- 準備CentOS-7.x鏡像,可以從網上直接下載,我這裏準備的鏡像是CentOS-7.2-x86_64
[root@linux-node1 ~]# ls -l /tmp/CentOS-7-x86_64-DVD-1511.iso
-rw-r--r-- 1 root root 4329570304 Jan 7 2016 /tmp/CentOS-7-x86_64-DVD-1511.iso- 安裝相關軟件
[root@linux-node1 ~]# yum -y install qemu-kvm libvirt virt-install
[root@linux-node1 ~]# rpm -qa qemu-kvm libvirt virt-install
libvirt-3.2.0-14.el7_4.5.x86_64
qemu-kvm-1.5.3-141.el7_4.4.x86_64
virt-install-1.4.1-7.el7.noarch- 啓動libvirtd,會自動創建虛擬網卡virbr0,默認地址爲192.168.122.1
[root@linux-node1 ~]# systemctl start libvirtd
[root@linux-node1 ~]# systemctl status libvirtd
[root@linux-node1 ~]# ifconfig virbr0
virbr0: flags=4099<UP,BROADCAST,MULTICAST> mtu 1500
inet 192.168.122.1 netmask 255.255.255.0 broadcast 192.168.122.255
ether 00:00:00:00:00:00 txqueuelen 0 (Ethernet)
RX packets 0 bytes 0 (0.0 B)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 0 bytes 0 (0.0 B)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0- 創建虛擬磁盤,”-f”指定磁盤格式
qcow2,存放路徑/opt/CentOS-7.2_x86_64.qcow2,磁盤大小10G
[root@linux-node1 ~]# qemu-img create -f qcow2 /opt/CentOS-7.2-x86_64.qcow2 10G
Formatting '/opt/CentOS-7.2-x86_64.qcow2', fmt=qcow2 size=10737418240 encryption=off cluster_size=65536 lazy_refcounts=off refcount_bits=16
[root@linux-node1 ~]# ls -l /opt/CentOS-7.2-x86_64.qcow2
-rw-r--r-- 1 root root 196768 Jan 23 14:39 /opt/CentOS-7.2-x86_64.qcow2- 創建雲主機
[root@linux-node1 ~]# virt-install --virt-type kvm --name CentOS-7.2 --ram 1024 \
--disk /opt/CentOS-7.2-x86_64.qcow2,format=qcow2 \
--network network=default \
--graphics vnc,listen=0.0.0.0 --noautoconsole \
--os-type=linux --os-variant=centos7.0 \
--location=/tmp/CentOS-7-x86_64-DVD-1511.iso- 通過TightVNS工具連接192.168.56.11:5900(默認端口是5900),接下來的步驟和我們平時安裝系統沒有什麼區別,
注意,只分根分區,不需要分交換分區。
- 啓動雲主機,並查看狀態
[root@linux-node1 ~]# virsh start CentOS-7.2
Domain CentOS-7.2 started
[root@linux-node1 ~]# virsh list --all
Id Name State
----------------------------------------------------
2 CentOS-7.2 running- 通過TightVNS工具連接192.168.56.11:5900,配置雲主機網絡
DNS配置
[root@localhost ~]# echo -e "nameserver 114.114.114.114\nnameserver 202.96.128.86" > /etc/resolv.conf
[root@localhost ~]# cat /etc/resolv.conf
nameserver 114.114.114.114
nameserver 202.96.128.86網卡配置
[root@localhost ~]# vi /etc/sysconfig/network-scripts/ifcfg-eth0
TYPE=Ethernet
BOOTPROTO=dhcp
IPV4_FAILURE_FATAL=no
NAME=eth0
DEVICE=eth0
ONBOOT=yes
[root@localhost ~]# systemctl stop NetworkManager
[root@localhost ~]# systemctl status NetworkManager
[root@localhost ~]# systemctl disable NetworkManager
[root@localhost ~]# systemctl restart netwrok
[root@localhost ~]# systemctl status netwrok- 關閉firewalld,selinux,postfix等服務
[root@localhost ~]# systemctl stop firewalld
[root@localhost ~]# systemctl status firewalld
[root@localhost ~]# systemctl disable firewalld
[root@localhost ~]# setenforce 0
[root@localhost ~]# getenforce
Permissive
[root@localhost ~]# sed -i 's#SELINUX=enforcing#SELINUX=disabled#g' /etc/selinux/config
[root@localhost ~]# systemctl stop postfix
[root@localhost ~]# systemctl status postfix
[root@localhost ~]# systemctl disable postfix- 設置系統文件描述符數
[root@localhost ~]# ulimit -SHn 65535
[root@localhost ~]# ulimit -n
65535
[root@localhost ~]# echo "* - nofile 65535" >> /etc/security/limits.conf- 設置系統字符集
[root@localhost ~]# vi /etc/locale.conf
LANG="en_US.UTF-8"- 更新國內yum源
aliyun
[root@localhost ~]# curl -o /etc/yum.repos.d/CentOS-Base.repo http://mirrors.aliyun.com/repo/Centos-7.repoepel
[root@localhost ~]# wget -O /etc/yum.repos.d/epel.repo http://mirrors.aliyun.com/repo/epel-7.repo- 安裝必要的軟件包
[root@localhost ~]# yum -y install lrzsz vim dos2unix telnet nmap nc net-tools ntpdate wget screen tree- 安裝ACPI服務,支持關閉和重啓雲主機實例
[root@localhost ~]# yum -y install acpid
[root@localhost ~]# systemctl enable acpid- 同步網絡時間服務器
[root@localhost ~]# ntpdate 0.pool.ntp.org
[root@localhost ~]# hwclock
[root@localhost ~]# crontab -e
####Synchronization Network Time Server####
*/5 * * * * /usr/sbin/ntpdate 0.pool.ntp.org &>/dev/null- 編寫鏡像初始化腳本
[root@localhost ~]# vim /tmp/system_init.sh
#!/bin/bash
# Name:system_init.sh
# Version:V1.0
# Type:system_init
# Language:Bash Shell
# Date:2018-01-25
# Author:LinBin
# Email:[email protected]
set_key() {
# Determine whether the file exists
if [ ! -d /root/.ssh ]
then
mkdir -p /root/.ssh
chmod 700 /root/.ssh
fi
# Fetch public key using HTTP
for ((i=1;i<6;i++))
do
if [ ! -f /root/.ssh/authorized_keys ]
then
curl -f http://169.254.169.254/latest/meta-data/public-keys/0/openssh-key > /tmp/metadata-key 2>/dev/null
if [ $? -eq 0 ]
then
cat /tmp/metadata-key >> /root/.ssh/authorized_keys
chmod 0600 /root/.ssh/authorized_keys
restorecon /root/.ssh/authorized_keys
rm -f /tmp/metadata-key
echo "Successfully retrieved public key from instance metadata"
echo "*****************"
echo "AUTHORIZED KEYS"
echo "*****************"
cat /root/.ssh/authorized_keys
echo "*****************"
fi
else
break;
fi
done
}
# Set the system host name
set_hostname() {
Hostname=$(curl -s http://169.254.169.254/latest/meta-data/hostname)
echo "$Hostname" > /etc/hostname
hostnamectl set-hostname $(echo "$Hostname")
}
# Set static ip address
set_static_ip() {
IP=$(curl -s http://169.254.169.254/latest/meta-data/local-ipv4)
cat > /etc/sysconfig/network-scripts/ifcfg-eth0 <<EOF
TYPE=Ethernet
BOOTPROTO=static
NAME=eth0
DEVICE=eth0
ONBOOT=yes
IPADDR=$IP
PREFIX=24
GATEWAY=192.168.56.2
DNS1=114.114.114.114
DNS2=202.96.128.86
EOF
}
# Reboot the instance
reboot_instance() {
rm -f /tmp/system_init.sh
sed -i '$d' /etc/rc.local
reboot
}
# Main function
main() {
set_key;
set_hostname;
set_static_ip;
reboot_instance;
}
# Executive main function
main- 設置/etc/rc.local文件的執行權限,並添加鏡像初始化腳本
[root@localhost ~]# ls -l /etc/rc.local
lrwxrwxrwx 1 root root 13 Jan 20 13:24 /etc/rc.local -> rc.d/rc.local
[root@localhost ~]# ls -l /etc/rc.d/rc.local
-rw-r--r-- 1 root root 473 Oct 20 11:07 /etc/rc.d/rc.local
[root@localhost ~]# chmod +x /etc/rc.d/rc.local
[root@localhost ~]# ls -l /etc/rc.d/rc.local
-rwxr-xr-x 1 root root 473 Oct 20 11:07 /etc/rc.d/rc.local
[root@localhost ~]# echo "/bin/bash /tmp/system_init.sh" >> /etc/rc.local
[root@localhost ~]# tail -1 /etc/rc.local
/bin/bash /tmp/system_init.sh- 關閉雲主機,並查看狀態
[root@linux-node1 ~]# virsh shutdown CentOS-7.2
Domain CentOS-7.2 is being shutdown
[root@linux-node1 ~]# virsh list --all
Id Name State
----------------------------------------------------
- CentOS-7.2 shut off- 獲得admin憑證來獲取只有管理員能執行的命令的訪問權限
[root@linux-node1 ~]# source admin-openrc- 上傳鏡像到鏡像服務並設置公共可見,這樣所有的項目都可以訪問它
[root@linux-node1 ~]# openstack image create "CentOS-7.2-x86_64" \
--file /opt/CentOS-7.2-x86_64.qcow2 \
--disk-format qcow2 --container-format bare \
--public
+------------------+------------------------------------------------------+
| Field | Value |
+------------------+------------------------------------------------------+
| checksum | 9a6d3efdd6874d4aa8ad555e9752b012 |
| container_format | bare |
| created_at | 2018-01-25T11:44:35Z |
| disk_format | qcow2 |
| file | /v2/images/18587404-efaa-4c9d-bd88-682a835933db/file |
| id | 18587404-efaa-4c9d-bd88-682a835933db |
| min_disk | 0 |
| min_ram | 0 |
| name | CentOS-7.2-x86_64 |
| owner | 14055178975d417987c5a94f030c7acf |
| protected | False |
| schema | /v2/schemas/image |
| size | 1196359680 |
| status | active |
| tags | |
| updated_at | 2018-01-25T11:44:57Z |
| virtual_size | None |
| visibility | public |
+------------------+------------------------------------------------------+- 確認鏡像的上傳並驗證屬性
[root@linux-node1 ~]# openstack image list
+--------------------------------------+-------------------+--------+
| ID | Name | Status |
+--------------------------------------+-------------------+--------+
| 18587404-efaa-4c9d-bd88-682a835933db | CentOS-7.2-x86_64 | active |
| cd96090c-87ca-4eb3-b964-a7457639bc1e | cirros | active |
+--------------------------------------+-------------------+--------+