定制Centos镜像（一）

环境准备：
一台最小化安装的干净的系统，这里使用Centos7.9,一个Centos镜像，镜像也使用Centos7.9的。

[root@localhost ~]# cat /etc/system-release
CentOS Linux release 7.9.2009 (Core)
[root@localhost ~]# rpm -qa | wc -l
306
[root@localhost ~]# du -sh CentOS-7-x86_64-DVD-2009.iso
4.4G    CentOS-7-x86_64-DVD-2009.iso
[root@localhost ~]# ls
anaconda-ks.cfg  CentOS-7-x86_64-DVD-2009.iso

1. 将CentOS-7-x86_64-DVD-2009.iso挂在，并复制到新的目录中

   挂载前，确保挂在点是一个空目录

   [root@localhost ~]# mount -o loop CentOS-7-x86_64-DVD-2009.iso /mnt
   mount: /dev/loop0 is write-protected, mounting read-only
   [root@localhost ~]# cp -rp /mnt Centos-install
   [root@localhost ~]# ls
   anaconda-ks.cfg  CentOS-7-x86_64-DVD-2009.iso  Centos-install
   

2. 获取最小化安装的所有的包，清空Centos-install中Packages,repodata目录

   [root@localhost ~]# rpm -qa > install.txt
   [root@localhost ~]# rm -rf Centos-install/{Packages,repodata}/*  
   

   实验uefi引导安装会比bios安装多一些包，由于我本地环境使用的是bios安装，所以rpm -qa安装的包里面会少那些包，所以需要重新写入到 install.txt 文件中，以便把包放到 Centos-install/Packages/中
   [root@192 ~]# ls /mnt/Packages/ | egrep ‘dosfstools|efibootmgr|efivar-libs|grub2-efi-x64|mokutil|shim-x64’
   dosfstools-3.0.20-10.el7.x86_64.rpm
   efibootmgr-17-2.el7.x86_64.rpm
   efivar-libs-36-12.el7.x86_64.rpm
   grub2-efi-x64-2.02-0.86.el7.centos.x86_64.rpm
   mokutil-15-8.el7.x86_64.rpm
   shim-x64-15-8.el7.x86_64.rpm
   [root@192 ~]# echo “dosfstools-3.0.20-10.el7.x86_64
efibootmgr-17-2.el7.x86_64
efivar-libs-36-12.el7.x86_64
grub2-efi-x64-2.02-0.86.el7.centos.x86_64
mokutil-15-8.el7.x86_64
shim-x64-15-8.el7.x86_64” >> install.txt

3. 根据install.txt文件中的包，从 /mnt 复制到 Centos-install/Packages/

   安装 createrepo 工具：yum -y install createrepo -y

   [root@localhost ~]# awk '{ print $0 }' install.txt | xargs -i cp /mnt/Packages/{}.rpm Centos-install/Packages/
   [root@localhost ~]# ls Centos-install/Packages/ | wc -l
   312
   

4. 从 /mnt/repodata中将 *-comps.xml 复制到 Centos-install/repodata/comps.xml ,并重新生成软件包组信息的 Yum 软件仓库元数据。

   下载 createrepo 命令：yum -y install createrepo
   在使用 createrepo -g 如果需要指定时comps.xml文件时必须使用 绝对路径，如果comps.xml文件在当前目录下就不用指定路径。

   [root@localhost ~]# cp /mnt/repodata/*-comps.xml Centos-install/repodata/comps.xml
   [root@localhost ~]# ls Centos-install/repodata/
   comps.xml
   [root@localhost ~]# createrepo -g /root/Centos-install/repodata/comps.xml ./Centos-install
   [root@localhost ~]# ls Centos-install/repodata/
   02b45f1cc69b21bf60d81c3fa1d6d7eb5aaa199d1d5f8f3b95e0dfba03db5f4a-other.xml.gz
   0cc929b79a939ad31e0b1d149acfaec55983e818ed245826478b181469161412-primary.sqlite.bz2
   467105b47343286ebebc4d4019c162b4d8810c7479221acb162b5e53c9640b92-primary.xml.gz
   9e702e7199868a3272a66aad7784bc31693aa03931b9c470ce894bdcbaa69da1-filelists.sqlite.bz2
   a4e2b46586aa556c3b6f814dad5b16db5a669984d66b68e873586cd7c7253301-comps.xml.gz
   cca56f3cffa18f1e52302dbfcf2f0250a94c8a37acd8347ed6317cb52c8369dc-comps.xml
   d67ef1422af3b7925046da4e083b1f8a583a698b5a910ab246aefadb4a40c4ea-filelists.xml.gz
   fbeecdbfda867a1415e997673f8ed0773152d6dee49f0fc35f7eaa721e46bede-other.sqlite.bz2
   repomd.xml
   

