░                                                                " >> /etc/motd
echo "                                                                 " >> /etc/motd

%end

%post --nochroot

cp /run/install/repo/game_driver/* /mnt/sysimage/usr/bin
chmod 755 /mnt/sysimage/root/game-7d5.1.bin

%end

reboot

7、更改三个文件,指定镜像标签和KS文件,都是在镜像挂载目录

修改isolinux.cfg

cd /ISO/isolinux
chmod 644 isolinux.cfg
vi isolinux.cfg

修改的部分内容如下:

label linux
  menu label ^Install moqi-CentOS7.9
  kernel vmlinuz
  append initrd=initrd.img inst.stage2=hd:LABEL=CentOS7 inst.ks=cdrom:/isolinux/ks.cfg quiet
  • inst.ks为ks.cfg文件位置;

  • inst.stage2为安装介质位置,hd:LABEL为介质标签,例如CentOS7。这个和后续生成ISO镜像文件的命令genisoimage的参数-V有关。

  • modprobe.blacklist=nouveau; 禁用nouveau驱动安装,用于NVIDIA驱动的安装准备工作;

  • net.ifnames=0 biosdevname=0; 用于禁用centos7的”一致性网络设备命名法”.

chmod 444 isolinux.cfg

修改  /ISO/isolinux/grub.conf

#debug --graphics
default=1
splashimage=@SPLASHPATH@
timeout 60
hiddenmenu
title Install CentOS 7
findiso
kernel @KERNELPATH@ @ROOT@ quiet inst.ks=cdrom:/isolinux/ks.cfg
initrd @INITRDPATH@
title Test this media & install CentOS 7
findiso
kernel @KERNELPATH@ @ROOT@ rd.live.check quiet
initrd @INITRDPATH@

修改   /ISO/EFI/BOOT/grub.cfg

### BEGIN /etc/grub.d/10_linux ###
menuentry 'Install CentOS 7' --class fedora --class gnu-linux --class gnu --class os {
  linuxefi /images/pxeboot/vmlinuz inst.ks=hd:LABEL=CentOS7:/isolinux/ks.cfg  inst.stage2=hd:LABEL=CentOS7  quiet
  initrdefi /images/pxeboot/initrd.img
}

8、制作comps.xml文件

cp /mnt/cdrom/repodata/*-minimal-x86_64-comps.xml /ISO/comps.xml

添加定制rpm安装包

<group>
    <id>chenjianrpm</id>
    <name>chenjianrpm</name>
    <name xml:lang="af">chenjianrpm</name>
    <name xml:lang="am">chenjianrpm ቦታ</name>
    <name xml:lang="ar">chenjianrpm</name>
    <name xml:lang="as">chenjianrpm</name>
    <name xml:lang="bal">chenjianrpm</name>
    ...
    <name xml:lang="tr">chenjianrpm</name>
    <name xml:lang="uk">chenjianrpm</name>
    <name xml:lang="ur">chenjianrpm</name>
    <name xml:lang="vi">chenjianrpm</name>
    <name xml:lang="zh_CN">chenjianrpm</name>
    <name xml:lang="zh_TW">chenjianrpm</name>
    <description>installation chenjianrpm sofeware.</description>
    <description xml:lang="as">installation chenjianrpm sofeware</description>
    <description xml:lang="bn">installation chenjianrpm sofeware</description>
    <description xml:lang="bn_IN">installation chenjianrpm sofeware</description>
    <description xml:lang="cs">installation chenjianrpm sofeware</description>
    <description xml:lang="de">installation chenjianrpm sofeware</description>
    ...
    <description xml:lang="te">installation chenjianrpm sofeware</description>
    <description xml:lang="uk">Мinstallation chenjianrpm sofeware</description>
    <description xml:lang="zh_CN">installation chenjianrpm sofeware</description>
    <description xml:lang="zh_TW">installation chenjianrpm sofeware</description>
    <default>false</default>
    <uservisible>false</uservisible>
    <packagelist>
      <packagereq type="default">PyYAML</packagereq>
      <packagereq type="default">ansible</packagereq>
      <packagereq type="default">libtomcrypt</packagereq>
      <packagereq type="default">libtommath</packagereq>
      <packagereq type="default">libyaml</packagereq>
      <packagereq type="default">openssl</packagereq>
      <packagereq type="default">openssl-libs</packagereq>
      <packagereq type="default">python-babe</packagereq>
      <packagereq type="default">python-setuptools</packagereq>
      <packagereq type="default">python-six</packagereq>
      <packagereq type="default">python2-crypto</packagereq>
      <packagereq type="default">python2-cryptography</packagereq>
      <packagereq type="default">python2-pyasn1</packagereq>
      <packagereq type="default">sshpass</packagereq>
      <packagereq type="default">libselinux</packagereq>
      <packagereq type="default">libselinux-python</packagereq>
      <packagereq type="default">libselinux-utils</packagereq>
    </packagelist>
  </group>

omps文件以group来区分包,以environment来区分环境,例如centos的mini版本为minimal,其核心包为core。类似于其格式,可定制自己的rpm包,建立自己的group idname,包含自己的language及描述,最重要的是packagelist,类型default为默认的,mandatory为强制的。将定制的rpm安装包放到/ISO/Packages/中。这里需要注意rpm包的依赖性,可以通过以下命令来获得依赖,例如以下需要perl安装rpm,然后同样添加到comps.xml

