I've come up with the following kickstart config (see below) for deploying a minimal CentOS 6 VM. It takes about 460MB. I'm assuming that all of the -firmware RPMs aren't needed for a VM installation, so I removed them. Also removed as many selinux packages as possible since I don't need that.
I was wondering whether anyone could offer any further suggestions on minimizing the disk usage of the VM image.
Also, I wanted to ask whether it might make sense to post this type of configuration to the CentOS wiki, possibly linked from the following page:
http://wiki.centos.org/TipsAndTricks/KickStart
This might make it easy for people who are building VMs for reference.
Thanks,
-Kartik
========
lang en_US.UTF-8 keyboard us timezone America/New_York auth --useshadow --passalgo=md5 selinux --disabled firewall --disabled zerombr bootloader --location=mbr network --bootproto=dhcp --device=eth0 --onboot=on services --enabled=network rootpw admin123
clearpart --all --initlabel part / --asprimary --fstype="ext3" --grow --maxsize=1000 --size=1
# Repositories url --url="http://mirrors.kernel.org/centos/6.0/os/x86_64/"
%packages --excludedocs --nobase --instLangs=en @Core
%post rpm -e $(rpm -qa |grep -i firmware) yum -y remove audit authconfig checkpolicy libsemanage libselinux-utils policycoreutils selinux-policy selinux-policy-targeted rm -rf /etc/selinux/targeted rpm -e --nodeps redhat-logos
%end
On 07/19/2011 12:36 PM, Kartik Subbarao wrote:
rpm -e $(rpm -qa |grep -i firmware)
This should be changed to: rpm -e $(rpm -qa | grep -i firmware | grep -v kernel-firmware)
Since apparently kernel depends on kernel-firmware.
-Kartik
On 07/20/2011 12:15 AM, Kartik Subbarao wrote:
On 07/19/2011 12:36 PM, Kartik Subbarao wrote:
rpm -e $(rpm -qa |grep -i firmware)
This should be changed to: rpm -e $(rpm -qa | grep -i firmware | grep -v kernel-firmware)
Since apparently kernel depends on kernel-firmware.
Try the attached ks. It installs around 180 packages. libselinux-utils is in because I find it mandatory to be able to modify the selinux configuration of an existing system.
There are a few packages left which can be removed if you insist: - the firmware packages if you do not use that specific hardware ( atmel, brocade, qlogic ). - yum-presto if you prefer to always download full rpm packages instead of deltas - which, acl, attr
On 07/19/2011 11:36 PM, Manuel Wolfshant wrote:
On 07/20/2011 12:15 AM, Kartik Subbarao wrote:
On 07/19/2011 12:36 PM, Kartik Subbarao wrote:
rpm -e $(rpm -qa |grep -i firmware)
This should be changed to: rpm -e $(rpm -qa | grep -i firmware | grep -v kernel-firmware)
Since apparently kernel depends on kernel-firmware.
Try the attached ks. It installs around 180 packages. libselinux-utils is in because I find it mandatory to be able to modify the selinux configuration of an existing system.
There are a few packages left which can be removed if you insist:
- the firmware packages if you do not use that specific hardware ( atmel,
brocade, qlogic ).
- yum-presto if you prefer to always download full rpm packages instead of
deltas
- which, acl, attr
Interesting. I'm also experimenting with a minimal kickstart and without the system-config-firewall-base package I can no longer login. Apparently the login succeeds but I immediately get thrown back to the login prompt. As soon as I add that package everything is fine again.
Regards, Dennis
On 07/20/2011 01:45 AM, Dennis Jacobfeuerborn wrote:
On 07/19/2011 11:36 PM, Manuel Wolfshant wrote:
On 07/20/2011 12:15 AM, Kartik Subbarao wrote:
On 07/19/2011 12:36 PM, Kartik Subbarao wrote:
rpm -e $(rpm -qa |grep -i firmware)
This should be changed to: rpm -e $(rpm -qa | grep -i firmware | grep -v kernel-firmware)
Since apparently kernel depends on kernel-firmware.
Try the attached ks. It installs around 180 packages. libselinux-utils is in because I find it mandatory to be able to modify the selinux configuration of an existing system.
There are a few packages left which can be removed if you insist:
- the firmware packages if you do not use that specific hardware ( atmel,
brocade, qlogic ).
- yum-presto if you prefer to always download full rpm packages instead of
deltas
- which, acl, attr
Interesting. I'm also experimenting with a minimal kickstart and without the system-config-firewall-base package I can no longer login. Apparently the login succeeds but I immediately get thrown back to the login prompt. As soon as I add that package everything is fine again.
Regards, Dennis _______________________________________________ CentOS-virt mailing list CentOS-virt@centos.org http://lists.centos.org/mailman/listinfo/centos-virt
Oh, I believe you I'm just puzzled why I need the package and you don't. Can you post an "rpm -qa|sort" of the final Package list you have in the installed System?
Regards, Dennis
On 07/20/2011 08:19 AM, Manuel Wolfshant wrote:
On 07/20/2011 01:45 AM, Dennis Jacobfeuerborn wrote:
On 07/19/2011 11:36 PM, Manuel Wolfshant wrote:
On 07/20/2011 12:15 AM, Kartik Subbarao wrote:
On 07/19/2011 12:36 PM, Kartik Subbarao wrote:
rpm -e $(rpm -qa |grep -i firmware)
This should be changed to: rpm -e $(rpm -qa | grep -i firmware | grep -v kernel-firmware)
Since apparently kernel depends on kernel-firmware.
Try the attached ks. It installs around 180 packages. libselinux-utils is in because I find it mandatory to be able to modify the selinux configuration of an existing system.