5. 创建ks文件

   bios 和 uefi 的ks文件的区别就在与 bios 没有 efi 分区。

   5.1.1. 创建bios引导的ks文件。

   我的 root 密码是 adm@123 ，使用 openssl passwd -1 “yourpasswd” 生成你的密码
   将ks文件放到 Centos-install/isolinux ，放到哪里都可以 / 目录在 Centos-install

   [root@localhost ~]# cat  Centos-install/isolinux/bios.cfg
   #version=DEVEL
   # System authorization information
   auth --enableshadow --passalgo=sha512
   # Use CDROM installation media
   cdrom
   # Use graphical install
   graphical
   # Run the Setup Agent on first boot
   firstboot --enable
   ignoredisk --only-use=sda
   # Keyboard layouts
   keyboard --vckeymap=us --xlayouts='us'
   # System language
   lang en_US.UTF-8
   
   # Network information
   network  --bootproto=dhcp --device=ens33 --onboot=off --ipv6=auto --no-activate
   network  --hostname=localhost.localdomain
   
   # Root password
   rootpw --iscrypted $6$RtMoOaOfFr8GOMd1$hKlvaWqJD8Ch32drhZVOB2NYFl/zhSsNvj8p1Urvoi8DPpfAFejz06wZ5gKfdoPVhUFZNvOMF/MlUkEXT5L5S.
   # System services
   services --enabled="chronyd"
   # System timezone
   timezone America/New_York --isUtc
   # System bootloader configuration
   bootloader --append=" crashkernel=auto" --location=mbr --boot-drive=sda
   # Partition clearing information
   clearpart --all --drives=sda
   # Disk partitioning information
   part /boot --fstype="ext4" --ondisk=sda --size=200
   part / --fstype="xfs" --ondisk=sda --grow
   %packages
   @^minimal
   @core
   chrony
   kexec-tools
   
   %end
   
   %addon com_redhat_kdump --enable --reserve-mb='auto'
   
   %end
   
   %anaconda
   pwpolicy root --minlen=6 --minquality=1 --notstrict --nochanges --notempty
   pwpolicy user --minlen=6 --minquality=1 --notstrict --nochanges --emptyok
   pwpolicy luks --minlen=6 --minquality=1 --notstrict --nochanges --notempty
   %end
   
   firewall --disable
   selinux  --disable
   reboot
   

   5.1.2. 创建uefi引导的ks文件

   将ks文件放到 Centos-install/EFI/BOOT ，放到哪里都可以 / 目录在 Centos-install
   相比与 bios ks文件，uefi ks文件 多了一个 uefi分区 ：
   part /boot/efi --fstype="efi" --ondisk=sda --size=200 --fsoptions="umask=0077,shortname=winnt"

   [root@192 ~]# cat Centos-install/EFI/BOOT/uefi.cfg
   #version=DEVEL
   # System authorization information
   auth --enableshadow --passalgo=sha512
   # Use CDROM installation media
   cdrom
   # Use graphical install
   graphical
   # Run the Setup Agent on first boot
   firstboot --enable
   ignoredisk --only-use=sda
   # Keyboard layouts
   keyboard --vckeymap=us --xlayouts='us'
   # System language
   lang en_US.UTF-8
   
   # Network information
   network  --bootproto=dhcp --device=ens33 --onboot=off --ipv6=auto --no-activate
   network  --hostname=localhost.localdomain
   
   # Root password
   rootpw --iscrypted $6$RtMoOaOfFr8GOMd1$hKlvaWqJD8Ch32drhZVOB2NYFl/zhSsNvj8p1Urvoi8DPpfAFejz06wZ5gKfdoPVhUFZNvOMF/MlUkEXT5L5S.
   # System services
   services --enabled="chronyd"
   # System timezone
   timezone America/New_York --isUtc
   # System bootloader configuration
   bootloader --append=" crashkernel=auto" --location=mbr --boot-drive=sda
   # Partition clearing information
   clearpart --all --drives=sda
   # Disk partitioning information
   part /boot --fstype="ext4" --ondisk=sda --size=200
   part /boot/efi --fstype="efi" --ondisk=sda --size=200 --fsoptions="umask=0077,shortname=winnt"
   part / --fstype="xfs" --ondisk=sda --grow
   %packages
   @^minimal
   @core
   chrony
   kexec-tools
   
