盛大云的用户信息定制界面
很多成熟的公有云产品在申请虚拟机资源的时候,都可以定制客制化的用户信息,如盛大云、阿里云等可以定制虚拟机的服务器名称,用户名及密码口令等。特别是用户口令,虽然OpenStack有非常成熟的公私钥KeyPairs登陆体系,但是对于国内大多开发者还是习惯于用户名口令的登陆方式。某些场景下,服务器管理员在客户现场需要对服务器进行某些简单操作,也许没有SSH环境等,这时如果通过VNC的方式就比较简单,然而KeyPair的登陆方式还不支持VNC模式。
<wbr><wbr><wbr>在服务器管理员需要使用用户名口令的方式进行登陆的模式下,如果能让用户自己定义用户名口令可以提高一定的安全等级,增加用户对产品的认知和信任度。<br><wbr><wbr><wbr>在OpenStack中,我们通过user-data功能实现客户信息的定制,可以对虚拟机进行许多初始化的操作如设定语言区域,设定主机名称,生成SSH密钥,设定挂载节点等。<br><wbr><wbr><wbr> 通过研究ubuntucloud-init和AWS的相关文档,user-data的设置可以支持有以下几种脚本语言:<br><ul> <li> <div align="left"> <p><strong>Gzip Compressed Content</strong><br></p> <ul><li style="list-style-type:none"> <div align="left"> <p>content found to be gzip compressed will be uncompressed. Theuncompressed data will then be used as if it were not compressed.Compression of data is useful because user-data is limited to 16384bytes<sup><a href="https://help.ubuntu.com/community/CloudInit#fnref-6a17aff5cf9eab5a99b5ab3dbd49854b0e9681c1" name="fndef-6a17aff5cf9eab5a99b5ab3dbd49854b0e9681c1-0">1</a></sup></p> </div> </li></ul> </div> </li> <li> <div align="left"> <p><strong>Mime Multi Part archive</strong><br></p> <ul><li style="list-style-type:none"> <div align="left">This list of rules is applied to each part ofthis multi-part file. Using a mime-multi part file, the user canspecify more than one type of data. For example, both a user datascript and a cloud-config type could be specified.</div> </li></ul> </div> </li> <li> <div align="left"> <p><strong>User-Data Script</strong><br></p> <ul><li style="list-style-type:none"> <div align="left"> <p>begins with: "<tt>#!</tt>" or"<tt>Content-Type:<wbr>text/x-shellscript</wbr></tt>"<br> script will be executed at "rc.local-like" level during first boot.rc.local-like means "very late in the boot sequence"</p> </div> </li></ul> </div> </li> <li> <div align="left"> <p><strong>Include File</strong><br></p> <ul><li style="list-style-type:none"> <div align="left"> <p>begins with "<tt>#include</tt>" or"<tt>Content-Type:<wbr>text/x-include-url</wbr></tt>"<br> This content is a "include" file. The file contains a list of urls,one per line. Each of the URLs will be read, and their content willbe passed through this same set of rules. Ie, the content read fromthe URL can be gzipped, mime-multi-part, or plain text</p> </div> </li></ul> </div> </li> <li> <div align="left"> <p><strong>Cloud Config Data</strong><br></p> <ul><li style="list-style-type:none"> <div align="left"> <p>begins with "<tt>#cloud-config</tt>" or"<tt>Content-Type:<wbr>text/cloud-config</wbr></tt>"<br> This content is "cloud-config" data. See the examples for acommented example of supported config formats.</p> </div> </li></ul> </div> </li> <li> <div align="left"> <p><strong>Upstart Job</strong><br></p> <ul><li style="list-style-type:none"> <div align="left"> <p>begins with "<tt>#upstart-job</tt>" or"<tt>Content-Type:<wbr>text/upstart-job</wbr></tt>"<br> Content is placed into a file in /etc/init, and will be consumed byupstart as any other upstart job.</p> </div> </li></ul> </div> </li> <li> <div align="left"> <p><strong>Cloud Boothook</strong><br></p> <ul><li style="list-style-type:none"> <div align="left"> <p>begins with "<tt>#cloud-boothook</tt>" or"<tt>Content-Type:<wbr>text/cloud-boothook</wbr></tt>"<br></p> <p>This content is "boothook" data. It is stored in a file under/var/lib/cloud and then executed immediately.<br> This is the earliest "hook" available. Note, that there is nomechanism provided for running only once. The boothook must takecare of this itself. It is provided with the instance id in theenvironment variable "INSTANCE_ID". This could be made use of toprovide a 'once-per-instance'<br><em>Only available in 10.10 or later (cloud-init 0.5.12 andlater)</em></p> </div> </li></ul> </div> </li> <li> <p align="left"><strong>Part Handler</strong><br></p> <ul> <li style="list-style-type:none"> <div align="left"> <p>begins with "<tt>#part-handler</tt>" or"<tt>Content-Type:<wbr>text/part-handler</wbr></tt>"<br></p> <p>This is a 'part-handler'. It will be written to a file in/var/lib/cloud/data based on its filename. This must be python codethat contains a list_types method and a handle_type method. Oncethe section is read the 'list_types' method will be called. It mustreturn a list of mime-types that this part-handler handlers.<br> The 'handle_type' method must be like:</p> <p></p> <pre name="code" class="python">def handle_part(data,ctype,filename,payload): # data = the cloudinit object # ctype = "__begin__", "__end__", or the mime-type of the part that is being handled. # filename = the filename of the part (or a generated filename if none is present in mime data)# payload = the parts' content</pre> <p></p> </div> </li> <li style="list-style-type:none"> <div align="left">这里主要关注<strong>User-Data Script</strong>,其使用的就是常用的shell脚本,我们只要在dashboard创建虚拟机的时候讲脚本写入user data输入框中即可。</div> </li> <li style="list-style-type:none"><br></li> <li style="text-align:center; list-style-type:none"><a href="http://photo.blog.sina.com.cn/showpic.html#blogid=4f4d508a01016nd3&url=http://s2.sinaimg.cn/orignal/4f4d508agcd43466d3c81" target="_blank"><img src="http://s2.sinaimg.cn/mw690/4f4d508agcd43466d3c81&690" alt="OpenStack虚拟机的用户客制化方法(User<wbr>Data)"></a></li> <li style="list-style-type:none"><br></li> <li style="list-style-type:none">目前还仅仅测试了ubuntu的cloudimage,非UEC镜像即使按照installturtion安装了cloud-init包也没有测试成功,还在查找原因,后面弄好了会接着给大家介绍。—————————————————————————————————————————<br> </li> </ul> <p>非UEC镜像的问题实际上是cloud-init这个包的安装需要进行配置,<a href="http://blog.csdn.net/networm3/article/details/8559504">详见OpenStack解决非UEC镜像的虚拟机cloud-init不工作不能自动修改主机名称不能注入userdata</a></p> </li> </ul></wbr></wbr></wbr></wbr></wbr></wbr></wbr></wbr></wbr>
2万+
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
