├── README.md ├── tftpboot ├── centos6_x64 │ ├── vmlinuz │ └── initrd.img ├── centos7 │ ├── initrd.img │ └── vmlinuz ├── pxelinux.cfg │ └── README.md ├── pxelinux.0 ├── splash.jpg ├── splash.lss └── boot.msg ├── pxelinux.cfg ├── centos7_kvm_host ├── centos7_raw_clean ├── centos7_docker_host ├── centos6_x64_kvm_host └── centos6_x64_raw_clean ├── script ├── gen_user_data.sh ├── assetapi.py ├── config_kvm_guest.py ├── post_config_kvm_host.sh ├── post_config_kvm_guest.sh ├── wdstackapi.py ├── post_install.sh ├── config_common.py └── kernel_conf.py ├── dhcpd └── dhcpd.conf ├── ks ├── ubuntu_12-04.cfg ├── centos7_kvm_guest.cfg ├── centos7_kvm_host.cfg ├── centos6_x64_kvm_guest.cfg ├── centos7_docker_host.cfg ├── centos7_raw_clean.cfg ├── centos6_x64_kvm_host.cfg ├── centos6_x64_raw_clean.cfg ├── centos7_common └── centos6_common ├── idrac-ddns ├── dhcpd.conf └── named.conf └── aws └── scripts ├── clone_install.sh └── post_install.sh /README.md: -------------------------------------------------------------------------------- 1 | # pxe_cfg 2 | -------------------------------------------------------------------------------- /tftpboot/centos6_x64/vmlinuz: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /tftpboot/centos7/initrd.img: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /tftpboot/centos7/vmlinuz: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /tftpboot/centos6_x64/initrd.img: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /tftpboot/pxelinux.cfg/README.md: -------------------------------------------------------------------------------- 1 | # 此目录是 pxelinux 配置文件, 装机的时候应该由装机系统自动拷贝配置文件到此目录. 2 | -------------------------------------------------------------------------------- /tftpboot/pxelinux.0: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tawateer/pxe_cfg/HEAD/tftpboot/pxelinux.0 -------------------------------------------------------------------------------- /tftpboot/splash.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tawateer/pxe_cfg/HEAD/tftpboot/splash.jpg -------------------------------------------------------------------------------- /tftpboot/splash.lss: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tawateer/pxe_cfg/HEAD/tftpboot/splash.lss -------------------------------------------------------------------------------- /tftpboot/boot.msg: -------------------------------------------------------------------------------- 1 | splash.lss 2 | 3 | - case: centos6_x64_raw_clean ip=10.0.10.* 4 | - case: centos6_x64_kvm_host ip=10.0.10.* 5 | - case: centos7_raw_clean ip=10.0.10.* 6 | - case: centos7_kvm_host ip=10.0.10.* 7 | - case: centos7_docker_host ip=10.0.10.* 8 | 9 | -------------------------------------------------------------------------------- /pxelinux.cfg/centos7_kvm_host: -------------------------------------------------------------------------------- 1 | default centos7_kvm_host 2 | prompt 1 3 | timeout 600 4 | display boot.msg 5 | 6 | label local 7 | localboot 0 8 | 9 | 10 | label centos7_kvm_host 11 | kernel centos7/vmlinuz 12 | append netmask=255.255.255.0 ksdevice=em2 initrd=centos7/initrd.img nofb text ks=http://pxe.hy01.nosa.com/ks/centos7_kvm_host.cfg 13 | -------------------------------------------------------------------------------- /pxelinux.cfg/centos7_raw_clean: -------------------------------------------------------------------------------- 1 | default centos7_raw_clean 2 | prompt 1 3 | timeout 600 4 | display boot.msg 5 | 6 | label local 7 | localboot 0 8 | 9 | 10 | label centos7_raw_clean 11 | kernel centos7/vmlinuz 12 | append netmask=255.255.255.0 ksdevice=em2 initrd=centos7/initrd.img nofb text ks=http://pxe.hy01.nosa.com/ks/centos7_raw_clean.cfg 13 | -------------------------------------------------------------------------------- /pxelinux.cfg/centos7_docker_host: -------------------------------------------------------------------------------- 1 | default centos7_docker_host 2 | prompt 1 3 | timeout 600 4 | display boot.msg 5 | 6 | label local 7 | localboot 0 8 | 9 | 10 | label centos7_docker_host 11 | kernel centos7/vmlinuz 12 | append netmask=255.255.255.0 ksdevice=em2 initrd=centos7/initrd.img nofb text ks=http://pxe.hy01.nosa.com/ks/centos7_docker_host.cfg 13 | -------------------------------------------------------------------------------- /pxelinux.cfg/centos6_x64_kvm_host: -------------------------------------------------------------------------------- 1 | default centos6_x64_kvm_host 2 | prompt 1 3 | timeout 600 4 | display boot.msg 5 | 6 | label local 7 | localboot 0 8 | 9 | 10 | label centos6_x64_kvm_host 11 | kernel centos6_x64/vmlinuz 12 | append netmask=255.255.255.0 ksdevice=em2 initrd=centos6_x64/initrd.img nofb text ks=http://pxe.hy01.nosa.com/ks/centos6_x64_kvm_host.cfg 13 | -------------------------------------------------------------------------------- /pxelinux.cfg/centos6_x64_raw_clean: -------------------------------------------------------------------------------- 1 | default centos6_x64_raw_clean 2 | prompt 1 3 | timeout 600 4 | display boot.msg 5 | 6 | label local 7 | localboot 0 8 | 9 | 10 | label centos6_x64_raw_clean 11 | kernel centos6_x64/vmlinuz 12 | append netmask=255.255.255.0 ksdevice=em2 initrd=centos6_x64/initrd.img nofb text ks=http://pxe.hy01.nosa.com/ks/centos6_x64_raw_clean.cfg 13 | -------------------------------------------------------------------------------- /script/gen_user_data.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | sed -i '/gen_user_data.sh/d' /etc/rc.d/rc.local 4 | 5 | hostname=$(hostname) 6 | 7 | # 获取装机之后的自定义脚本并执行 8 | cmd="import requests; print requests.get('http://wdstack.internal.DOMAIN.COM/api/v1/user_data/?hostname=$hostname').json()" 9 | python -c "$cmd" >/root/user_data 10 | chmod 777 /root/user_data 11 | cd /root && /root/user_data &>>/root/user_data.log 12 | -------------------------------------------------------------------------------- /dhcpd/dhcpd.conf: -------------------------------------------------------------------------------- 1 | ddns-update-style interim; 2 | ignore client-updates; 3 | allow unknown-clients; 4 | allow bootp; 5 | allow booting; 6 | ping-check true; 7 | default-lease-time 900; 8 | max-lease-time 1200; 9 | next-server 10.0.11.12; 10 | filename "/pxelinux.0"; 11 | option domain-name-servers 10.0.12.234; 12 | option domain-name "nosa.me"; 13 | 14 | subnet 10.0.11.0 netmask 255.255.255.0 { 15 | option routers 10.0.11.1; 16 | option subnet-mask 255.255.255.0; 17 | range dynamic-bootp 10.0.11.100 10.0.11.250; 18 | } 19 | -------------------------------------------------------------------------------- /ks/ubuntu_12-04.cfg: -------------------------------------------------------------------------------- 1 | install 