Unleash your inner root

Kickstart

Over the last few day’s I’ve been working out some problems that have required me make slight changes to install configurations, and then reinstall several systems from scratch all at once with identical configurations. For this I have been saving myself a lot of headaches using kickstart, which is awesome! One minor headache I ran into was changing all the names and IP’s of several kickstart files to appropriately bring up the new systems. As such I ended up throwing together a “base.cfg” kickstart file that substituted good values for hostname/ip/subnetmask/gateway that I could then quickly generate new host-specific kickstart files as I made changes to the base kickstart file. Bellow is my base kickstart file, and the script that accompanies it, It’s fairly simple, will install from an install cd (as that is what makes sense in my circumstances)

While I recommend using something like system-config-kickstart to make sure you have your own good password hashes, in this case my password hash is for the password “secret”

Our kickstart file will configure a very basic install, with secure formatting practices, some would recommend you also have a separate partition for /usr/local, which is a great idea for a system that will have a lot of user space, In my uses only administrators will be using the server, so funneling all extra space into the root partition makes the most sense logically.

At the end of the kickstart, for post installation, I create a script that gets added to rc.local to configure the epel repository, and install/configure the salt-minion, as part of my deployment practices the salt-master would then be used to provide all additional required configurations. note that in my environment part of my salt configurations is to remove the salt-configuration script from rc.local so that it only runs on the initial boot.

Basic rundown of how things are configured, Partitions will be setup as follows:

# Based on minimum HDD size of 30 GB
/boot          : Size: 200 MB
/home          : Minimum: 5 GB, Maximum: 25 GB
/tmp           : Minimum: 1 GB, Maximum: 40 GB
/var           : Minimum: 4 GB, Maximum: 10 GB
/var/log       : Minimum 1 GB, Maximum 2 GB
/var/log/audit : Minimum 200 MB, Maximum 1 GB
/              : Minimum 17 GB, Maximum: All remaining space
# base.cfg

#version=DEVEL
text
install
cdrom
lang en_US.UTF-8
keyboard us
network --onboot yes --device eth0 --bootproto static --ip SYSIP --netmask SYSNET --gateway SYSGATE --noipv6 --nameserver <nsIP> --hostname SYSNAME --domain metashell.net
rootpw  --iscrypted $1$Eg6YLjoZ$q1UptJXP8PiXj.9AfT6ke0
firewall --service=ssh
authconfig --enableshadow --passalgo=sha512
selinux --disabled
timezone --utc America/Los_Angeles
bootloader --location=mbr --driveorder=vda --append="crashkernel=auto rhgb quiet" --password=$1$Eg6YLjoZ$q1UptJXP8PiXj.9AfT6ke0


# First clear All Partitions
zerombr
clearpart --all
# Next Configure boot partition, 200 MB
# And create Physical Volumne pv.01
part /boot --fstype=ext4 --size=200
part pv.01 --grow --size=25000

volgroup lv_primary --pesize=4096 pv.01
logvol swap --name=lv_swap --vgname=lv_primary --size=1000
logvol /home --fstype=ext4 --name=lv_home --vgname=lv_primary --size=5000 --maxsize=25000
logvol /tmp --fstype=ext4 --name=lv_tmp --vgname=lv_primary --size=1000 --maxsize=40000
logvol /var --fstype=ext4 --name=lv_var --vgname=lv_primary --size=4000 --maxsize=10000
logvol /var/log --fstype=ext4 --name=lv_varLog --vgname=lv_primary --size=1000 --maxsize=2000
logvol /var/log/audit --fstype=ext4 --name=lv_varLogaudit --vgname=lv_primary --size=200 --maxsize=1000

logvol / --fstype=ext4 --name=lv_root --vgname=lv_primary --size=17000 --grow


#Required Packages

%packages
@base
@client-mgmt-tools
@console-internet
@core
@debugging
%end

# Post Install
# First We create a script to run on first boot to install the epel repository
# And install the salt-minion, as well as pointing it to our salt server.
%post --interpreter /bin/bash --log=/root/post.log
echo "#! /bin/bash" >> /root/configure-salt.sh
echo "yum -y install http://dl.fedoraproject.org/pub/epel/6/i386/epel-release-6-8.noarch.rpm" >> /root/configure-salt.sh
echo "yum -y install salt-minion" >> /root/configure-salt.sh
echo "sed -i 's/^#master: salt/master: meta-salt/' /etc/salt/minion" >> /root/configure-salt.sh
echo "chkconfig salt-minion on" >> /root/configure-salt.sh
echo "service salt-minion start" >> /root/configure-salt.sh
chmod +x /root/configure-salt.sh

echo "/root/configure-salt.sh" >> rc.local
%end

Next is the fun part, the below script is part of my deployment process. Since I do not have DNS as part of my environment, prior to launching a new system I run this script. It takes 3 arguments: the name of the host, the Ip of the host, the subnetmask of the host and the gateway for the host. It then pulls the base.cfg kickstart file from above, and inserts the correct values for the host into a .cfg kickstart file, I then point my installation to the kickstart file on my kickstart server via NFS, and let it do its magic.

#!/bin/bash

BASECFG="base.cfg"


SYSNAME=$1
SYSIP=$2
SYSNET=$3
SYSGATE=$4

if [[ -n "$SYSNAME" && -n "$SYSIP" && -n "$SYSNET" && -n "$SYSGATE" ]] ; then

cp $BASECFG $SYSNAME.cfg
sed -i -e "s/SYSNAME/$SYSNAME/g" -e "s/SYSIP/$SYSIP/g" -e "s/SYSNET/$SYSNET/g" -e "s/SYSGATE/$SYSGATE/g" $SYSNAME.cfg

else

printf "\n  Usage: $0 <hostname> <ip address> <Netmask> <Gateway>\n"
printf "\n  Output will be <hostname>.cfg\n\n"

fi

The two above files are available on github: Basic-kickstart Github Page

CentOSkickstartOELRHELsaltstack

Brandon.Graves • December 6, 2015


Previous Post

Next Post

Leave a Reply

Your email address will not be published / Required fields are marked *

%d bloggers like this: