二、qga编译
镜像制作准备【配置网络、编译qga】
1、修改hosts
vi /etc/hosts
文件最后添加 10.3.10.42 ftp.yovole.tech
2、修改DNS
vi /etc/resolv.conf
添加:nameserver 114.114.114.114
nameserver 8.8.8.8
(3)若网卡名不是eth0,要改为eth0
修改方法:
1、vim /etc/udev/rules.d/70-persistent-net.rules
将第一条注释掉,第二条NAME=eth1 改为 NAME=eth0
2、vim /etc/sysconfig/network-scripts/ifcfg-eth0
TYPE=Ethernet
BOOTPROTO=dhcp
DEVICE=eth0
DEFROUTE=yes
ONBOOT=yes
3、reboot重启
https://www.91yun.co/archives/1217
3、配置IP和路由
ip addr add 10.3.10.81/24 dev eth0
#ip link set dev eth0 up
ip route add default via 10.3.10.1
#ip route
↑↑↑↑↑↑↑↑↑↑↑到此可联网↑↑↑↑↑↑↑↑↑
5、备份qcow2
备:删除kownhosts的文件ssh访问记录 vim ~/.ssh/known_hosts
6、编译qemu_2.6
将qemu_2.6传到要制作的镜像主机上
scp qemu_2.6.tar root@10.3.10.81:~/
在制作机上解包qemu_2.6.tar
tar -xvf qemu_2.6.tar
编译qemu_2.6依赖如下:(解决开始的时候无法使用yum的问题:)
yum install gcc gcc-c++ zlib* glib* autoconf automake libtool bison flex
编译完成后:将qemu-ga传到76主机
scp root@10.3.10.81:/root/qemu_2.6/qemu-ga ./
7、查看yum源
ls /etc/yum.repos.d/ 或者yum repolist
https://segmentfault.com/q/1010000008662767
三、制作镜像
重新配置yum源 附5:redhat7添加yum源
1、安装 []内系统已自动安装 ()内表示未查找到
安装qemu-guest-agent依赖glib*
yum -y install vim [ qemu-guest-agent openssh-server openssl ] yum-utils nfs-utils bash-completion policycoreutils-python iscsi-initiator-utils [sg3_utils] ntpdate sysstat [sudo] (epel-release)
systemctl start qemu-guest-agent
system enable qemu-guest-agent
安装qemu-guest-agent依赖glib*
yum -y install vim
yum -y install openssh-server openssl yum-utils nfs-utils bash-completion policycoreutils-python iscsi-initiator-utils sg3_utils ntpdate sysstat sudo epel-release ntp qemu-guest-agent
设置qemu-guest-agent服务开机自启
chkconfig qemu-guest-agent on
systemctl start qemu-guest-agent
systemctl enable qemu-guest-agent.service
------------------------------------------did the above operation 0416---------------------------------------
3、 修改vim /etc/default/grub
文件内一些内容项如下:
删除rhgb quiet 在删除位置添加
console=tty0 console=ttyS0,115200n8?net.ifnames=0
执行生效:
grub2-mkconfig -o /boot/grub2/grub.cfg
4、disable? selinux服务命令如下:
disable selinux前加下qemu_ga规则
$semanage permissive -a virt_qemu_ga_t
?
$vim /etc/selinux/config
SELINUX=disabled(重启生效)【不用做修改】
5、根据具体需求选择qemu ga是否开启blacklist对文件进行操作功能,默认禁止对文件进行操作.
vim /etc/sysconfig/qemu-ga文件内相关内容如下:
