Re: [CentOS-virt] Suggestions to improve this minimal kickstart config for CentOS 6?
On Tue, 2011-07-19 at 12:36 -0400, Kartik Subbarao wrote: I've come up with the following kickstart config (see below) for deploying a minimal CentOS 6 VM. It takes about 460MB. I'm assuming that all of the -firmware RPMs aren't needed for a VM installation, so I removed them. Also removed as many selinux packages as possible since I don't need that. I was wondering whether anyone could offer any further suggestions on minimizing the disk usage of the VM image. ... ... rootpw admin123 I use the --iscrypted option so people can't easily see my default root password. An easy method of viewing the command is looking at /root/anaconda-ks.cfg (at least it was in 5) after install. For setting unique initial root passwords, there is a method for creating it on the command line. ... # Repositories url --url=http://mirrors.kernel.org/centos/6.0/os/x86_64/; Shouldn't we encourage the creation of a local mirror? Installs are much faster. Also, with local mirrors, you can snapshot the repo. This allows for testing updates before pushing them to your live servers. ... I create ks files for many of my CentOS and CentOS derived (Elastix) boxes. Backups take less space when you only save data. Routers are great for this as they rarely change (except possibly for firewall rules). With PXE boot, I can rebuild a router in 10 minutes. Also handy if the router hardware fails (I'm using old PCs). An on-site user without any Linux knowledge can install a replacement router (or re-install an existing router if it is suspected to be compromised) in little time. As long as the ks file is used as the master configuration where changes are made and the router re-installed to make them active, you don't get into a position where a change is lost if the hardware fails. ___ CentOS-virt mailing list CentOS-virt@centos.org http://lists.centos.org/mailman/listinfo/centos-virt
Re: [CentOS-virt] Suggestions to improve this minimal kickstart config for CentOS 6?
On 07/22/2011 07:01 PM, Kartik Subbarao wrote: On 07/21/2011 09:51 AM, Manuel Wolfshant wrote: http://wiki.centos.org/TipsAndTricks/KickStart Does anyone on this list have write access to that Wiki page? Since it's the #1 google search result for centos kickstart, it'd be ideal to have it linked from there. Enjoy. Thanks Manuel, I'm sure this will be of help to many folks!! One suggestion -- when I deployed the ks-minimalC6.cfg, there were still some -firmware packages that got installed and were not removed by the kickstart process. I noticed that you explicitly remove various firmware packages by name with the '-' notation. Another approach would be to remove them all programmatically in a %post section, like this: %post rpm -e $(rpm -qa | grep -i \\-firmware | grep -v kernel-firmware) And by the way, the above can rewritten in a shorter form: rpm -e $( rpm -qa \*firmware | grep -v kernel) rpm -qa will enumerate all packages but in fact you want only the firmware ones. So you run an useless grep to filter them when in fact rpm can do that for you in the first place. ___ CentOS-virt mailing list CentOS-virt@centos.org http://lists.centos.org/mailman/listinfo/centos-virt
Re: [CentOS-virt] Suggestions to improve this minimal kickstart config for CentOS 6?
As of ks file size: who cares ? You create it once and use it as many times as needed. An extra dozen or hundreds of bytes / couple of lines are not significant in this context That wasn't my point :-) I guess I could have said simpler rather than smaller to make my point clearer. The less stuff that has to be manually specified in the file, the less work needed from a maintenance point of view. Also, it's simpler from a conceptual standpoint to see what's happening. Ah, I am sorry, I misunderstood you. Yes, you are absolutely correct: the smaller the number of directives in the file, the simpler to maintain. ___ CentOS-virt mailing list CentOS-virt@centos.org http://lists.centos.org/mailman/listinfo/centos-virt
Re: [CentOS-virt] Suggestions to improve this minimal kickstart config for CentOS 6?
