1.1 环境说明
[root@test ~]# cat /etc/redhat-release
CentOS release 6.9 (Final)
[root@test ~]# uname -r
2.6.32-696.el6.x86_64
[root@test ~]# getenforce
Disabled
[root@test ~]# /etc/init.d/iptables status
iptables: Firewall is not running.
[root@test ~]# ifconfig eth0|awk -F "[ :]+" 'NR==2 {print $4}'
10.0.0.250
[root@test ~]# hostname
test
1.2 配置DHCP
1.2.1 安装dhcp
yum -y install dhcp
rpm -ql dhcp |grep "dhcpd.conf"
1.2.2 编写配置文件
[root@test ~]# cat /etc/dhcp/dhcpd.conf
#
# DHCP Server Configuration file.
# see /usr/share/doc/dhcp*/dhcpd.conf.sample
# see 'man 5 dhcpd.conf'
#
subnet 10.0.0.0 netmask 255.255.255.0 {
range 10.0.0.100 10.0.0.200;
option subnet-mask 255.255.255.0;
default-lease-time 21600;
max-lease-time 43200;
next-server 10.0.0.250;
filename "/pxelinux.0";
}
----------------------------------------------------------------
# 注释
range 10.0.0.100 10.0.0.200; # 可分配的起始IP-结束IP
option subnet-mask 255.255.255.0; # 设定netmask
default-lease-time 21600; # 设置默认的IP租用期限
max-lease-time 43200; # 设置最大的IP租用期限
next-server 10.0.0.250; # 告知客户端TFTP服务器的ip
filename "/pxelinux.0"; # 告知客户端从TFTP根目录下载pxelinux.0文件
1.2.3 启动服务
[root@test ~]# /etc/init.d/dhcpd start
Starting dhcpd: [ OK ]
[root@test ~]# netstat -tunlp|grep dhcp
udp 0 0 0.0.0.0:67 0.0.0.0:* 4578/dhcpd
1.3 安装TFTP服务
1.3.1 安装tftp服务
[root@linux-node1 ~]# yum -y install tftp-server
1.3.2 编写xindetd下的配置文件
[root@linux-node1 ~]# vim /etc/xinetd.d/tftp
# default: off
# description: The tftp server serves files using the trivial file transfer
# protocol. The tftp protocol is often used to boot diskless
# workstations, download configuration files to network-aware printers,
# and to start the installation process for some operating systems.
service tftp
{
socket_type = dgram
protocol = udp
wait = yes
user = root
server = /usr/sbin/in.tftpd
server_args = -s /var/lib/tftpboot # 指定目录,保持默认,不用修改
disable = no # 由原来的yes改为no
per_source = 11
cps = 100 2
flags = IPv4
}
1.3.3 启动服务,让xinetd 管理
[root@linux-node1 ~]# /etc/init.d/xinetd restart
Stopping xinetd: [FAILED]
Starting xinetd: [ OK ]
1.3.4 检查端口
[root@linux-node1 ~]# netstat -tunlp|grep 69
udp 0 0 0.0.0.0:69 0.0.0.0:* 1106/xinetd
1.4 配置HTTP服务
1.4.1 安装nginx的依赖包(pcre-devel openssl-devel)
yum install -y pcre-devel openssl-devel
1.4.2 下载nginx软件
wget http://nginx.org/download/nginx-1.10.3.tar.gz
解压软件
tar xf nginx-1.10.3.tar.gz
1.4.3 创建管理用户 www
useradd -M -s /sbin/nologin www
1.4.4 nginx软件编译安装过程
1、配置软件,在软件的解压目录中
[root@web01 nginx-1.10.3]# ./configure --prefix=/application/nginx-1.10.3 --user=www --group=www --with-http_stub_status_module --with-http_ssl_module
通过软件编译过程中的返回值是否正确,确认配置是否正确
[root@web01 nginx-1.10.3]# echo $?
