前言
为了提高车端基础设施的自动化能力,根据"IaC(车端系统)解决方案-v2"文档中关于OS端的解决方案,现针对该方案具体实施操作进行制定。
OS方案说明
许多官方Linux发行版的ISO镜像都包含名为'cloud-init'的服务,通过预先编写好要执行的运作,将在系统初次启动时(或系统重启时)立即进行基本系统配置,而无需通过SSH访问机器,利用该功能可以将系统的初始化功能准备好,比如ssh关闭密码访问、配置机器IP、配置主机名、安装远程服务agent等。
镜像封装前环境配置
系统安装
系统版本:ubuntu 18.04.06
默认创建账号:dradmin
初始Hostname:YR-MKZ-XX安装基础软件
sudo apt update
sudo apt install vim ssh gcc curl aptitude -y安装内核
#下载统一内核
wget http://itsz.cc:8080/chfs/shared/kernel/ubuntu5.11/linux-headers-5.11.0-051100-generic_5.11.0-051100.202102142330_amd64.deb
wget http://itsz.cc:8080/chfs/shared/kernel/ubuntu5.11/linux-headers-5.11.0-051100_5.11.0-051100.202102142330_all.deb
wget http://itsz.cc:8080/chfs/shared/kernel/ubuntu5.11/linux-image-unsigned-5.11.0-051100-generic_5.11.0-051100.202102142330_amd64.deb
wget http://itsz.cc:8080/chfs/shared/kernel/ubuntu5.11/linux-modules-5.11.0-051100-generic_5.11.0-051100.202102142330_amd64.deb
#安装
sudo dpkg -i *.deb
sudo reboot安装WiFi驱动
wget iwlwifi-ty-59.601f3a66.0.tgz
tar -xvf iwlwifi-ty-59.601f3a66.0.tgz
cd iwlwifi-ty-59.601f3a66.0
cp iwlwifi-ty-a0-gf-a0-59.ucode /lib/firmware
reboot安装显卡驱动
sudo apt install nvidia-driver-470-server -y
reboot配置公司源
sudo vim /etc/apt/sources.list
#写入源
# 公司私有软件仓库
deb https://apt.deeproute.cn/deeproute-release-1804/ bionic main
# 公司私有快照仓库
deb https://apt.deeproute.cn/deeproute-snapshot-1804/ bionic main
# 公司内部 Ubuntu 镜像
deb https://apt.deeproute.cn/ubuntu/ bionic main restricted universe multiverse
deb https://apt.deeproute.cn/ubuntu/ bionic-updates main restricted universe multiverse
deb https://apt.deeproute.cn/ubuntu/ bionic-backports main restricted universe multiverse
deb https://apt.deeproute.cn/ubuntu/ bionic-security main restricted universe multiverse
# 公司内部 Ros 镜像
deb https://apt.deeproute.cn/ros/ bionic main
# 国内地图仓库
deb https://apt.deeproute.cn/deeproute-map-cn-release/ bionic main
deb https://apt.deeproute.cn/deeproute-map-cn-snapshot/ bionic main
# 美国地图仓库
deb https://apt.deeproute.cn/deeproute-map-us-release/ bionic main
deb https://apt.deeproute.cn/deeproute-map-us-snapshot/ bionic main
#添加验证账号
sudo vim /etc/apt/auth.conf.d/auth.conf
#写入配置 apt.deeproute.cn 权限验证
machine apt.deeproute.cn
login 1
password 2
#导入公司Key
curl -fsSL https://apt.deeproute.cn/key/deeproute | sudo apt-key add -
sudo apt update安装有线网卡驱动
sudo apt install deeproute-rtl8125-dev deeproute-e1000e-dev图形界面配置固定IP
#intel Ethernet
192.168.9.107/24
192.168.1.107/24
#Realtek Ethernet
192.168.8.107/24 192.168.8.1
192.168.100.107/24
192.168.99.107/24
192.168.10.107/24
192.168.0.107/24
DNS 192.168.8.1操作流程
系统个性化修改封装,技术选型可选的方式有(cobbler 、kickstart)或其它。
编写clond-init配置脚本
1、静态IP配置
2、配置hostname,格式为CARID小写,[yr-mkz-1]
举例:
hostnamectl set-hostname yr-mkz-13、安装salt-minion服务,以ubuntu 18.04为例
apt update
apt install curl -y
# Download key
curl -fsSL -o /usr/share/keyrings/salt-archive-keyring.gpg https://repo.saltproject.io/py3/ubuntu/18.04/amd64/latest/salt-archive-keyring.gpg
# Create apt sources list file
echo "deb [signed-by=/usr/share/keyrings/salt-archive-keyring.gpg arch=amd64] https://repo.saltproject.io/py3/ubuntu/18.04/amd64/latest bionic main" | sudo tee /etc/apt/sources.list.d/salt.list
# Install 3004.1 version
apt update
apt-get install salt-minion=3004.2+ds-14、配置并启动salt-minion
# development环境域名
cat > /etc/salt/minion << EOF
master: dev-ops-salt.deeproute.cn
id: yr-mkz-1
EOF
# production生产环境域名
cat > /etc/salt/minion << EOF
master: ops-salt.deeproute.cn
id: yr-mkz-1
EOF
systemctl stop salt-minion封装shell脚本到系统,待配置好hostname后运行该脚本 配置salt
cat > /usr/local/bin/salt-start << 'EOF'
#!/bin/bash
systemctl stop salt-minion
rm -rf /etc/salt/*
cat > /etc/salt/minion <<-EOF
master: dev-ops-salt.deeproute.cn
id: $HOSTNAME
EOF
systemctl start salt-minion
systemctl enable salt-minion
EOF
chmod +x /usr/local/bin/salt-start5、基础软件封装
对不变更且文件比较大的服务预封装到操作系统中
apt install nvidia-driver-470-server
apt install ros-melodic-desktop-full以下操作步骤待系统安装到车上后进行
1、设置hostname
2、运行 salt-start命令\