On 07/22/2011 02:16 PM, Manuel Wolfshant wrote: %post rpm -e $(rpm -qa | grep -i \\-firmware | grep -v kernel-firmware) And by the way, the above can rewritten in a shorter form: rpm -e $( rpm -qa \*firmware | grep -v kernel) rpm -qa will enumerate all packages but in fact you want only the firmware ones. So you run an useless grep to filter them when in fact rpm can do that for you in the first place. Cool, thanks for reminding me about that feature of rpm -qa. -Kartik ___ CentOS-virt mailing list CentOS-virt@centos.org http://lists.centos.org/mailman/listinfo/centos-virt
Re: [CentOS-virt] Suggestions to improve this minimal kickstart config for CentOS 6?
On 07/20/2011 01:50 PM, Manuel Wolfshant wrote: On 07/20/2011 02:37 PM, Dennis Jacobfeuerborn wrote: Oh, I believe you I'm just puzzled why I need the package and you don't. Can you post an rpm -qa|sort of the final Package list you have in the installed System? Regards, Dennis Already done that in my first mail. http://lists.centos.org/pipermail/centos-virt/attachments/20110720/c78c2c2d/attachment.txt Sorry, I only saw the kickstart file but didn't notice that there was a package list attached as well. Anyway it seems I need the system-config-firewall-base package because I create a live image that I boot directly. After doing a regular install with the same kickstart I can login normally even without that package. Still no clue though why that would make a difference or what that particular package has to do with logins. Regards, Dennis ___ CentOS-virt mailing list CentOS-virt@centos.org http://lists.centos.org/mailman/listinfo/centos-virt
Re: [CentOS-virt] Suggestions to improve this minimal kickstart config for CentOS 6?
On 07/21/2011 01:43 PM, Dennis Jacobfeuerborn wrote: On 07/20/2011 01:50 PM, Manuel Wolfshant wrote: On 07/20/2011 02:37 PM, Dennis Jacobfeuerborn wrote: Oh, I believe you I'm just puzzled why I need the package and you don't. Can you post an rpm -qa|sort of the final Package list you have in the installed System? Regards, Dennis Already done that in my first mail. http://lists.centos.org/pipermail/centos-virt/attachments/20110720/c78c2c2d/attachment.txt Sorry, I only saw the kickstart file but didn't notice that there was a package list attached as well. Anyway it seems I need the system-config-firewall-base package because I create a live image that I boot directly. After doing a regular install with the same kickstart I can login normally even without that package. Still no clue though why that would make a difference or what that particular package has to do with logins. Regards, Dennis You are 100% correct. Today I added back the package to the list. I noticed that logins continue to work after the package is removed but not after reboot. Go figure. Especially as I see nothing obvious in a rpm -ql I'll leave it in for now and revisit, time permitting. Manuel ___ CentOS-virt mailing list CentOS-virt@centos.org http://lists.centos.org/mailman/listinfo/centos-virt
Re: [CentOS-virt] Suggestions to improve this minimal kickstart config for CentOS 6?
On 07/20/2011 09:59 PM, Manuel Wolfshant wrote: For what is worth, my minimal kickstart is now available as ks-minimalC6 at https://nazar.karan.org/cgit/bluecain/tree/ This is a nice collection of kickstart files!! Is there any way we could get a link to bluecain added on the CentOS Wiki: http://wiki.centos.org/TipsAndTricks/KickStart Does anyone on this list have write access to that Wiki page? Since it's the #1 google search result for centos kickstart, it'd be ideal to have it linked from there. -Kartik ___ CentOS-virt mailing list CentOS-virt@centos.org http://lists.centos.org/mailman/listinfo/centos-virt
Re: [CentOS-virt] Suggestions to improve this minimal kickstart config for CentOS 6?
