在 Azure 中引入和创建 Linux 映像Bringing and creating Linux images in Azure

本概述介绍有关映像的基础概念以及如何在 Azure 中成功构建和使用 Linux。This overview covers the basic concepts around imaging and how to successfully build and use Linux images in Azure. 在将自定义映像引入 Azure 之前,需要首先了解可用的类型和选项。Before you bring a custom image to Azure, you need to be aware of the types and options available to you.

本文介绍映像决策点和要求以及关键概念,让你能够按照本文说明创建符合你所需规格的自定义映像。This article will talk through the image decision points and requirements, explain key concepts, so that you can follow this, and be able to create your own custom images to your specification.

托管磁盘和映像之间的差异Difference between managed disks and images

Azure 支持将 VHD 引入到 Azure 平台,将其用作托管磁盘或用作映像的源。Azure allows you to bring a VHD to the platform, to use as a Managed Disk, or use as a source for an image.

Azure 托管磁盘是单个的 VHD。Azure managed disks are single VHDs. 可以使用现有 VHD 和根据其创建托管磁盘,或者从头开始创建一个空托管磁盘。You can either take an existing VHD and create a managed disk from it, or create an empty managed disk from scratch. 可以通过将磁盘附加到 VM 来借助托管磁盘创建 VM,但一个 VM 只能使用一个 VHD。You can create VMs from managed disks by attaching the disk to the VM, but you can only use a VHD with one VM. OS 属性无法修改,Azure 只会尝试开启 VM 和启动磁盘。You can't modify any OS properties, Azure will just try to turn on the VM and start up using that disk.

Azure 映像可以由多个 OS 磁盘和数据磁盘组成。Azure images can be made up of multiple OS disks and data disks. 使用托管映像创建 VM 时,该平台生成此映像的副本并使用它来创建 VM,因此,同一托管映像可以重复用于多个 VM。When you use a managed image to create a VM, the platform makes a copy of the image and uses that to create the VM, so managed image support reusing the same image for multiple VMs. Azure 还提供了高级映像管理功能,例如全局复制和通过共享映像库进行版本控制。Azure also provides advanced management capabilities for images, like global replication, and versioning through Shared Image Gallery.

通用和专用映像Generalized and specialized

Azure 提供了两种主要映像类型:通用映像和专用映像。Azure offers two main image types, generalized and specialized. 通用和专用最初是 Windows 术语,之后被迁移应用到 Azure 中。The terms generalized and specialized are originally Windows terms, which migrated in to Azure. 这两个类型定义了该平台在打开 VM 时如何处理 VM。These types define how the platform will handle the VM when it turns it on. 这两种类型各有一些优缺点和先决条件。Both types have advantages and disadvantages, and prerequisites. 开始之前,首先需要明白需要哪种类型的映像。Before you get started, you need to know what image type you will need. 下表总结了使用场景及相应需选择的类型:Below summarizes the scenarios and type you would need to choose:

场景Scenario 映像类型Image type 存储选项Storage options
创建一个可配置用于多个 VM 的映像,我可以设置主机名和管理员用户以及在首次启动期间执行其他任务。Create an image that can be configured for use by multiple VMs, and I can set the hostname, add an admin user and perform other tasks during first boot. 通用Generalized 共享映像库或独立的托管映像Shared Image Gallery or stand-alone managed images
使用 VM 快照或备份创建映像Create an image from a VM snapshot, or a backup 专用Specialized 共享映像库或托管磁盘Shared Image Gallery or a managed disk
快速创建不需任何配置的映像来创建多个 VMQuickly create an image that does not need any configuration for creating multiple VMs 专用Specialized 共享的映像库Shared Image Gallery

通用映像Generalized images

通用映像在首次启动时需要完成设置。A generalized image is an image that requires setup to be completed on first boot. 例如,在首次启动时,设置主机名、管理员用户和其他特定于 VM 的配置。For example, on first boot you set the hostname, admin user and other VM-specific configurations. 需要多次重用映像以及在创建期间传入参数时,此类映像非常有用。This is useful when you want the image to be reused multiple times, and when you want to pass in parameters during creation. 如果通用映像包含 Azure 代理,则代理将处理参数,并向平台返回指示初始配置已完成的信号。If the generalized image contains the Azure agent, the agent will process the parameters, and signal back to the platform that the initial configuration has completed. 此过程称为预配This process is called provisioning.

预配要求映像中包含配置程序。Provisioning requires that a provisioner is included in the image. 以下两个配置程序可供使用:There are two provisioners:

有关创建映像的先决条件,请参阅此处These are prerequisites for creating an image.