2 | text 3 | lang en_US 4 | langsupport en_US 5 | keyboard us 6 | mouse 7 | timezone --utc Asia/Chongqing 8 | rootpw --disabled 9 | user work --fullname="work" --password nosa.com 10 | reboot 11 | url --url http://pxe.hy01.nosa.com/iso/ubuntu-12.04-server-installer-amd64 12 | bootloader --location=mbr 13 | zerombr yes 14 | clearpart --all --initlabel 15 | part swap --size 4096 16 | part / --fstype ext4 --size 1 --grow 17 | auth --useshadow --enablemd5 18 | network --bootproto=dhcp --device=eth0 19 | firewall --disabled 20 | skipx 21 | %packages 22 | penssh-server 23 | openssh-client 24 | nfs-kernel-server 25 | vim 26 | 27 | %post 28 | echo "nameserver 10.0.12.234" > /etc/resolv.conf 29 | 30 | -------------------------------------------------------------------------------- /idrac-ddns/dhcpd.conf: -------------------------------------------------------------------------------- 1 | ddns-update-style interim; 2 | #ddns-update-style none; 3 | ignore client-updates; 4 | default-lease-time 69120000; 5 | max-lease-time 86400000; 6 | option time-offset -18000; 7 | option domain-name "idc.ilo.nosa.me"; 8 | option domain-name-servers 10.2.1.1; 9 | 10 | subnet 10.2.0.0 netmask 255.255.0.0 { 11 | range dynamic-bootp 10.2.1.11 10.2.255.254; 12 | option broadcast-address 10.2.255.255; 13 | option routers 10.2.1.1; 14 | } 15 | 16 | key ilo { 17 | algorithm hmac-md5; 18 | secret HqX9xaJ75tgQ1S8hHz9L7Q==; 19 | } 20 | zone idc.ilo.nosa.me. { 21 | primary 10.2.1.1; 22 | key ilo; 23 | } 24 | zone 2.10.in-addr.arpa. { 25 | primary 10.2.1.1; 26 | key ilo; 27 | } 28 | -------------------------------------------------------------------------------- /idrac-ddns/named.conf: -------------------------------------------------------------------------------- 1 | options { 2 | directory "/var/named"; 3 | dump-file "/var/named/data/cache_dump.db"; 4 | statistics-file "/var/named/data/named_stats.txt"; 5 | memstatistics-file "/var/named/data/named_mem_stats.txt"; 6 | allow-transfer { none; }; 7 | recursion no; 8 | allow-recursion { "none" ;}; 9 | additional-from-cache no; 10 | }; 11 | 12 | logging { 13 | channel default_debug { 14 | file "data/named.run" size 20M; 15 | severity info; 16 | print-time true; 17 | }; 18 | }; 19 | 20 | #zone "." IN { 21 | # type hint; 22 | # file "named.ca"; 23 | #}; 24 | 25 | key ilo { 26 | algorithm hmac-md5; 27 | secret HqX9xaJ75tgQ1S8hHz9L7Q==; 28 | }; 29 | 30 | zone "idc.ilo.nosa.me" IN { 31 | type master; 32 | file "named.idc.ilo.nosa.me"; 33 | allow-update {key ilo;}; 34 | }; 35 | 36 | zone "2.10.in-addr.arpa." IN { 37 | type master; 38 | file "named.2.10.in-addr.arpa"; 39 | allow-update {key ilo;}; 40 | }; 41 | 42 | #include "/etc/named.rfc1912.zones"; 43 | -------------------------------------------------------------------------------- /ks/centos7_kvm_guest.cfg: -------------------------------------------------------------------------------- 1 | # Use Net Install installation 2 | # 注: url 指令不能放在 common 文件中, 貌似和执行顺序有关 3 | url --url http://pxe.hy01.nosa.com/iso/centos7_x64 4 | 5 | 6 | # Include common ks 7 | %include /tmp/ks_common 8 | 9 | 10 | # Include disk partitioning information 11 | %include /tmp/partconfig 12 | 13 | 14 | # Pre-installation script 15 | %pre --interpreter=/bin/sh --log=/root/pre-installation.log 16 | export PATH=$PATH:/sbin:/bin:/usr/sbin:/usr/bin 17 | 18 | # include common ks conf 19 | wget -q -O- http://pxe.hy01.nosa.com/ks/centos7_common >/tmp/ks_common 20 | 21 | # Disk partitioning information 22 | # /boot cann't be in lvm, so first part /boot 23 | echo 'part /boot --fstype="ext3" --size 512 24 | part swap --size 4096 25 | part pv.01 --size=1 --grow 26 | volgroup domovg pv.01 27 | logvol / --vgname=domovg --fstype="ext4" --size=1 --grow --name=root' >/tmp/partconfig 28 | 29 | %end 30 | 31 | 32 | # Post work 33 | %post --interpreter=/bin/sh --log=/root/post-installation.log 34 | service sshd restart 35 | 36 | script_url="http://pxe.hy01.nosa.com/script" 37 | wget ${script_url}/post_install.sh 38 | sh -x post_install.sh kvm_guest centos7 39 | 40 | %end 41 | -------------------------------------------------------------------------------- /script/assetapi.py: -------------------------------------------------------------------------------- 1 | #!/usr/bin/env python 2 | # -*- coding: utf-8 -*- 3 | 4 | import sys 5 | import logging 6 | import json 7 | import requests 8 | 9 | 10 | logging.basicConfig( 11 | level=logging.DEBUG, stream=sys.stdout, format='%(message)s') 12 | 13 | ASSET_HOST = "loki.hy01.internal.DOMAIN.COM" 14 | ASSET_APPLY_API = "/api/asset/apply" 15 | 16 | 17 | def apply_hostname_ip(sn, _type, hostname_key, idc, network): 18 | """ 从资产系统获取主机名和 IP. 19 | 20 | 对于物理机, sn 即是它的 sn, 对于虚拟机需要先生成一个 sn(uuid). 21 | 22 | _type 表示机器类型, 有三种 vm, kvm, raw 23 | 24 | hostname_key 和 idc 决定主机名; 25 | network 决定 ip. 26 | 27 | """ 28 | if "*" in hostname_key: 29 | key = "hostname_pattern" 30 | hostname_key = hostname_key + "." + idc 31 | else: 32 | key = "hostname_prefix" 33 | url = "http://" + ASSET_HOST + ASSET_APPLY_API 34 | data = { 35 | "sn": sn, 36 | "type": _type, 37 | key: hostname_key, 38 | "idc": idc, 39 | "network": network 40 | } 41 | headers = {"Content-Type": "application/json"} 42 | 43 | return_text = requests.post(url, data=json.dumps(data), headers=headers) 44 | return_json = return_text.json() 45 | logging.info([return_text.status_code, return_text.text]) 46 | return return_json["hostname"], return_json["private_ip"] 47 | -------------------------------------------------------------------------------- /ks/centos7_kvm_host.cfg: -------------------------------------------------------------------------------- 1 | # Continue to install if unsupported hardware 2 | unsupported_hardware 3 | 4 | 5 | # Use Net Install installation 6 | # 注: url 指令不能放在 common 文件中, 貌似和执行顺序有关 7 | url --url http://pxe.hy01.nosa.com/iso/centos7_x64 8 | 9 | 10 | # Include common ks 11 | %include /tmp/ks_common 12 | 13 | 14 | # Include disk partitioning information 15 | %include /tmp/partconfig 16 | 17 | 18 | # Pre-installation script 19 | %pre --interpreter=/bin/sh --log=/root/pre-installation.log 20 | export PATH=$PATH:/sbin:/bin:/usr/sbin:/usr/bin 21 | 22 | # include common ks conf 23 | wget -q -O- http://pxe.hy01.nosa.com/ks/centos7_common >/tmp/ks_common 24 | 25 | # Disk partitioning information 26 | # /boot cann't be in lvm, so first part /boot 27 | echo 'part /boot --fstype="ext3" --size 512 --ondisk=sda 28 | part swap --size 4096 --ondisk=sda 29 | part pv.01 --size=20480 --ondisk=sda 30 | volgroup domovg pv.01 31 | logvol / --vgname=domovg --fstype="ext4" --size=18432 --name=root 32 | logvol /home --vgname=domovg --fstype="ext4" --size=1024 --name=home 33 | # For vm 34 | part pv.02 --size 1 --grow --ondisk=sda 35 | volgroup vm_storage_pool_vg pv.02' >/tmp/partconfig 36 | 37 | %end 38 | 39 | 40 | # Post work 41 | %post --interpreter=/bin/sh --log=/root/post-installation.log 42 | service sshd restart 43 | 44 | script_url="http://pxe.hy01.nosa.com/script" 45 | wget ${script_url}/post_install.sh 46 | sh -x post_install.sh kvm_host centos7 47 | 48 | %end 49 | -------------------------------------------------------------------------------- /ks/centos6_x64_kvm_guest.cfg: -------------------------------------------------------------------------------- 1 | # System keyboard 2 | # 注: keyboard 指令不能放在 common 文件中, 貌似和执行顺序有关 3 | keyboard us 4 | 5 | 6 | # System language 7 | # 注: lang 指令不能放在 common 文件中, 貌似和执行顺序有关 8 | lang en_US.UTF-8 9 | 10 | 11 | # Use Net Install installation 12 | # 注: url 指令不能放在 common 文件中, 貌似和执行顺序有关 13 | url --url http://pxe.hy01.nosa.com/iso/centos6_x64 14 | 15 | 16 | # Include common ks 17 | %include /tmp/ks_common 18 | 19 | 20 | # Include disk partitioning information 21 | %include /tmp/partconfig 22 | 23 | 24 | # Pre-installation script 25 | %pre --interpreter /bin/sh --log=/root/pre-installation.log 26 | export PATH=$PATH:/sbin:/bin:/usr/sbin:/usr/bin 27 | 28 | # include common ks conf 29 | wget -q -O- http://pxe.hy01.nosa.com/ks/centos6_common >/tmp/ks_common 30 | 31 | # Disk partitioning information 32 | # /boot cann't be in lvm, so first part /boot 33 | echo 'part /boot --fstype="ext3" --size 512 34 | part swap --size 4096 35 | part pv.01 --size=1 --grow 36 | volgroup domovg pv.01 37 | logvol / --vgname=domovg --fstype="ext4" --size=1 --grow --name=root' >/tmp/partconfig 38 | 39 | # Disk partitioning cfg backup 40 | #part /boot --fstype="ext3" --size 512 --ondisk=sda 41 | #part swap --size 4096 --ondisk=sda 42 | #part pv.01 --size=1 --grow --ondisk=sda 43 | #volgroup domovg pv.01 44 | #logvol / --vgname=domovg --fstype="ext4" --size=18432 --name=root 45 | #logvol /home --vgname=domovg --fstype="ext4" --size=1024 --name=home 46 | 47 | %end 48 | 49 | 50 | # Post work 51 | %post --interpreter /bin/sh --log=/root/post-installation.log 52 | service sshd restart 53 | 54 | script_url="http://pxe.hy01.nosa.com/script" 55 | wget ${script_url}/post_install.sh 56 | sh -x post_install.sh kvm_guest centos6 57 | 58 | %end 59 | -------------------------------------------------------------------------------- /ks/centos7_docker_host.cfg: -------------------------------------------------------------------------------- 1 | # Continue to install if unsupported hardware 2 | unsupported_hardware 3 | 4 | 5 | # Use Net Install installation 6 | # 注: url 指令不能放在 common 文件中, 貌似和执行顺序有关 7 | url --url http://pxe.hy01.nosa.com/iso/centos7_x64 8 | 9 | 10 | # Include common ks 11 | %include /tmp/ks_common 12 | 13 | 14 | # Include disk partitioning information 15 | %include /tmp/partconfig 16 | 17 | 18 | # Pre-installation script 19 | %pre --interpreter=/bin/sh --log=/root/pre-installation.log 20 | export PATH=$PATH:/sbin:/bin:/usr/sbin:/usr/bin 21 | 22 | # include common ks conf 23 | wget -q -O- http://pxe.hy01.nosa.com/ks/centos7_common >/tmp/ks_common 24 | 25 | # Disk partitioning information 26 | # /boot cann't be in lvm, so first part /boot 27 | DRIVER_INSTALL="`fdisk -l |grep -i '^Disk /dev/' |grep -v /dev/mapper |awk '{print $2, $3}' |sed 's/://g' |sed 's#/dev/##g' |awk 'BEGIN{disk=""; size=0}{if(size == 0 || size > $2) {size = $2; disk = $1}}END{print disk}'`" 28 | 29 | echo 'part /boot --fstype="ext3" --size 512 --ondisk=$DRIVER_INSTALL 30 | part swap --size 4096 --ondisk=$DRIVER_INSTALL 31 | part pv.01 --size=1 --grow --ondisk=$DRIVER_INSTALL 32 | volgroup docker pv.01 33 | logvol / --vgname=domovg --fstype="ext4" --size=18432 --name=root 34 | logvol /home --vgname=domovg --fstype="ext4" --size=1024 --name=home' >/tmp/partconfig 35 | 36 | # Disk partitioning cfg backup 37 | #part /boot --fstype="ext3" --size 512 --ondisk=sda 38 | #part swap --size 4096 --ondisk=sda 39 | #part pv.01 --size=1 --grow --ondisk=sda 40 | #volgroup domovg pv.01 41 | #logvol / --vgname=domovg --fstype="ext4" --size=18432 --name=root 42 | #logvol /home --vgname=domovg --fstype="ext4" --size=1024 --name=home 43 | 44 | %end 45 | 46 | 47 | # Post work 48 | %post --interpreter=/bin/sh --log=/root/post-installation.log 49 | 50 | script_url="http://pxe.hy01.nosa.com/script" 51 | wget ${script_url}/post_install.sh 52 | sh -x post_install.sh docker_host centos7 53 | 54 | %end 55 | -------------------------------------------------------------------------------- /ks/centos7_raw_clean.cfg: -------------------------------------------------------------------------------- 1 | # Continue to install if unsupported hardware 2 | unsupported_hardware 3 | 4 | 5 | # Use Net Install installation 6 | # 注: url 指令不能放在 common 文件中, 貌似和执行顺序有关 7 | url --url http://pxe.hy01.nosa.com/iso/centos7_x64 8 | 9 | 10 | # Include common ks 11 | %include /tmp/ks_common 12 | 13 | 14 | # Include disk partitioning information 15 | %include /tmp/partconfig 16 | 17 | 18 | # Pre-installation script 19 | %pre --interpreter=/bin/sh --log=/root/pre-installation.log 20 | export PATH=$PATH:/sbin:/bin:/usr/sbin:/usr/bin 21 | 22 | # include common ks conf 23 | wget -q -O- http://pxe.hy01.nosa.com/ks/centos7_common >/tmp/ks_common 24 | 25 | # Disk partitioning information 26 | # /boot cann't be in lvm, so first part /boot 27 | DRIVER_INSTALL="`fdisk -l |grep -i '^Disk /dev/' |grep -v /dev/mapper |awk '{print $2, $3}' |sed 's/://g' |sed 's#/dev/##g' |awk 'BEGIN{disk=""; size=0}{if(size == 0 || size > $2) {size = $2; disk = $1}}END{print disk}'`" 28 | 29 | echo 'part /boot --fstype="ext3" --size 512 --ondisk=$DRIVER_INSTALL 30 | part swap --size 4096 --ondisk=$DRIVER_INSTALL 31 | part pv.01 --size=1 --grow --ondisk=$DRIVER_INSTALL 32 | volgroup domovg pv.01 33 | logvol / --vgname=domovg --fstype="ext4" --size=18432 --name=root 34 | logvol /home --vgname=domovg --fstype="ext4" --size=1024 --name=home' >/tmp/partconfig 35 | 36 | # Disk partitioning cfg backup 37 | #part /boot --fstype="ext3" --size 512 --ondisk=sda 38 | #part swap --size 4096 --ondisk=sda 39 | #part pv.01 --size=1 --grow --ondisk=sda 40 | #volgroup domovg pv.01 41 | #logvol / --vgname=domovg --fstype="ext4" --size=18432 --name=root 42 | #logvol /home --vgname=domovg --fstype="ext4" --size=1024 --name=home 43 | 44 | %end 45 | 46 | 47 | # Post work 48 | %post --interpreter=/bin/sh --log=/root/post-installation.log 49 | service sshd restart 50 | 51 | script_url="http://pxe.hy01.nosa.com/script" 52 | wget ${script_url}/post_install.sh 53 | sh -x post_install.sh raw_clean centos7 54 | 55 | %end 56 | -------------------------------------------------------------------------------- /ks/centos6_x64_kvm_host.cfg: -------------------------------------------------------------------------------- 1 | # Continue to install if unsupported hardware 2 | unsupported_hardware 3 | 4 | 5 | # System keyboard 6 | # 注: keyboard 指令不能放在 common 文件中, 貌似和执行顺序有关 7 | keyboard us 8 | 9 | 10 | # System language 11 | # 注: lang 指令不能放在 common 文件中, 貌似和执行顺序有关 12 | lang en_US.UTF-8 13 | 14 | 15 | # Use Net Install installation 16 | # 注: url 指令不能放在 common 文件中, 貌似和执行顺序有关 17 | url --url http://pxe.hy01.nosa.com/iso/centos6_x64 18 | 19 | 20 | # Include common ks 21 | %include /tmp/ks_common 22 | 23 | 24 | # Include disk partitioning information 25 | %include /tmp/partconfig 26 | 27 | 28 | # Pre-installation script 29 | %pre --interpreter /bin/sh --log=/root/pre-installation.log 30 | export PATH=$PATH:/sbin:/bin:/usr/sbin:/usr/bin 31 | 32 | # include common ks conf 33 | wget -q -O- http://pxe.hy01.nosa.com/ks/centos6_common >/tmp/ks_common 34 | 35 | # Disk partitioning information 36 | # /boot cann't be in lvm, so first part /boot 37 | echo 'part /boot --fstype="ext3" --size 512 --ondisk=sda 38 | part swap --size 4096 --ondisk=sda 39 | part pv.01 --size=20480 --ondisk=sda 40 | volgroup domovg pv.01 41 | logvol / --vgname=domovg --fstype="ext4" --size=18432 --name=root 42 | logvol /home --vgname=domovg --fstype="ext4" --size=1024 --name=home 43 | # For vm 44 | part pv.02 --size 1 --grow --ondisk=sda 45 | volgroup vm_storage_pool_vg pv.02' >/tmp/partconfig 46 | 47 | # Disk partitioning cfg backup 48 | #part /boot --fstype="ext3" --size 512 --ondisk=sda 49 | #part swap --size 4096 --ondisk=sda 50 | #part pv.01 --size=1 --grow --ondisk=sda 51 | #volgroup domovg pv.01 52 | #logvol / --vgname=domovg --fstype="ext4" --size=18432 --name=root 53 | #logvol /home --vgname=domovg --fstype="ext4" --size=1024 --name=home 54 | 55 | %end 56 | 57 | 58 | # Post work 59 | %post --interpreter /bin/sh --log=/root/post-installation.log 60 | service sshd restart 61 | 62 | script_url="http://pxe.hy01.nosa.com/script" 63 | wget ${script_url}/post_install.sh 64 | sh -x post_install.sh kvm_host centos6 65 | 66 | %end 67 | -------------------------------------------------------------------------------- /ks/centos6_x64_raw_clean.cfg: -------------------------------------------------------------------------------- 1 | # Continue to install if unsupported hardware 2 | unsupported_hardware 3 | 4 | 5 | # System keyboard 6 | # 注: keyboard 指令不能放在 common 文件中, 貌似和执行顺序有关 7 | keyboard us 8 | 9 | 10 | # System language 11 | # 注: lang 指令不能放在 common 文件中, 貌似和执行顺序有关 12 | lang en_US.UTF-8 13 | 14 | 15 | # Use Net Install installation 16 | # 注: url 指令不能放在 common 文件中, 貌似和执行顺序有关 17 | url --url http://pxe.hy01.nosa.com/iso/centos6_x64 18 | 19 | 20 | # Include common ks 21 | %include /tmp/ks_common 22 | 23 | 24 | # Include disk partitioning information 25 | %include /tmp/partconfig 26 | 27 | 28 | # Pre-installation script 29 | %pre --interpreter /bin/sh --log=/root/pre-installation.log 30 | export PATH=$PATH:/sbin:/bin:/usr/sbin:/usr/bin 31 | 32 | # include common ks conf 33 | wget -q -O- http://pxe.hy01.nosa.com/ks/centos6_common >/tmp/ks_common 34 | 35 | # Disk partitioning information 36 | # /boot cann't be in lvm, so first part /boot 37 | DRIVER_INSTALL="`fdisk -l |grep -i '^Disk /dev/' |grep -v /dev/mapper |awk '{print $2, $3}' |sed 's/://g' |sed 's#/dev/##g' |awk 'BEGIN{disk=""; size=0}{if(size == 0 || size > $2) {size = $2; disk = $1}}END{print disk}'`" 38 | 39 | echo 'part /boot --fstype="ext3" --size 512 --ondisk=$DRIVER_INSTALL 40 | part swap --size 4096 --ondisk=$DRIVER_INSTALL 41 | part pv.01 --size=1 --grow --ondisk=$DRIVER_INSTALL 42 | volgroup domovg pv.01 43 | logvol / --vgname=domovg --fstype="ext4" --size=18432 --name=root 44 | logvol /home --vgname=domovg --fstype="ext4" --size=1024 --name=home' >/tmp/partconfig 45 | 46 | # Disk partitioning cfg backup 47 | #part /boot --fstype="ext3" --size 512 --ondisk=sda 48 | #part swap --size 4096 --ondisk=sda 49 | #part pv.01 --size=1 --grow --ondisk=sda 50 | #volgroup domovg pv.01 51 | #logvol / --vgname=domovg --fstype="ext4" --size=18432 --name=root 52 | #logvol /home --vgname=domovg --fstype="ext4" --size=1024 --name=home 53 | 54 | %end 55 | 56 | 57 | # Post work 58 | %post --interpreter /bin/sh --log=/root/post-installation.log 59 | service sshd restart 60 | 61 | script_url="http://pxe.hy01.nosa.com/script" 62 | wget ${script_url}/post_install.sh 63 | sh -x post_install.sh raw_clean centos6 64 | 65 | %end 66 | -------------------------------------------------------------------------------- /ks/centos7_common: -------------------------------------------------------------------------------- 1 | # Based on anaconda-ks.cfg 2 | # Revised by Ningning Li 3 | # version=RHEL7 4 | 5 | 6 | # System bootloader configuration 7 | bootloader --location=mbr 8 | 9 | 10 | # Clear the Master Boot Record 11 | zerombr 12 | 13 | 14 | # Partition clearing information 15 | clearpart --all 16 | 17 | 18 | # Use text mode install 19 | text 20 | 21 | 22 | # Firewall configuration 23 | firewall --disabled 24 | 25 | 26 | # System keyboard 27 | keyboard --vckeymap=us --xlayouts='us' 28 | 29 | 30 | # System language 31 | lang en_US.UTF-8 32 | 33 | 34 | # Installation logging level 35 | logging --level=info 36 | 37 | 38 | # Install OS instead of upgrade 39 | install 40 | 41 | 42 | # Network information 43 | #network --bootproto=static 44 | 45 | 46 | # System authorization information 47 | auth --enableshadow --passalgo=sha512 48 | 49 | 50 | # Root password 51 | #rootpw --iscrypted $6$iXpox8zjsr1gcD0K$JW5TAqnxCnRugGRfwZ7o/IG8ySGb7AVcxoktY73cr7grqQ4eORcZzeWNe2WsjNb0ridKwztc2RF/zC7PaJtgP. 52 | rootpw --plaintext nosa.com 53 | 54 | 55 | # SELinux configuration 56 | selinux --disabled 57 | 58 | 59 | # Do not configure the X Window System 60 | skipx 61 | 62 | 63 | # System timezone 64 | timezone Asia/Shanghai --utc 65 | 66 | 67 | # Temporary accounts through which to log on during installation 68 | #sshpw --username=wandoujia nosa.com --plaintext 69 | 70 | 71 | #reboot after installation 72 | reboot 73 | 74 | 75 | # Configuring services 76 | services --disabled auditd,cups,smartd,nfslock,postfix,NetworkManager,avahi-daemon 77 | services --enabled sshd,network,crond,irqbalance,ipmi,sendmail,lvm2-lvmetad 78 | 79 | 80 | # Packages 81 | %packages 82 | @core 83 | 84 | bash-completion 85 | vim 86 | wget 87 | which 88 | traceroute 89 | unzip 90 | tcpdump 91 | telnet 92 | ntp 93 | nc 94 | lsof 95 | screen 96 | tmux 97 | iotop 98 | sysstat 99 | python-requests 100 | dmidecode 101 | net-tools 102 | 103 | -*firmware* 104 | -postfix 105 | -tuned 106 | -iwl* 107 | -NetworkManager* 108 | -centos-logos 109 | -alsa* 110 | -audit 111 | -ModemManager* 112 | -selinux* 113 | -wpa_supplicant 114 | 115 | %end 116 | -------------------------------------------------------------------------------- /aws/scripts/clone_install.