首页 > 代码库 > OpenStack镜像制作-CentOS
OpenStack镜像制作-CentOS
云平台中镜像还是很重要的,提供各种定制化的镜像使得用户体验更好。
最开始玩OpenStack的时候用的是安装文档中提到的cirros,其密码cubswin:) 刚开始感觉很怪,现在已经可以随手打出。ps:打的还很熟练:-)
然后慢慢开始想尝试各种镜像,于是乎在网上搜了很多。如下:
- 官方文档 http://docs.openstack.org/image-guide/content/ch_obtaining_images.html
官方文档给的镜像的链接挺多的,包括
CirrOS (test) images
Official Ubuntu images
Official Red Hat Enterprise Linux images
Official Fedora images
Official openSUSE and SLES images
Official images from other Linux distributions
Rackspace Cloud Builders (multiple distros) images
Microsoft Windows images - CentOS镜像 http://cloud.centos.org/
- Rackspace Cloud Builders https://github.com/rcbops/oz-image-build
- Radhat镜像 https://openstack.redhat.com/Image_resources
- CentOS Gold Image
http://catn.com/labs/centos-images/
http://catn.com/2013/04/18/building-a-virtual-machine-image-for-centos/
教你如何制作CentOS的image,并且提供现成的image下载
镜像下载地址:http://mirror.catn.com/pub/catn/images/qcow2/centos6.4-x86_64-gold-master.img
该镜像用户名:root 密码:changeme1122
关于CentOS镜像制作需要注意以下几点:
(1)修改网络信息 /etc/sysconfig/network-scripts/ifcfg-eth0 (删掉mac信息),如下:
TYPE=EthernetDEVICE=eth0ONBOOT=yesBOOTPROTO=dhcpNM_CONTROLLED=no(2)删除已生成的网络设备规则,否则制作的镜像不能上网
# rm -rf /etc/udev/rules.d/70-persistent-net.rules (3)增加一行到/etc/sysconfig/network
NOZERCONF=yes(4)安装cloud-init(可选),cloud-init可以在开机时进行密钥注入以及修改hostname等,关于cloud-init,陈沙克的一篇博文有介绍:http://www.chenshake.com/about-openstack-centos-mirror/
# yum install -y cloud-utils cloud-init parted
修改配置文件/etc/cloud/cloud.cfg ,在cloud_init_modules 下面增加:
- resolv-conf
(5)设置系统能自动获取openstack指定的hostname和ssh-key(可选)
编辑/etc/rc.local文件,该文件在开机后会执行,加入以下代码:
1 if [ ! -d /root/.ssh ]; then 2 mkdir -p /root/.ssh 3 chmod 700 /root/.ssh 4 fi 5 # Fetch public key using HTTP 6 ATTEMPTS=30 7 FAILED=0 8 9 10 11 while [ ! -f /root/.ssh/authorized_keys ]; do12 curl -f http://169.254.169.254/latest/meta-data/public-keys/0/openssh-key > /tmp/metadata-key 2>/dev/null13 if [ $? -eq 0 ]; then14 cat /tmp/metadata-key >> /root/.ssh/authorized_keys15 chmod 0600 /root/.ssh/authorized_keys16 restorecon /root/.ssh/authorized_keys17 rm -f /tmp/metadata-key18 echo “Successfully retrieved public key from instance metadata”19 echo “*****************”20 echo “AUTHORIZED KEYS”21 echo “*****************”22 cat /root/.ssh/authorized_keys23 echo “*****************”24 25 curl -f http://169.254.169.254/latest/meta-data/hostname > /tmp/metadata-hostname 2>/dev/null26 if [ $? -eq 0 ]; then27 TEMP_HOST=`cat /tmp/metadata-hostname`28 sed -i “s/^HOSTNAME=.*$/HOSTNAME=$TEMP_HOST/g” /etc/sysconfig/network29 /bin/hostname $TEMP_HOST30 echo “Successfully retrieved hostname from instance metadata”31 echo “*****************”32 echo “HOSTNAME CONFIG”33 echo “*****************”34 cat /etc/sysconfig/network35 echo “*****************”36 37 else38 echo “Failed to retrieve hostname from instance metadata. This is a soft error so we’ll continue”39 fi40 rm -f /tmp/metadata-hostname41 else42 FAILED=$(($FAILED + 1))43 if [ $FAILED -ge $ATTEMPTS ]; then44 echo “Failed to retrieve public key from instance metadata after $FAILED attempts, quitting”45 break46 fi47 echo “Could not retrieve public key from instance metadata (attempt #$FAILED/$ATTEMPTS), retrying in 5 seconds…”48 sleep 549 fi50 done 或者
1 # set a random pass on first boot 2 if [ -f /root/firstrun ]; then 3 dd if=/dev/urandom count=50|md5sum|passwd --stdin root 4 passwd -l root 5 rm /root/firstrun 6 fi 7 8 if [ ! -d /root/.ssh ]; then 9 mkdir -m 0700 -p /root/.ssh10 restorecon /root/.ssh11 fi12 # Get the root ssh key setup13 # Get the root ssh key setup14 ReTry=015 while [ ! -f /root/.ssh/authorized_keys ] && [ $ReTry -lt 10 ]; do16 sleep 217 curl -f http://169.254.169.254/latest/meta-data/public-keys/0/openssh-key > /root/.ssh/pubkey18 if [ 0 -eq 0 ]; then19 mv /root/.ssh/pubkey /root/.ssh/authorized_keys20 fi21 ReTry=$[Retry+1]22 done23 chmod 600 /root/.ssh/authorized_keys && restorecon /root/.ssh/authorized_keys主要目的就是获取hostname和公钥
(6)其他
route命令查看一下路由表
查看/etc/ssh/sshd_conf中PermitRootLogin是不是为yes
OpenStack镜像制作-CentOS
声明:以上内容来自用户投稿及互联网公开渠道收集整理发布,本网站不拥有所有权,未作人工编辑处理,也不承担相关法律责任,若内容有误或涉及侵权可进行投诉: 投诉/举报 工作人员会在5个工作日内联系你,一经查实,本站将立刻删除涉嫌侵权内容。