On 07/20/2011 04:48 PM, Kartik Subbarao wrote: On 07/19/2011 05:36 PM, Manuel Wolfshant wrote: Try the attached ks. It installs around 180 packages. libselinux-utils is in because I find it mandatory to be able to modify the selinux configuration of an existing system. Thanks for the info. I created a VM with this config and it took up about 512MB of disk space, which is higher than the kickstart file that I posted (about 460MB). you removed selinux and also used rpm -e --nodeps which I would never promote (even if I also use on occasions). ditch from my list the packages which install firmware and you'll end up at roughly the same size as yours. anyway my target was never minimal space on disk (today even CFs and SSD are several times larger than what the ks installs ) but minimal number of packages while still maintaining out of the box all the proper functionality ( or at least my vision on it), including for servers with real storage behind them ( brocade, etc ). and I emphasize again: including selinux tools. I'm running x86_64 so I'll probably see different sizes than your system which appears to be i686. my ks works on both, just adjust the repository used for install In any event, thanks for taking the time to post your kickstart file. It helps me validate that what I have is reasonably minimal, that I'm probably not missing any major sources of size reductions. welcome ___ CentOS-virt mailing list CentOS-virt@centos.org http://lists.centos.org/mailman/listinfo/centos-virt
Re: [CentOS-virt] Suggestions to improve this minimal kickstart config for CentOS 6?
For what it's worth here are a few more tools that I include due to fairly minimal impact, but are assumed by many 3rd party scripts for example: rsync unzip wget And personally I like these for local setup though they add a big more space: ntp elinks lsof nmap denyhosts yum-utils autofs nfs-utils nss_db nss-pam-ldapd nss-tools openldap-clients pam_ldap ___ CentOS-virt mailing list CentOS-virt@centos.org http://lists.centos.org/mailman/listinfo/centos-virt
Re: [CentOS-virt] Suggestions to improve this minimal kickstart config for CentOS 6?
On 07/21/2011 02:36 AM, JDF. Franklin wrote: For what it's worth here are a few more tools that I include due to fairly minimal impact, but are assumed by many 3rd party scripts for example: rsync unzip wget And personally I like these for local setup though they add a big more space: ntp elinks lsof nmap denyhosts yum-utils autofs nfs-utils nss_db nss-pam-ldapd nss-tools openldap-clients pam_ldap Thank you for your suggestions. I want to keep the minimal image really minimal so I am not going to add to it anything but hardware drivers. On the other hand, I will keep your list handy and adjust accordingly (if space allows ) the content of the Light Weight Server CD ( which is still under work) For what is worth, my minimal kickstart is now available as ks-minimalC6 at https://nazar.karan.org/cgit/bluecain/tree/ manuel ___ CentOS-virt mailing list CentOS-virt@centos.org http://lists.centos.org/mailman/listinfo/centos-virt
Re: [CentOS-virt] Suggestions to improve this minimal kickstart config for CentOS 6?
On 07/19/2011 12:36 PM, Kartik Subbarao wrote: rpm -e $(rpm -qa |grep -i firmware) This should be changed to: rpm -e $(rpm -qa | grep -i firmware | grep -v kernel-firmware) Since apparently kernel depends on kernel-firmware. -Kartik ___ CentOS-virt mailing list CentOS-virt@centos.org http://lists.centos.org/mailman/listinfo/centos-virt
Re: [CentOS-virt] Suggestions to improve this minimal kickstart config for CentOS 6?
