Kòm ou konnen, nan nwaj Amazon yo lanse ka vityèl ki baze sou imaj (sa yo rele ). Amazon bay yon gwo kantite yo; ou ka itilize tou imaj piblik ki prepare pa twazyèm pati, pou ki founisè nwaj la, nan kou, pa pote okenn responsablite. Men pafwa ou bezwen yon imaj sistèm pwòp ak paramèt ki nesesè yo, ki pa nan lis la nan imaj. Lè sa a, sèl fason pou soti se fè pwòp AMI ou.
Dokimantasyon ofisyèl la dekri kreye yon "ami ki te sipòte nan magazen enstans". Dezavantaj apwòch sa a se ke imaj la fini ap bezwen tou konvèti nan yon "AMI ki apiye EBS"
Nan atik sa a pral diskite sou fason pou kreye pwòp AMI ki apiye EBS ou nan nwaj Amazon san etap entèmedyè.
Plan Aksyon:
- Prepare anviwònman an
- Enstale yon sistèm pwòp epi fè paramèt ki nesesè yo
- Pran yon snapshot nan disk la
- Enskri AMI
Prepare anviwònman an
Pou rezon nou yo, nenpòt egzanp nan nenpòt fòm se apwopriye, menm t1.micro. Ou ka kouri li atravè CLI a:
aws ec2 run-instances --image-id ami-1624987f --max-count 1 --min-count 1 --key-name mel --instance-type t1.micro
Ann kreye ebs-volume, kote nou pral enstale sistèm nou an pita:
aws ec2 create-volume --availability-zone us-east-1a --size 10
Kòmand sa a pral fè yon disk 10 Gb pou nou. Enpòtan: disk la dwe nan menm zòn ak egzanp lan (nan ka nou an se us-east-1a).
Apre sa, ou bezwen tache disk la nan egzanp lan:
aws ec2 attach-volume --instance-id i-2bc0925b --volume-id vol-08ab3079 --device /dev/xvdf
Koulye a, ann konekte nan egzanp lan atravè ssh, fòma disk la epi monte li nan anyè a:
mkfs.ext3 /dev/xvdf
mkdir /mnt/centos-image
mount /dev/xvdf /mnt/centos-image
cd !$
Enstale yon bagay pwòp Centos 5.9
Anvan enstale sistèm nan, ou bezwen kreye yon pye bwa anyè, monte proc ak sysfs, epi kreye yon seri minimòm aparèy:
mkdir centos-image/{boot,tmp,dev,sys,proc,etc,var}
mount -t proc none /mnt/centos-image/proc/
mount -t sysfs none /mnt/centos-image/sys/
for i in console null zero ; do /sbin/MAKEDEV -d /mnt/centos-image/dev -x $i ; done
Nou pral enstale sistèm nan lè l sèvi avèk yum ak fichye konfigirasyon sa a:
miam-centos.konf
[main]
cachedir=/var/cache/yum
debuglevel=2
logfile=/var/log/yum.log
exclude=*-debuginfo
gpgcheck=0
obsoletes=1
reposdir=/dev/null
[base]
name=CentOS-5.9 - Base
mirrorlist=http://mirrorlist.centos.org/?release=5.9&arch=x86_64&repo=os
#baseurl=http://mirror.centos.org/centos/5.9/os/x86_64/
gpgcheck=1
gpgkey=http://mirror.centos.org/centos/RPM-GPG-KEY-CentOS-5
[updates]
name=CentOS-5.9 - Updates
mirrorlist=http://mirrorlist.centos.org/?release=5.9&arch=x86_64&repo=updates
#baseurl=http://mirror.centos.org/centos/5.9/updates/x86_64/
gpgcheck=1
gpgkey=http://mirror.centos.org/centos/RPM-GPG-KEY-CentOS-5
[extras]
name=CentOS-5.9 - Extras
mirrorlist=http://mirrorlist.centos.org/?release=5.9&arch=x86_64&repo=extras
#baseurl=http://mirror.centos.org/centos/5.9/extras/x86_64/
gpgcheck=1
gpgkey=http://mirror.centos.org/centos/RPM-GPG-KEY-5