最后在minimal环境中添加定制的groupid

<environment>
    <id>minimal</id>
    <name>Minimal Install</name>
    <name xml:lang="as">নূন্যতম ইনস্টল</name>
    ...
    <description xml:lang="zh_CN">基本功能。</description>
    <description xml:lang="zh_TW">基本功能。</description>
    <display_order>5</display_order>
    <grouplist>
      <groupid>core</groupid>
      <groupid>core</groupid>
      <groupid>chenjianrpm</groupid>
    </grouplist>
  </environment>

由comps.xml生成repodata包。注意当有新包加入,或者更新comps.xml文件,均需要重新生成repodata文件夹

cd /ISO

createrepo -g comps.xml .
Spawning worker 0 with 17 pkgs
Spawning worker 1 with 17 pkgs
Workers Finished
Saving Primary metadata
Saving file lists metadata
Saving other metadata
Generating sqlite DBs
Sqlite DBs complete

9、制作ISO文件

genisoimage -joliet-long -V CentOS7 -o CentOS7-moqi-v2.iso -b isolinux/isolinux.bin -c isolinux/boot.cat -no-emul-boot -boot-load-size 4 -boot-info-table -R -J -v -cache-inodes -T -eltorito-alt-boot -e images/efiboot.img -no-emul-boot /ISO/

10、Hybird模式

 

采用“hybird模式”(混合模式),操作系统可以直接刻录成物理光盘,也可以直接做成可引导的U盘。

isohybrid -v  CentOS7-moqi-v2.iso

 

二、可用案例

#version=DEVEL
# System authorization information
auth --enableshadow --passalgo=sha512
# Use CDROM installation media
cdrom
# Use graphical install
graphical
# Run the Setup Agent on first boot
firstboot --enable
ignoredisk --only-use=sda
# Keyboard layouts
keyboard --vckeymap=us --xlayouts='us'
# System language
lang en_US.UTF-8

# Network information
network  --bootproto=static --device=ens33 --gateway=192.168.40.254 --ip=192.168.40.118 --nameserver=114.114.114.114 --netmask=255.255.255.0 --ipv6=auto --activate  ##指定网卡静态IP信息
network  --hostname=moqi

# Root password
rootpw  1qazXSW2
# System services
services --disabled="chronyd" # System timezone timezone Asia/Shanghai --isUtc --nontp # 设置时区 # System bootloader configuration bootloader --append=" crashkernel=auto" --location=mbr --boot-drive=sda # 选择磁盘分区 # Partition clearing information clearpart --none --initlabel # Disk partitioning information #part swap --fstype="swap" --ondisk=sda --size=65536 #part /boot --fstype="xfs" --ondisk=sda --size=500 #part /boot/efi --fstype="efi" --ondisk=sda --size=500 --fsoptions="umask=0077,shortname=winnt" #part /usr/local --fstype="xfs" --ondisk=sda --size=102400 #part / --fstype="xfs" --ondisk=sda --size=102400 #part /home --fstype="xfs" --ondisk=sda --size=51200 #part /var --fstype="xfs" --ondisk=sda --size=1 --grow # 剩余全部给 /var下 part /boot --fstype="xfs" --ondisk=sda --size=500 part /boot/efi --fstype="efi" --ondisk=sda --size=500 part pv.1 --fstype="lvmpv" --ondisk=sda --size=1 --grow --asprimary volgroup rootvg --pesize=4096 pv.1 logvol swap --fstype="swap" --size=16384 --name=lv02 --vgname=rootvg logvol / --fstype="xfs" --size=1 --grow --name=lv01 --vgname=rootvg %packages # 安装软件应用 @^minimal @core kexec-tools %end %addon com_redhat_kdump --enable --reserve-mb='auto' %end %anaconda pwpolicy root --minlen=6 --minquality=1 --notstrict --nochanges --notempty pwpolicy user --minlen=6 --minquality=1 --notstrict --nochanges --emptyok pwpolicy luks --minlen=6 --minquality=1 --notstrict --nochanges --notempty %end reboot

  

 

 

 

CentOS7全自动安装光盘制作详解 - 云+社区 - 腾讯云 (tencent.com)

定制个自己的CentOS7系统 - 陈健的博客 | ChenJian Blog (o-my-chenjian.com)

ks应答文件模板_King config-CSDN博客

centos7图形化分区和ks文件分区的配置_weixin_34234829的博客-CSDN博客  分区很重要

Kickstart Installations :: CentOS Docs Site

CentOS7全自动安装光盘制作详解 - out8 - 博客园 (cnblogs.com)

Plugin.auto_install . Ventoy

上一篇:php – htaccess阻止访问目录但允许访问文件


下一篇:CentOS7设置网卡子接口