Installing minimal number of packages

Joe_Wulf Joe_Wulf at yahoo.com
Wed Aug 22 13:31:25 UTC 2007 

Chip,

Reviewed your article, very informative from what I can see on the slides.
Would benefit from the 'audio' that goes with each slide, I'm sure.

I would have liked to have seen or found a 'users manual' for kickstart.
Something that explains the entire process from end to end.  Several things
you mention in your presentation I've never seen stated anywhere else.
Other questions:
- When I build a system with KS, why does the /root/anaconda-ks.cfg file
  NOT reflect exactly what the source ks.cfg looked like?
- I want to build many systems from many versions of the RedHat OS's.  Why
  doesn't the kickstart configuration NATURALLY understand each OS I've
  copied into my ks server and build ks-cfg files that work natively with
  that version of the OS.
  A: I know, it wasn't designed to.  The real question is why hasn't that
     been done yet!

I've got others but don't have the time this moment to pull them out of 
my brain.

With RHEL5, do you have any issues, tips, tricks and/or solutions?

Also, I'd like to get with you off-list, and chat about this, too.  Let
me know if you would as well (Joe_Wulf at yahoo.com).

R,
-Joe Wulf, CISSP, USN(RET)
 Senior IA Engineer
 ProSync Technology Group, LLC
 www.prosync.com

-----Original Message-----
From: kickstart-list-bounces at redhat.com
[mailto:kickstart-list-bounces at redhat.com] On Behalf Of Shabazian, Chip
Sent: Tuesday, August 21, 2007 11:33
To: Discussion list about Kickstart
Subject: RE: Installing minimal number of packages

 
Joe,

I feel (and have lived through) your pain.  Our objective was to create a "core
image" that fills 80% - 90% of all non application needs on build, and we have
been quite successful with it, Starting with RHEL 2.1.  With RHEL 5, I have seen
more improvements (personally) with kickstart than with any previous release,
going back to RHL 7.0 which is when I started doing significant work with
kickstart.  Many of the challenges that have existed for years, are now resolved
either through kickstart or other tools.

Some highlights:
You can now specify yum repo's in your command section so that systems can be
built with current releases from a tested stable build All kickstart tools now
use the same UI for package selection (it used to be three different code bases
to maintain) Ability to have multiple %post sections (thus allowing you to do
work in --no-chroot, then work in a chrooted environment) Tools such as Revisor
make it almost TOO simple to create your own "single install CD" or live CD with
what you want

Anyway, there has been significant work on Red Hat's part to make improvements to
kickstart, and it really shows in RHEL 5.  I for one am happy to see the progress
and can't wait until we can move forward with RHEL 5 deployments and get off 3
and 4.

I covered the above, and some others in my recent Linuxworld presentation which
you can download at http://www.shabazian.com/lw2007.pdf


-----Original Message-----
From: kickstart-list-bounces at redhat.com
[mailto:kickstart-list-bounces at redhat.com] On Behalf Of Joe_Wulf
Sent: Monday, August 20, 2007 4:25 PM
To: 'Discussion list about Kickstart'
Subject: RE: Installing minimal number of packages

I REALLY like RedHat, as opposed to other distributions.  Works well for me both
at work and at home.  I hear you, Michael with regards to the difficulties in
getting to a truly "MINIMAL" installation.  I've got quite a bit of experience
working with RedHat Enterprise Linux, Advanced Server v4.0.  The 'extra' stuff
that gets installed is almost 150 packages that add no value and have to be
weeded out.  I've found about the same perspective with the Fedora line as well.

The method I've found to achieve a functional system that has minimal packages
installed is to install it by hand once, utilize the RPM commands to get info on
the packages, then build a list of what I want to keep and what I want to remove.
I've then coded a script and included with it a package disposition text file.
The script removes all the excess while leaving a functional system in place.  My
rule was an objective evaluation of every package---if I could honestly see 70
percent of the systems actually use packageX, in any given enterprise, then the
package stayed in the baseline I was building.  That is a pretty rigorous
methodology, yet has achieve stable results.

I'm currently working on translating that to a kickstart process, as well as
apply these lessons learned to RHEL v5.  hooo boy, is THAT gonna be fun!

<begin soapbox>
I've posted to some of the RedHat and fedora lists in the past about providing
significant fidelity to the package installation process.  So far, there seems to
be great interest in allowing the existing frustrations and confusion to reign.
Puzzling and sad.

In these days of system exploitations, I would have thought RedHat would desire
to lead the charge for a system that is easy to install, minimizes the attack
surface miscreants have open to them, robustly secures all facets of the OS from
a holistic perspective.
<end soapbox>

I wish you luck.  But, realize too, that in the end, you'll know a hell of a lot
more about the RedHat OS than you knew before.

R,
-Joe Wulf, CISSP, USN(RET)
 Senior IA Engineer
 ProSync Technology Group, LLC
 www.prosync.com


-----Original Message-----
From: kickstart-list-bounces at redhat.com
[mailto:kickstart-list-bounces at redhat.com] On Behalf Of Michael
Sent: Monday, August 20, 2007 18:55
To: Discussion list about Kickstart
Subject: Re: Installing minimal number of packages

Shabazian, Chip wrote:
> You still get base.  A truly minimal install would be
>
> %packages --no-base
>
> But that would result in a largely unusable system, so you need to add

> packages back in from that point.
>
> NOTE: I have not tested this on FC6, but expect it to be the same. 
>
>   

Is there not a happy medium somewhere in betwen?  I definitely want a stripped
system that includes rpm, and basic functionality but I don't want X, or lots of
bulk. 

Doing --no-base and adding back all the packages just to make it function
correctly seems tedious to get correct.

If that is the best way, can someone give me an example of what they add back?

Michael

Michael

_______________________________________________
Kickstart-list mailing list
Kickstart-list at redhat.com
https://www.redhat.com/mailman/listinfo/kickstart-list


_______________________________________________
Kickstart-list mailing list
Kickstart-list at redhat.com
https://www.redhat.com/mailman/listinfo/kickstart-list

_______________________________________________
Kickstart-list mailing list
Kickstart-list at redhat.com
https://www.redhat.com/mailman/listinfo/kickstart-list

More information about the Kickstart-list mailing list