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | 4 | region= 5 | 6 | 7 | hostname= 8 | hostname $hostname 9 | sed -i "s/^HOSTNAME=.*/HOSTNAME=$hostname/g" /etc/sysconfig/network 10 | 11 | 12 | sed -i "#/home/#d" /etc/fstab 13 | /sbin/blkid |egrep -v "vda" |sort -u -k1 |awk '{print $2" /home/ ext4 nosuid,noatime 1 2"}' >>/etc/fstab 14 | 15 | /bin/rm -rf /var/lib/puppet/ 16 | 17 | 18 | dns_vip= 19 | sed -i "/nameserver/s/.*/nameserver ${dns_vip}/g" /etc/resolv.conf 20 | 21 | 22 | yum -y install bind 23 | ns_servers= 24 | 25 | private_key_path="Kamazonaws.com.cn.+157+30769.private" 26 | cat >${private_key_path} <${public_key_path} 38 | 39 | local_domain=$(curl -w "\n" http://169.254.169.254/latest/meta-data/local-hostname |sed "s/^[^.]\+.//g") 40 | local_ipv4=$(curl http://169.254.169.254/latest/meta-data/local-ipv4) 41 | local_ipv4_reverse=$(echo ${local_ipv4} |awk -F"." '{print $4"."$3"."$2"."$1}') 42 | 43 | 44 | for ns_server in ${ns_servers} 45 | do 46 | cat </etc/hostname" % hostname) 65 | hostname_conf = """NETWORKING=yes 66 | NETWORKING_IPV6=no 67 | HOSTNAME=%s 68 | """ % hostname 69 | with open("/etc/sysconfig/network", 'w') as f: 70 | f.write(hostname_conf) 71 | 72 | # 设置网关. 73 | with open("/etc/sysconfig/network-scripts/route-em2", 'w') as f: 74 | f.write("192.168.0.0/16 via %s\n" % gateway) 75 | f.write("10.0.0.0/8 via %s\n" % gateway) 76 | f.write("100.64.0.0/16 via %s\n" % gateway) 77 | f.write("0.0.0.0/0 via %s\n" % gateway) 78 | 79 | # 设置内网 ip. 80 | int_device_conf = """DEVICE=em2 81 | BOOTPROTO=static 82 | IPADDR=%s 83 | NETMASK=%s 84 | ONBOOT=yes 85 | TYPE=Ethernet""" % (ip, netmask) 86 | with open("/etc/sysconfig/network-scripts/ifcfg-em2", 'w') as f: 87 | f.write(int_device_conf) 88 | 89 | # 删除 eth0. 90 | deleth0_cmd = "/bin/rm -f /etc/sysconfig/network-scripts/ifcfg-eth0" 91 | shell(deleth0_cmd) 92 | 93 | 94 | if __name__ == '__main__': 95 | main() 96 | -------------------------------------------------------------------------------- /script/post_config_kvm_host.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | # 宿主机装机之后的初始化脚本. 3 | 4 | 5 | # 判断是否是虚拟机 6 | if /usr/sbin/dmidecode -s system-product-name |grep -i kvm >/dev/null 7 | then 8 | echo "KVM guest is running." 9 | exit 1 10 | fi 11 | 12 | 13 | # 安装 kvm, 重启 libvirtd 14 | yum -y install qemu-kvm qemu-kvm-tools python-virtinst qemu-img libvirt bridge-utils guestfish 15 | lsmod |grep kvm 16 | service libvirtd restart ||systemctl restart libvirtd.service 17 | 18 | 19 | # 删除virbr0(virbr0使用的是 NAT 模式,我们使用桥接) 20 | #/bin/rm -rf /etc/libvirt/qemu/networks 21 | virsh net-list 22 | virsh net-destroy default 23 | virsh net-undefine default 24 | service libvirtd restart ||systemctl restart libvirtd.service 25 | 26 | 27 | # 配置桥接网络 28 | PIP=$(ip a |grep -Po 'inet 10\.\d+\.\d+\.\d+' |awk '{print $2}') 29 | 30 | > /etc/sysconfig/network-scripts/ifcfg-br1 31 | cat > /etc/sysconfig/network-scripts/ifcfg-br1 < /etc/sysconfig/network-scripts/ifcfg-em1 40 | cat > /etc/sysconfig/network-scripts/ifcfg-em1 < /etc/sysconfig/network-scripts/ifcfg-br2 49 | cat > /etc/sysconfig/network-scripts/ifcfg-br2 < /etc/sysconfig/network-scripts/ifcfg-em2 59 | cat > /etc/sysconfig/network-scripts/ifcfg-em2 << EOF 60 | DEVICE="em2" 61 | NM_CONTROLLED="yes" 62 | ONBOOT="yes" 63 | TYPE="Ethernet" 64 | BRIDGE=br2 65 | EOF 66 | 67 | # 对于 kvm_host, 把 route-em2 修改成 route-br2, 否则网关会有问题. 68 | /bin/mv -f /etc/sysconfig/network-scripts/route-em2 /etc/sysconfig/network-scripts/route-br2 69 | 70 | service network restart ||systemctl restart network.service 71 | service libvirtd restart ||systemctl restart libvirtd.service 72 | 73 | 74 | # 定义存储池相关变量 75 | storage_pool="vm_storage_pool" 76 | storage_pool_dev="/dev/sda5" 77 | storage_pool_vg="${storage_pool}_vg" 78 | 79 | # 创建存储池 80 | size=`/sbin/vgs |grep ${storage_pool_vg} |awk '{print $NF}'` 81 | num=`echo $size |awk -F. '{print $1}'` 82 | _type=`echo ${size:((${#size} - 1))}` 83 | lvcreate -n vm_storage -L ${num}${_type} ${storage_pool_vg} 84 | mkfs.ext4 /dev/${storage_pool_vg}/vm_storage 85 | mkdir /vm_storage 86 | chown qemu:qemu /vm_storage/ 87 | chmod 700 /vm_storage 88 | mount -t ext4 /dev/${storage_pool_vg}/vm_storage /vm_storage 89 | echo "/dev/${storage_pool_vg}/vm_storage /vm_storage ext4 defaults,data=ordered 1 2" >> /etc/fstab 90 | virsh pool-define-as ${storage_pool} --type dir --target /vm_storage 91 | virsh pool-info ${storage_pool} 92 | virsh pool-start ${storage_pool} 93 | virsh pool-autostart ${storage_pool} 94 | 95 | -------------------------------------------------------------------------------- /script/post_config_kvm_guest.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | # 虚拟机安装第一次重启之后执行的脚本,主要是修改网卡,配置数据盘等操作,执行完之后会再次重启. 3 | 4 | 5 | ext_device="em1" 6 | intra_device="em2" 7 | 8 | 9 | # 更改网卡名称 10 | if uname -r |grep ^2.6.32 # 如果是 Centos6 11 | then 12 | /bin/sed -i "s/eth1/${ext_device}/g" /etc/udev/rules.d/70-persistent-net.rules 13 | /bin/sed -i "s/eth0/${intra_device}/g" /etc/udev/rules.d/70-persistent-net.rules 14 | elif uname -r |grep ^3.10 # 如果是 Centos7 15 | then 16 | sed -i "s/vconsole.keymap=us/vconsole.keymap=us net.ifnames=0/g" /etc/default/grub 17 | grub2-mkconfig -o /boot/grub2/grub.cfg 18 | 19 | mac_eth0=$(ip addr show eth0 |grep link/ether |awk '{print $2}') 20 | mac_eth1=$(ip addr show eth1 |grep link/ether |awk '{print $2}') 21 | echo "# PCI device 0x1af4:0x1000 (virtio-pci) 22 | SUBSYSTEM==\"net\", ACTION==\"add\", DRIVERS==\"?*\", ATTR{address}==\"${mac_eth0}\", ATTR{type}==\"1\", KERNEL==\"eth*\", NAME=\"${intra_device}\" 23 | 24 | # PCI device 0x1af4:0x1000 (virtio-pci) 25 | SUBSYSTEM==\"net\", ACTION==\"add\", DRIVERS==\"?*\", ATTR{address}==\"${mac_eth1}\", ATTR{type}==\"1\", KERNEL==\"eth*\", NAME=\"${ext_device}\"" >/etc/udev/rules.d/70-persistent-net.rules 26 | 27 | fi 28 | 29 | 30 | # Define data partition 31 | vm_data_dev="vdb" 32 | vm_data_vg="datavg" 33 | vm_data_lv="home" 34 | vm_data_dir="/home" 35 | 36 | 37 | vm_data_dev_path="/dev/${vm_data_dev}" 38 | 39 | 40 | if /bin/df |grep /home >/dev/null 41 | then 42 | echo "Partition /home exist." 43 | exit 1 44 | fi 45 | 46 | if [ ! -b ${vm_data_dev_path} ] 47 | then 48 | echo "Device ${vm_data_dev_path} doesn't exist." 49 | exit 1 50 | fi 51 | 52 | 53 | pvcreate ${vm_data_dev_path} ||exit 1 54 | vgcreate ${vm_data_vg} ${vm_data_dev_path} ||exit 1 55 | lvcreate -n ${vm_data_lv} -l 100%FREE ${vm_data_vg} || exit 1 56 | mkfs.ext4 /dev/${vm_data_vg}/${vm_data_lv} || exit 1 57 | 58 | 59 | /bin/cp -a ${vm_data_dir} /tmp/.