Ko tenei aratohu he "marau" o te ingoa kotahi Tuhinga e pā ana ki CentOS 5.9, ā, e whai whakaaro ana ki ngā āhuatanga o te pūnaha whakahaere hou. Kāore anō kia wātea he whakaahua mana i runga i te AWS Marketplace i tēnei wā. Centos8 mai i centos.org.
Kei te mohio koe, i roto i te Amazon kapua mariko ka whakarewahia nga ahuatanga i runga i nga whakaahua (ko te mea e kiia ana Ami). Ka whakaratohia e Amazon he maha o ratou; ka taea hoki e koe te whakamahi i nga whakaahua a te iwi i whakaritea e nga roopu tuatoru, kaore he kawenga a te kaiwhakarato kapua. Engari i etahi wa ka hiahia koe ki te ahua punaha ma me nga taapiri e tika ana, kaore i te raarangi o nga whakaahua.
Ko te huarahi anake ki waho ko te hanga i to ake AMI.
Ko nga tuhinga whaimana e whakaatu ana ara te hanga i te "AMI toa-tautokohia".
Ko te kino o tenei huarahi ko te ahua kua oti me huri ano ki te "AMI tautoko-EBS". Me mahara ano ko te Kaihanga Atahanga Cockpit. Ka taea e koe te hanga whakaahua ritenga, i roto i CLI WEB ranei gui aratau, engari ina kua whai koe Centos 8.
Me pehea te hanga i a koe ake AMI kua tautokohia e te EBS i roto i te kapua Amazon kaore he takahanga takawaenga ka korerohia i roto i tenei tuhinga.
Mahere mahi
- Whakaritea te taiao
- Tāutahia he pūnaha ma me te hanga i nga tautuhinga e tika ana
- Tangohia he whakaahua o te kōpae
- Rēhita AMI
Te Whakarite Taiao
Mo o tatou kaupapa, ahakoa tauira mana Centos 7 ahakoa te ahua, ahakoa t2.micro. Ka taea e koe te whakahaere ma te CLI:
aws ec2 run-instances
--image-id ami-4bf3d731
--region us-east-1
--key-name alpha
--instance-type t2.micro
--subnet-id subnet-240a8618
--associate-public-ip-address
--block-device-mappings DeviceName=/dev/sda1,Ebs={VolumeSize=8}
--block-device-mappings DeviceName=/dev/sdb,Ebs={VolumeSize=4}Ma te tono ka whakaara ake he tauira i roto i te VPC kei a ia te ingoaroto-roto kua tohua. E kiia ana ko te kupenga-roto kei te iwi whanui, a ka whakaaetia e te 'taunoa' nga mea katoa.
Inaianei me takiuru ki te tauira ma te ssh, whakahou i te punaha, whakauruhia dnf ka whakaara ano:
sudo yum update -y && sudo yum install -y dnf && sudo rebootKo nga mahi katoa ka mahia mai i root.
Te tāuta i tētahi mea ma Centos 8.1
Tahora pūnaha kōnae me te whakapuru wehewehe
DEVICE=/dev/xvdb
ROOTFS=/rootfs
parted -s ${DEVICE} mktable gpt
parted -s ${DEVICE} mkpart primary ext2 1 2
parted -s ${DEVICE} set 1 bios_grub on
parted -s ${DEVICE} mkpart primary xfs 2 100%
mkfs.xfs -L root ${DEVICE}2
mkdir -p $ROOTFS
mount ${DEVICE}2 $ROOTFS
mkdir $ROOTFS/{proc,sys,dev,run}
mount --bind /proc $ROOTFS/proc
mount --bind /sys $ROOTFS/sys
mount --bind /dev $ROOTFS/dev
mount --bind /run $ROOTFS/runTe hanga rakau whaiaronga
Ma te punaha RPM ka taea e koe te whakarite tere me te tere i tetahi rakau raarangi mo te OS a meake nei:
PKGSURL=http://mirror.centos.org/centos/8/BaseOS/x86_64/os/Packages
rpm --root=$ROOTFS --initdb
rpm --root=$ROOTFS -ivh
$PKGSURL/centos-release-8.1-1.1911.0.8.el8.x86_64.rpm
$PKGSURL/centos-gpg-keys-8.1-1.1911.0.8.el8.noarch.rpm
$PKGSURL/centos-repos-8.1-1.1911.0.8.el8.x86_64.rpm
dnf --installroot=$ROOTFS --nogpgcheck --setopt=install_weak_deps=False
-y install audit authselect basesystem bash biosdevname coreutils
cronie curl dnf dnf-plugins-core dnf-plugin-spacewalk dracut-config-generic
dracut-config-rescue e2fsprogs filesystem firewalld glibc grub2 grubby hostname
initscripts iproute iprutils iputils irqbalance kbd kernel kernel-tools
kexec-tools less linux-firmware lshw lsscsi ncurses network-scripts
openssh-clients openssh-server passwd plymouth policycoreutils prefixdevname
procps-ng rng-tools rootfiles rpm rsyslog selinux-policy-targeted setup
shadow-utils sssd-kcm sudo systemd util-linux vim-minimal xfsprogs
chrony cloud-init Ki taku whakaaro he mea tino pai ki te whakahaere i te whakahau whakamutunga penei, ma te whakauru i nga kete motuhake, me te kore e aro ki nga kete kua tohua.
Ki te hiahia koe, ka taea e koe te whakamahi i tetahi mea penei:
dnf --installroot=$ROOTFS groupinstall base core
--excludepkgs "NetworkManager*"
-e "i*-firmware"В yum kahore --excludepkgs, a i mua i taku whakauru i nga roopu ka tango i nga kohinga.
