Step 1: Register Huawei cloud account, complete the personal authentication
Step 2: Create a virtual private clouds and subnetting
| The creation of Virtual Private Cloud: Touchl |
Segments: 192.168.0.0/16 |
| Division of subnets vlan1 |
Segments: 192.168.1.0/24 |
The third step: planning IP, subnet vlan1 create preliminary planning IP
Step four: buy cloud host, create stepping stones, due to financial constraints, demand to buy, while paying attention to the area you want to create a private cloud area for the same area,
Here a general purpose computing for later selection common type s6.small.1 Mirror Mirror: centos 7.5 64 bit
Then click Next, network configuration, select the subnet you just created, choose to manually assign IP allocation springboard for the local IP 192.168.1.250
Then select the security group, you can choose to create a new security group, the security group named the new lab,
Configuring inbound rules: allow the elastic cloud server in the secure group communication with each other through the discharge SSH (22), ftp (20-21), HTTP (80), HTTPS (443), ICMP: All
Apply a rule: all put through
Then resilient public IP selection temporarily buy
Click Next to enter the Advanced Configuration, set the cloud host name for the Jump, login credentials selection key, click below to create a key pair, created after a pem file will automatically download (save), and then select the just created the key pair.
Click step, check I agree, and then click to buy on the purchase of a success.
Step Five: Now buy cloud host, but because they did not bind the public network resiliency can not be connected to external networks, then you need to buy a public IP elasticity
Click resilient public IP network in the console, and then click to buy elastic public IP
Also selected area, and just need to select the same area, and then select the bandwidth demand according to their size and duration, but here due to the experimental environment, select Static BGP, bandwidth select only 1 MB, a month long purchase. Then purchase and pay.
Step Six: binding machine as a springboard to a public IP, just refresh the elasticity public IP interface, you'll see more out of a IP, and then click Bind
Just select springboard machine, binding
Step Seven: remote connection stepping stones, used here Xshell connect Xshell open a new session, enter the name and IP in the connection properties
由于刚刚我们创建云主机是用的密钥对,因此这里我们要选择用户身份验证方式,选择右边的用户身份验证,然后方法选择Public Key,在下面用户密钥上点击浏览,然后导入刚刚下载下来的 pem 文件,然后选择这个密钥。
点击完成,然后双击连接,成功远程连接。
第八步:配置YUM源,先备份之前的YUM源,然后下载华为提供的YUM仓库
[root@jump ~]# mkdir /etc/yum.repos.d/repobak
[root@jump ~]# mv /etc/yum.repos.d/*.repo /etc/yum.repos.d/repobak/
[root@jump ~]# curl -o /etc/yum.repos.d/CentOS-Base.repo http://mirrors.myhuaweicloud.com/repo/CentOS-Base-7.repo
% Total % Received % Xferd Average Speed Time Time Time Current
Dload Upload Total Spent Left Speed
100 1737 100 1737 0 0 87497 0 --:--:-- --:--:-- --:--:-- 91421
[root@jump ~]# ls /etc/yum.repos.d/CentOS-Base.repo
/etc/yum.repos.d/CentOS-Base.repo
第九步:安装相关工具包,net-tools 网络工具 lftp ftp连接工具 rsync 文件同步工具 psmic 提供进程管理 vim 文本编辑器 bash-completion 开启命令补全 createrepo 打包rpm文件,创建yum仓库 vsftpd 提供ftp服务, ansible 自动化批量管理主机工具 ,lrzsz 文件传输工具(windows与linux之间)
[root@jump ~]# yum install net-tools lftp rsync psmisc vim bash-completion createrepo vsftpd ansible lrzsz
第十步:创建自定义yum源
[root@jump ~]# mkdir /var/ftp/localrepo
[root@jump ~]# cd /var/ftp/localrepo/
[root@jump localrepo]# createrepo .
Saving Primary metadata
Saving file lists metadata
Saving other metadata
Generating sqlite DBs
Sqlite DBs complete
[root@jump localrepo]# ls
repodata
[root@jump localrepo]# systemctl restart vsftpd
[root@jump localrepo]# systemctl enable vsftpd
Created symlink from /etc/systemd/system/multi-user.target.wants/vsftpd.service to /usr/lib/systemd/system/vsftpd.service.
第十一步:优化系统服务,时间同步,移除postfix 与 ntp 工具,然后安装 chrony 时间同步工具,并配置时间同步服务器为 ntp.myhuaweicloud.com
[root@jump localrepo]# yum remove postfix ntp
[root@jump localrepo]# yum -y install chronyd
[root@jump localrepo]# sed -i '3,6s/^/#/' /etc/chrony.conf
[root@jump localrepo]# sed -i '6aserver ntp.myhuaweicloud.com iburst' /etc/chrony.conf
[root@jump localrepo]# vim /etc/chrony.conf
[root@jump localrepo]# systemctl enable chronyd
[root@jump localrepo]# systemctl restart chronyd
第十二步:上传模板机的私钥文件,并更名并移至 /root/.ssh/id_rsa 且赋予0400权限
再次创建一个密钥对(等会创建模板机时要选择这个密钥对),然后将pem文件传至跳板机中
如果使用 xshell 且安装了 lrzsz 则可以直接将文件拖入到 xshell 终端界面即可实现传输
[root@jump localrepo]# rz -E //此处为拖拽
rz waiting to receive.
[root@jump localrepo]# ls
mode_key.pem repodata
[root@jump localrepo]# mv mode_key.pem /root/.ssh/id_rsa
[root@jump localrepo]# chmod 0400 /root/.ssh/id_rsa
