基于CentOS8系统制作OpenStack的镜像

一:准备工作

1、CentOS8安装在VMware上,不过这里需要设置下虚拟机的CPU让其支持虚拟化,好在虚拟的CentOS系统里面再用kvm开虚拟机
基于CentOS8系统制作OpenStack的镜像

2、环境检查,看看CPU支不支持硬件虚拟

[root@DT_Node-192_168_233_128 ~]# lscpu | grep Virtualization:
Virtualization:      VT-x

或者

[root@DT_Node-192_168_233_128 ~]# egrep -c '(vmx|svm)' /proc/cpuinfo
4
[root@DT_Node-192_168_233_128 ~]# 

3、安装kvm相关的包

[root@DT_Node-192_168_233_128 ~]# mkdir -p /data/{iso,virt}
[root@DT_Node-192_168_233_128 ~]# dnf install -y qemu-kvm qemu-img libvirt virt-install libvirt-client virt-top libguestfs-tools virt-manager @virt && \
systemctl start libvirtd && systemctl enable libvirtd && systemctl status libvirtd && \
virsh version && virt-install --version

4、检查KVM模块是否被加载

[root@DT_Node-192_168_233_128 ~]# lsmod | grep kvm
kvm_intel             290816  0
kvm                   753664  1 kvm_intel
irqbypass              16384  1 kvm

5、检查现有网络的状态,如果看到一个名为default状态为active的网络就是正常的

[root@DT_Node-192_168_233_128 ~]# virsh net-list --all
 Name                 State      Autostart     Persistent
----------------------------------------------------------
 default              active     yes           yes

[root@DT_Node-192_168_233_128 ~]# 

6、下载ISO镜像文件

[root@DT_Node-192_168_233_128 ~]# mkdir -p /data && cd /data
[root@DT_Node-192_168_233_128 ~]# wget -c http://mirrors.dtops.cc/ISO/Linux/CentOS/CentOS-7-x86_64-NetInstall-kickstart-1804.iso
[root@DT_Node-192_168_233_128 ~]# wget -c http://mirrors.dtops.cc/ISO/Windows/zh-cn_windows_server_2022_x64_dvd_6c73507d.iso
[root@DT_Node-192_168_233_128 ~]# wget -c https://fedorapeople.org/groups/virt/virtio-win/direct-downloads/stable-virtio/virtio-win.iso

7、使用命令创建一个KVM虚拟机

[root@DT_Node-192_168_233_128 ~]# virt-install \
--virt-type kvm \
--name centos7 \
--ram 2048 --vcpus 2 \
--disk path=/data/virt/centos7.qcow2,size=10,format=qcow2,device=disk \
--network network=default \
--graphics vnc,listen=0.0.0.0 \
--noautoconsole \
--os-type=linux \
--os-variant=centos7.0 \
--cdrom=/data/iso/CentOS-7-x86_64-NetInstall-kickstart-1804.iso

可以使用osinfo-query os命令来查询kvm支持的os-variant参数

[root@DT_Node-192_168_233_128 /data]# osinfo-query os
 Short ID             | Name                                               | Version  | ID                                      
----------------------+----------------------------------------------------+----------+-----------------------------------------
 ...
 alpinelinux3.8       | Alpine Linux 3.8                                   | 3.8      | http://alpinelinux.org/alpinelinux/3.8  
 ....
 centos5.0            | CentOS 5.0                                         | 5.0      | http://centos.org/centos/5.0            
 ....
 centos6.0            | CentOS 6.0                                         | 6.0      | http://centos.org/centos/6.0            
....
 centos7.0            | CentOS 7.0                                         | 7.0      | http://centos.org/centos/7.0            
 ...
 cirros0.4.0          | CirrOS 0.4.0                                       | 0.4.0    | http://cirros-cloud.net/cirros/0.4.0    
 .../
 debian9              | Debian 9                                           | 9        | http://debian.org/debian/9              
....
 fedora30             | Fedora 30                                          | 30       | http://fedoraproject.org/fedora/30      
 ....
 win2k19              | Microsoft Windows Server 2019                      | 10.0     | http://microsoft.com/win/2k19           
 ....
 winxp                | Microsoft Windows XP                               | 5.1      | http://microsoft.com/win/xp  