0
2、编译软件
[root@web01 nginx-1.10.3]# make
3、编译安装
[root@web01 nginx-1.10.3]# make install
1.4.5 创建软连接
[root@web01 application]# ln -s /application/nginx-1.10.3/ /application/nginx
1.4.6 修改nginx配置文件
添加一行配置,作用是显示目录里的所文件
[root@test html]# vim ../conf/nginx.conf
worker_processes 1;
events {
worker_connections 1024;
}
http {
include mime.types;
default_type application/octet-stream;
sendfile on;
keepalive_timeout 65;
server {
listen 80;
server_name localhost;
location / {
autoindex on;
root html;
index index.html index.htm;
}
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root html;
}
}
}
1.4.7 启动程序
[root@web01 application]# /application/nginx/sbin/nginx
[root@web01 application]#
检查是否启动
[root@web01 application]# ps -ef |grep nginx
root 26548 1 0 20:13 ? 00:00:00 nginx: master process /application/nginx/sbin/nginx
www 26549 26548 0 20:13 ? 00:00:00 nginx: worker process
root 26551 23431 3 20:13 pts/0 00:00:00 grep --color=auto nginx
检查端口信息
[root@web01 application]# netstat -lntup |grep 80
tcp 0 0 0.0.0.0:80 0.0.0.0:* LISTEN 26548/nginx
1.5 挂载光盘
1.5.1 删除默认的主页文件,创建挂载目录
cd /application/nginx-1.10.3/html && rm *.html
mkdir -p /application/nginx-1.10.3/html/ios
1.5.2 挂载光盘
mount /dev/cdrom /application/nginx-1.10.3/html/ios/
1.5.3 检查挂载信息
[root@test html]# df -h
Filesystem Size Used Avail Use% Mounted on
/dev/sda3 19G 1.8G 16G 10% /
tmpfs 238M 0 238M 0% /dev/shm
/dev/sda1 190M 40M 141M 22% /boot
/dev/sr0 3.7G 3.7G 0 100% /application/nginx-1.10.3/html/ios/
1.6 配置支持PXE的启动程序
安装syslinux
yum -y install syslinux
复制启动菜单程序文件
[root@test ~]# cp /usr/share/syslinux/pxelinux.0 /var/lib/tftpboot/
[root@test ~]# cp -a /application/nginx-1.10.3/html/isolinux/* /var/lib/tftpboot/
[root@test ~]# ls /var/lib/tftpboot/
boot.cat grub.conf isolinux.bin memtest splash.jpg vesamenu.c32
boot.msg initrd.img isolinux.cfg pxelinux.0 TRANS.TBL vmlinuz
新建一个pxelinux.cfg目录,存放客户端的配置文件。
mkdir -p /var/lib/tftpboot/pxelinux.cfg
cp -a /application/nginx-1.10.3/html/isolinux/isolinux.cfg /var/lib/tftpboot/pxelinux.cfg/default
1.11 整合编辑default配置文件
[root@test ks_config]# cat /var/lib/tftpboot/pxelinux.cfg/default
default ks
prompt 0
timeout 600
display boot.msg
menu background splash.jpg
menu title Welcome to CentOS 6.9!
menu color border 0 #ffffffff #00000000
menu color sel 7 #ffffffff #ff000000
menu color title 0 #ffffffff #00000000
menu color tabmsg 0 #ffffffff #00000000
menu color unsel 0 #ffffffff #00000000
menu color hotsel 0 #ff000000 #ffffffff
menu color hotkey 7 #ffffffff #ff000000
menu color scrollbar 0 #ffffffff #00000000
label linux
menu label ^Install or upgrade an existing system
menu default
kernel vmlinuz
append initrd=initrd.img
label vesa
menu label Install system with ^basic video driver
kernel vmlinuz
append initrd=initrd.img nomodeset
label rescue
menu label ^Rescue installed system
kernel vmlinuz
append initrd=initrd.img rescue
label local
menu label Boot from ^local drive
localboot 0xffff
label memtest86
menu label ^Memory test
kernel memtest
append -
label ks
kernel vmlinuz
append initrd=initrd.img ks=http://10.0.0.250/ks_config/CentOS-6.9-ks.cfg
1.9.1 编写ks文件
[root@test ~]# grub-crypt
Password: 123456
Retype password: 123465
$6$OH3zrKw7ruG5mtIh$8bV2RhvoB72VCIXYY.2ROFi8AOLdI3lHGB.rkGDEhlqxTZduPE3VoJW2OIZRA1y9Gw4Zka461IBZ9VuIIaNqK.
创建ks文件存放目录
[root@test ~]# mkdir /application/nginx-1.10.3/html/ks_config -p
ks文件内容
[root@test ks_config]# cat /application/nginx-1.10.3/html/ks_config/CentOS-6.9-ks.cfg
# Kickstart Configurator for CentOS 6.9 by hou zhaoshun
install
url --url="http://10.0.0.250/ios/"
text
lang en_US.UTF-8
keyboard us
zerombr
bootloader --location=mbr --driveorder=sda --append="crashkernel=auto rhgb quiet"
network --bootproto=dhcp --device=eth0 --onboot=yes --noipv6 --hostname=CentOS6
timezone --utc Asia/Shanghai
authconfig --enableshadow --passalgo=sha512
rootpw --iscrypted $6$X20eRtuZhkHznTb4$dK0BJByOSAWSDD8jccLVFz0CscijS9ldMWwpoCw/ZEjYw2BTQYGWlgKsn945fFTjRC658UXjuocwJbAjVI5D6/
clearpart --all --initlabel
part /boot --fstype=ext4 --asprimary --size=200
part swap --size=768
part / --fstype=ext4 --grow --asprimary --size=200
firstboot --disable
selinux --disabled
firewall --disabled
logging --level=info
reboot
%packages
@base
@compat-libraries
@debugging
@development
tree
nmap
sysstat
lrzsz
dos2unix
telnet
%post
wget -O /tmp/optimization.sh http://10.0.0.250/ks_config/optimization.sh &>/dev/null
/bin/sh /tmp/optimization.sh
%end
1.10 编写开机优化脚本
[root@test ks_config]# cat /application/nginx-1.10.3/html/ks_config/optimization.sh
#!/bin/bash
##############################################################
# File Name: /var/www/html/ks_config/optimization.sh
# Version: V1.0
# Author: houzhaoshun
# Organization: blog.znix.top
# Created Time : 2017-10-23
# Description: Linux system initialization
##############################################################
. /etc/init.d/functions
Ip=10.0.0.250
Port=80
ConfigDir=ks_config
# Judge Http server is ok?
PortNum=`nmap $Ip -p $Port 2>/dev/null|grep open|wc -l`
[ $PortNum -lt 1 ] && {
echo "Http server is bad!"
exit 1
}
# Defined result function
function Msg(){
if [ $? -eq 0 ];then
action "$1" /bin/true
else
action "$1" /bin/false
fi
}
# Defined IP function
function ConfigIP(){
Suffix=`ifconfig eth0|awk -F "[ .]+" 'NR==2 {print $6}'`
cat >/etc/sysconfig/network-scripts/ifcfg-eth0 <<-END
DEVICE=eth0
TYPE=Ethernet
ONBOOT=yes
NM_CONTROLLED=yes
BOOTPROTO=none
IPADDR=10.0.0.$Suffix
PREFIX=24
GATEWAY=10.0.0.254
DNS1=223.5.5.5
DEFROUTE=yes
IPV4_FAILURE_FATAL=yes
IPV6INIT=no
NAME="System eth0"
END
Msg "config eth0"
}
# Defined Yum source Functions
function yum(){
YumDir=/etc/yum.repos.d
[ -f "$YumDir/CentOS-Base.repo" ] && cp $YumDir/CentOS-Base.repo{,.ori}
wget -O $YumDir/CentOS-Base.repo http://$Ip:$Port/$ConfigDir/CentOS-Base.repo &>/dev/null &&
wget -O $YumDir/epel.repo http://$Ip:$Port/$ConfigDir/epel.repo &>/dev/null &&
Msg "YUM source"
}
# Defined Hide the system version number Functions
function HideVersion(){
[ -f "/etc/issue" ] && >/etc/issue
Msg "Hide issue"
[ -f "/etc/issue.net" ] && > /etc/issue.net
Msg "Hide issue.net"
}
# Defined OPEN FILES Functions
function openfiles(){
[ -f "/etc/security/limits.conf" ] && {
echo '* - nofile 65535' >> /etc/security/limits.conf
Msg "open files"
}
}
# Defined Kernel parameters Functions
function kernel(){
KernelDir=/etc
[ -f "$KernelDir/sysctl.conf" ] && /bin/mv $KernelDir/sysctl.conf{,.ori}
wget -O $KernelDir/sysctl.conf http://$Ip:$Port/$ConfigDir/sysctl.conf &>/dev/null
Msg "Kernel config"
}
# Defined System Startup Services Functions
function boot(){
for oldboy in `chkconfig --list|grep "3:on"|awk '{print $1}'|grep -vE "crond|network|rsyslog|sshd|sysstat"`
do
chkconfig $oldboy off
done
Msg "BOOT config"
}
# Defined Time Synchronization Functions
function Time(){
echo "#time sync by houzhaoshun at $(date +%F)" >>/var/spool/cron/root
echo '*/5 * * * * /usr/sbin/ntpdate time.nist.gov &>/dev/null' >>/var/spool/cron/root
Msg "Time Synchronization"
}
# Defined main Functions
function main(){
ConfigIP
yum
HideVersion
openfiles
kernel
boot
Time
}
main
# rz上传CentOS-Base.repo、epel.repo、sysctl.conf