Kòm ou konnen, nan nwaj Amazon yo lanse ka vityèl ki baze sou imaj (sa yo rele
Dokimantasyon ofisyèl la dekri
Nan atik sa a pral diskite sou fason pou kreye pwòp AMI ki apiye EBS ou nan nwaj Amazon san etap entèmedyè.
Plan Aksyon:
- Prepare anviwònman an
- Enstale yon sistèm pwòp epi fè paramèt ki nesesè yo
- Pran yon snapshot nan disk la
- Enskri AMI
Prepare anviwònman an
Pou rezon nou yo, nenpòt egzanp nan nenpòt fòm se apwopriye, menm t1.micro. Ou ka kouri li atravè CLI a:
aws ec2 run-instances --image-id ami-1624987f --max-count 1 --min-count 1 --key-name mel --instance-type t1.micro
Ann kreye ebs-volume, kote nou pral enstale sistèm nou an pita:
aws ec2 create-volume --availability-zone us-east-1a --size 10
Kòmand sa a pral fè yon disk 10 Gb pou nou. Enpòtan: disk la dwe nan menm zòn ak egzanp lan (nan ka nou an se us-east-1a).
Apre sa, ou bezwen tache disk la nan egzanp lan:
aws ec2 attach-volume --instance-id i-2bc0925b --volume-id vol-08ab3079 --device /dev/xvdf
Koulye a, ann konekte nan egzanp lan atravè ssh, fòma disk la epi monte li nan anyè a:
mkfs.ext3 /dev/xvdf
mkdir /mnt/centos-image
mount /dev/xvdf /mnt/centos-image
cd !$
Enstale pwòp Centos 5.9
Anvan enstale sistèm nan, ou bezwen kreye yon pye bwa anyè, monte proc ak sysfs, epi kreye yon seri minimòm aparèy:
mkdir centos-image/{boot,tmp,dev,sys,proc,etc,var}
mount -t proc none /mnt/centos-image/proc/
mount -t sysfs none /mnt/centos-image/sys/
for i in console null zero ; do /sbin/MAKEDEV -d /mnt/centos-image/dev -x $i ; done
Nou pral enstale sistèm nan lè l sèvi avèk yum ak fichye konfigirasyon sa a:
yum-centos.conf
[main]
cachedir=/var/cache/yum
debuglevel=2
logfile=/var/log/yum.log
exclude=*-debuginfo
gpgcheck=0
obsoletes=1
reposdir=/dev/null
[base]
name=CentOS-5.9 - Base
mirrorlist=http://mirrorlist.centos.org/?release=5.9&arch=x86_64&repo=os
#baseurl=http://mirror.centos.org/centos/5.9/os/x86_64/
gpgcheck=1
gpgkey=http://mirror.centos.org/centos/RPM-GPG-KEY-CentOS-5
[updates]
name=CentOS-5.9 - Updates
mirrorlist=http://mirrorlist.centos.org/?release=5.9&arch=x86_64&repo=updates
#baseurl=http://mirror.centos.org/centos/5.9/updates/x86_64/
gpgcheck=1
gpgkey=http://mirror.centos.org/centos/RPM-GPG-KEY-CentOS-5
[extras]
name=CentOS-5.9 - Extras
mirrorlist=http://mirrorlist.centos.org/?release=5.9&arch=x86_64&repo=extras
#baseurl=http://mirror.centos.org/centos/5.9/extras/x86_64/
gpgcheck=1
gpgkey=http://mirror.centos.org/centos/RPM-GPG-KEY-5
[centosplus]
name=CentOS-5.9 - Plus
mirrorlist=http://mirrorlist.centos.org/?release=5.9&arch=x86_64&repo=centosplus
#baseurl=http://mirror.centos.org/centos/5.9/centosplus/x86_64/
gpgcheck=1
enabled=0
gpgkey=http://mirror.centos.org/centos/RPM-GPG-KEY-5
[contrib]
name=CentOS-5.9 - Contrib
mirrorlist=http://mirrorlist.centos.org/?release=5.9&arch=x86_64&repo=contrib
#baseurl=http://mirror.centos.org/centos/5.9/contrib/x86_64/
gpgcheck=1
enabled=0
gpgkey=http://mirror.centos.org/centos/RPM-GPG-KEY-5
yum -c ~/yum-centos.conf --installroot=/mnt/centos-image/ -y groupinstall Base
Apre w fin ranpli pwosesis enstalasyon an, ou ka enstale nenpòt pakè ki nesesè yo menm jan an:
yum -c ~/yum-centos.conf --installroot=/mnt/centos-image/ install $packet_name
Ann edite fstab:
vi /mnt/centos-image
/dev/xvda1 / ext3 defaults 0 0
none /dev/pts devpts gid=5,mode=620 0 0
none /dev/shm tmpfs defaults 0 0
none /proc proc defaults 0 0
none /sys sysfs defaults 0 0
Nan CentOS 5.9 ou toujou bezwen enstale yon nwayo ak sipò xen:
yum -c ~/yum-centos.conf --installroot=/mnt/centos-image/ -y install kernel-xen
Enstale Grub:
chroot /mnt/centos-image/ grub-install /dev/xvdf
epi jenere yon nouvo initrd:
chroot /mnt/centos-image/
cd boot/
mkinitrd --omit-scsi-modules --with=xennet --with=xenblk --fstab=/etc/fstab --preload=xenblk initrd-2.6.18-348.1.1.el5xen.img 2.6.18-348.1.1.el5xen
Li trè enpòtan pou presize tout paramèt sa yo ak yon nouvo fstab, otreman sistèm lan pa pral demaraj.