# You can get the list of RPC commands using "qemu-ga --blacklist='?'".
# There should be no spaces between commas and commands in the blacklist.
#BLACKLIST_RPC=guest-file-open,guest-file-close,guest-file-read,guest-file-write,guest-file-seek,guest-file-flush??//该行表示打开对文件进行操作一些功能
6、配置网络规则
vim /etc/sysconfig/network-scripts/ifcfg-eth0
TYPE=Ethernet
BOOTPROTO=dhcp
DEVICE=eth0
DEFROUTE=yes
ONBOOT=yes
rm /etc/udev/rules.d/70-persistent-net.rules 【该文件夹为空】
mv ?/lib/udev/rules.d/75-persistent-net-generator.rules /lib/udev/rules.d/75-persistent-net-generator.rules.disable 【没发现该动态链接文件】
7、关闭防火墙【原始镜像默认未安装iptables】
service firewalld stop
systemctl disable firewalld.service
未安装
8、安装denyhosts并修改配置文件,具体步骤如下:
附2 安装denyhosts
修改denyhosts配置项 (共13条)
vim /usr/share/denyhosts/denyhosts.cfg
############ THESE SETTINGS ARE REQUIRED ############
SECURE_LOG = /var/log/secure
HOSTS_DENY = /etc/hosts.deny
PURGE_DENY =?5m
BLOCK_SERVICE = sshd
DENY_THRESHOLD_INVALID =?20
DENY_THRESHOLD_VALID =?20
DENY_THRESHOLD_ROOT =?20
DENY_THRESHOLD_RESTRICTED =?20
WORK_DIR = /var/lib/denyhosts
SUSPICIOUS_LOGIN_REPORT_ALLOWED_HOSTS=YES
HOSTNAME_LOOKUP=NO
LOCK_FILE = /var/lock/subsys/denyhosts
############ THESE SETTINGS ARE OPTIONAL ############
SMTP_SUBJECT = DenyHosts Report from $[HOSTNAME]
AGE_RESET_VALID=1w
AGE_RESET_ROOT=1w
AGE_RESET_RESTRICTED=1w
AGE_RESET_INVALID=1w
RESET_ON_SUCCESS = yes
?######### THESE SETTINGS ARE SPECIFIC TO DAEMON MODE ##########
?DAEMON_LOG = /var/log/denyhosts
DAEMON_SLEEP =?30s
DAEMON_PURGE =?5m
? ? ? ? ?######### THESE SETTINGS ARE SPECIFIC TO ##########
? ? ? ? ?######### DAEMON SYNCHRONIZATION ##########
9、编辑vim /etc/idmapd.conf
修改[General]中的Domain =?novalocal
10、安装 cloud-init
yum install cloud-init cloud-utils-growpart dracut-modules-growroot【和growpart一样都是用于系统盘扩容】:
cloud-init安装完成后,编辑vim /etc/cloud/cloud.cfg,disable_root: 0
删除cloud_init_modules中的update_hostname,以免用户手动设置hostname后重启被覆盖。
删除default_user这段
11、centos?7.0?不会扩分区大小,需升级util-linux
yum install util-linux
rpm -qa kernel | sed 's/^kernel-//' | xargs -I {} dracut -f /boot/initramfs-{}.img
忘记执行的话,第一次创建机器扩容不会生效。
-----------------------------------------did the above operation 0417-------------------------------------
[root@localhost ~]# rpm -ql qemu-guest-agent
/etc/qemu-ga
/etc/qemu-ga/fsfreeze-hook
/etc/qemu-ga/fsfreeze-hook.d
/etc/sysconfig/qemu-ga
/usr/bin/qemu-ga
/usr/lib/systemd/system/qemu-guest-agent.service
/usr/lib/udev/rules.d/99-qemu-guest-agent.rules
/usr/share/doc/qemu-guest-agent-2.12.0
/usr/share/doc/qemu-guest-agent-2.12.0/COPYING
/usr/share/doc/qemu-guest-agent-2.12.0/README
/usr/share/man/man8/qemu-ga.8.gz
/usr/share/qemu-kvm/qemu-ga
/usr/share/qemu-kvm/qemu-ga/fsfreeze-hook.d
/usr/share/qemu-kvm/qemu-ga/fsfreeze-hook.d/mysql-flush.sh.sample
/var/log/qemu-ga
.修改/etc/ssh/sshd_config文件内容,字段值如下:
PermitRootLogin yes
PasswordAuthentication?no
GSSAPIAuthentication?no
UseDNS?no
不要忘记sshd修改:
PasswordAuthentication?no
关掉NetworkManager(待思考)
清理:
清理cloud-init的日志文件:
rm -rf /var/lib/cloud/*
清理日志:
$rm ?/tmp/* -r
$rm? ~/.bash_history
$rm? ~/.viminfo
$rm? /var/log/*log –rf
$rm? /var/log/*.old -rf
yum clean all
$history -c
注意:
清理cloud-init的日志文件:
rm -rf /var/lib/cloud/*
清掉缓存
查看~/存不存在需要删除的文件
清掉引入的外部源
删除添加的host ftp.yovole.tech
清除网卡信息 /etc/sysconfig/network-scripts/ifcfg-eth0
$history -c