自动化kolla-ansible部署ubuntu20.04+openstack-victoria之镜像制作centos6.5-14
欢迎加QQ群:1026880196 进行交流学习
制作OpenStack Centos 6.5 64位镜像
#下载centos 6.5
http://mirror.nsc.liu.se/centos-store/6.5/isos/x86_64/CentOS-6.5-x86_64-minimal.iso
#硬件准备
物理机一台:要求支持硬件虚拟化,系统推荐centos7.8桌面版
1.安装工具依赖
yum install vim wget net-tools ntpdate gcc -y
2. 使用阿里源
curl -o /etc/yum.repos.d/CentOS-Base.repo http://mirrors.aliyun.com/repo/Centos-7.repo
curl -o /etc/yum.repos.d/epel.repo http://mirrors.aliyun.com/repo/epel-7.repo
sed -i '/aliyuncs.com/d' /etc/yum.repos.d/*.repo
yum makecache fast
3. 安装kvm
yum -y install kvm virt-* qemu-kvm libvirt virt-install bridge-utils virt-manager libguestfs-tools-c qemu-img qemu-kvm-tools libguestfs-tools dejavu-lgc-sans-fonts qemu-guest-agent -y
4. 启动libvirtd并设置开机启动
systemctl enable libvirtd.service && systemctl restart libvirtd.service && systemctl status libvirtd.service
5. 创建目录#把系统镜像和软件上传到指定目录
mkdir kvm
mkdir kvm/iso
mkdir kvm/img
mkdir kvm/soft
6. 打开虚拟系统管理器
位置:应用程序->系统工具->虚拟系统管理器
7. 创建centos 6.5镜像
8. 规格分配
9. 硬盘分配
10. 名称 选择网络
11. 设置 usb为默认#避免鼠标漂移
12. 网卡设置成virtio模式
13. 选择系统镜像
14. 硬盘格式选择VirtlO
15. 选择启动 然后选择开始安装
16. 复制主机cpu配置
17. 开始安装
18. 选择english语言安装
19. 选择Basic Storage Devices 安装
20. 选择忽略所有
21. 默认下一步
22. 选择时区 上海
23. 密码设置
24. 选择use anyway
25. 选择自定义
26. 只分一个/分区
27. 选择最小化安装
28. 等待完成安装
29. 关闭虚拟机 虚安装启动模式
30. 启动成功
31. 修改网卡
修改:vim /etc/sysconfig/network-scripts/ifcfg-eth0
设置: ONBOOT=yes
重启网卡:/etc/init.d/network restart
# 获取IP 为192.168.0.234 这里的IP 是公网IP
32. 远程工具连上 虚拟机下操作如下
1.关闭selinux
sed -i '/^SELINUX=.*/c SELINUX=disabled' /etc/selinux/config
sed -i 's/^SELINUXTYPE=.*/SELINUXTYPE=disabled/g' /etc/selinux/config
grep --color=auto '^SELINUX' /etc/selinux/config
setenforce 0
2.关闭防火墙iptables
chkconfig iptables off
3. 虚拟机安装常用工具
yum install vim wget net-tools ntpdate gcc -y
4. 使用国内阿里源
curl -o /etc/yum.repos.d/CentOS-Base.repo http://mirrors.aliyun.com/repo/Centos-6.repo
curl -o /etc/yum.repos.d/epel.repo http://mirrors.aliyun.com/repo/epel-6.repo
sed -i '/aliyuncs.com/d' /etc/yum.repos.d/*.repo
yum makecache fast
5. 安装cloud-init所需依赖包
yum install acpid cloud-init cloud-utils jq parted qemu-guest-agent zip unzip dracut-modules-growroot -y
6. cloud-int,开启root密码登录#
sed -i 's/disable_root: 1/disable_root: 0/g' /etc/cloud/cloud.cfg
sed -i 's/ssh_pwauth: 0/ssh_pwauth: 1/g' /etc/cloud/cloud.cfg
7. 设置网卡
echo 'NETWORKING=yes
NOZEROCONF=yes'>/etc/sysconfig/network
8. ssh配置
sed -i 's/^PasswordAu.*$/PasswordAuthentication yes/' /etc/ssh/sshd_config
sed -i 's/^GSSAPIAuthentication yes/GSSAPIAuthentication no/' /etc/ssh/sshd_config
sed -i 's/^#UseDNS.*$/UseDNS no/' /etc/ssh/sshd_config
service sshd restart
9. 开机自启动
chkconfig acpid on
chkconfig cloud-init on
chkconfig qemu-ga on
10.要使nova console-log 能将实例启动过程输出到实例启动日志中,要在文件/boot/grub/menu.lst
中kernel参数中增加下面的内容: console=tty0 console=ttyS0,115200n8
vim
/boot/grub/menu.lst
kernel参数最后面增加下面的内容: console=tty0
console=ttyS0,115200n8
11. 安装linux rootfs resize,使得实例启动时可以自动扩展根分区
wget http://111.161.38.58/share/tool/linux-rootfs-resize.zip
unzip linux-rootfs-resize.zip
cd linux-rootfs-resize
chmod +x install
./install
cd
rm -rf linux-rootfs-resize linux-rootfs-resize.zip
12. 修改配置文件vim /etc/cloud/cloud.cfg ,在cloud_init_modules 下面增加:
-
resolv-conf
13. 删除网卡信息
sed -i '/HWADDR/d' /etc/sysconfig/network-scripts/ifcfg-eth*
sed -i '/UUID/d' /etc/sysconfig/network-scripts/ifcfg-eth*
rm -rf /etc/udev/rules.d/70-persistent-net.rules
rm -rf /etc/udev/rules.d/70-persistent-cd.rules
14. wget 漏洞修复
yum -y install openssl openssl-devel glib2-devel gcc
wget http://111.161.38.58/share/tool/wget-1.20.3.tar.gz
tar xvf wget-1.20.3.tar.gz
cd wget-1.20
./configure --prefix=/usr --sysconfdir=/etc --with-ssl=openssl
make && make install
wget -V
15. 为了修补openssl低版本存在的漏洞,现将Centos 6.5系统openssl版本1.0.1e升级到1.1.0i(系统6.5-6.9都适用),升级包括下载openssl-1.1.0i.tar.gz以及基础环境否则在"make"这一步会报错,故一定要安装zlib和zlib-devel
yum -y install zlib zlib-devel -y
wget http://111.161.38.58/share/tool/openssl-1.1.0i.tar.gz
tar -zvxf openssl-1.1.0i.tar.gz
cd openssl-1.1.0i
./config shared zlib
make
make install
mv /usr/bin/openssl /usr/bin/openssl.bak
find / -name openssl
ln -s /usr/local/bin/openssl /usr/bin/openssl
echo "/usr/local/lib64/" >> /etc/ld.so.conf
ldconfig
openssl version -a
16. 修补系统漏洞
yum -y install bash wget libpng libuser openssh openssh-clients openssh-servervim tcpdump
yum -y install bind-libs bind-utils glibc glibc-common glibc-devel glibc-headers nscd sqlite ntpdate grep libxml2 libreport openssl
yum -y install subversion openldap nss-util nss vim-common vim-enhanced vim-minimal libtiff libgcrypt
17. 升级软件方式
yum update bash
yum update wget
yum update libpng
yum update libuser
yum update openssh
yum update openssh-clients
yum update openssh-server
yum update bind-libs
yum update bind-utils
yum update glibc
yum update glibc-common
yum update glibc-devel
yum update glibc-headers
yum update nscd
yum update sqlite
yum update ntpdate
yum update grep
yum update libxml2
yum update libreport
yum update openssl
yum update subversion
yum update openldap
yum update nss-util
yum update nss
yum update vim-common
yum update vim-enhanced
yum update vim-minimal
yum update libtiff
yum update libgcrypt
yum update python -y
18. 清理
rm -rf /tmp/*
rm -rf /root/*
rm -f /var/log/wtmp /var/log/btmp
>/var/log/cloud-init.log
19. 清空历史记录并关机
history -c
poweroff
20. 查看kvm所有虚拟机
virsh list --all
21. 执行清理任务
virt-sysprep -d CentOS6.5_x86_64bit
22. 压缩镜像
cd kvm/img/
virt-sparsify --compress /var/lib/libvirt/images/CentOS6.5_x86_64bit.qcow2 CentOS6.5_x86_64bit.qcow2
23. 拷贝镜像到controller1上
cd
scp -p kvm/img/CentOS6.5_x86_64bit.qcow2 controller:/root