Apre sa, ou bezwen kreye yon dosye menu.lst pou grub:
default=0
timeout=5
hiddenmenu
title CentOS_5.9_(x86_64)
root (hd0)
kernel /boot/vmlinuz-2.6.18-348.1.1.el5xen ro root=/dev/xvda1
initrd /boot/initrd-2.6.18-348.1.1.el5xen.img
Ann konfigirasyon rezo a ak sshd:
vi etc/sysconfig/network-scripts/ifcfg-eth0
ONBOOT=yes
DEVICE=eth0
BOOTPROTO=dhcp
TYPE=Ethernet
USERCTL=yes
PEERDNS=yes
IPV6INIT=no
vi etc/sysconfig/network
NETWORKING=yes
chroot /mnt/centos5img/ chkconfig --level 2345 network on
vi /mnt/centos5img/etc/ssh/sshd_config
...
UseDNS no
PermitRootLogin without-password
Kidonk, nou pral jwenn yon rezo k ap travay ak kapasite nan konekte nan egzanp lan lè l sèvi avèk kle yo. Men, kle nan tèt li bezwen yo dwe transfere nan egzanp lan yon jan kanmenm. Sa a ka fè lè l sèvi avèk yon script ki pral pran kle a epi sove li sou egzanp lan:
vi /mnt/centos5img/etc/init.d/ec2-get-ssh
ec2-get-ssh#! / bin / bash
# chkconfig: 2345 95 20
# non pwosesis: ec2-get-ssh
# deskripsyon: Kaptire kalifikasyon kle piblik AWS pou itilizatè EC2
#Source fonksyon bibliyotèk
. /etc/rc.d/init.d/functions
# Sous konfigirasyon rezo
[-r /etc/sysconfig/network] &&. /etc/sysconfig/network
# Ranplase varyab anviwònman sa yo pou sistèm ou a
ekspòte PATH=:/usr/local/bin:/usr/local/sbin:/usr/bin:/usr/sbin:/bin:/sbin
# Tcheke ke rezo configuré
if [ "${NETWORKING}" = "non" ]; lè sa a
eko "Rezo pa configuré."
sòti 1
fi
kòmanse () {
si [! -d /root/.ssh]; lè sa a
mkdir -p /root/.ssh
chmod 700 /root/.ssh
fi
# Rekipere kle piblik nan sèvè metadata lè l sèvi avèk HTTP
boukl -f
si [$? -eq 0]; lè sa a
echo "EC2: Rekipere kle piblik nan sèvè metadata lè l sèvi avèk HTTP."
chat /tmp/my-public-key >> /root/.ssh/authorized_keys
chmod 600 /root/.ssh/authorized_keys
rm /tmp/kle-piblik-mwen
fi
}
sispann () {
eko "Pa gen anyen pou fè isit la"
}
rekòmanse() {
sispann
Kòmanse
}
# Gade kijan yo te rele nou.
ka "$ 1" nan
kòmanse)
Kòmanse
;;
sispann)
sispann
;;
rekòmanse)
rekòmanse
;;
*)
echo $"Itilizasyon: $0 {kòmanse|sispann|rekòmanse}"
sòti 1
ki C
sòti $?
Ann fè li ègzekutabl epi ajoute li nan demaraj:
chmod +x /mnt/centos-image/etc/init.d/ec2-get-ssh
/usr/sbin/chroot /mnt/centos-image/ /sbin/chkconfig --level 34 ec2-get-ssh on
Li se tou rekòmande pou enfim Selinux, oswa konfigirasyon li kòrèkteman. Sinon, pou egzanp, kle a pa ka sove sou egzanp lan.
Nan pwen sa a ou ka sispann mete kanpe sistèm lan. Nou deja gen CentOS pi bon kalite pare pou kouri nan nwaj la. Tout sa ki rete se demonte disk ebs la ak sistèm nou an epi anrejistre ami.
umount /mnt/centos-image/proc/
umount /mnt/centos-image/sys/
umount /mnt/centos-image/
Enskripsyon AMI
Pou jwenn ami nan yon disk ebs, premye bezwen pran yon snapshot nan disk la:
aws ec2 create-snapshot --volume-id vol-0b4bd07a --description centos-snap
Fason ki pi fasil pou anrejistre ami se atravè AWS Management Console. Pou fè sa, ou jis bezwen ale nan seksyon "Snapshots" nan sèvis la EC2, chwazi youn nan ou bezwen (nan ka nou an, li nan centos-snap), dwa-klike sou li epi chwazi "Kreye Imaj nan Snapshot"
Lè sa a, nan fenèt la ki ouvè, ou bezwen chwazi apeprè paramèt sa yo:
Ou ka chèche konnen ki ID Kernel yo chwazi konsa:
aws ec2 describe-images --owner amazon --region us-east-1 --output text | grep "/pv-grub-hd0.*-x86_64" | awk '{print $7}' | grep aki
aki-88aa75e1
aki-b4aa75dd
Se tout. Koulye a, ou ka lanse egzanp.
Nan fason sa a, ou ka kreye yon imaj, gen plis chans, ak nenpòt distribisyon Linux. Omwen, definitivman Debian (itilize debootstrap pou enstale yon sistèm pwòp) ak Rhel-fanmi.
Sous: www.habr.com