There are a few packages left which can be removed if you insist:
- the firmware packages if you do not use that specific hardware ( atmel,
brocade, qlogic ).
- yum-presto if you prefer to always download full rpm packages instead of
deltas
- which, acl, attr
Interesting. I'm also experimenting with a minimal kickstart and without the system-config-firewall-base package I can no longer login. Apparently the login succeeds but I immediately get thrown back to the login prompt. As soon as I add that package everything is fine again.
Regards, Dennis _______________________________________________ CentOS-virt mailing list CentOS-virt@centos.org http://lists.centos.org/mailman/listinfo/centos-virt
On 07/20/2011 02:37 PM, Dennis Jacobfeuerborn wrote:
Oh, I believe you I'm just puzzled why I need the package and you don't. Can you post an "rpm -qa|sort" of the final Package list you have in the installed System?
Regards, Dennis
Already done that in my first mail. http://lists.centos.org/pipermail/centos-virt/attachments/20110720/c78c2c2d/...
manuel
On 07/20/2011 08:19 AM, Manuel Wolfshant wrote:
On 07/20/2011 01:45 AM, Dennis Jacobfeuerborn wrote:
On 07/19/2011 11:36 PM, Manuel Wolfshant wrote:
On 07/20/2011 12:15 AM, Kartik Subbarao wrote:
On 07/19/2011 12:36 PM, Kartik Subbarao wrote:
rpm -e $(rpm -qa |grep -i firmware)
This should be changed to: rpm -e $(rpm -qa | grep -i firmware | grep -v kernel-firmware)
Since apparently kernel depends on kernel-firmware.
Try the attached ks. It installs around 180 packages. libselinux-utils is in because I find it mandatory to be able to modify the selinux configuration of an existing system.
There are a few packages left which can be removed if you insist:
- the firmware packages if you do not use that specific hardware (
atmel, brocade, qlogic ).
- yum-presto if you prefer to always download full rpm packages
instead of deltas
- which, acl, attr
Interesting. I'm also experimenting with a minimal kickstart and without the system-config-firewall-base package I can no longer login. Apparently the login succeeds but I immediately get thrown back to the login prompt. As soon as I add that package everything is fine again.
On 07/20/2011 01:50 PM, Manuel Wolfshant wrote:
On 07/20/2011 02:37 PM, Dennis Jacobfeuerborn wrote:
Oh, I believe you I'm just puzzled why I need the package and you don't. Can you post an "rpm -qa|sort" of the final Package list you have in the installed System?
Regards, Dennis
Already done that in my first mail. http://lists.centos.org/pipermail/centos-virt/attachments/20110720/c78c2c2d/...
Sorry, I only saw the kickstart file but didn't notice that there was a package list attached as well. Anyway it seems I need the system-config-firewall-base package because I create a live image that I boot directly. After doing a regular install with the same kickstart I can login normally even without that package. Still no clue though why that would make a difference or what that particular package has to do with logins.
Regards, Dennis
On 07/21/2011 01:43 PM, Dennis Jacobfeuerborn wrote:
On 07/20/2011 01:50 PM, Manuel Wolfshant wrote:
On 07/20/2011 02:37 PM, Dennis Jacobfeuerborn wrote:
Oh, I believe you I'm just puzzled why I need the package and you don't. Can you post an "rpm -qa|sort" of the final Package list you have in the installed System?
Regards, Dennis
Already done that in my first mail. http://lists.centos.org/pipermail/centos-virt/attachments/20110720/c78c2c2d/...
Sorry, I only saw the kickstart file but didn't notice that there was a package list attached as well. Anyway it seems I need the system-config-firewall-base package because I create a live image that I boot directly. After doing a regular install with the same kickstart I can login normally even without that package. Still no clue though why that would make a difference or what that particular package has to do with logins.
Regards, Dennis
You are 100% correct. Today I added back the package to the list. I noticed that logins continue to work after the package is removed but not after reboot. Go figure. Especially as I see nothing obvious in a rpm -ql
I'll leave it in for now and revisit, time permitting.
Manuel
On Tue, 2011-07-19 at 12:36 -0400, Kartik Subbarao wrote:
I've come up with the following kickstart config (see below) for deploying a minimal CentOS 6 VM. It takes about 460MB. I'm assuming that all of the -firmware RPMs aren't needed for a VM installation, so I removed them. Also removed as many selinux packages as possible since I don't need that.
I was wondering whether anyone could offer any further suggestions on minimizing the disk usage of the VM image. ...
========
... rootpw admin123
I use the --iscrypted option so people can't easily see my default root password. An easy method of viewing the command is looking at /root/anaconda-ks.cfg (at least it was in 5) after install. For setting unique initial root passwords, there is a method for creating it on the command line.
... # Repositories url --url="http://mirrors.kernel.org/centos/6.0/os/x86_64/"
Shouldn't we encourage the creation of a local mirror? Installs are much faster. Also, with local mirrors, you can snapshot the repo. This allows for testing updates before pushing them to your live servers.
...
I create ks files for many of my CentOS and CentOS derived (Elastix) boxes. Backups take less space when you only save data. Routers are great for this as they rarely change (except possibly for firewall rules). With PXE boot, I can rebuild a router in 10 minutes. Also handy if the router hardware fails (I'm using old PCs). An on-site user without any Linux knowledge can install a replacement router (or re-install an existing router if it is suspected to be compromised) in little time. As long as the ks file is used as the master configuration where changes are made and the router re-installed to make them active, you don't get into a position where a change is lost if the hardware fails.
-
Dennis Jacobfeuerborn -
Ed Heron -
Kartik Subbarao -
Manuel Wolfshant