RHEL/CentOS 7: How to Create a Kickstart File

0
57

A kickstart file is essentially a file containing all the necessary answers to questions that are asked during a typical install. It was created by Red Hat in response to the need for automated installs. Using kickstart, an admin can create one file or template containing all the instructions.

There are three ways to create a kickstart file:

  • By hand
  • Using the GUI’s system-config-kickstart tool
  • Using the standard Red Hat installation program Anaconda

In this post, I will cover a combination of the first two.

Before we can get down to the nitty-gritty of generating our base kickstart file or template, we need to install system-config-kickstart. Run the following command:

~# yum install -y system-config-kickstart

First, let’s create a base template for our kickstart file(s) through the following steps:

  1. First, launch Kickstart Configurator from the menu.
  2. Select your system’s basic configuration from the Kickstart Configurator GUI.

The following screenshot shows the options you can set in the Basic Configuration view:

creating-kickstart-file-1

     3.Now, select the installation method from the Kickstart Configurator GUI.

The following screenshot shows the options that you can set in the Installation method view:

creating-kickstart-file-2

     4.Next, substitute the values for HTTP Server and HTTP Directory with your own repositories.

     5.Ensure that the correct settings are applied for Boot Loader.

The following screenshot shows the options that you can set in the Boot Loader options view:

creating-kickstart-file-3

     6.Configure your disk and partition information. Simply create a /boot partition and be done with it! We’ll edit the file manually for better     customization.

The following screenshot shows the options you can set in the Partition Information view:

creating-kickstart-file-4

     7.Configure your network. You need to know the name of your device if you want to correctly configure your network.

The following screenshot shows the Network Device information that you can edit in the Network Configuration view:

creating-kickstart-file-5

     8.Now, disable Installing a graphical environment.

We want as few packages as possible. The following screenshot shows the options that you can set in the Display Configuration view:

creating-kickstart-file-6

     9.Next, perform any preinstallation and/or postinstallation tasks you deem necessary. I always try to make root accessible through SSH and keys.

The following screenshot shows the options that you can set in the Post-Installation Script view:

creating-kickstart-file-7

     10.Save the kickstart file.

     11.Open the file using your favorite editor and add the following to your partition section:

    part pv.01 --size=1 --ondisk=sda --grow
    volgroup vg1 pv.01
    logvol / --vgname=vg1 --size=2048 --name=root
    logvol /usr --vgname=vg1 --size=2048 --name=usr
    logvol /var --vgname=vg1 --size=2048 --name=var
    logvol /var/log --vgname=vg1 --size=1024 --name=var
    logvol /home --vgname=vg1 --size=512 --name=home
    logvol swap --vgname=vg1 --recommended --name=swap –fstype=swap

12.Now, add the following script to your network line:

    --hostname=rhel7

13.Add the following script before %post:

    %packages –nobase
    @core --nodefaults
    %end

14.Create a password hash for use in the next step, as follows:

    ~]# openssl passwd -1 "MySuperSecretRootPassword"
    $1$mecIlXKN$6VRdaRkevjw9nngcMtRlO.

15.Save the resulting file. You should have something similar to this:

#platform=x86, AMD64, or Intel EM64T
#version=DEVEL
# Install OS instead of upgrade
install
# Keyboard layouts
keyboard 'be-latin1'
# Halt after installation
halt
# Root password
rootpw --iscrypted $1$mecIlXKN$6VRdaRkevjw9nngcMtRlO.
# System timezone
timezone Europe/Brussels
# Use network installation
url –url="http://repo.example.com/rhel/7/os/x86_64/"
# System language
lang en_US
# Firewall configuration
firewall --disabled
# Network information
network  --bootproto=static --device=eno1 --gateway=192.168.0.254 --ip=192.168.0.1 --nameserver=192.168.0.253 --netmask=255.255.255.0 --hostname=rhel7# System authorization information
auth  --useshadow  --passalgo=sha512
# Use text mode install
text
# SELinux configuration
selinux --enforcing
# Do not configure the X Window System
skipx
# System bootloader configuration
bootloader --location=none
# Clear the Master Boot Record
zerombr
# Partition clearing information
clearpart --all --initlabel
# Disk partitioning information
part /boot --fstype="xfs" --ondisk=sda --size=512
part pv.01 --size=1 --ondisk=sda --grow
volgroup vg1 pv.01
logvol / --vgname=vg1 --size=2048 --name=root --fstype=xfs
logvol /usr --vgname=vg1 --size=2048 --name=usr --fstype=xfs
logvol /var --vgname=vg1 --size=2048 --name=var --fstype=xfs
logvol /var/log --vgname=vg1 --size=1024 --name=var --fstype=xfs
logvol /home --vgname=vg1 --size=512 --name=home --fstype=xfs
logvol swap --vgname=vg1 --recommended --name=swap --fstype=swap

%packages --nobase
@core --nodefaults
%end

%post
mkdir -p ~/.ssh
chmod 700 ~/.ssh
# Let's download my authorized keyfile from my key server...
curl -O ~/.ssh/authrorized_keys https://keys.example.com/authorized_keys
chmod 600 ~/.ssh/authrorized_keys
%end

The system-config-kickstart is used to generate a minimal install as any addition would be more complex than the tool can handle and we need to be able to add them manually/dynamically afterwards. The fewer the number of packages the better as you’ll need to apply bug and security fixes for every package installed.

Although the GUI allows us to configure the brunt of the options we need, I prefer tweaking some portions of them manually as they are not as straightforward through the GUI.

Step 9 adds the necessary information to use the rest of the disk as an LVM physical volume and partitions it so that big filesystems can easily be extended if necessary.

The --recommended argument for the SWAP partition creates a swap partition as per the swap size recommendations set by Red Hat.

Step 10 adds a hostname for your host. If you do not specify this, the system will attempt to resolve the IP address and use this hostname. If it cannot determine any hostname, it will use localhost.localdomain as fqdn.

Step 11 ensures that only the core system is installed and nothing more, so you can build from here.

If you want to know exactly which packages are installed in the core group, run the following command on an RHEL 7 system:

~# yum groupinfo core

I didn’t cover one option that I mentioned in the beginning of this post as it is automatically generated when you install a system manually. The file can be found after installation at /root/anaconda-ks.cfg. Instead of using the system-config-kickstart tool to generate a kickstart file, you can use this file to get started.

Starting with RHEL 7, kickstart deployments support add-ons. These add-ons can expand the standard kickstart installation in many ways. To use kickstart add-ons, just add the %addon addon_name option followed by %end, as with the %pre and %post sections. Anaconda comes with the kdump add-on, which you can use to install and configure kdump during the installation by providing the following section in your kickstart file:

%addon com_redhat_kdump --enable --reserve-mb=auto
%end

For more detailed information about kickstart files, refer to the website https://github.com/rhinstaller/pykickstart/blob/master/docs/kickstart-docs.rst.

For the consistent network device naming, refer to https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/7/html/Networking_Guide/ch-Consistent_Network_Device_Naming.html.

LEAVE A REPLY

Please enter your comment!
Please enter your name here