centos atomic host安装完成会,第一次启动时会调用cloud-init等服务。这是个什么东东?
cloud-init用于在创建虚拟机时通过元数据服务对虚拟机基本配置,包括常见的主机名,用户,密码等等。cloud-init会在启动的过程中分四个阶段运行,按照时间顺序分为:
- cloud-init-local
- cloud-init
- cloud-config
- cloud-final
控制cloud-init配置行为的方式有两种:cloudinit的配置文件(/etc/cloud/cloud.cfg)和数据源(如openstack及ec2中的userdata)
系统安装时我禁用cloud-init,以下就是atomic的cloud-init本地配置文件
# cat cloud.cfg
users:
- default
disable_root: 1 # 禁用root远程登录
ssh_pwauth: 0 # 禁用ssh密码认证, 改为1
locale_configfile: /etc/sysconfig/i18n
mount_default_fields: [~, ~, 'auto', 'defaults,nofail', '0', '2']
resize_rootfs_tmp: /dev
ssh_deletekeys: 0
ssh_genkeytypes: ~
syslog_fix_perms: ~
cloud_init_modules:
- migrator
- bootcmd
- write-files
- growpart
- resizefs
- set_hostname
- update_hostname
- update_etc_hosts
- rsyslog
- users-groups
- ssh
cloud_config_modules:
- mounts
- locale
- set-passwords
- yum-add-repo
- package-update-upgrade-install
- timezone
- puppet
- chef
- salt-minion
- mcollective
- disable-ec2-metadata
- runcmd
cloud_final_modules:
- rightscale_userdata
- scripts-per-once
- scripts-per-boot
- scripts-per-instance
- scripts-user
- ssh-authkey-fingerprints
- keys-to-console
- phone-home
- final-message
system_info:
default_user:
name: centos
lock_passwd: true # centos用户被锁密码,改为false
passwd: $6$MySalt$0jzR1u/sSfVjQ2h6Udn4reCOEjj9/.pVHfAp7bWDoUd7cfi0GYsFqn9EL9a2MQP4sMZoVOlX4UeGKVUbwYE/N. #增加:设置密码
gecos: Cloud User
groups: [wheel, adm, systemd-journal]
sudo: ["ALL=(ALL) NOPASSWD:ALL"]
shell: /bin/bash
distro: rhel
paths:
cloud_dir: /var/lib/cloud
templates_dir: /etc/cloud/templates
ssh_svcname: sshd
# vim:syntax=yaml