On 07/20/2011 12:15 AM, Kartik Subbarao wrote: On 07/19/2011 12:36 PM, Kartik Subbarao wrote: rpm -e $(rpm -qa |grep -i firmware) This should be changed to: rpm -e $(rpm -qa | grep -i firmware | grep -v kernel-firmware) Since apparently kernel depends on kernel-firmware. Try the attached ks. It installs around 180 packages. libselinux-utils is in because I find it mandatory to be able to modify the selinux configuration of an existing system. There are a few packages left which can be removed if you insist: - the firmware packages if you do not use that specific hardware ( atmel, brocade, qlogic ). - yum-presto if you prefer to always download full rpm packages instead of deltas - which, acl, attr install text reboot #cdrom url --url http://wolfy/centos/os/x86_64/ lang en_US.UTF-8 keyboard us skipx network --device eth0 --bootproto dhcp rootpw --iscrypted $PUTYOURENCRYPTEDPASSWORDHERE firewall --enabled selinux --enforcing authconfig --enableshadow --enablemd5 timezone Europe/Amsterdam bootloader --location=mbr # The following is the partition information you requested # Note that any partitions you deleted are not expressed # here so unless you clear all partitions first, this is # not guaranteed to work clearpart --all --initlabel part /boot --fstype ext3 --size=250 part pv.2 --size=5000 --grow volgroup VolGroup00 --pesize=32768 pv.2 logvol / --fstype ext4 --name=LogVol00 --vgname=VolGroup00 --size=1024 --grow logvol swap --fstype swap --name=LogVol01 --vgname=VolGroup00 --size=256 --grow --maxsize=512 repo --name=updates --baseurl=http://PATHTOAVALIDREPO %packages --nobase --excludedocs coreutils yum rpm e2fsprogs lvm2 grub openssh-server openssh-clients dhclient yum-presto -atmel-firmware-1.3-7.el6.noarch -b43-openfwwf-5.2-4.el6.noarch -cronie-1.4.4-2.el6.i686 -cronie-anacron-1.4.4-2.el6.i686 -crontabs-1.10-32.1.el6.noarch -ipw2100-firmware-1.3-11.el6.noarch -ipw2200-firmware-3.1-4.el6.noarch -ivtv-firmware-20080701-20.2.noarch -iwl1000-firmware-128.50.3.1-1.1.el6.noarch -iwl3945-firmware-15.32.2.9-4.el6.noarch -iwl4965-firmware-228.61.2.24-2.1.el6.noarch -iwl5000-firmware-8.24.2.12-3.el6.noarch -iwl5150-firmware-8.24.2.2-1.el6.noarch -iwl6000-firmware-9.176.4.1-2.el6.noarch -iwl6050-firmware-9.201.4.1-2.el6.noarch -libertas-usb8388-firmware-5.110.22.p23-3.1.el6.noarch -xorg-x11-drv-ati-firmware -mysql-libs-5.1.47-4.el6.i686 -postfix-2.6.6-2.el6.i686 -rt61pci-firmware-1.2-7.el6.noarch -rt73usb-firmware-1.8-7.el6.noarch -sudo-1.7.2p2-9.el6.i686 -sysstat-9.0.4-11.el6.i686 -yum-utils-1.1.26-11.el6.noarch -zd1211-firmware-1.4-4.el6.noarch -info -system-config-firewall-base %end %post %end acl-2.2.49-4.el6.i686 aic94xx-firmware-30-2.el6.noarch atmel-firmware-1.3-7.el6.noarch attr-2.4.44-4.el6.i686 audit-2.0.4-1.el6.i686 audit-libs-2.0.4-1.el6.i686 authconfig-6.1.4-6.el6.i686 basesystem-10.0-4.el6.noarch bash-4.1.2-3.el6.i686 bfa-firmware-2.1.2.1-2.el6.noarch binutils-2.20.51.0.2-5.11.el6.i686 bzip2-1.0.5-6.1.el6.i686 bzip2-libs-1.0.5-6.1.el6.i686 ca-certificates-2010.63-3.el6.noarch centos-release-6-0.el6.centos.2.i686 checkpolicy-2.0.22-1.el6.i686 