${vm_data_dir}_bak 60 | rm -rf ${vm_data_dir} 61 | mkdir ${vm_data_dir} 62 | 63 | 64 | echo "/dev/${vm_data_vg}/${vm_data_lv} ${vm_data_dir} ext4 defaults,data=ordered,nodev,nosuid 1 2" >> /etc/fstab 65 | mount -a || exit 1 66 | 67 | 68 | /bin/cp -ra /tmp/.${vm_data_dir}_bak/* ${vm_data_dir} 69 | 70 | 71 | # 增加clocksource, 修复 unstable clocksource in virtualised CentOS 72 | sed -i "/vmlinuz-2.6.32-279.el6.x86_64/s/$/ clocksource_failover=acpi_pm/g" /boot/grub/grub.conf 73 | 74 | 75 | # 重启之后 执行Puppet 76 | yum -y install puppet ;/usr/bin/puppet agent --onetime --no-daemonize --server=puppetlb.corp.DOMAIN.COM --ca_server=puppetca.corp.DOMAIN.COM --debug ;sed -i '/puppet/d' /etc/rc.d/rc.local ;/bin/rm -rf /tmp/install/* " >> /etc/rc.d/rc.local 77 | 78 | 79 | # 装机之后执行自定义脚本 80 | wget "http://wdstack.internal.DOMAIN.COM/script/gen_user_data.sh" -O /root/gen_user_data.sh 81 | echo "sh /root/gen_user_data.sh &>>/root/gen_user_data.log" >>/etc/rc.d/rc.local 82 | 83 | 84 | # 操作完成之后重启使网卡生效 85 | reboot 86 | -------------------------------------------------------------------------------- /script/wdstackapi.py: -------------------------------------------------------------------------------- 1 | #!/usr/bin/env python 2 | # -*- coding: utf-8 -*- 3 | 4 | import os 5 | import urllib2 6 | import cookielib 7 | import urllib 8 | import json 9 | 10 | 11 | WDSTACK_HOST = "pxe.internal.DOMAIN.COM" 12 | WDSTACK_AUTH_USERNAME= "autodeploy" 13 | WDSTACK_AUTH_PASSWD = '' 14 | WDSTACK_AUTH_API = '' 15 | 16 | 17 | class WdstackApi(object): 18 | def __init__(self, host_url=WDSTACK_HOST, username=WDSTACK_AUTH_USERNAME, \ 19 | password=WDSTACK_AUTH_PASSWD, auth_uri=WDSTACK_AUTH_API): 20 | self.is_login = False 21 | self.host_url = host_url 22 | self.username = username 23 | self.password = password 24 | self.auth_uri = auth_uri 25 | 26 | self.login() 27 | if not self.is_login: 28 | raise LoginException("asset auth failed.") 29 | 30 | def login(self): 31 | auth_url = r"http://" + self.host_url + r"/" + self.auth_uri 32 | cookie = cookielib.CookieJar() 33 | opener = urllib2.build_opener(urllib2.HTTPCookieProcessor(cookie)) 34 | urllib2.install_opener(opener) 35 | data = urllib.urlencode({"username": self.username, 'password': self.password}) 36 | login_response = urllib2.urlopen(auth_url, data) 37 | response = login_response.read() 38 | 39 | ret_dict = json.loads(response) 40 | 41 | # update to check the response content to check if passed 42 | # authentication 43 | if ret_dict["result"] == "success": 44 | self.is_login = True 45 | else: 46 | self.is_login = False 47 | 48 | def post_wrapper(self, url, data_dict, json_loads=True): 49 | data = urllib.urlencode(data_dict) 50 | visit_url = r"http://" + self.host_url + r"/" + url 51 | login_response = urllib2.urlopen(visit_url, data) 52 | response = login_response.read() 53 | if json_loads: 54 | return json.loads(response) 55 | else: 56 | return response 57 | 58 | def get_wrapper(self, url, data_dict, json_loads=True): 59 | data = urllib.urlencode(data_dict) 60 | visit_url = r"http://" + self.host_url + r"/" + url 61 | login_response = urllib2.urlopen(visit_url + "?" + data) 62 | response = login_response.read() 63 | if json_loads: 64 | return json.loads(response) 65 | else: 66 | return response 67 | 68 | 69 | def get_idc_usage(sn): 70 | 71 | _wdstack_oj = WdstackApi() 72 | 73 | data_dict = { 74 | "sn": sn 75 | } 76 | 77 | ret = _wdstack_oj.get_wrapper("api/v1/pm/message", data_dict) 78 | return ret 79 | 80 | 81 | def set_hostname_ip(sn, hostname, ip): 82 | 83 | _wdstack_oj = WdstackApi() 84 | 85 | data_dict = { 86 | "sn": sn, 87 | "hostname": hostname, 88 | "ip": ip 89 | } 90 | 91 | ret = _wdstack_oj.post_wrapper("api/v1/pm/message", data_dict, json_loads=False) 92 | return ret 93 | -------------------------------------------------------------------------------- /aws/scripts/post_install.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | 4 | region= 5 | 6 | 7 | hostname= 8 | hostname $hostname 9 | sed -i "s/^HOSTNAME=.*/HOSTNAME=$hostname/g" /etc/sysconfig/network 10 | 11 | 12 | if test -b /dev/sdb 13 | then 14 | echo "resize2fs /dev/sdb ;sed -i '/resize2fs/d' /etc/rc.d/rc.local " >>/etc/rc.d/rc.local 15 | mount -t ext4 /dev/sdb /home/ 16 | /sbin/blkid |egrep -v "vda" |sort -u -k1 |awk '{print $2" /home/ ext4 nosuid,noatime 1 2"}' >>/etc/fstab 17 | elif test -b /dev/xvdb 18 | then 19 | echo "resize2fs /dev/xvdb ;sed -i '/resize2fs/d' /etc/rc.d/rc.local " >>/etc/rc.d/rc.local 20 | mount -t ext4 /dev/xvdb /home/ 21 | /sbin/blkid |egrep -v "vda" |sort -u -k1 |awk '{print $2" /home/ ext4 nosuid,noatime 1 2"}' >>/etc/fstab 22 | fi 23 | 24 | 25 | mkdir -p /usr/local/bin/op/ 26 | echo 'export PATH=$PATH:/usr/local/bin/op' >>/etc/profile 27 | 28 | 29 | dns_vip= 30 | sed -i "/nameserver/s/.*/nameserver ${dns_vip}/g" /etc/resolv.conf 31 | 32 | 33 | yum -y install bind 34 | ns_servers= 35 | 36 | private_key_path="Kamazonaws.com.cn.+157+30769.private" 37 | cat >${private_key_path} <${public_key_path} 49 | 50 | local_domain=$(curl -w "\n" http://169.254.169.254/latest/meta-data/local-hostname |sed "s/^[^.]\+.//g") 51 | local_ipv4=$(curl http://169.254.169.254/latest/meta-data/local-ipv4) 52 | local_ipv4_reverse=$(echo ${local_ipv4} |awk -F"." '{print $4"."$3"."$2"."$1}') 53 | 54 | 55 | for ns_server in ${ns_servers} 56 | do 57 | cat < 3 | # version=RHEL6 4 | 5 | 6 | # System bootloader configuration 7 | bootloader --location=mbr 8 | 9 | 10 | # Clear the Master Boot Record 11 | zerombr 12 | 13 | 14 | # Partition clearing information 15 | clearpart --all 16 | 17 | 18 | # Use text mode install 19 | text 20 | 21 | 22 | # Firewall configuration 23 | firewall --disabled 24 | 25 | 26 | # Installation logging level 27 | logging --level=info 28 | 29 | 30 | # Install OS instead of upgrade 31 | install 32 | 33 | 34 | # Network information 35 | #network --bootproto=static 36 | 37 | 38 | # System authorization information 39 | auth --useshadow --enablemd5 40 | 41 | 42 | # Root password 43 | #rootpw --iscrypted $1$rCzVp0$xhGR4YJBbiPb3lQMr.W6K/ 44 | rootpw --plaintext nosa.com 45 | 46 | 47 | # SELinux configuration 48 | selinux --disabled 49 | 50 | 51 | # Do not configure the X Window System 52 | skipx 53 | 54 | 55 | # System timezone 56 | timezone Asia/Shanghai --utc 57 | 58 | 59 | # Temporary accounts through which to log on during installation 60 | #sshpw --username=wandoujia nosa.com --plaintext 61 | 62 | 63 | #reboot after installation 64 | reboot 65 | 66 | 67 | # Configuring services 68 | services --disabled auditd,cups,smartd,nfslock,postfix,NetworkManager,avahi-daemon 69 | services --enabled sshd,network,crond,irqbalance,ipmi,sendmail,lvm2-lvmetad 70 | 