OpenStack 镜像(image)定制/压缩方法 – 开启密码登录方法等

发布时间: 更新时间: 总字数:1670 阅读时间:4m 作者: 分享

OpenStack环境中可以基于Glance Image快速创建云主机,所使用到的Glance Image可以从互联网上下载。但是当我们希望基于某个Glance Image创建的云主机中提前预装一些自定义的软件包时,我们就需要对Glance Image进行二次制作。

说明

现在网上可以找到一些 OpenStack Glance Image 制作的文档/教程。有些文档/教程中所描述的方法制作出的 Image 虽然可以在 OpenStack 环境中使用,但是并不能与 OpenStack 环境紧密结合。因此不建议根据网上的文档/教程自己制作 Image 。然而,各 Linux 发行版本官方提供的 Glance Image 已经对镜像进行过对应的处理,可与 OpenStack 环境紧密结合。因此,强烈建议根据本文档描述的方法对 Linux 发行厂商官方提供的 Glance Image 进行二次定制。

环境准备

基础环境为 CentOS 7桌面版服务器,安装以下工具包:

yum -y install libvirt qemu-kvm-rhev libguestfs-tools

下载 Image

从 CentOS 官方下载 CentOS 7 系统的 Image 到本地,下载地址如下。

wget http://cloud.centos.org/centos/7/images/CentOS-7-x86_64-GenericCloud.qcow2

设置 Image root 用户密码

前面一步下载的 Image 中 root 用户默认密码被锁定,后续步骤中我们需要以 root 用户登录到系统中对系统进行定制,因此需要设置 root 用户密码。

virt-sysprep --root-password password:xiexianbin_pwd -a CentOS-7-x86_64-GenericCloud.qcow2

注意: 此处 –root-password password:xiexianbin_pwd 中 “xiexianbin_pwd” 为所设置的 root 用户的密码。

启动虚拟机

基于前面所下载的 Image 作为虚拟机磁盘,启动一个虚拟机:

qemu-kvm -vnc 0.0.0.0:20 -m 2048 -hda CentOS-7-x86_64-GenericCloud.qcow2

定制系统

通过VNC方式连接前面启动的虚拟机,以 root 用户身份登录到系统中,对系统进行定制(如安装自定义软件包)。定制完成后关闭虚拟机。

yum -y install ***

警告: 定制化操作完成后,需要删除并锁定 root 用户密码

password -d root
password -l root

操作完成,关机

poweroff

Image 初始化

使用 virt-sysprep 命令对 Image 进行初始化,初始化操作会将 Image 中一些唯一性信息进行清除(如SSH host keys、网卡MAC地址等),具体清除内容可以查看 virt-sysprep 帮助手册。

virt-sysprep -a CentOS-7-x86_64-GenericCloud.qcow2
virt-sysprep --root-password password:a123456 --copy-in /root/images/software.tar.gz:/home/ubuntu/ -a /root/images/ubuntu.qcow2

消除 Image 空洞

qcow2 格式的 Image 有稀疏的问题,在磁盘级别上看,镜像会有大量连续的相同空洞,通过virt-sparsify 我们可以消除这些空洞,从而缩小磁盘大小,便于我们传输磁盘镜像。

virt-sparsify --compress CentOS-7-x86_64-GenericCloud.qcow2 CentOS-7.0-x86_64-MySQL.qcow2
[root@xiexianbin_cn images]# virt-sparsify --compress CentOS-7-x86_64-GenericCloud.qcow2 CentOS-7.0-x86_64-MySQL.qcow2
[   0.2] Create overlay file in /tmp to protect source disk
[   0.3] Examine source disk
 100% ⟦▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒⟧ --:--
[   9.9] Fill free space in /dev/sda1 with zero
 100% ⟦▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒▒⟧ 00:00
[  66.7] Copy to destination and make sparse
[ 144.1] Sparsify operation completed with no errors.
virt-sparsify: Before deleting the old disk, carefully check that the 
target disk boots and works correctly.
[root@xiexianbin_cn images]# 

修改密码 注入文件

[root@xiexianbin_cn ~]# virt-sysprep --root-password password:a123456 --copy-in /root/images/ubuntu.tar.gz:/home/ubuntu/ -a /root/images/mysql.qcow2
[   0.0] Examining the guest ...
[  16.8] Performing "abrt-data" ...
[  16.8] Performing "bash-history" ...
[  16.8] Performing "blkid-tab" ...
[  16.8] Performing "crash-data" ...
[  16.8] Performing "cron-spool" ...
[  17.0] Performing "dhcp-client-state" ...
[  17.0] Performing "dhcp-server-state" ...
[  17.0] Performing "dovecot-data" ...
[  17.0] Performing "logfiles" ...
[  17.2] Performing "machine-id" ...
[  17.2] Performing "mail-spool" ...
[  17.2] Performing "net-hostname" ...
[  17.2] Performing "net-hwaddr" ...
[  17.2] Performing "pacct-log" ...
[  17.2] Performing "package-manager-cache" ...
[  17.4] Performing "pam-data" ...
[  17.4] Performing "puppet-data-log" ...
[  17.4] Performing "rh-subscription-manager" ...
[  17.4] Performing "rhn-systemid" ...
[  17.4] Performing "rpm-db" ...
[  17.4] Performing "samba-db-log" ...
[  17.4] Performing "script" ...
[  17.4] Performing "smolt-uuid" ...
[  17.4] Performing "ssh-hostkeys" ...
[  17.4] Performing "ssh-userdir" ...
[  17.5] Performing "sssd-db-log" ...
[  17.5] Performing "tmp-files" ...
[  17.5] Performing "udev-persistent-net" ...
[  17.5] Performing "utmp" ...
[  17.5] Performing "yum-uuid" ...
[  17.5] Performing "customize" ...
[  17.5] Setting a random seed
[  17.6] Copying: /root/images/ubuntu.tar.gz to /home/ubuntu/
[  18.5] Setting passwords
[  25.9] Performing "lvm-uuids" ...
[root@xiexianbin_cn ~]# 

开启SSH登录

ubuntu/centos等官方提供的镜像,均无法使用ssh 密码登录,现提供以一种方法:

[root@xiexianbin_cn images]# cat commands-from.file 
password ubuntu:password:a123456

edit /etc/ssh/sshd_config:\
    s/^PasswordAuthentication.*/PasswordAuthentication yes/

edit /etc/ssh/sshd_config:\
    s/^PermitRootLogin.*/PermitRootLogin yes/

[root@xiexianbin_cn images]# 

使用–commands-from-file指定脚本:

[root@xiexianbin_cn images]# virt-customize -a ubuntu.qcow2 --commands-from-file commands-from.file --run-command "cd /home/ubuntu; tar -zxvf ubuntu.tar.gz"
[   0.0] Examining the guest ...
[  51.6] Setting a random seed
[  51.7] Editing: /etc/ssh/sshd_config
[  52.3] Editing: /etc/ssh/sshd_config
[  52.5] Running: cd /home/ubuntu; tar -zxvf ubuntu.tar.gz
[  56.6] Setting passwords
[  72.0] Finishing off
[root@xiexianbin_cn images]# 

测试 Image

将二次定制的 Image 上传到 OpenStack 环境中进行测试,测试没有问题, Image 二次定制完成。

完毕。

Home Archives Categories Tags Docs