chkconfig-1.3.47-1.el6.i686 coreutils-8.4-9.el6.i686 coreutils-libs-8.4-9.el6.i686 cpio-2.10-9.el6.i686 cracklib-2.8.16-2.el6.i686 cracklib-dicts-2.8.16-2.el6.i686 curl-7.19.7-16.el6.i686 cyrus-sasl-lib-2.1.23-8.el6.i686 dash-0.5.5.1-3.1.el6.i686 db4-4.7.25-16.el6.i686 db4-utils-4.7.25-16.el6.i686 dbus-glib-0.86-5.el6.i686 dbus-libs-1.2.24-3.el6.i686 device-mapper-1.02.53-8.el6.i686 device-mapper-event-1.02.53-8.el6.i686 device-mapper-event-libs-1.02.53-8.el6.i686 device-mapper-libs-1.02.53-8.el6.i686 dhclient-4.1.1-12.P1.el6.i686 diffutils-2.8.1-28.el6.i686 dracut-004-32.el6.noarch dracut-kernel-004-32.el6.noarch e2fsprogs-1.41.12-3.el6.i686 e2fsprogs-libs-1.41.12-3.el6.i686 efibootmgr-0.5.4-8.el6.i686 elfutils-libelf-0.148-1.el6.i686 ethtool-2.6.33-0.3.el6.i686 expat-2.0.1-9.1.el6.i686 file-libs-5.04-5.el6.i686 filesystem-2.4.30-2.1.el6.i686 findutils-4.4.2-6.el6.i686 fipscheck-1.2.0-4.1.el6.i686 fipscheck-lib-1.2.0-4.1.el6.i686 gamin-0.1.10-9.el6.i686 gawk-3.1.7-6.el6.i686 gdbm-1.8.0-36.el6.i686 glib2-2.22.5-5.el6.i686 glibc-2.12-1.7.el6.i686 glibc-common-2.12-1.7.el6.i686 gmp-4.3.1-7.el6.i686 gnupg2-2.0.14-4.el6.i686 gpgme-1.1.8-3.el6.i686 grep-2.6.3-2.el6.i686 grub-0.97-68.el6.i686 grubby-7.0.15-2.el6.i686 gzip-1.3.12-18.el6.i686 hwdata-0.233-1.el6.noarch info-4.13a-8.el6.i686 initscripts-9.03.17-1.el6.centos.i686 iproute-2.6.32-10.el6.i686 iptables-1.4.7-3.el6.i686 iptables-ipv6-1.4.7-3.el6.i686 iputils-20071127-13.el6.i686 kbd-1.15-11.el6.i686 kbd-misc-1.15-11.el6.noarch kernel-2.6.32-71.el6.i686 kernel-firmware-2.6.32-71.el6.noarch keyutils-libs-1.4-1.el6.i686 krb5-libs-1.8.2-3.el6.i686 less-436-4.el6.i686 libacl-2.2.49-4.el6.i686 libattr-2.4.44-4.el6.i686 libblkid-2.17.2-6.el6.i686 libcap-2.16-5.2.el6.i686 libcap-ng-0.6.4-3.el6.i686 libcgroup-0.36.1-6.el6.i686 libcom_err-1.41.12-3.el6.i686 libcurl-7.19.7-16.el6.i686
Re: [CentOS-virt] Suggestions to improve this minimal kickstart config for CentOS 6?
On 07/19/2011 11:36 PM, Manuel Wolfshant wrote: On 07/20/2011 12:15 AM, Kartik Subbarao wrote: On 07/19/2011 12:36 PM, Kartik Subbarao wrote: rpm -e $(rpm -qa |grep -i firmware) This should be changed to: rpm -e $(rpm -qa | grep -i firmware | grep -v kernel-firmware) Since apparently kernel depends on kernel-firmware. Try the attached ks. It installs around 180 packages. libselinux-utils is in because I find it mandatory to be able to modify the selinux configuration of an existing system. There are a few packages left which can be removed if you insist: - the firmware packages if you do not use that specific hardware ( atmel, brocade, qlogic ). - yum-presto if you prefer to always download full rpm packages instead of deltas - which, acl, attr Interesting. I'm also experimenting with a minimal kickstart and without the system-config-firewall-base package I can no longer login. Apparently the login succeeds but I immediately get thrown back to the login prompt. As soon as I add that package everything is fine again. Regards, Dennis ___ CentOS-virt mailing list CentOS-virt@centos.org http://lists.centos.org/mailman/listinfo/centos-virt