Skip to content

Instantly share code, notes, and snippets.

@anisimovdk

anisimovdk/Preparing CentOS template for VMware vSphere.md

Last active April 25, 2024 16:11
Show Gist options
  • Save anisimovdk/7a2ca87c2b4a574717fa4d621de8efad to your computer and use it in GitHub Desktop.
Save anisimovdk/7a2ca87c2b4a574717fa4d621de8efad to your computer and use it in GitHub Desktop.
Download ZIP
Preparing CentOS template for VMware vSphere
Raw
Preparing CentOS template for VMware vSphere.md

Preparing CentOS template for VMware vSphere

Stopping logging services

service rsyslog stop 
service auditd stop

Disabling consistent network device naming

ln -s /dev/null /etc/udev/rules.d/80-net-name-slot.rules
sed -i 's/rhgb quiet/net.ifnames=0 biosdevname=0 ipv6.disable=1/' /etc/default/grub
grub2-mkconfig -o /boot/grub2/grub.cfg
grub2-mkconfig -o /boot/efi/EFI/centos/grub.cfg
echo 'TYPE="Ethernet"
BOOTPROTO="dhcp"
DEFROUTE="yes"
NAME="eth0"
DEVICE="eth0"
ONBOOT="yes"' > /etc/sysconfig/network-scripts/ifcfg-eth0

Updating system

yum update -y

Installing addtional tools

yum install -y open-vm-tools bash-completion yum-utils

Removing old kernels

package-cleanup -y --oldkernels --count=1

(Optional) Migrating friewalld to iptables

yum -y install iptables-services
systemctl enable iptables.service
systemctl stop firewalld 
systemctl start iptables
systemctl disable firewalld
systemctl mask firewalld

Configuring iptables to allow all connection

iptables -F
iptables -X
iptables -t nat -F
iptables -t nat -X
iptables -t mangle -F
iptables -t mangle -X
iptables -P INPUT ACCEPT
iptables -P FORWARD ACCEPT
iptables -P OUTPUT ACCEPT
service iptables save

Disabling network manager

systemctl disable NetworkManager.service
systemctl stop NetworkManager.service
systemctl mask NetworkManager

Removing logs

logrotate -f /etc/logrotate.conf 
rm -f /var/log/*-???????? /var/log/*.gz 
rm -f /var/log/dmesg.old 
rm -rf /var/log/anaconda 
rm -rf /var/cache/yum
cat /dev/null > /var/log/audit/audit.log 
cat /dev/null > /var/log/wtmp 
cat /dev/null > /var/log/lastlog 
cat /dev/null > /var/log/grubby

Deleting sshd keys

rm -f /etc/ssh/ssh_host_*

Additional cleaning

yum clean all
rm -rf /root/.ssh/
rm -f /root/anaconda-ks.cfg
rm -rf /tmp/*

Deleting bash history

cat /dev/null > ~/.bash_history && history -c

Generalizing

sys-unconfig
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment