pxe安裝KS檔案--實現優化IP分配
vi ks.cfg #編輯
# Kickstart file automatically generated by anaconda.
install
url --url=http://192.168.21.128/os/
lang en_US.UTF-8
zerombr yes
key --skip
keyboard us
network --device eth0 --bootproto dhcp --onboot on
#network --device eth0 --bootproto static --ip 192.168.21.250 --netmask 255.255.255.0 --gateway 192.168.21.2 --nameserver 8.8.8.8 --hostname CentOS5.10
rootpw --iscrypted $1$QqobZZ1g$rYnrawi9kYlEeUuq1vcRS/
firewall --enabled --port=22:tcp
authconfig --enableshadow --enablemd5
selinux --disabled
timezone Asia/Shanghai
bootloader --location=mbr --driveorder=sda
# The following is the partition information you requested
# Note that any partitions you deleted are not expressed
# here so unless you clear all partitions first, this is
# not guaranteed to work
#clearpart --linux
clearpart --all --initlabel
part / --bytes-per-inode=4096 --fstype="ext3" --size=2048
part /boot --bytes-per-inode=4096 --fstype="ext3" --size=128
part swap --bytes-per-inode=4096 --fstype="swap" --size=500
part /data --bytes-per-inode=4096 --fstype="ext3" --grow --size=1
reboot
%packages
ntp
expect
@base
@core
@dialup
@editors
@text-internet
keyutils
trousers
fipscheck
device-mapper-multipath
%post
#同步系統時間
ntpdate cn.pool.ntp.org
hwclock --systohc
echo -e "0 1 * * * root /usr/sbin/ntpdate cn.pool.ntp.org > /dev/null" >> /etc/crontab
service crond restart
#新增使用者組
groupadd maintain
groupadd develop
mkdir -p /home/maintain
mkdir -p /home/develop
#新增使用者
useradd -g maintain user01 -d /home/maintain/user01 -m
echo "123456"|passwd user01 --stdin
useradd -g maintain user02 -d /home/maintain/user02 -m
echo "123456"|passwd user02 --stdin
useradd -g maintain user03 -d /home/maintain/user03 -m
echo "123456"|passwd user03 --stdin
useradd -g maintain user04 -d /home/maintain/user04 -m
echo "123456"|passwd user04 --stdin
#禁止root使用者直接登入系統
sed -i "s/#PermitRootLogin yes/PermitRootLogin no/g" '/etc/ssh/sshd_config'
service sshd restart
#禁止開機啟動的服務
chkconfig acpid off
chkconfig atd off
chkconfig autofs off
chkconfig bluetooth off
chkconfig cpuspeed off
chkconfig firstboot off
chkconfig gpm off
chkconfig haldaemon off
chkconfig hidd off
chkconfig ip6tables off
chkconfig isdn off
chkconfig messagebus off
chkconfig nfslock off
chkconfig pcscd off
chkconfig portmap off
chkconfig rpcgssd off
chkconfig rpcidmapd off
chkconfig yum-updatesd off
chkconfig sendmail off
#允許開機啟動的服務
chkconfig crond on
chkconfig kudzu on
chkconfig network on
chkconfig readahead_early on
chkconfig sshd on
chkconfig syslog on
#禁止使用Ctrl+Alt+Del快捷鍵重啟伺服器
sed -i "s/ca::ctrlaltdel:\/sbin\/shutdown -t3 -r now/#ca::ctrlaltdel:\/sbin\/shutdown -t3 -r now/g" '/etc/inittab'
telinit q
#優化系統核心
echo -e "ulimit -c unlimited" >> /etc/profile
echo -e "ulimit -s unlimited" >> /etc/profile
echo -e "ulimit -SHn 65535" >> /etc/profile
source /etc/profile
sed -i "s/net.ipv4.ip_forward = 0/net.ipv4.ip_forward = 1/g" '/etc/sysctl.conf'
echo -e "net.core.somaxconn = 262144" >> /etc/sysctl.conf
echo -e "net.core.netdev_max_backlog = 262144" >> /etc/sysctl.conf
echo -e "net.core.wmem_default = 8388608" >> /etc/sysctl.conf
echo -e "net.core.rmem_default = 8388608" >> /etc/sysctl.conf
echo -e "net.core.rmem_max = 16777216" >> /etc/sysctl.conf
echo -e "net.core.wmem_max = 16777216" >> /etc/sysctl.conf
echo -e "net.ipv4.netfilter.ip_conntrack_max = 131072" >> /etc/sysctl.conf
echo -e "net.ipv4.netfilter.ip_conntrack_tcp_timeout_established = 180" >> /etc/sysctl.conf
echo -e "net.ipv4.route.gc_timeout = 20" >> /etc/sysctl.conf
echo -e "net.ipv4.ip_conntrack_max = 819200" >> /etc/sysctl.conf
echo -e "net.ipv4.ip_local_port_range = 10024 65535" >> /etc/sysctl.conf
echo -e "net.ipv4.tcp_retries2 = 5" >> /etc/sysctl.conf
echo -e "net.ipv4.tcp_fin_timeout = 30" >> /etc/sysctl.conf
echo -e "net.ipv4.tcp_syn_retries = 1" >> /etc/sysctl.conf
echo -e "net.ipv4.tcp_synack_retries = 1" >> /etc/sysctl.conf
echo -e "net.ipv4.tcp_timestamps = 0" >> /etc/sysctl.conf
echo -e "net.ipv4.tcp_tw_recycle = 1" >> /etc/sysctl.conf
echo -e "net.ipv4.tcp_tw_len = 1" >> /etc/sysctl.conf
echo -e "net.ipv4.tcp_tw_reuse = 1" >> /etc/sysctl.conf
echo -e "net.ipv4.tcp_keepalive_time = 120" >> /etc/sysctl.conf
echo -e "net.ipv4.tcp_keepalive_probes = 3" >> /etc/sysctl.conf
echo -e "net.ipv4.tcp_keepalive_intvl = 15" >> /etc/sysctl.conf
echo -e "net.ipv4.tcp_max_tw_buckets = 36000" >> /etc/sysctl.conf
echo -e "net.ipv4.tcp_max_orphans = 3276800" >> /etc/sysctl.conf
echo -e "net.ipv4.tcp_max_syn_backlog = 262144" >> /etc/sysctl.conf
echo -e "net.ipv4.tcp_wmem = 8192 131072 16777216" >> /etc/sysctl.conf
echo -e "net.ipv4.tcp_rmem = 32768 131072 16777216" >> /etc/sysctl.conf
echo -e "net.ipv4.tcp_mem = 94500000 915000000 927000000" >> /etc/sysctl.conf
/sbin/sysctl -p
#執行外部指令碼
cd /root
wget http://192.168.21.128/autoip.sh
sh /root/autoip.sh
:wq! #儲存退出
新增指令碼,自動設定Linux系統靜態IP地址、DNS、閘道器、計算機名稱
cd /var/www/html
vi autoip.sh #編輯
#!/bin/sh
ROUTE=$(route -n|grep "^0.0.0.0"|awk '{print $2}')
BROADCAST=$(/sbin/ifconfig eth0|grep -i bcast|awk '{print $3}'|awk -F":" '{print $2}')
HWADDR=$(/sbin/ifconfig eth0|grep -i HWaddr|awk '{print $5}')
IPADDR=$(/sbin/ifconfig eth0|grep "inet addr"|awk '{print $2}'|awk -F":" '{print $2}')
NETMASK=$(/sbin/ifconfig eth0|grep "inet addr"|awk '{print $4}'|awk -F":" '{print $2}')
cat >/etc/sysconfig/network-scripts/ifcfg-eth0<<EOF
DEVICE=eth0
BOOTPROTO=static
BROADCAST=$BROADCAST
HWADDR=$HWADDR
IPADDR=$IPADDR
NETMASK=$NETMASK
GATEWAY=$ROUTE
ONBOOT=yes
EOF
IPADDR1=$(echo $IPADDR|awk -F"." '{print $4}')
cat >/etc/sysconfig/network-scripts/ifcfg-eth1<<EOF
DEVICE=eth1
BOOTPROTO=static
BROADCAST=10.0.0.255
HWADDR=$(/sbin/ifconfig eth1|grep -i HWaddr|awk '{print $5}')
IPADDR=10.0.0.$IPADDR1
NETMASK=255.255.255.0
ONBOOT=yes
EOF
HOSTNAME=OsYunWei_HZ_$(echo $IPADDR|awk -F"." '{print $4}')
cat >/etc/sysconfig/network<<EOF
NETWORKING=yes
NETWORKING_IPV6=no
HOSTNAME=$HOSTNAME
GATEWAY=$ROUTE
EOF
echo "127.0.0.1 $HOSTNAME" >> /etc/hosts
hostname=$HOSTNAME
echo "nameserver 8.8.8.8" > /etc/resolv.conf
echo "nameserver 8.8.4.4" >> /etc/resolv.conf
:wq! #儲存退出