Skip to content

Instantly share code, notes, and snippets.

@BlackDex

BlackDex/Preparing CentOS template for VMware vSphere.md

Forked from anisimovdk/Preparing CentOS template for VMware vSphere.md
Created September 19, 2019 14:54
Show Gist options
  • Save BlackDex/5a4cb493a3c1bc752d6ced4f10e69e8b to your computer and use it in GitHub Desktop.
Save BlackDex/5a4cb493a3c1bc752d6ced4f10e69e8b to your computer and use it in GitHub Desktop.
Download ZIP
Preparing CentOS template for VMware vSphere
Raw
Preparing CentOS template for VMware vSphere.md

Preparing CentOS template for VMware vSphere

Stopping logging services

service rsyslog stop 
service auditd stop

Disabling consistent network device naming

ln -s /dev/null /etc/udev/rules.d/80-net-name-slot.rules
sed -i 's/rhgb quiet/net.ifnames=0 biosdevname=0 ipv6.disable=1/' /etc/default/grub
grub2-mkconfig -o /boot/grub2/grub.cfg
grub2-mkconfig -o /boot/efi/EFI/centos/grub.cfg
echo 'TYPE="Ethernet"
BOOTPROTO="dhcp"
DEFROUTE="yes"
NAME="eth0"
DEVICE="eth0"
ONBOOT="yes"' > /etc/sysconfig/network-scripts/ifcfg-eth0

Updating system

yum update -y

Installing addtional tools

yum install -y open-vm-tools bash-completion yum-utils

Removing old kernels

package-cleanup -y --oldkernels --count=1

(Optional) Migrating friewalld to iptables

yum -y install iptables-services
systemctl enable iptables.service
systemctl stop firewalld 
systemctl start iptables
systemctl disable firewalld
systemctl mask firewalld

Configuring iptables to allow all connection

iptables -F
iptables -X
iptables -t nat -F
iptables -t nat -X
iptables -t mangle -F
iptables -t mangle -X
iptables -P INPUT ACCEPT
iptables -P FORWARD ACCEPT
iptables -P OUTPUT ACCEPT
service iptables save

Disabling network manager

systemctl disable NetworkManager.service
systemctl stop NetworkManager.service
systemctl mask NetworkManager

Removing logs

logrotate -f /etc/logrotate.conf 
rm -f /var/log/*-???????? /var/log/*.gz 
rm -f /var/log/dmesg.old 
rm -rf /var/log/anaconda 
rm -rf /var/cache/yum
cat /dev/null > /var/log/audit/audit.log 
cat /dev/null > /var/log/wtmp 
cat /dev/null > /var/log/lastlog 
cat /dev/null > /var/log/grubby

Deleting sshd keys

rm -f /etc/ssh/ssh_host_*

Additional cleaning

yum clean all
rm -rf /root/.ssh/
rm -f /root/anaconda-ks.cfg
rm -rf /tmp/*

Deleting bash history

cat /dev/null > ~/.bash_history && history -c

Generalizing

sys-unconfig
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment