Openestack 官方云镜像用法

  • Post author:
  • Post category:openstack
  • Post comments:0评论

以下都基于官方给出的云镜像,下面给出官方云镜像的获取方式。
我们可以直接去各自的官方网站下载,也可以通过国内镜像站下载。
很多国内镜像站都提供云镜像下载,例如清华大学源、科大源等。

centos:
 科大:http://mirrors.ustc.edu.cn/centos-cloud/
 官方:http://cloud.centos.org/centos/7/images/

ubuntu:
 科大:http://mirrors.ustc.edu.cn/ubuntu-cloud-images/
 官方:http://cloud-images.ubuntu.com/
 帮助文档:https://help.ubuntu.com/community/UEC/Images

debian:
 科大:https://mirrors.ustc.edu.cn/debian-cdimage/openstack/
 官方:https://www.debian.org/distrib/
 帮助文档:https://cloud.debian.org/images/cloud/

修改计算节点nova配置,允许密码注入(如果没有配置以下3个配置项,默认允许密码注入):

root@compute ~]# vim /etc/nova/nova.conf      # 修改以下3个配置
[libvirt]
inject_password = true
inject_key = true
inject_partition = -1

root@compute ~]# systemctl restart openstack-nova-compute

创建实例时,到配置哪里,将以下脚本填入到定制化脚本中,建议根据实际需求修改。

ubuntu 18.04

#!/bin/bash
passwd root<<EOF
000000
000000
EOF
sed -i 's/PasswordAuthentication no/PasswordAuthentication yes/g' /etc/ssh/sshd_config
sed -i 's/#PermitRootLogin prohibit-password/PermitRootLogin yes/g' /etc/ssh/sshd_config
sed -i 's/#UseDNS no/UseDNS no/g' /etc/ssh/sshd_config
systemctl restart sshd
systemctl stop ufw.service
systemctl disable ufw.service
mv /root/.ssh/authorized_keys{,.old}
cp /home/ubuntu/.ssh/authorized_keys /root/.ssh/
chown root.root /root/.ssh/authorized_keys
timedatectl set-timezone Asia/Shanghai
echo -e "NTP=ntp1.aliyun.com\nFallbackNTP=ntp.ubuntu.com" >> /etc/systemd/timesyncd.conf
systemctl restart systemd-timesyncd

cp /etc/apt/sources.list{,.bak}
cat > /etc/apt/sources.list << EOF
deb https://mirrors.aliyun.com/ubuntu/ bionic main restricted universe multiverse
deb-src https://mirrors.aliyun.com/ubuntu/ bionic main restricted universe multiverse
deb https://mirrors.aliyun.com/ubuntu/ bionic-security main restricted universe multiverse
deb-src https://mirrors.aliyun.com/ubuntu/ bionic-security main restricted universe multiverse
deb https://mirrors.aliyun.com/ubuntu/ bionic-updates main restricted universe multiverse
deb-src https://mirrors.aliyun.com/ubuntu/ bionic-updates main restricted universe multiverse
deb https://mirrors.aliyun.com/ubuntu/ bionic-proposed main restricted universe multiverse
deb-src https://mirrors.aliyun.com/ubuntu/ bionic-proposed main restricted universe multiverse
deb https://mirrors.aliyun.com/ubuntu/ bionic-backports main restricted universe multiverse
deb-src https://mirrors.aliyun.com/ubuntu/ bionic-backports main restricted universe multiverse
EOF
apt update
apt install -y net-tools vim bash-completion lrzsz unzip zip

ubuntu 20.04

#!/bin/bash
passwd root<<EOF
000000
000000
EOF
sed -i 's/PasswordAuthentication no/PasswordAuthentication yes/g' /etc/ssh/sshd_config
sed -i 's/#PermitRootLogin prohibit-password/PermitRootLogin yes/g' /etc/ssh/sshd_config
sed -i 's/#UseDNS no/UseDNS no/g' /etc/ssh/sshd_config
systemctl restart sshd
systemctl stop ufw.service
systemctl disable ufw.service
mv /root/.ssh/authorized_keys{,.old}
cp /home/ubuntu/.ssh/authorized_keys /root/.ssh/
chown root.root /root/.ssh/authorized_keys
timedatectl set-timezone Asia/Shanghai
echo -e "NTP=ntp1.aliyun.com\nFallbackNTP=ntp.ubuntu.com" >> /etc/systemd/timesyncd.conf
systemctl restart systemd-timesyncd

cp /etc/apt/sources.list{,.bak}
cat > /etc/apt/sources.list << EOF
deb http://mirrors.aliyun.com/ubuntu focal main restricted
deb http://mirrors.aliyun.com/ubuntu focal-updates main restricted
deb http://mirrors.aliyun.com/ubuntu focal universe
deb http://mirrors.aliyun.com/ubuntu focal-updates universe
deb http://mirrors.aliyun.com/ubuntu focal multiverse
deb http://mirrors.aliyun.com/ubuntu focal-updates multiverse
deb http://mirrors.aliyun.com/ubuntu focal-backports main restricted universe multiverse
deb http://mirrors.aliyun.com/ubuntu focal-security main restricted
deb http://mirrors.aliyun.com/ubuntu focal-security universe
deb http://mirrors.aliyun.com/ubuntu focal-security multiverse
EOF
apt update
apt install -y net-tools vim bash-completion lrzsz unzip zip

centos 7.6.1810

#!/bin/bash
passwd root<<EOF
000000
000000
EOF
sed -i 's/#PermitRootLogin yes/PermitRootLogin yes/g' /etc/ssh/sshd_config
sed -i 's/PasswordAuthentication no/PasswordAuthentication yes/g' /etc/ssh/sshd_config
sed -i 's/#UseDNS yes/UseDNS no/g' /etc/ssh/sshd_config
sed -i 's/GSSAPIAuthentication yes/GSSAPIAuthentication no/g' /etc/ssh/sshd_config
sed -i 's/^SELINUX=.*/SELINUX=permissive/g' /etc/selinux/config
setenforce 0
systemctl restart sshd
mv /root/.ssh/authorized_keys{,.old}
cp -a /home/centos/.ssh/authorized_keys /root/.ssh/
chown root.root /root/.ssh/authorized_keys
cd /etc/yum.repos.d/
mkdir centos
mv *.repo centos/
curl -o /etc/yum.repos.d/CentoS-7.repo http://mirrors.aliyun.com/repo/Centos-7.repo    
curl -o /etc/yum.repos.d/epel7.repo http://mirrors.aliyun.com/repo/epel-7.repo
yum install -y vim net-tools tree sysstat lrzsz unzip zip wget telnet ntpdate bash-completion bash-completion-extras
timedatectl set-timezone Asia/Shanghai

debian 10.9

#!/bin/bash
passwd root<<EOF
000000
000000
EOF
sed -i 's/PasswordAuthentication no/PasswordAuthentication yes/g' /etc/ssh/sshd_config
sed -i 's/#PermitRootLogin prohibit-password/PermitRootLogin yes/g' /etc/ssh/sshd_config
sed -i 's/#UseDNS no/UseDNS no/g' /etc/ssh/sshd_config
systemctl restart sshd
mv /root/.ssh/authorized_keys{,.old}
cp /home/ubuntu/.ssh/authorized_keys /root/.ssh/
chown root.root /root/.ssh/authorized_keys
timedatectl set-timezone Asia/Shanghai
echo -e "NTP=ntp1.aliyun.com\nFallbackNTP=ntp.ubuntu.com" >> /etc/systemd/timesyncd.conf
systemctl restart systemd-timesyncd

发表评论

验证码: 19 + = 25