71 | 72 | # Packages 73 | # Do not install the @Base group 74 | %packages --nobase 75 | 76 | # System 77 | basesystem 78 | centos-release 79 | #centos-release-notes 80 | filesystem 81 | initscripts 82 | setup 83 | SysVinit 84 | 85 | # Lib & Module 86 | dhcp-common 87 | glibc 88 | libgcc 89 | libstdc++ 90 | lockdev 91 | m2crypto 92 | pam_passwdqc 93 | pam_pkcs11 94 | readline 95 | 96 | # Tools 97 | authconfig 98 | bc 99 | bind-utils 100 | bzip2 101 | coreutils 102 | cpio 103 | crontabs 104 | dmidecode 105 | dmraid 106 | dstat 107 | e2fsprogs 108 | eject 109 | file 110 | ftp 111 | gpm 112 | grub 113 | hdparm 114 | info 115 | iproute 116 | iptables 117 | iputils 118 | links 119 | logrotate 120 | logwatch 121 | irqbalance 122 | lsof 123 | mailx 124 | make 125 | man 126 | mcelog 127 | mdadm 128 | minicom 129 | #mkinitrd 130 | mlocate 131 | nc 132 | ntp 133 | nscd 134 | openldap-clients 135 | openssh-clients 136 | openssh-server 137 | passwd 138 | patch 139 | patchutils 140 | pciutils 141 | procmail 142 | procps 143 | psacct 144 | rpm 145 | rsync 146 | screen 147 | sendmail 148 | shadow-utils 149 | smartmontools 150 | strace 151 | sudo 152 | symlinks 153 | sysstat 154 | tcpdump 155 | telnet 156 | compat-libtermcap 157 | traceroute 158 | unzip 159 | util-linux 160 | vim-common 161 | vim-enhanced 162 | vim-minimal 163 | vixie-cron 164 | wget 165 | which 166 | yum 167 | 168 | # extra 169 | ctags 170 | glib2 171 | glib2-devel 172 | libdbi 173 | libicu 174 | libnfnetlink 175 | lrzsz 176 | pkgconfig 177 | 178 | # Shell 179 | bash 180 | 181 | # unused packages 182 | -postfix 183 | -mysql-libs 184 | -ecryptfs-utils 185 | -cryptsetup-luks 186 | -dhclient 187 | -dhcpv6_client 188 | -ed 189 | -kudzu 190 | -libhugetlbfs 191 | -rootfiles 192 | -pm-utils 193 | -selinux-policy-targeted 194 | -setools 195 | -setserial 196 | -sysfsutils 197 | -system-config-network-tui 198 | -pam_pkcs11 199 | -*firmware* 200 | -b43-openfwwf 201 | 202 | # unused 32 bit distribution 203 | -*.i386 204 | -*.i686 205 | 206 | %end 207 | -------------------------------------------------------------------------------- /script/post_install.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash -x 2 | 3 | install_type=$1 4 | install_ver=$2 5 | 6 | 7 | script_url="http://pxe.internal.DOMAIN.COM/script" 8 | 9 | 10 | # 修复安装之后的 Puppet 问题 11 | echo "search DOMAIN.COM" >>/etc/resolv.conf 12 | 13 | 14 | # 同步时间, 否则请求 Puppet ca 可能失败 15 | ntpdate ntp.DOMAIN.COM &>/dev/null ; /sbin/hwclock -w 16 | 17 | 18 | # Centos 7 需要加权限否则开机不执行 rc.local 19 | chmod +x /etc/rc.d/rc.local 20 | 21 | 22 | # 创建临时目录,机器安装完成之后会删除此目录 23 | mkdir -p /tmp/install 24 | cd /tmp/install 25 | 26 | 27 | # 添加源(wandoulabs-release 是一个坑, 以后更新 wandoulabs-release 的话 此文件可能会被删除) 28 | /bin/rm -f /etc/yum.repos.d/CentOS* 29 | rpm -Uvh http://mirrors.internal.DOMAIN.COM/wandoulabs/6/x86_64/wandoulabs-release-0.0.24-1.el6.x86_64.rpm 30 | 31 | 32 | # 安装 requests 模块, 请求资产和 DNS 系统会用到. 33 | yum -y install python-requests 34 | 35 | 36 | # 根据资产系统拿到主机名和ip, 并下载dns相关脚本 37 | wget ${script_url}/assetapi.py 38 | wget ${script_url}/wdstackapi.py 39 | 40 | 41 | # 对 kvm_guest 执行初始化 42 | if [[ "$install_type" == "kvm_guest" ]] 43 | then 44 | wget -q -O- ${script_url}/config_kvm_guest.py |python 45 | 46 | # 重启之后虚拟机没网络, 所以先下好脚本 47 | wget -q ${script_url}/post_config_kvm_guest.sh -O post_config_kvm_guest.sh 48 | echo "cd /tmp/install &&sh -x post_config_kvm_guest.sh &>>/tmp/.post_config_kvm_guest.log ;sed -i '/post_config_kvm_guest.sh/d' /etc/rc.d/rc.local" >> /etc/rc.d/rc.local 49 | exit 0 50 | fi 51 | 52 | 53 | # 非虚拟机执行通用脚本 54 | wget -q -O- ${script_url}/config_common.py |python 55 | 56 | 57 | if [[ "$install_type" == "kvm_host" ]] 58 | then 59 | # 如果此时用 yum 安装 kvm, 对于 Centos7 会有很奇怪的问题, 现象是机器启动卡住, /etc/rc.d/rc.local 不执行, 60 | # 原因待解, 把 安装 kvm 命令放在 post_config_kvm_host.sh 就没问题. 61 | #yum -y install qemu-kvm qemu-kvm-tools python-virtinst qemu-img libvirt bridge-utils guestfish 62 | echo "wget -q -O- ${script_url}/post_config_kvm_host.sh |bash &>>/tmp/.post_config_kvm_host.log ;sed -i '/post_config_kvm_host.sh/d' /etc/rc.d/rc.local" >>/etc/rc.d/rc.local 63 | 64 | elif [[ "$install_type" == "docker_host" ]] 65 | then 66 | # Create Logical Volumes for Docker 67 | lvcreate -y -n docker -l 100%VG docker 68 | mkfs.btrfs /dev/docker/docker 69 | echo '/dev/docker/docker /var/lib/docker btrfs defaults 0 2' >>/etc/fstab 70 | 71 | yum -y install docker-engine 72 | systemctl enable docker 73 | 74 | ## Disable SELinux feature and enforce insecure registry 75 | ## Disable Red Hat registry and Docker.io registry, enable private registry 76 | echo "SELINUX=disabled 77 | SELINUXTYPE=targeted" > /etc/selinux/config 78 | 79 | echo "ADD_REGISTRY='--add-registry hub.internal.DOMAIN.COM' 80 | BLOCK_REGISTRY='' 81 | OPTIONS='--selinux-enabled --log-driver=journald --insecure-registry hub.internal.DOMAIN.COM --debug=true -H unix:///var/run/docker.sock'" > /etc/sysconfig/docker 82 | 83 | mkdir -p /etc/systemd/system/docker.service.d 84 | echo '[Service] 85 | EnvironmentFile=-/etc/sysconfig/docker 86 | EnvironmentFile=-/etc/sysconfig/docker-storage 87 | EnvironmentFile=-/etc/sysconfig/docker-network 88 | ExecStart= 89 | ExecStart=/usr/bin/dockerd $OPTIONS \ 90 | $DOCKER_STORAGE_OPTIONS \ 91 | $DOCKER_NETWORK_OPTIONS \ 92 | $BLOCK_REGISTRY \ 93 | $INSECURE_REGISTRY' > /etc/systemd/system/docker.service.d/docker.conf 94 | 95 | yum -y install td-agent 96 | systemctl enable td-agent 97 | td-agent-gem install --http-proxy http://sa-monitor-proxy-ct0.db01:8080 fluent-plugin-forest fluent-plugin-rewrite-tag-filter fluent-plugin-record-reformer 98 | fi 99 | 100 | 101 | # 物理机装机之后执行自定义脚本, 虚拟机不在此 102 | if [[ "$install_type" != "kvm_guest" ]] 103 | then 104 | wget "http://wdstack.internal.DOMAIN.COM/script/gen_user_data.sh" -O /root/gen_user_data.sh 105 | echo "sh /root/gen_user_data.sh &>>/root/gen_user_data.log" >>/etc/rc.d/rc.local 106 | fi 107 | -------------------------------------------------------------------------------- /script/config_common.py: -------------------------------------------------------------------------------- 1 | #!/bin/env python 2 | # -*- coding: utf-8 -*- 3 | 4 | """ 物理机装机阶段的初始化脚本. 5 | 6 | """ 7 | 8 | import json 9 | import subprocess 10 | import sys 11 | import logging 12 | 13 | from assetapi import apply_hostname_ip 14 | from wdstackapi import get_idc_usage, set_hostname_ip 15 | 16 | 17 | logging.basicConfig( 18 | level=logging.DEBUG, stream=sys.stdout, format='%(message)s') 19 | 20 | 21 | PUPPET_CA_HOST = "puppetca.corp.DOMAIN.COM:8140" 22 | 23 | 24 | def shell(cmd, exception=True, strip=False): 25 | process = subprocess.Popen(args = cmd, 26 | stdout = subprocess.PIPE, stderr = subprocess.PIPE, 27 | shell = True) 28 | std_out, std_err = process.communicate() 29 | return_code = process.poll() 30 | 31 | if return_code == 0: 32 | logging.info("cmd:{cmd}, stdout:{std_out}".format(cmd=cmd, std_out=std_out)) 33 | else: 34 | message = "cmd:{cmd}, std_err:{std_err}".format(cmd=cmd, std_err=std_err) 35 | logging.warning(message) 36 | if exception: 37 | raise Exception(message) 38 | else: 39 | return 40 | if strip: 41 | return std_out.strip() 42 | else: 43 | return std_out 44 | 45 | 46 | def main(): 47 | # 获取到内网 ip, network 和网关. 48 | ip_cmd = r"ip a | grep -Po 'inet 10\.\d+\.\d+\.\d+' | awk '{print $2}'" 49 | ip = shell(ip_cmd, strip=True) 50 | netmask = "255.255.255.0" 51 | network = ".".join(ip.split(".")[:-1]) + ".0/24" 52 | gateway = ".".join(ip.split(".")[:-1]) + ".1" 53 | logging.info([ip, netmask, network, gateway]) 54 | 55 | # 获取 sn. 56 | sn_cmd = "/usr/sbin/dmidecode -s system-serial-number" 57 | sn = shell(sn_cmd, strip=True) 58 | logging.info(sn) 59 | 60 | # 首选去物理装机系统拿到 sn 的 idc 和 usage, 以此到资产请求可用的 hostname. 61 | data = get_idc_usage(sn) 62 | idc = data["idc"] 63 | usage = data["usage"] 64 | logging.info([idc, usage]) 65 | 66 | # 去资产请求 hostname 和 ip. 67 | import re 68 | if re.match("vmh", usage) is None: 69 | _type = "raw" 70 | else: 71 | _type = "kvm" 72 | hostname, ip = apply_hostname_ip(sn, _type, usage, idc, network) 73 | logging.info([hostname, ip]) 74 | 75 | # 把获取到 hostname, ip, post 到装机系统, 以便装机系统统一处理. 76 | set_hostname_ip(sn, hostname, ip) 77 | 78 | # 配置 hostname. 79 | cmds = [ 80 | "echo %s > /etc/hostname" % hostname, 81 | "sed -i '/HOSTNAME/s/.*/HOSTNAME=%s/g' /etc/sysconfig/network" % hostname, 82 | "hostname -F /etc/hostname" 83 | ] 84 | map(shell, cmds) 85 | 86 | # 配置网关. 87 | # 这里有一个坑, 在装 kvm_host 的情况下, 重启之后会把内网 ip 88 | # 配置在 br2 上面, route-em2 需要改成 route-br2, 否则 kvm_host 89 | # 网关有问题, 导致装机失败. 90 | with open("/etc/sysconfig/network-scripts/route-em2", 'w') as f: 91 | f.write("192.168.0.0/16 via %s\n" % gateway) 92 | f.write("10.0.0.0/8 via %s\n" % gateway) 93 | f.write("100.64.0.0/16 via %s\n" % gateway) 94 | f.write("0.0.0.0/0 via %s\n" % gateway) 95 | 96 | # 开机之后配置内网IP,DNS和Puppet 97 | cmd = r""" 98 | cat > post_nic_setup.sh << EOF 99 | #/bin/bash 100 | 101 | sed -i "/post_nic_setup.sh/d" /etc/rc.d/rc.local 102 | 103 | echo "DEVICE=em2 104 | BOOTPROTO=static 105 | IPADDR=%s 106 | NETMASK=%s 107 | ONBOOT=yes 108 | TYPE=Ethernet" > /etc/sysconfig/network-scripts/ifcfg-em2 109 | service network restart || systemctl restart network.service 110 | 111 | EOF 112 | echo "cd /tmp/install && sh -x post_nic_setup.sh &>/tmp/post_nic_setup.log " >>/etc/rc.d/rc.local 113 | 114 | echo "yum -y install puppet ; /usr/bin/puppet agent --onetime --no-daemonize --server=puppetlb.corp.DOMAIN.COM --ca_server=puppetca.corp.DOMAIN.COM --debug &>/tmp/post-puppet.log ; sed -i '/puppet/d' /etc/rc.d/rc.local && /bin/rm -rf /tmp/install " >>/etc/rc.d/rc.local 115 | """ % (ip, netmask) 116 | shell(cmd) 117 | 118 | 119 | if __name__ == '__main__': 120 | main() 121 | -------------------------------------------------------------------------------- /script/kernel_conf.py: -------------------------------------------------------------------------------- 1 | #!/usr/bin/env python 2 | # -*- coding: utf-8 -*- 3 | 4 | 5 | import subprocess 6 | 7 | 8 | def shell(cmd): 9 | """ 执行命令. 10 | 11 | """ 12 | process = subprocess.Popen( 13 | args=cmd, stdout=subprocess.PIPE, stderr=subprocess.PIPE, shell=True) 14 | std_out, std_err = process.communicate() 15 | return_code = process.poll() 16 | return return_code, std_out, std_err 17 | 18 | 19 | def kernel_conf(key, value, oper): 20 | """ 根据条件修改内核参数. 21 | 22 | key 是内核选项; 23 | value 是内核选项的值; 24 | oper 是操作方式. 25 | 26 | 如果 oper 是 equal 时, 当前系统 key 的值不等于 value 时, 则修改成 value 27 | 如果 oper 是 less 时, 当前系统 key 的值小于 value 时, 则修改成 value 28 | 如果 oper 是 great 时, 当前系统 key 的值大于 value 时, 则修改成 value 29 | 30 | """ 31 | cmd = """sysctl %s |awk -F "=" '{print $NF}'""" % key 32 | rc, so, se = shell(cmd) 33 | curr_value = so.strip() 34 | if oper == "equal": 35 | if curr_value != str(value): 36 | cmd = "sysctl -w %s=%s" % (key, value) 37 | rc, so, se = shell(cmd) 38 | return so 39 | elif oper == "less": 40 | if int(curr_value) < value: 41 | cmd = "sysctl -w %s=%s" % (key, value) 42 | rc, so, se = shell(cmd) 43 | return so 44 | elif oper == "great": 45 | if int(curr_value) > value: 46 | cmd = "sysctl -w %s=%s" % (key, value) 47 | rc, so, se = shell(cmd) 48 | return so 49 | 50 | 51 | def main(): 52 | equal_dict = { 53 | "vm.swappiness": 0, 54 | "net.ipv4.tcp_tw_reuse": 1, 55 | "net.ipv4.tcp_tw_recycle": 0, 56 | "net.ipv4.conf.default.rp_filter": 1, 57 | "net.ipv4.tcp_syncookies": 1, 58 | "kernel.sysrq": 0, 59 | "kernel.msgmnb": 65536, 60 | "kernel.msgmax": 65536, 61 | "kernel.shmmax": 68719476736, 62 | "kernel.shmall": 4294967296, 63 | "kernel.panic": 60, 64 | "net.ipv4.icmp_echo_ignore_broadcasts": 1, 65 | "net.ipv4.icmp_ignore_bogus_error_responses": 1, 66 | "net.ipv4.conf.all.accept_redirects": 0, 67 | "net.ipv4.conf.all.rp_filter": 0, 68 | "net.ipv4.conf.all.log_martians": 1, 69 | "net.ipv4.conf.all.arp_announce": 2, 70 | "net.ipv4.conf.all.arp_ignore": 1, 71 | "net.ipv4.tcp_timestamps": 0, 72 | "net.ipv4.tcp_synack_retries": 2, 73 | "net.ipv4.tcp_syn_retries": 2, 74 | "net.ipv4.tcp_fin_timeout": 30, 75 | "net.ipv4.tcp_keepalive_time": 600, 76 | "net.ipv4.tcp_keepalive_intvl": 15, 77 | "net.ipv4.tcp_keepalive_probes": 5, 78 | } 79 | 80 | less_dict = { 81 | "net.ipv4.tcp_max_syn_backlog": 65536, 82 | "net.core.netdev_max_backlog": 32768, 83 | "net.core.somaxconn": 32768, 84 | "net.ipv4.tcp_max_orphans": 3276800, 85 | "net.ipv4.tcp_max_tw_buckets": 524288, 86 | "fs.file-max": 1024000 87 | } 88 | 89 | for equal in equal_dict: 90 | print kernel_conf(equal, equal_dict[equal], "equal") 91 | 92 | for less in less_dict: 93 | print kernel_conf(less, less_dict[less], "less") 94 | 95 | # 对 net.ipv4.tcp_mem 特殊处理. 96 | cmd = """sysctl net.ipv4.tcp_mem |awk -F "=" '{print $NF}' |\ 97 | awk '{print $1" "$2" "$3}'""" 98 | rc, so, se = shell(cmd) 99 | if so.strip() != "94500000 915000000 927000000": 100 | cmd="""sysctl -w net.ipv4.tcp_mem='94500000 915000000 927000000'""" 101 | rc, so, se = shell(cmd) 102 | print so 103 | 104 | # 对 net.ipv4.ip_local_port_range 特殊处理. 105 | cmd = """sysctl net.ipv4.ip_local_port_range |awk -F "=" '{print $NF}' |\ 106 | awk '{print $1}'""" 107 | rc, so, se = shell(cmd) 108 | if int(so.strip()) > 10000: 109 | cmd="""sysctl -w net.ipv4.ip_local_port_range='10000 65535'""" 110 | rc, so, se = shell(cmd) 111 | print so 112 | 113 | 114 | if __name__ == '__main__': 115 | main() 116 | --------------------------------------------------------------------------------