专用映像Specialized images

此类映像经过完全配置且不需用 VM 参数和特殊参数。该平台仅打开 VM,你需要通过设置主机名等方式确保 VM 内的唯一性来避免同一 VNET 中存在 DNS 冲突。These are images that are completely configured and not require VM and special parameters, the platform will just turn the VM on, you need handle uniqueness within the VM, like setting a hostname, to avoid DNS conflicts on the same VNET.

虽然此类映像无需预配代理,但是,你可能需要一些扩展处理功能。Provisioning agents are not required for these images, however, you may want to have extension handling capabilities. 为此,可以安装 Linux 代理,但请禁用预配选项。You can install the Linux Agent, but disable the provisioning option. 即使无需预配代理,此类映像也必须满足 Azure 映像的先决条件Even though you do not need a provisioning agent, the image must fulfill prerequisites for Azure Images.

映像存储选项Image storage options

使用 Linux 映像时有两个选项可供选择:When bringing your Linux image you have two options:

  • 使用托管映像在开发和测试环境中创建简单的 VM。Managed images for simple VM creation in a development and test environment.
  • 使用共享映像库大规模创建和共享映像。Shared Image Gallery for creating and sharing images at-scale.

托管映像Managed images

虽然托管映像可用于创建多个 VM,但它们具有许多限制。Managed images can be used to create multiple VMs, but they have a lot of limitations. 托管映像仅能从通用源(VM 或 VHD)中进行创建。Managed images can only be created from a generalized source (VM or VHD). 托管映像仅可用于在相同区域中创建 VM,且不能跨订阅和租户实现共享。They can only be used to create VMs in the same region and they can't be shared across subscriptions and tenants.

托管映像可用于开发和测试环境(在这种环境下,单个区域和订阅中需使用几个简单的通用映像)。Managed images can be used for development and test environments, where you need a couple of simple generalized images to use within single region and subscription.

共享映像库推荐用于大规模创建、管理和共享映像。Shared Image Galleries are recommended for creating, managing and sharing images at scale. 共享映像库提供许多功能和特性,可帮助你围绕映像生成结构和组织:Shared image galleries help you build structure and organization around your images.

  • 支持通用映像和专用映像。Support for both generalized and specialized images.
  • 支持第 1 代映像和第 2 代映像。Support for image both generation 1 and 2 images.
  • 支持映像全局复制。Global replication of images.
  • 对映像进行版本控制和分组,以便于管理。Versioning and grouping of images for easier management.
  • 使用 Azure RBAC 在订阅之间,甚至在 Active Directory (AD) 租户之间共享。Sharing across subscriptions, and even between Active Directory (AD) tenants, using Azure RBAC.
  • 使用每个区域中的映像副本缩放部署。Scaling your deployments with image replicas in each region.

概括而言,创建的 SIG 包含:At a high level, you create a SIG, and it is made up of:

  • 映像定义(保存映像组的容器)Image Definitions - These are containers that hold groups of images.
  • 映像版本(实际的映像)Image Versions - These are the actual images

Hyper-V 代系Hyper-V generation

Azure 支持 Hyper-V 第 1 代 (Gen1) 和第 2 代 (Gen2)。Gen2 是最新一代的 Hyper-V,与 Gen1 相比提供了更多功能,Azure supports Hyper-V Generation 1 (Gen1) and Generation 2 (Gen2), Gen2 is the latest generation, and offers additional functionality over Gen1. 例如更大的内存、Intel Software Guard Extensions (Intel SGX) 和虚拟化持久性内存 (vPMEM)。For example: increased memory, Intel Software Guard Extensions (Intel SGX), and virtualized persistent memory (vPMEM). 在本地运行的第 2 代 VM 具有 Azure 中尚不支持的一些特性。Generation 2 VMs running on-premises, have some features that aren't supported in Azure yet. 有关详细信息,请参阅“特性和功能”部分。For more information, see the Features and capabilities section. 有关详细信息,请参阅此文章For more information see this article. 如果需要其他功能,请创建 Gen2 映像。Create Gen2 images if you require the additional functionality.

如果仍需要创建自己的映像,请确保映像符合映像先决条件,并将其上传到 Azure。If you still need to create your own image, ensure it meets the image prerequisites, and upload to Azure. 以下是分发特定要求:Distribution specific requirements:

后续步骤Next steps

了解如何创建共享映像库Learn how to create a Shared Image Gallery.