[centosplus]
name=CentOS-5.9 - Plus
mirrorlist=http://mirrorlist.centos.org/?release=5.9&arch=x86_64&repo=centosplus
#baseurl=http://mirror.centos.org/centos/5.9/centosplus/x86_64/
gpgcheck=1
enabled=0
gpgkey=http://mirror.centos.org/centos/RPM-GPG-KEY-5
[contrib]
name=CentOS-5.9 - Contrib
mirrorlist=http://mirrorlist.centos.org/?release=5.9&arch=x86_64&repo=contrib
#baseurl=http://mirror.centos.org/centos/5.9/contrib/x86_64/
gpgcheck=1
enabled=0
gpgkey=http://mirror.centos.org/centos/RPM-GPG-KEY-5
yum -c ~/yum-centos.conf --installroot=/mnt/centos-image/ -y groupinstall Base
Apre w fin ranpli pwosesis enstalasyon an, ou ka enstale nenpòt pakè ki nesesè yo menm jan an:
yum -c ~/yum-centos.conf --installroot=/mnt/centos-image/ install $packet_name
Ann edite fstab:
vi /mnt/centos-image
/dev/xvda1 / ext3 defaults 0 0
none /dev/pts devpts gid=5,mode=620 0 0
none /dev/shm tmpfs defaults 0 0
none /proc proc defaults 0 0
none /sys sysfs defaults 0 0
В CentOS 5.9 toujou bezwen enstale yon kernel ki sipòte xen:
yum -c ~/yum-centos.conf --installroot=/mnt/centos-image/ -y install kernel-xen
Enstale Grub:
chroot /mnt/centos-image/ grub-install /dev/xvdf
epi jenere yon nouvo initrd:
chroot /mnt/centos-image/
cd boot/
mkinitrd --omit-scsi-modules --with=xennet --with=xenblk --fstab=/etc/fstab --preload=xenblk initrd-2.6.18-348.1.1.el5xen.img 2.6.18-348.1.1.el5xen
Li trè enpòtan pou presize tout paramèt sa yo ak yon nouvo fstab, otreman sistèm lan pa pral demaraj.
Apre sa, ou bezwen kreye yon dosye menu.lst pou grub:
default=0
timeout=5
hiddenmenu
title CentOS_5.9_(x86_64)
root (hd0)
kernel /boot/vmlinuz-2.6.18-348.1.1.el5xen ro root=/dev/xvda1
initrd /boot/initrd-2.6.18-348.1.1.el5xen.img
Ann konfigirasyon rezo a ak sshd:
vi etc/sysconfig/network-scripts/ifcfg-eth0
ONBOOT=yes
DEVICE=eth0
BOOTPROTO=dhcp
TYPE=Ethernet
USERCTL=yes
PEERDNS=yes
IPV6INIT=no
vi etc/sysconfig/network
NETWORKING=yes
chroot /mnt/centos5img/ chkconfig --level 2345 network on
vi /mnt/centos5img/etc/ssh/sshd_config
...
UseDNS no
PermitRootLogin without-password
Kidonk, nou pral jwenn yon rezo k ap travay ak kapasite nan konekte nan egzanp lan lè l sèvi avèk kle yo. Men, kle nan tèt li bezwen yo dwe transfere nan egzanp lan yon jan kanmenm. Sa a ka fè lè l sèvi avèk yon script ki pral pran kle a epi sove li sou egzanp lan:
vi /mnt/centos5img/etc/init.d/ec2-get-ssh
ec2-get-ssh#! / bin / bash
# chkconfig: 2345 95 20
# non pwosesis: ec2-get-ssh
# deskripsyon: Kaptire kalifikasyon kle piblik AWS pou itilizatè EC2
#Source fonksyon bibliyotèk
. /etc/rc.d/init.d/functions
# Sous konfigirasyon rezo
[-r /etc/sysconfig/network] &&. /etc/sysconfig/network
# Ranplase varyab anviwònman sa yo pou sistèm ou a
ekspòte PATH=:/usr/local/bin:/usr/local/sbin:/usr/bin:/usr/sbin:/bin:/sbin
# Tcheke ke rezo configuré
if [ "${NETWORKING}" = "non" ]; lè sa a
eko "Rezo pa configuré."
