This post will help your creating a CentOS 7 Template for VMware.
Install CentOS 7 on any VMware virtualization product with “Minimal Install” for the software selection. You can find the most recent install image here.
Please use a VM hardware version of 10, if you want to deploy your CentOS template to vSphere 5.5 or vCloud Air.
After successful installation login and upgrade packages to the latest version:
# upgrade yum -y upgrade # reboot if a new kernel was installed init 6
The template will not have a root password nor an admin user password. You will require a private SSH key to login into the VM.
The following lines can either be copied and pasted into a shell or issued step by step:
# some variables export ADMIN_USER="admin" export ADMIN_PUBLIC_KEY="your public ssh key" # install necessary and helpful components yum -y install net-tools nano deltarpm wget bash-completion yum-plugin-remove-with-leaves yum-utils # install VM tools and perl for VMware VM customizations yum -y install open-vm-tools perl # Stop logging services systemctl stop rsyslog service auditd stop # Remove old kernels package-cleanup -y --oldkernels --count=1 # Clean out yum yum clean all # Force the logs to rotate & remove old logs we don’t need /usr/sbin/logrotate /etc/logrotate.conf --force rm -f /var/log/*-???????? /var/log/*.gz rm -f /var/log/dmesg.old rm -rf /var/log/anaconda # Truncate the audit logs (and other logs we want to keep placeholders for) cat /dev/null > /var/log/audit/audit.log cat /dev/null > /var/log/wtmp cat /dev/null > /var/log/lastlog cat /dev/null > /var/log/grubby # Remove the traces of the template MAC address and UUIDs sed -i '/^\(HWADDR\|UUID\)=/d' /etc/sysconfig/network-scripts/ifcfg-e* # enable network interface onboot sed -i -e 's@^ONBOOT="no@ONBOOT="yes@' /etc/sysconfig/network-scripts/ifcfg-e* # Clean /tmp out rm -rf /tmp/* rm -rf /var/tmp/* # Remove the SSH host keys rm -f /etc/ssh/*key* # configure sshd_config to only allow Pubkey Authentication sed -i -r 's/^#?(PermitRootLogin|PasswordAuthentication|PermitEmptyPasswords) (yes|no)/\1 no/' /etc/ssh/sshd_config sed -i -r 's/^#?(PubkeyAuthentication) (yes|no)/\1 yes/' /etc/ssh/sshd_config # add user 'ADMIN_USER' adduser $ADMIN_USER # add public SSH key mkdir -m 700 /home/$ADMIN_USER/.ssh chown $ADMIN_USER:$ADMIN_USER /home/$ADMIN_USER/.ssh echo $ADMIN_PUBLIC_KEY > /home/$ADMIN_USER/.ssh/authorized_keys chmod 600 /home/$ADMIN_USER/.ssh/authorized_keys chown $ADMIN_USER:$ADMIN_USER /home/$ADMIN_USER/.ssh/authorized_keys # add support for ssh-add echo 'eval $(ssh-agent) > /dev/null' >> /home/$ADMIN_USER/.bashrc # add user 'ADMIN_USER' to sudoers echo "$ADMIN_USER ALL = NOPASSWD: ALL" > /etc/sudoers.d/$ADMIN_USER chmod 0440 /etc/sudoers.d/$ADMIN_USER # Remove the root user’s SSH history rm -rf ~root/.ssh/ rm -f ~root/anaconda-ks.cfg # remove the root password passwd -d root # for support guest customization of CentOS 7 in vSphere 5.5 and vCloud Air # mv /etc/redhat-release /etc/redhat-release.old && touch /etc/redhat-release && echo 'Red Hat Enterprise Linux Server release 7.0 (Maipo)' > /etc/redhat-release # Remove the root user’s shell history history -cw # shutdown init 0
Starting with Open VM Tools 9.10 the deployPkg (open-vm-tools-deploypkg) is not needed anymore. Please see VMware support for Open VM Tools.
CentOS 7 is only supported starting with vSphere 6. As a workaround to deploy your CentOS template to vSphere 5.5 or vCloud Air and use VM customization, please uncomment the line to modify /etc/redhat-release.