8、连接KVM节点

由于我这里是远程连接的,所有我就直接使用了VNC连接,如果要是本地的话,还可以使用virt-manager、virt-viewer连接
基于CentOS8系统制作OpenStack的镜像

9、为了方便等下进系统操作,我们这边来给新建的虚拟机做下远程管理端口映射

[root@DT_Node-192_168_233_128 /data]# virsh list --all
 Id    Name                           State
----------------------------------------------------
 1     centos7                        running

[root@DT_Node-192_168_233_128 /data]# virsh domifaddr centos7
 Name       MAC address          Protocol     Address
-------------------------------------------------------------------------------
 vnet0      52:54:00:57:41:10    ipv4         192.168.122.114/24

[root@DT_Node-192_168_233_128 /data]# tmux new -s 0 -d "ncat --sh-exec 'ncat 192.168.122.114 22' -l 12992 --keep-open"

这样我们就可以通过连接192.168.233.128宿主机的12992端口来转发到kvm虚拟机的22端口了

关闭selinux

sed -i 's/SELINUX=enforcing/SELINUX=disabled/' /etc/selinux/config

配置ntp时间同步

{ if ! ping ntp.dtops.cc -c1 >/dev/null 2>&1; then echo '172.25.200.254   ntp.dtops.cc' >> /etc/hosts; fi; } && { [ -x /usr/sbin/ntpdate ] || yum install ntpdate -y; } && { if ! grep -q ntpdate /var/spool/cron/root; then echo -e "\n*/5 * * * * /usr/sbin/ntpdate -u ntp.dtops.cc >/dev/null 2>&1" >> /var/spool/cron/root; else sed -i '/ntpdate/d' /var/spool/cron/root; echo -e "\n*/5 * * * * /usr/sbin/ntpdate -u ntp.dtops.cc >/dev/null 2>&1" >> /var/spool/cron/root; fi; } && { clear && /usr/sbin/ntpdate -u ntp.dtops.cc && echo -e "\n=======\n" && cat /var/spool/cron/root;

配置内网hosts

echo -e '\n172.25.100.12 git.dtops.cc\n172.25.120.3 admin.git.dtops.cc' >> /etc/hosts

安装电源管理服务,acpid服务是用于可以让hypervisior可以重启或关闭虚拟机

yum install -y acpid
systemctl start acpid.service
systemctl enable acpid.service

配置启动日志显示

sed -i 's/rhgb quiet/console=tty0 console=ttyS0,115200n8/' /etc/default/grub
grub2-mkconfig -o /boot/grub2/grub.cfg

禁用zeroconf 路由

echo "NOZEROCONF=yes" >> /etc/sysconfig/network

安装配置qemu-guest-agent

yum install -y qemu-guest-agent
vim /etc/sysconfig/qemu-ga
#增加下面的配置
BLACKLIST_RPC=guest-file-open,guest-file-close,guest-file-read,guest-file-write,guest-file-seek,guest-file-flush,guest-exec,guest-exec-status

安装配置cloud 软件包

yum install cloud-init cloud-utils cloud-utils-growpart
groupadd -g 400 www && useradd -r -m -u 400 -g 400 -k no -s /sbin/nologin -c 'Web Server' www
useradd -u 1000 centos -s /sbin/nologin
vim /etc/cloud/cloud.cfg
system_info:
     default_user:
         name: centos
users:
  - name: root
    ssh_pwauth: True
    ssh_authorized_keys:
      - ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAgEA03vrPa958Eb0XllsLGGpL5ZChcW+Sw7CFFKXMdlzRqyxcoSbqKSrverkzn9RTcwsnur7sLTnAZCK/mzD1+i5p+r69qEe6mdd0qUVh/9r5Teyude77fWwPnZgzqex2b+Thh6ovWHbId2AAAVBKb9pZs2hy6G4/HuXfKWnlOxOUppQ/a4GHHlDkWOM/iJvRA2NTER3Gs8UlzUIDjQiSRoIdO776iMwYj+H7DR7he0r4SFd4LfNh+hsjqCMDQ0mI/Vu7G20G/VfSjqZi5kCRDezetii1W3Y5PnYuK5iEYeuJ+t3P3mY2eIHdTLMF2PW7yQ3NQodL9Ml5OQdwdbRu48xwtriw5VFUy01yZLgwqkby/fJg+5K0gunVtSy1Y3gmr/OV/U1hcnu4t4bPGYvnOU0t9+HG+txb8ovqoAAGaz/sERp7uX4wJNUkV3/HlRN+P/gJ1FET0jycS7YPCAQsEAqXUPLOv9yzfbZ772qN0G5VbO/hehZ31DSRqZiqlVCJxrh6CC6dekoiUbQ2Gq+2nmX7J4pgz67FYLS1fbM+p3TmyWlhFLq/cONYAZ/Wkrz5+iTM30Lyj/ocFfHto7Wj0Vwi1QlIZKjKu35gQfRJ/h9eXSU6tlZDcVPZssdlxHRO3pBytMkKYqQJ1ektfbz4lcUP/bBg8He5YG2luzn04Cadn0= root@LookBack_20220521

