標籤:style blog http io ar color os sp for
雲平台中鏡像還是很重要的,提供各種定製化的鏡像使得使用者體驗更好。
最開始玩OpenStack的時候用的是安裝文檔中提到的cirros,其密碼cubswin:) 剛開始感覺很怪,現在已經可以隨手打出。ps:打的還很熟練:-)
然後慢慢開始想嘗試各種鏡像,於是乎在網上搜了很多。如下:
關於CentOS鏡像製作需要注意以下幾點:
(1)修改網路資訊 /etc/sysconfig/network-scripts/ifcfg-eth0 (刪掉mac資訊),如下:
TYPE=EthernetDEVICE=eth0ONBOOT=yesBOOTPROTO=dhcpNM_CONTROLLED=no
(2)刪除已產生的網路裝置規則,否則製作的鏡像不能上網
# rm -rf /etc/udev/rules.d/70-persistent-net.rules
(3)增加一行到/etc/sysconfig/network
NOZERCONF=yes
(4)安裝cloud-init(可選),cloud-init可以在開機時進行密鑰注入以及修改hostname等,關於cloud-init,陳沙克的一篇博文有介紹:http://www.chenshake.com/about-openstack-centos-mirror/
# yum install -y cloud-utils cloud-init parted
修改設定檔/etc/cloud/cloud.cfg ,在cloud_init_modules 下面增加:
- resolv-conf
(5)設定系統能自動擷取openstack指定的hostname和ssh-key(可選)
編輯/etc/rc.local檔案,該檔案在開機後會執行,加入以下代碼:
1 if [ ! -d /root/.ssh ]; then 2 mkdir -p /root/.ssh 3 chmod 700 /root/.ssh 4 fi 5 # Fetch public key using HTTP 6 ATTEMPTS=30 7 FAILED=0 8 9 10 11 while [ ! -f /root/.ssh/authorized_keys ]; do12 curl -f http://169.254.169.254/latest/meta-data/public-keys/0/openssh-key > /tmp/metadata-key 2>/dev/null13 if [ $? -eq 0 ]; then14 cat /tmp/metadata-key >> /root/.ssh/authorized_keys15 chmod 0600 /root/.ssh/authorized_keys16 restorecon /root/.ssh/authorized_keys17 rm -f /tmp/metadata-key18 echo “Successfully retrieved public key from instance metadata”19 echo “*****************”20 echo “AUTHORIZED KEYS”21 echo “*****************”22 cat /root/.ssh/authorized_keys23 echo “*****************”24 25 curl -f http://169.254.169.254/latest/meta-data/hostname > /tmp/metadata-hostname 2>/dev/null26 if [ $? -eq 0 ]; then27 TEMP_HOST=`cat /tmp/metadata-hostname`28 sed -i “s/^HOSTNAME=.*$/HOSTNAME=$TEMP_HOST/g” /etc/sysconfig/network29 /bin/hostname $TEMP_HOST30 echo “Successfully retrieved hostname from instance metadata”31 echo “*****************”32 echo “HOSTNAME CONFIG”33 echo “*****************”34 cat /etc/sysconfig/network35 echo “*****************”36 37 else38 echo “Failed to retrieve hostname from instance metadata. This is a soft error so we’ll continue”39 fi40 rm -f /tmp/metadata-hostname41 else42 FAILED=$(($FAILED + 1))43 if [ $FAILED -ge $ATTEMPTS ]; then44 echo “Failed to retrieve public key from instance metadata after $FAILED attempts, quitting”45 break46 fi47 echo “Could not retrieve public key from instance metadata (attempt #$FAILED/$ATTEMPTS), retrying in 5 seconds…”48 sleep 549 fi50 done
或者
1 # set a random pass on first boot 2 if [ -f /root/firstrun ]; then 3 dd if=/dev/urandom count=50|md5sum|passwd --stdin root 4 passwd -l root 5 rm /root/firstrun 6 fi 7 8 if [ ! -d /root/.ssh ]; then 9 mkdir -m 0700 -p /root/.ssh10 restorecon /root/.ssh11 fi12 # Get the root ssh key setup13 # Get the root ssh key setup14 ReTry=015 while [ ! -f /root/.ssh/authorized_keys ] && [ $ReTry -lt 10 ]; do16 sleep 217 curl -f http://169.254.169.254/latest/meta-data/public-keys/0/openssh-key > /root/.ssh/pubkey18 if [ 0 -eq 0 ]; then19 mv /root/.ssh/pubkey /root/.ssh/authorized_keys20 fi21 ReTry=$[Retry+1]22 done23 chmod 600 /root/.ssh/authorized_keys && restorecon /root/.ssh/authorized_keys
主要目的就是擷取hostname和公開金鑰
(6)其他
route命令查看一下路由表
查看/etc/ssh/sshd_conf中PermitRootLogin是不是為yes
OpenStack鏡像製作-CentOS
Start building with 50+ products and up to 12 months usage for Elastic Compute Service
1 on 1 presale consultation
24/7 Technical Support 6 Free Tickets per Quarter Faster Response
Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.
A comprehensive suite of global cloud computing services to power your business
Payment Methods We Support
