Sunday, 7 October 2018

Create custom Centos 7 Kickstart boot CD iso

Scenario: You want to create a custom CentOS 7 / RHEL 7 boot CD with custom kickstart files located on the CD. Furthermore you want to perform some post installation tasks like running some Puppet manifests. In this post I describe the process based on CentOS 7.1.

1) Install a base CentOS 7.1 virtual machine
First you need to install your build environment. It is sufficient to install a “@Base” system.
2) Prepare your build environment
If the installation of your CentOS 7.1 virtual machine is finished you can continue with preparing your build environment.
2.1 Create needed folder structure as root

mkdir -p ~/kickstart_build/isolinux/{images,ks,LiveOS,Packages,postinstall}

The folders will contain the following:
  • images: contents of the images directory located on the CentOS DVD
  • ks: all your kickstart files which we will create later on
  • LiveOS: contents of the LieveOS directory on the CentOS DVD
  • Packages: all RPM packages from CentOS 7 DVD plus additional packages. In my case I will also install Puppet agent. Therefore I need some packages from Puppet Labs
  • postinstall: everything you want so to do after installation, for example executing custom scripts or in my case Puppet modules.
2.2 Copy needed content
Now you need to copy all needed content from the CentOS DVD to your local folders. Please save the CentOS 7 ISO file in /tmp and mount it somewhere.

mkdir -p /mnt/iso
mount -o loop /tmp/CentOS-7-x86_64-DVD-1503-01.iso /mnt/iso
cp /mnt/iso/.discinfo ~/kickstart_build/isolinux/
cp /mnt/iso/isolinux/* ~/kickstart_build/isolinux/
rsync -av /mnt/iso/images/ ~/kickstart_build/isolinux/images/
cp /mnt/iso/LiveOS/* ~/kickstart_build/isolinux/LiveOS/
ll /mnt/iso/repodata/ | grep -i comps
-rw-r--r--. 1 root root 157580 1. Apr 01:43 0e6e90965f55146ba5025ea450f822d1bb0267d0299ef64dd4365825e6bad995-c7-x86_64-comps.xml.gz

cp /mnt/iso/repodata/0e6e90965f55146ba5025ea450f822d1bb0267d0299ef64dd4365825e6bad995-c7-x86_64-comps.xml.gz ~/kickstart_build/
cd ~/kickstart_build/
gunzip 0e6e90965f55146ba5025ea450f822d1bb0267d0299ef64dd4365825e6bad995-c7-x86_64-comps.xml
mv 0e6e90965f55146ba5025ea450f822d1bb0267d0299ef64dd4365825e6bad995-c7-x86_64-comps.xml comps.xml

2.3 Get additional packages if needed
As I already mentioned I will also install Puppet Opensource client on my machines to install and configure my machines as needed. So I need to implement additional packages on the custom boot ISO to be able to install and run Puppet manifests.

mkdir /tmp/packages
cd /tmp/packages
wget -e robots=off --mirror --no-parent --no-host-directories --cut-dirs=4
wget -e robots=off --mirror --no-parent --no-host-directories --cut-dirs=4
rm -Rf index* repodata

2.4 Copy all your packages and create repodata
Now it`s time to bring the CentOS packages and your additional needed packages together. First copy all packages from CentOS 7 ISO to your local folder. Afterwards you can move all additional packages from /tmp/packages to your kickstart packages folder:

rsync -av /mnt/iso/Packages/ ~/kickstart_build/isolinux/Packages/
rsync -av /tmp/packages/ ~/kickstart_build/isolinux/Packages/

Now we need to create the repodata folder in ~/kickstart_build/isolinux/Packages/:

yum install -y createrepo
cd ~/kickstart_build/isolinux
createrepo -g ~/kickstart_build/comps.xml .

3) Prepare Kickstart file
3.1 Create a kickstart
You need to create the kickstart file in ~/kickstart_build/isolinux/ks and name it for example ks.cfg. The content can look like this:

# System authorization information
auth --enableshadow --passalgo=sha512

# Use CDROM installation media
# Use text install
# Run the Setup Agent on first boot
firstboot --disable
#ignoredisk --only-use=sda
# Keyboard layouts
keyboard --vckeymap=de-nodeadkeys --xlayouts='de (nodeadkeys)'
# System language
lang de_DE.UTF-8
# Network information
network --bootproto=static --device=ens3 --noipv6 --activate --ip= --netmask= --gateway= --nameserver= --hostname=infrastructure.reimer.local
network --bootproto=static --device=ens9 --noipv6 --activate --ip= --netmask=
# Root password
rootpw --iscrypted "some-crypted-password"
# System timezone
timezone Europe/Berlin --isUtc
# System bootloader configuration
bootloader --append=" crashkernel=auto" --location=mbr --boot-drive=sda
# Partition clearing information
clearpart --all --initlabel
# Disk partitioning information
part /boot --fstype="xfs" --size=512
part pv.219 --fstype="lvmpv" --size 1 --grow
volgroup vg_system --pesize=4096 pv.219
logvol / --fstype="xfs" --size=1 --grow --label="rootlv" --name=rootlv --vgname=vg_system
logvol swap --fstype="swap" --size=2048 --name=swaplv --vgname=vg_system

You can validate your kickstart file like this:

ksvalidator ~/kickstart_build/isolinux/ks/ks.cfg

To create a crypted root password which you can use within your kickstart file do the following:

python -c 'import crypt; print(crypt.crypt("My Password", "$6$My Salt"))'

This generates a SHA512 crypted password.
3.2 Create kickstart postinstallation section
If you want to perform some postinstallation tasks within your kickstart installation you can add an appropriate section in the kickstart file. In my case I want to perform my Puppet configuration during the kickstart installation.
HINT: Be careful. In this case the first step will be the copy of the Puppet manifests from the ISO from which you boot your machine you want to kickstart. This action takes place in the NON-CHROOTED environment. The second step will be the Puppet run itself. This takes place in the CHROOTED environment.
Add the following at the end of your kickstart file:

# Copy needed Puppet files to /root/postinstall
%post --nochroot

set -x -v
exec 1>/mnt/sysimage/root/kickstart-stage1.log 2>&1
echo "==> copying files from media to install drive..."
cp -r /run/install/repo/postinstall /mnt/sysimage/root
set -x -v
exec 1>/root/kickstart-stage2.log 2>&1
ls -l /root/postinstall
puppet apply -l /root/puppetrun.log /root/postinstall/puppet/manifests/site.pp --modulepath=/root/postinstall/puppet/modules/ $*

4) Time for action: create your custom CentOS 7 ISO file and test it

yum install -y genisoimage
cd ~/kickstart_build/
mkisofs -o centos-7-custom.iso -b isolinux.bin -c -no-emul-boot -V 'CentOS 7 x86_64' -boot-load-size 4 -boot-info-table -R -J -v -T isolinux/

Now start a new virtual machine from your custom CentOS 7 ISO file and insert the following option at kernel boot:

linux inst.ks=cdrom:/dev/cdrom:/ks/ks.cfg

Congratulations🙂 Your kickstart installation should run.

No comments:

How to install asterisk secure fail2ban

1)  rpm -Uvh If this is already installed, skip this step. 2)  y...