sòti 1
fi
kòmanse () {
si [! -d /root/.ssh]; lè sa a
mkdir -p /root/.ssh
chmod 700 /root/.ssh
fi
# Rekipere kle piblik nan sèvè metadata lè l sèvi avèk HTTP
boukl -f > /tmp/my-public-key
si [$? -eq 0]; lè sa a
echo "EC2: Rekipere kle piblik nan sèvè metadata lè l sèvi avèk HTTP."
chat /tmp/my-public-key >> /root/.ssh/authorized_keys
chmod 600 /root/.ssh/authorized_keys
rm /tmp/kle-piblik-mwen
fi
}
sispann () {
eko "Pa gen anyen pou fè isit la"
}
rekòmanse() {
sispann
Kòmanse
}
# Gade kijan yo te rele nou.
ka "$ 1" nan
kòmanse)
Kòmanse
;;
sispann)
sispann
;;
rekòmanse)
rekòmanse
;;
*)
echo $"Itilizasyon: $0 {kòmanse|sispann|rekòmanse}"
sòti 1
ki C
sòti $?
Ann fè li ègzekutabl epi ajoute li nan demaraj:
chmod +x /mnt/centos-image/etc/init.d/ec2-get-ssh
/usr/sbin/chroot /mnt/centos-image/ /sbin/chkconfig --level 34 ec2-get-ssh on
Li se tou rekòmande pou enfim Selinux, oswa konfigirasyon li kòrèkteman. Sinon, pou egzanp, kle a pa ka sove sou egzanp lan.
Nan pwen sa a, nou ka sispann konfigirasyon sistèm nan. Nou deja gen yon sistèm pwòp. CentOS, pare pou lanse nan nwaj la. Tout sa ki rete se demonte kondwi EBS ki gen sistèm nou an epi anrejistre AMI a.
umount /mnt/centos-image/proc/
umount /mnt/centos-image/sys/
umount /mnt/centos-image/
Enskripsyon AMI
Pou jwenn ami nan yon disk ebs, premye bezwen pran yon snapshot nan disk la:
aws ec2 create-snapshot --volume-id vol-0b4bd07a --description centos-snap
Fason ki pi fasil pou anrejistre yon ami se atravè Konsole Jesyon AWS la. Pou fè sa, tou senpleman ale nan seksyon "Snapshots" nan sèvis EC2 a, chwazi youn ou vle a (nan ka nou an, se centos-snap), klike sou li ak bouton dwat sourit la epi chwazi "Kreye Imaj apati yon Snapshot"
Lè sa a, nan fenèt la ki ouvè, ou bezwen chwazi apeprè paramèt sa yo:
Ou ka chèche konnen ki ID Kernel yo chwazi konsa:
aws ec2 describe-images --owner amazon --region us-east-1 --output text | grep "/pv-grub-hd0.*-x86_64" | awk '{print $7}' | grep aki
aki-88aa75e1
aki-b4aa75dd
Se tout. Koulye a, ou ka lanse egzanp.
Nan fason sa a ou ka kreye yon imaj, pwobableman ak nenpòt Linux-distribisyon. Omwen, pou asire w. Debian- (lè l sèvi avèk debootstrap pou enstale yon sistèm pwòp) ak fanmi Rhel.
Sous: www.habr.com