   %end
   
   %addon com_redhat_kdump --enable --reserve-mb='auto'
   
   %end
   
   %anaconda
   pwpolicy root --minlen=6 --minquality=1 --notstrict --nochanges --notempty
   pwpolicy user --minlen=6 --minquality=1 --notstrict --nochanges --emptyok
   pwpolicy luks --minlen=6 --minquality=1 --notstrict --nochanges --notempty
   %end
   
   firewall --disable
   selinux  --disable
   reboot
   

6. 修改引导文件

   显示安装 DVD 卷名称： yum -y install genisoimage
   [root@192 ~]# isoinfo -d -i CentOS-7-x86_64-DVD-2009.iso | grep “Volume id” | sed -e ‘s/Volume id: //’ -e ‘s/ /\x20/g’
   CentOS\x207\x20x86_64

   6.1. 修改bios引导文件

   [root@192 ~]# cat Centos-install/isolinux/isolinux.cfg
   default linux
   prompt 1
   timeout 3
   
   display boot.msg
   
   label linux
     menu label ^Audo install Centos7.9 system
     menu default
     kernel vmlinuz
     append initrd=initrd.img inst.stage2=hd:LABEL=CentOS\x207\x20x86_64 inst.ks=hd:LABEL=CentOS\x207\x20x86_64:/isolinux/bios.cfg  quiet
   

   6.2. 修改uefi引导文件
   [root@192 ~]# cat Centos-install/EFI/BOOT/grub.cfg

   [root@192 ~]# cat Centos-install/EFI/BOOT/grub.cfg
   set default=0
   set timeout=3
   
   echo -e "\nWelcome to the Centos 7.9 installer!\n\n"
   
   menuentry 'Auto install Centos7.9 system' {
     linuxefi  /images/pxeboot/vmlinuz inst.stage2=hd:LABEL=CentOS\x207\x20x86_64 inst.ks=hd:LABEL=CentOS\x207\x20x86_64:/EFI/BOOT/uefi.cfg  quiet
     initrdefi /images/pxeboot/initrd.img
   }
   

7. 创建自定义的iso镜像

   CentOS 7 x86_64 就是将之前的DVD 卷名称CentOS\x207\x20x86_64 将 \x20 替换为空格
   安装mkisofs：yum -y install genisoimage

   [root@192 ~]# cd Centos-install/
   [root@192 Centos-install]# mkisofs -untranslated-filenames -volid "CentOS 7 x86_64" -J -joliet-long -rational-rock -translation-table -input-charset utf-8 -b isolinux/isolinux.bin -c isolinux/boot.cat -no-emul-boot -boot-load-size 4 -boot-info-table -eltorito-alt-boot -e images/efiboot.img -no-emul-boot -o /root/Centos-build-20250127.iso -graft-points /root/Centos-install
   Warning: creating filesystem that does not conform to ISO-9660.
   Size of boot image is 4 sectors -> No emulation
   Size of boot image is 17600 sectors -> No emulation
     1.02% done, estimate finish Mon Jan 27 07:26:09 2025
     2.05% done, estimate finish Mon Jan 27 07:26:09 2025
     3.07% done, estimate finish Mon Jan 27 07:26:09 2025
     4.10% done, estimate finish Mon Jan 27 07:26:09 2025
   ... ...
   
    97.24% done, estimate finish Mon Jan 27 07:26:13 2025
    98.26% done, estimate finish Mon Jan 27 07:26:13 2025
    99.28% done, estimate finish Mon Jan 27 07:26:13 2025
   Total translation table size: 87138
   Total rockridge attributes bytes: 38415
   Total directory bytes: 71680
   Path table size(bytes): 140
   Max brk space used 6d000
   488518 extents written (954 MB)
   

8. 使用创建好的Centos-build-20250127.iso 镜像测试bios和uefi引导安装
   此处忽略自行测试。

redhat 官网自定义镜像安装手册：

https://docs.redhat.com/zh-cn/documentation/red_hat_enterprise_linux/7/html/installation_guide/sect-simple-install-kickstart#sect-simple-install-kickstart