-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathbuild-centos-vra8-template.sh
124 lines (102 loc) · 3.4 KB
/
build-centos-vra8-template.sh
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
#!/bin/bash
###Autor: Li Guoqiang from VMware China. ###
###install cloud-init. ###
yum install -y cloud-init
###System Update###
yum update -y
###eanble root and password login for ssh. ###
sed -i 's/^disable_root: 1/disable_root: 0/g' /etc/cloud/cloud.cfg
sed -i 's/^ssh_pwauth: 0/ssh_pwauth: 1/g' /etc/cloud/cloud.cfg
###disable vmware customization for cloud-init. ###
sed -i 's/^disable_vmware_customization: false/disable_vmware_customization: true/g' /etc/cloud/cloud.cfg
###setting datasouce is OVF only. ###
sed -i '/^disable_vmware_customization: true/a\datasource_list: [OVF]' /etc/cloud/cloud.cfg
###disable cloud-init config network. ###
sed -i '/^disable_vmware_customization: true/a\network:' /etc/cloud/cloud.cfg
sed -i '/^network:/a\ config: disabled' /etc/cloud/cloud.cfg
###disalbe clean tmp folder. ###
SOURCE_TEXT="v /tmp 1777 root root 10d"
DEST_TEXT="#v /tmp 1777 root root 10d"
sed -i "s@${SOURCE_TEXT}@${DEST_TEXT}@g" /usr/lib/tmpfiles.d/tmp.conf
sed -i "s/\(^.*10d.*$\)/#\1/" /usr/lib/tmpfiles.d/tmp.conf
###Add After=dbus.service to vmtoolsd. ###
sed -i '/^After=vgauthd.service/a\After=dbus.service' /usr/lib/systemd/system/vmtoolsd.service
###disable cloud-init in first boot,we use vmware tools exec customization. ###
touch /etc/cloud/cloud-init.disabled
###Create a runonce script for re-exec cloud-init. ###
cat <<EOF > /etc/cloud/runonce.sh
#!/bin/bash
if [ -e /tmp/guest.customization.stderr ]
then
sudo rm -rf /etc/cloud/cloud-init.disabled
sudo systemctl restart cloud-init.service
sudo systemctl restart cloud-config.service
sudo systemctl restart cloud-final.service
sudo systemctl disable runonce
sudo touch /tmp/cloud-init.success
fi
exit
EOF
###Create a runonce service for exec runonce.sh with system after reboot. ###
cat <<EOF > /etc/systemd/system/runonce.service
[Unit]
Description=Run once
Requires=network-online.target
Requires=cloud-init-local.sevice
After=network-online.target
After=cloud-init-local.service
[Service]
###wait for vmware customization to complete, avoid executing cloud-init at the first startup.###
ExecStartPre=/bin/sleep 20
ExecStart=/etc/cloud/runonce.sh
[Install]
WantedBy=multi-user.target
EOF
###Create a cleanup script for build vra template. ###
cat <<EOF > /etc/cloud/clean.sh
#!/bin/bash
#clear audit logs
if [ -f /var/log/audit/audit.log ]; then
cat /dev/null > /var/log/audit/audit.log
fi
if [ -f /var/log/wtmp ]; then
cat /dev/null > /var/log/wtmp
fi
if [ -f /var/log/lastlog ]; then
cat /dev/null > /var/log/lastlog
fi
#cleanup persistent udev rules
if [ -f /etc/udev/rules.d/70-persistent-net.rules ]; then
rm /etc/udev/rules.d/70-persistent-net.rules
fi
#cleanup /tmp directories
rm -rf /tmp/*
rm -rf /var/tmp/*
#cleanup current ssh keys
#rm -f /etc/ssh/ssh_host_*
#cat /dev/null > /etc/hostname
#cleanup apt
yum clean all
#Clean Machine ID
truncate -s 0 /etc/machine-id
rm /var/lib/dbus/machine-id
ln -s /etc/machine-id /var/lib/dbus/machine-id
#Clean Cloud-init
cloud-init clean --logs --seed
#Disabled Cloud-init
touch /etc/cloud/cloud-init.disabled
systemctl enable runonce
#cleanup shell history
echo > ~/.bash_history
history -cw
EOF
###change script execution permissions. ###
chmod +x /etc/cloud/runonce.sh /etc/cloud/clean.sh
###reload runonce.service. ###
systemctl daemon-reload
###enable runonce.service on system boot. ###
systemctl enable runonce.service
###clean template. ###
/etc/cloud/clean.sh
###shutdown os. ###
shutdown -h now