###修改用户密码
chpasswd:
  list: |
    root:password
  expire: False

disable_root: 0
ssh_pwauth: True

datasource_list: [ 'OpenStack' ]
datasource:
  OpenStack:
    metadata_urls: [ "http://169.254.169.254" ]
    timeout: 5
    max_wait: 60

preserve_hostname: flase
manage_etc_hosts: true

network:
  config: disabled

#自动扩容vda2分区
growpart:
  mode: auto
  devices: [/dev/vda2]
  ignore_growroot_disabled: false

runcmd:
  - [ sh, -c, echo "=========Welcome To OpenStack'=========" > /root/runcmd.log ]
####利用runcmd 扩容lvm
  - [localedef,-c,-f,UTF-8,-i,en_US,en_US.UTF-8]
  - [export,LC_ALL=en_US.UTF-8]
  - [growpart,/dev/vda,2]
  - [resize2fs,/dev/vda2]
  - [pvresize,/dev/vda2]
  - [lvextend,-l,+100%FREE,/dev/mapper/LBVG-root]
  - [xfs_growfs,/dev/mapper/LBVG-root]

mount_default_fields: [~, ~, 'auto', 'defaults,nofail,x-systemd.requires=cloud-init.service', '0', '2']
resize_rootfs_tmp: /dev

cloud_init_modules:
# - ssh
  - disk_setup
  - migrator
  - bootcmd
  - write-files
  - growpart
  - resizefs
  - set_hostname
  - update_hostname
  - update_etc_hosts
  - rsyslog
  - users-groups

cloud_config_modules:
 - mounts
 - locale
 - set-passwords
 - yum-add-repo
 - package-update-upgrade-install
 - timezone
 - puppet
 - chef
 - salt-minion
 - mcollective
 - disable-ec2-metadata
 - runcmd
 - ntp-conf

cloud_final_modules:
 - rightscale_userdata
 - scripts-per-once
 - scripts-per-boot
 - scripts-per-instance
 - scripts-user
 - ssh-authkey-fingerprints
 - keys-to-console
 - phone-home
 - final-message
 - power-state-change

system_info:
  default_user:
    name: centos
    lock_passwd: true
    gecos: Cloud User
    groups: [wheel, adm, systemd-journal]
    sudo: ["ALL=(ALL) NOPASSWD:ALL"]
    shell: /bin/bash
  distro: centos
  paths:
    cloud_dir: /var/lib/cloud/
    templates_dir: /etc/cloud/templates/
  ssh_svcname: sshd

final_message: "The system is finally up,after $UPTIME seconds. Default user and password:root lookback"

清理环境

[root@DT_Node-192_168_201_135 ~]# rm -Rf /var/lib/cloud/instances/*
[root@DT_Node-192_168_201_135 ~]# rm -Rf /var/lib/cloud/instance
[root@DT_Node-192_168_201_135 ~]# rm -Rf /var/lib/cloud/data/*
[root@DT_Node-192_168_201_135 ~]# rm -rf /etc/resolv.conf /run/cloud-init
[root@DT_Node-192_168_201_135 ~]# userdel -rf cloud-user
[root@DT_Node-192_168_201_135 ~]# rm /etc/NetworkManager/conf.d/99-cloud-init.conf
[root@DT_Node-192_168_201_135 ~]# yum clean all
[root@DT_Node-192_168_201_135 ~]# find /tmp/ -type f -name '.?*' -exec rm {} \; && 
/bin/rm -rf /tmp/* /var/log/{boot*,cron*,dmesg*,lastlog*,maillog*,messages*,secure*,spooler*,tallylog*,wpa_supplicant*,wtmp*,yum*} && \
hostnamectl set-hostname --static localhost.localdomain && \
history -w && history -c && \
/bin/rm ~/.bash_history && \
poweroff