Ko te rarangi o nga kohinga me nga roopu whakawhirinaki ka taea te tiro ma te whakahau dnf group info core mo te roopu core.
Whakaritenga kōnae OS
Me hanga whirihora mo te whatunga, fstab, grub2 me te whakamahi i nga wahitau AWS o roto 169.254 mo DNS me NTP.
cat > $ROOTFS/etc/resolv.conf << HABR
nameserver 169.254.169.253
HABR
cat > $ROOTFS/etc/sysconfig/network << HABR
NETWORKING=yes
NOZEROCONF=yes
HABR
cat > $ROOTFS/etc/sysconfig/network-scripts/ifcfg-eth0 << HABR
DEVICE=eth0
ONBOOT=yes
BOOTPROTO=dhcp
HABR
cat > $ROOTFS/etc/fstab << HABR
LABEL=root / xfs defaults,relatime 1 1
HABR
sed -i "s/cloud-user/centos/" $ROOTFS/etc/cloud/cloud.cfg
echo "server 169.254.169.123 prefer iburst minpoll 4 maxpoll 4" >> $ROOTFS/etc/chrony.conf
sed -i "/^pool /d" $ROOTFS/etc/chrony.conf
sed -i "s/^AcceptEnv/# /" $ROOTFS/etc/ssh/sshd_config
cat > $ROOTFS/etc/default/grub << HABR
GRUB_TIMEOUT=1
GRUB_DISTRIBUTOR="$(sed 's, release .*$,,g' /etc/system-release)"
GRUB_DEFAULT=saved
GRUB_DISABLE_SUBMENU=true
GRUB_TERMINAL_OUTPUT="console"
GRUB_CMDLINE_LINUX="crashkernel=auto console=ttyS0,115200n8 console=tty0 net.ifnames=0 biosdevname=0"
GRUB_DISABLE_RECOVERY="true"
GRUB_ENABLE_BLSCFG=true
HABRKei konei, i roto i te GRUB_CMDLINE_LINUX, ka tūtohu ahau kia tohua te selinux=0, mō te hunga e mataku tonu ana ki te SE.Linux.
Te hanga ano i nga initramfs i roto i te chroot
I muri i te whakatika i nga konae grub me fstab, me hanga ano koe.
Ka mahia e matou te whakahou:
KERNEL=$(ls $ROOTFS/lib/modules/)
chroot $ROOTFS dracut -f -v /boot/initramfs-$KERNEL.img $KERNEL
chroot $ROOTFS grub2-mkconfig -o /boot/grub2/grub.cfg
chroot $ROOTFS grub2-install $DEVICE
chroot $ROOTFS update-crypto-policies --set FUTUREkonei update-crypto-policies - ka taea, mo te paranoid :)
Mo te "hoko", ka taea e koe tenei:
chroot $ROOTFS fips-mode-setup --enable
chroot $ROOTFS grub2-mkconfig -o /boot/grub2/grub.cfg
chroot $ROOTFS grub2-install $DEVICEI muri i te utaina o te OS, te whakahau update-crypto-policies --show ka puta te FIPS.
Tīmata Aunoa me te horoi para
chroot $ROOTFS systemctl enable network.service
chroot $ROOTFS systemctl enable sshd.service
chroot $ROOTFS systemctl enable cloud-init.service
chroot $ROOTFS systemctl mask tmp.mountdnf --installroot=$ROOTFS clean all
truncate -c -s 0 $ROOTFS/var/log/*.log
rm -rf var/lib/dnf/*
touch $ROOTFS/.autorelabelautorelabel — e hiahiatia ana mō te tāutanga aunoa o te SELinux te horopaki kōnae i te uta tuatahi.
Inaianei me tango te kōpae:
sync
umount $ROOTFS/{proc,sys,dev,run}
umount $ROOTFSRehitatanga AMI
Hei tiki ami mai i te kōpae ebs, me tango e koe he whakaahua o te kōpae:
aws ec2 create-snapshot
--volume-id vol-09f26eba4c50da110 --region us-east-1
--description 'centos-release-8.1-1.1911.0.8 4.18.0-147.5.1 01'Me tatari koe mo etahi wa. Kia tirohia te mana ma te whakamahi i te SnapshotId kua riro:
aws ec2 describe-snapshots --region us-east-1 --snapshot-ids snap-0b665542fc59e58edIna whiwhi tatou "State": "completed", ka taea e koe te rehita i tetahi AMI me te whakaputa i te whanui:
aws ec2 register-image
--region us-east-1
--name 'CentOS-8.1-1.1911.0.8-minimal'
--description 'centos-release-8.1-1.1911.0.8 4.18.0-147.5.1 01'
--virtualization-type hvm --root-device-name /dev/sda1
--block-device-mappings '[{"DeviceName":"/dev/sda1","Ebs": { "SnapshotId": "snap-0b665542fc59e58ed", "VolumeSize":4, "DeleteOnTermination": true, "VolumeType": "gp2"}}]'
--architecture x86_64 --sriov-net-support simple --ena-support
aws ec2 modify-image-attribute
--region us-east-1
--image-id ami-011ed2a37dc89e206
--launch-permission 'Add=[{Group=all}]'
Heoi ano. Inaianei ka taea e koe te whakarewa i nga tauira.
Mā tēnei ara ka taea e koe te waihanga i tētahi ahua, ko te nuinga pea me tētahi Linux-te tohatoha. Heoi anō, he pono. Debian (te whakamahi i te debootstrap hei tāuta i tētahi pūnaha ma) me te whānau RHEL.
WHAKAHOU I runga i nga tono a nga kaipānui. Ka taea te mahi aunoa Pūpūraka, Aunoa anake. konei Ka whakaatuhia he tauira tauira.
Source: will.com
