標籤:style blog http io ar color os sp for
雲平台中鏡像還是很重要的,提供各種定製化的鏡像使得使用者體驗更好。
最開始玩OpenStack的時候用的是安裝文檔中提到的cirros,其密碼cubswin:) 剛開始感覺很怪,現在已經可以隨手打出。ps:打的還很熟練:-)
然後慢慢開始想嘗試各種鏡像,於是乎在網上搜了很多。如下:
- 官方文檔 http://docs.openstack.org/image-guide/content/ch_obtaining_images.html
官方文檔給的鏡像的連結挺多的,包括
CirrOS (test) images
Official Ubuntu images
Official Red Hat Enterprise Linux images
Official Fedora images
Official openSUSE and SLES images
Official images from other Linux distributions
Rackspace Cloud Builders (multiple distros) images
Microsoft Windows images
- CentOS鏡像 http://cloud.centos.org/
- Rackspace Cloud Builders https://github.com/rcbops/oz-image-build
- Radhat鏡像 https://openstack.redhat.com/Image_resources
- CentOS Gold Image
http://catn.com/labs/centos-images/
http://catn.com/2013/04/18/building-a-virtual-machine-image-for-centos/
教你如何製作CentOS的image,並且提供現成的image下載
鏡像:http://mirror.catn.com/pub/catn/images/qcow2/centos6.4-x86_64-gold-master.img
該鏡像使用者名稱:root 密碼:changeme1122
關於CentOS鏡像製作需要注意以下幾點:
(1)修改網路資訊 /etc/sysconfig/network-scripts/ifcfg-eth0 (刪掉mac資訊),如下:
TYPE=EthernetDEVICE=eth0ONBOOT=yesBOOTPROTO=dhcpNM_CONTROLLED=no
(2)刪除已產生的網路裝置規則,否則製作的鏡像不能上網
# rm -rf /etc/udev/rules.d/70-persistent-net.rules
(3)增加一行到/etc/sysconfig/network
NOZERCONF=yes
(4)安裝cloud-init(可選),cloud-init可以在開機時進行密鑰注入以及修改hostname等,關於cloud-init,陳沙克的一篇博文有介紹:http://www.chenshake.com/about-openstack-centos-mirror/
# yum install -y cloud-utils cloud-init parted
修改設定檔/etc/cloud/cloud.cfg ,在cloud_init_modules 下面增加:
- resolv-conf
(5)設定系統能自動擷取openstack指定的hostname和ssh-key(可選)
編輯/etc/rc.local檔案,該檔案在開機後會執行,加入以下代碼:
1 if [ ! -d /root/.ssh ]; then 2 mkdir -p /root/.ssh 3 chmod 700 /root/.ssh 4 fi 5 # Fetch public key using HTTP 6 ATTEMPTS=30 7 FAILED=0 8 9 10 11 while [ ! -f /root/.ssh/authorized_keys ]; do12 curl -f http://169.254.169.254/latest/meta-data/public-keys/0/openssh-key > /tmp/metadata-key 2>/dev/null13 if [ $? -eq 0 ]; then14 cat /tmp/metadata-key >> /root/.ssh/authorized_keys15 chmod 0600 /root/.ssh/authorized_keys16 restorecon /root/.ssh/authorized_keys17 rm -f /tmp/metadata-key18 echo “Successfully retrieved public key from instance metadata”19 echo “*****************”20 echo “AUTHORIZED KEYS”21 echo “*****************”22 cat /root/.ssh/authorized_keys23 echo “*****************”24 25 curl -f http://169.254.169.254/latest/meta-data/hostname > /tmp/metadata-hostname 2>/dev/null26 if [ $? -eq 0 ]; then27 TEMP_HOST=`cat /tmp/metadata-hostname`28 sed -i “s/^HOSTNAME=.*$/HOSTNAME=$TEMP_HOST/g” /etc/sysconfig/network29 /bin/hostname $TEMP_HOST30 echo “Successfully retrieved hostname from instance metadata”31 echo “*****************”32 echo “HOSTNAME CONFIG”33 echo “*****************”34 cat /etc/sysconfig/network35 echo “*****************”36 37 else38 echo “Failed to retrieve hostname from instance metadata. This is a soft error so we’ll continue”39 fi40 rm -f /tmp/metadata-hostname41 else42 FAILED=$(($FAILED + 1))43 if [ $FAILED -ge $ATTEMPTS ]; then44 echo “Failed to retrieve public key from instance metadata after $FAILED attempts, quitting”45 break46 fi47 echo “Could not retrieve public key from instance metadata (attempt #$FAILED/$ATTEMPTS), retrying in 5 seconds…”48 sleep 549 fi50 done
或者
1 # set a random pass on first boot 2 if [ -f /root/firstrun ]; then 3 dd if=/dev/urandom count=50|md5sum|passwd --stdin root 4 passwd -l root 5 rm /root/firstrun 6 fi 7 8 if [ ! -d /root/.ssh ]; then 9 mkdir -m 0700 -p /root/.ssh10 restorecon /root/.ssh11 fi12 # Get the root ssh key setup13 # Get the root ssh key setup14 ReTry=015 while [ ! -f /root/.ssh/authorized_keys ] && [ $ReTry -lt 10 ]; do16 sleep 217 curl -f http://169.254.169.254/latest/meta-data/public-keys/0/openssh-key > /root/.ssh/pubkey18 if [ 0 -eq 0 ]; then19 mv /root/.ssh/pubkey /root/.ssh/authorized_keys20 fi21 ReTry=$[Retry+1]22 done23 chmod 600 /root/.ssh/authorized_keys && restorecon /root/.ssh/authorized_keys
主要目的就是擷取hostname和公開金鑰
(6)其他
route命令查看一下路由表
查看/etc/ssh/sshd_conf中PermitRootLogin是不是為yes
OpenStack鏡像製作-CentOS