封装镜像

yum install libguestfs-tools
virt-sysprep -d centos7
virsh undefine centos7

压缩镜像

virt-sparsify --compress /data/virt/centos7.qcow2 /data/virt/CentOS-7.9.2009-x86_64-Cloud-20220606.qcow2

=======================================================================================

开始制作Windows 镜像

virt-install --name windows2022 \
--connect qemu:///system \
--arch=x86_64 --ram 8192 --vcpus 4 \
--cpu host --video cirrus \
--network network=default,model=virtio \
--features hyperv_relaxed=on,hyperv_spinlocks=on,hyperv_vapic=on \
--graphics vnc,listen=0.0.0.0 \
--noautoconsole \
--os-type windows --os-variant win2k22 \
--boot=cdrom,hd \
--disk path=/data/virt/windows2022.qcow2,size=60,format=qcow2,device=disk,bus=virtio \
--disk path=/data/iso/virtio-win.iso,device=cdrom \
--cdrom=/data/iso/zh-cn_windows_server_2022_x64_dvd_6c73507d.iso

UEFI启动方式

virt-install --name windows2022 \
--connect qemu:///system --arch=x86_64 \
--ram 8192 --vcpus 4 --cpu host \
--video cirrus \
--network network=default,model=virtio \
--features hyperv_relaxed=on,hyperv_spinlocks=on,hyperv_vapic=on \
--graphics vnc,listen=0.0.0.0 --noautoconsole \
--os-type windows --os-variant win2k22 \
--boot uefi,cdrom,hd,network,menu=on \
--disk path=/data/virt/windows2022.qcow2,size=60,format=qcow2,device=disk,bus=virtio \
--disk path=/data/iso/virtio-win.iso,device=cdrom \
--cdrom=/data/iso/zh-cn_windows_server_2022_x64_dvd_6c73507d.iso

由于Windows系统默认是没有Virtio驱动的,在磁盘分区安装的时候是看不到磁盘的,所以在安装Windows的时候需要挂载一个virtio驱动CDROM进去。
基于CentOS8系统制作OpenStack的镜像

基于CentOS8系统制作OpenStack的镜像

基于CentOS8系统制作OpenStack的镜像

基于CentOS8系统制作OpenStack的镜像

基于CentOS8系统制作OpenStack的镜像

基于CentOS8系统制作OpenStack的镜像

基于CentOS8系统制作OpenStack的镜像

基于CentOS8系统制作OpenStack的镜像

基于CentOS8系统制作OpenStack的镜像

基于CentOS8系统制作OpenStack的镜像

基于CentOS8系统制作OpenStack的镜像

基于CentOS8系统制作OpenStack的镜像

基于CentOS8系统制作OpenStack的镜像

安装好系统后没有网卡等驱动,这时候我们还需要补装一下其他的Virtio驱动
基于CentOS8系统制作OpenStack的镜像

基于CentOS8系统制作OpenStack的镜像

基于CentOS8系统制作OpenStack的镜像

如果还没网就直接安装驱动文件
基于CentOS8系统制作OpenStack的镜像

然后开启系统的远程桌面,等下我们就可以通过远程来对这个虚拟机做调试(我个人感觉远程桌面比VNC桌面控制方便)
基于CentOS8系统制作OpenStack的镜像

在宿主机上对Windows的kvm虚拟机做远程端口映射监听

[root@DT_Node-10_199_11_12 /data/virt]# virsh domifaddr  windows2022 
 名称     MAC 地址           Protocol     Address
-------------------------------------------------------------------------------
 vnet1      52:54:00:8b:ed:5f    ipv4         192.168.122.139/24

[root@DT_Node-10_199_11_12 /data/virt]# tmux new -s 0 -d "ncat --sh-exec 'ncat 192.168.122.139 3389' -l 3389 --keep-open"

Cloudbase-Init 下载地址: https://cloudbase.it/cloudbase-init/#download

Username为需要修改密码的用户。如果用户名不存在,会先创建,然后设置密码。
基于CentOS8系统制作OpenStack的镜像

最后一步选择Run Sysprep
基于CentOS8系统制作OpenStack的镜像

添加 setuserpassword Plugin

修改配置文件\PATH\TO\Cloudbase Solutions\Cloubase-Init\conf\cloudbase-init-unattend.conf, plugins项添加cloudbaseinit.plugins.common.setuserpassword.SetUserPasswordPlugin。

[DEFAULT]
username=Administrator
groups=Administrators
inject_user_password=true
config_drive_raw_hhd=true
config_drive_cdrom=true
config_drive_vfat=true
bsdtar_path=C:\Program Files\Cloudbase Solutions\Cloudbase-Init\bin\bsdtar.exe
mtools_path=C:\Program Files\Cloudbase Solutions\Cloudbase-Init\bin\
verbose=true
debug=true
logdir=C:\Program Files\Cloudbase Solutions\Cloudbase-Init\log\
logfile=cloudbase-init-unattend.log
default_log_levels=comtypes=INFO,suds=INFO,iso8601=WARN,requests=WARN
logging_serial_port_settings=COM1,115200,N,8
mtu_use_dhcp_config=true
ntp_use_dhcp_config=true
local_scripts_path=C:\Program Files\Cloudbase Solutions\Cloudbase-Init\LocalScripts\
metadata_services=cloudbaseinit.metadata.services.configdrive.ConfigDriveService,cloudbaseinit.metadata.services.httpservice.HttpService,cloudbaseinit.metadata.services.ec2service.EC2Service,cloudbaseinit.metadata.services.maasservice.MaaSHttpService
plugins=cloudbaseinit.plugins.common.mtu.MTUPlugin,cloudbaseinit.plugins.common.sethostname.SetHostNamePlugin,cloudbaseinit.plugins.windows.extendvolumes.ExtendVolumesPlugin,cloudbaseinit.plugins.common.setuserpassword.SetUserPasswordPlugin
allow_reboot=false
stop_service_on_exit=false
check_latest_version=false

下次启动强制重新设置密码

这个功能默认是打开的,要关闭下次启动强制重新设置密码需要修改\PATH\TO\Cloudbase Solutions\Cloubase-Init\Python\Lib\site-packages\cloudbaseinit\plugins\common\setuserpassword.py:

不传入admin_pass不使用随机密码

默认情况下,装了 Cloudbase-Init 在不传入admin_pass启动虚拟机,将会使用随机密码。要取消使用随机密码需要修改\PATH\TO\Cloudbase Solutions\Cloubase-Init\Python\Lib\site-packages\cloudbaseinit\plugins\common\setuserpassword.py:

        password, injected = self._get_password(service, shared_data)
        if not password:
            return None
            #LOG.debug('Generating a random user password')
            #password = osutils.generate_random_password(
            #    CONF.user_password_length)

        osutils.set_user_password(user_name, password)
        #self._change_logon_behaviour(user_name, password_injected=injected)
        return password

基于CentOS8系统制作OpenStack的镜像

v�i�r�t�-�s�p�a�r�s�i�f�y� �-�-�c�o�m�p�r�e�s�s� �/�d�a�t�a�/�v�i�r�t�/�w�i�n�d�o�w�s�2�0�2�2�.�q�c�o�w�2� �/�d�a�t�a�/�v�i�r�t�/�W�i�n�d�o�w�s�S�e�r�v�e�r�-�2�0�2�2�-�x�8�6�_�6�4�-�C�l�o�u�d�-�2�0�2�2�0�6�0�7�.�q�c�o�w�2���
lookback
  • 本文由 发表于 2020年2月7日20:54:34
  • 除非特殊声明,本站文章均为原创,转载请务必保留本文链接
匿名

发表评论

匿名网友 填写信息

:?: :razz: :sad: :evil: :!: :smile: :oops: :grin: :eek: :shock: :???: :cool: :lol: :mad: :twisted: :roll: :wink: :idea: :arrow: :neutral: :cry: :mrgreen: