Azure 中虚拟机的 cloud-init 支持cloud-init support for virtual machines in Azure

本文介绍在 Azure 中预配时用于配置虚拟机 (VM) 或虚拟机规模集的 cloud-init 的现有支持。This article explains the support that exists for cloud-init to configure a virtual machine (VM) or virtual machine scale sets at provisioning time in Azure. Azure 预配资源后,这些 cloud-init 配置即会在首次启动时运行。These cloud-init configurations are run on first boot once the resources have been provisioned by Azure.

VM 预配是指 Azure 向下传递“VM 创建”参数值(例如主机名、用户名、密码等),并在 VM 启动时向其提供这些值的过程。VM Provisioning is the process where the Azure will pass down your VM Create parameter values, such as hostname, username, password etc., and make them available to the VM as it boots up. “预配代理”将使用这些值,配置 VM,并在完成后返回报告。A 'provisioning agent' will consume those values, configure the VM, and report back when completed.

Azure 支持两个预配代理:cloud-initAzure Linux 代理 (WALA)Azure supports two provisioning agents cloud-init, and the Azure Linux Agent (WALA).

cloud-init 概述cloud-init overview

cloud-init 是一种广泛使用的方法,用于在首次启动 Linux VM 时对其进行自定义。cloud-init is a widely used approach to customize a Linux VM as it boots for the first time. 可使用 cloud-init 安装程序包和写入文件,或者配置用户和安全。You can use cloud-init to install packages and write files, or to configure users and security. 由于是在初始启动过程中调用 cloud-init,因此无需额外的步骤且无需代理来应用配置。Because cloud-init is called during the initial boot process, there are no additional steps or required agents to apply your configuration. 有关如何正确设置 #cloud-config 文件或其他输入的格式的详细信息,请参阅 cloud-init 文档站点For more information on how to properly format your #cloud-config files or other inputs, see the cloud-init documentation site. #cloud-config 文件是采用 base64 编码的文本文件。#cloud-config files are text files encoded in base64.

cloud-init 还支持不同的发行版。cloud-init also works across distributions. 例如,不要使用 apt-get 安装或 yum 安装来安装包。For example, you don't use apt-get install or yum install to install a package. 可定义要安装的程序包的列表。Instead you can define a list of packages to install. cloud-init 将对你选择的发行版自动使用本机包管理工具。cloud-init automatically uses the native package management tool for the distro you select.

我们正在积极地与我们认可的 Linux 发行版合作伙伴合作,以便在 Azure 市场中提供已启用 cloud-init 的映像。We are actively working with our endorsed Linux distro partners in order to have cloud-init enabled images available in the Azure Marketplace. 这些映像可使 cloud-init 部署和配置无缝地应用于 VM 和虚拟机规模集。These images will make your cloud-init deployments and configurations work seamlessly with VMs and virtual machine scale sets. 最初,我们与认可的 Linux 发行版合作伙伴和上游协作,确保 cloud-init 可以配合 Azure 上的 OS 正常运行,然后更新了包,并在发行版包的存储库中公开提供了这些包。Initially we collaborate with the endorsed Linux distro partners and upstream to ensure cloud-init functions with the OS on Azure, then the packages are updated and made publicly available in the distro package repositories.

若要使 cloud-init 可供 Azure 上认可的 Linux 发行版 OS 使用,需要经历两个阶段 - 包支持,然后是映像支持:There are two stages to making cloud-init available to the endorsed Linux distro OS's on Azure, package support, and then image support:

  • “Azure 上的 cloud-init 包支持”阐述了哪些 cloud-init 包即将受支持或以预览版提供,因此你可以将这些包与自定义映像中的 OS 配合使用。'cloud-init package support on Azure' documents which cloud-init packages onwards are supported or in preview, so you can use these packages with the OS in a custom image.
  • “映像 cloud-init 准备就绪”阐述了映像是否已配置为使用 cloud-init。'image cloud-init ready' documents if the image is already configured to use cloud-init.

CanonicalCanonical

发布者/版本Publisher / Version 产品/服务Offer SKUSKU 版本Version 映像 cloud-init 准备就绪image cloud-init ready Azure 上的 cloud-init 包支持cloud-init package support on Azure
Canonical 20.04Canonical 20.04 UbuntuServerUbuntuServer 18.04-LTS18.04-LTS 最新latest yes yes
Canonical 18.04Canonical 18.04 UbuntuServerUbuntuServer 18.04-LTS18.04-LTS 最新latest yes yes
Canonical 16.04Canonical 16.04 UbuntuServerUbuntuServer 16.04-LTS16.04-LTS 最新latest yes yes
Canonical 14.04Canonical 14.04 UbuntuServerUbuntuServer 14.04.5-LTS14.04.5-LTS 最新latest yes yes

CentOSCentOS

发布者/版本Publisher / Version 产品/服务Offer SKUSKU 版本Version 映像 cloud-init 准备就绪image cloud-init ready Azure 上的 cloud-init 包支持cloud-init package support on Azure
OpenLogic 7.7OpenLogic 7.7 CentOSCentOS 7-CI7-CI 7.7.201909207.7.20190920 是(注意:这是预览版映像,不得继续使用,将于 2020 年 9 月 1 日删除)yes (note: this is a preview image, and must not be used anymore, this will be removed 1st September 2020) 空值N/A
OpenLogic 7.7OpenLogic 7.7 CentOSCentOS 7.77.7 7.7.20200624007.7.2020062400 yes 是 - 以下包版本提供支持:18.5-6.el7.centos.5yes - support from package version: 18.5-6.el7.centos.5
OpenLogic 7.7 (Gen2)OpenLogic 7.7 (Gen2) CentOSCentOS 7_7-gen27_7-gen2 7.7.20200624017.7.2020062401 yes 是 - 以下包版本提供支持:18.5-6.el7.centos.5yes - support from package version: 18.5-6.el7.centos.5
OpenLogic 7.7OpenLogic 7.7 CentOS-HPCCentOS-HPC 7.77.7 7.6.20200626007.6.2020062600 yes 是 - 以下包版本提供支持:18.5-6.el7.centos.5yes - support from package version: 18.5-6.el7.centos.5
OpenLogic 7.7 (Gen2)OpenLogic 7.7 (Gen2) CentOS-HPCCentOS-HPC 7_7-gen27_7-gen2 7.6.20200626017.6.2020062601 yes 是 - 以下包版本提供支持:18.5-6.el7.centos.5yes - support from package version: 18.5-6.el7.centos.5
OpenLogic 8.1OpenLogic 8.1 CentOSCentOS 8_18_1 8.1.20200624008.1.2020062400 yes 是 - 以下包版本提供支持:18.5-7.el8_1.1yes - support from package version: 18.5-7.el8_1.1
OpenLogic 8.1 (Gen2)OpenLogic 8.1 (Gen2) CentOSCentOS 8_1-gen28_1-gen2 8.1.20200624018.1.2020062401 yes 是 - 以下包版本提供支持:18.5-7.el8_1.1yes - support from package version: 18.5-7.el8_1.1
OpenLogic 8.1OpenLogic 8.1 CentOS-HPCCentOS-HPC 8_18_1 8.1.20200624008.1.2020062400 yes 是 - 以下包版本提供支持:18.5-7.el8_1.1yes - support from package version: 18.5-7.el8_1.1
OpenLogic 8.1 (Gen2)OpenLogic 8.1 (Gen2) CentOS-HPC:8_1-gen2CentOS-HPC:8_1-gen2 8_1-gen28_1-gen2 8.1.20200624018.1.2020062401 yes 是 - 以下包版本提供支持:18.5-7.el8_1.1yes - support from package version: 18.5-7.el8_1.1
  • 所有 OpenLogic:CentOS 7.8 和 8.2(Gen1 和 Gen2)映像都是使用 cloud-init 预配的。All OpenLogic:CentOS 7.8 and 8.2 (Gen1 and Gen2) images are provisioned using cloud-init.

SUSE SLESSUSE SLES

这些 SLES 映像已更新为使用 cloud-init 预配,Gen2 映像变体也已经更新。These SLES images have been updated to provision using cloud-init, the Gen2 image variants have also been updated.

  • suse:sles-15-sp1-{basic/byos/hpc/hpc-byos/chost-byos}:gen1:2020.06.10suse:sles-15-sp1-{basic/byos/hpc/hpc-byos/chost-byos}:gen1:2020.06.10
  • suse:sles-sap-15-sp1:gen1:2020.06.10suse:sles-sap-15-sp1:gen1:2020.06.10
  • suse:sles-sap-15-sp1-byos:gen1:2020.06.10suse:sles-sap-15-sp1-byos:gen1:2020.06.10
  • suse:manager-proxy-4-byos:gen1:2020.06.10suse:manager-proxy-4-byos:gen1:2020.06.10
  • suse:manager-server-4-byos:gen1:2020.06.10suse:manager-server-4-byos:gen1:2020.06.10
  • suse:sles-{byos/sap/sap-byos}:15:2020.06.10suse:sles-{byos/sap/sap-byos}:15:2020.06.10
  • suse:sles-12-sp5:gen1:2020.06.10suse:sles-12-sp5:gen1:2020.06.10
  • suse:sles-12-sp5{-byos/basic/hpc-byos/hpc}:gen1:2020.06.10suse:sles-12-sp5{-byos/basic/hpc-byos/hpc}:gen1:2020.06.10
  • suse:sles-{byos/sap/sap-byos}:12-sp4:2020.06.10suse:sles-{byos/sap/sap-byos}:12-sp4:2020.06.10
  • suse:sles-{byos/sap/sap-byos}:12-sp3:2020.06.10suse:sles-{byos/sap/sap-byos}:12-sp3:2020.06.10
  • suse:sles-{byos/sap/sap-byos}:12-sp2:2020.06.10suse:sles-{byos/sap/sap-byos}:12-sp2:2020.06.10

DebianDebian

发布者/版本Publisher / Version 产品/服务Offer SKUSKU 版本Version 映像 cloud-init 准备就绪image cloud-init ready Azure 上的 cloud-init 包支持cloud-init package support on Azure
debian (Gen1)debian (Gen1) debian-10debian-10 10-cloudinit10-cloudinit cloud-init-previewcloud-init-preview 是(仅限预览)yes (preview only) 否,以预览版提供。No, in preview.
debian (Gen2)debian (Gen2) debian-10debian-10 10-cloudinit-gen210-cloudinit-gen2 cloud-init-previewcloud-init-preview 是(仅限预览)yes (preview only) 否,以预览版提供。No, in preview.

目前 Azure Stack 将支持预配启用了 cloud-init 的映像。Currently Azure Stack will support the provisioning of cloud-init enabled images.

cloud-init 和 Linux 代理 (WALA) 之间的区别是什么?What is the difference between cloud-init and the Linux Agent (WALA)?

WALA 是一种特定于 Azure 平台的代理,用于预配和配置 VM 并处理 Azure 扩展WALA is an Azure platform-specific agent used to provision and configure VMs, and handle Azure extensions.

我们正在增强将 VM 配置为使用 cloud-init 而不是 Linux 代理的任务,使现有的 cloud-init 客户能够使用其当前 cloud-init 脚本,或者使新客户能够利用丰富的 cloud-init 配置功能。We are enhancing the task of configuring VMs to use cloud-init instead of the Linux Agent in order to allow existing cloud-init customers to use their current cloud-init scripts, or new customers to take advantage of the rich cloud-init configuration functionality. 如果已使用过 cloud-init 脚本来配置 Linux 系统,那么,不需要进行额外的设置就能让 cloud-init 处理这些任务。If you have existing investments in cloud-init scripts for configuring Linux systems, there are no additional settings required to enable cloud-init process them.

cloud-init 无法处理 Azure 扩展,因此,仍需在映像中包含 WALA 才能处理扩展,不过,需要禁用其预配代码。要转换为由 cloud-init 预配的已认可 Linux 发行版映像将会正确安装并设置 WALA。cloud-init cannot process Azure extensions, so WALA is still required in the image to process extensions, but will need to have its provisioning code disabled, for endorsed Linux distros images that are being converted to provision by cloud-init, they will have WALA installed, and setup correctly.

创建 VM 时,如果在预配时未包括 Azure CLI --custom-data 开关,cloud-init 或 WALA 将采用所需的最小 VM 预配参数来预配 VM 并使用默认值完成部署。When creating a VM, if you do not include the Azure CLI --custom-data switch at provisioning time, cloud-init or WALA takes the minimal VM provisioning parameters required to provision the VM and complete the deployment with the defaults. 如果使用 --custom-data 开关引用 cloud-init 配置,在 VM 启动时,自定义数据中包含的任何内容均可用于 cloud-init。If you reference the cloud-init configuration with the --custom-data switch, whatever is contained in your custom data will be available to cloud-init when the VM boots.

应用于 VM 的 cloud-init 配置没有时限,也不会因为超时导致部署失败。对于 WALA,这一点并不适用。如果更改 WALA 默认值来处理自定义数据,则用于处理自定义数据的时间不能超过 VM 预配总时间限制(40 分钟),否则 VM 创建操作将会失败。cloud-init configurations applied to VMs do not have time constraints and will not cause a deployment to fail by timing out. This is not true for WALA, if you change the WALA defaults to process custom-data, it cannot exceed the total VM provisioning time allowance of 40mins, if so, the VM Create will fail.

部署已启用 cloud-init 的虚拟机Deploying a cloud-init enabled Virtual Machine

部署已启用 cloud-init 的虚拟机就和在部署期间引用已启用 cloud-init 的分发一样简单。Deploying a cloud-init enabled virtual machine is as simple as referencing a cloud-init enabled distribution during deployment. Linux 分发 Maintainer 需要选择启用 cloud-init,并将 cloud-init 集成到其基本 Azure 已发布映像中。Linux distribution maintainers have to choose to enable and integrate cloud-init into their base Azure published images. 确认想要部署的映像已启用 cloud-init 之后,就可以使用 AzureCLI 部署映像。Once you have confirmed the image you want to deploy is cloud-init enabled, you can use the Azure CLI to deploy the image.

部署此映像的第一步是使用 az group create 命令创建资源组。The first step in deploying this image is to create a resource group with the az group create command. Azure 资源组是在其中部署和管理 Azure 资源的逻辑容器。An Azure resource group is a logical container into which Azure resources are deployed and managed.

备注

在 Azure China 中使用 Azure CLI 2.0 之前,请首先运行 az cloud set -n AzureChinaCloud 更改云环境。Before you can use Azure CLI 2.0 in Azure China, please run az cloud set -n AzureChinaCloud first to change the cloud environment. 如果要切换回全局 Azure,请再次运行 az cloud set -n AzureCloudIf you want to switch back to Global Azure, run az cloud set -n AzureCloud again.

以下示例在“chinaeast” 位置创建名为“myResourceGroup” 的资源组。The following example creates a resource group named myResourceGroup in the chinaeast location.

az group create --name myResourceGroup --location chinaeast

下一步是在当前 shell 中创建名为 cloud-init.txt 的文件并粘贴以下配置。The next step is to create a file in your current shell, named cloud-init.txt and paste the following configuration. 对于此示例,请在本地计算机中创建文件。For this example, create the file on your local machine. 可使用任何想要使用的编辑器。You can use any editor you wish. 输入 sensible-editor cloud-init.txt 以创建文件并查看可用编辑器的列表。Enter sensible-editor cloud-init.txt to create the file and see a list of available editors. 选择 #1 以使用 nano 编辑器。Choose #1 to use the nano editor. 请确保已正确复制整个 cloud-init 文件,尤其是第一行:Make sure that the whole cloud-init file is copied correctly, especially the first line:

#cloud-config
package_upgrade: true
packages:
  - httpd

ctrl-X 退出该文件,键入 y 以保存文件,并按 enter 确认退出时的文件名。Press ctrl-X to exit the file, type y to save the file and press enter to confirm the file name on exit.

最后一步是使用 az vm create 命令创建 VM。The final step is to create a VM with the az vm create command.

以下示例创建一个名为 centos74 的 VM,并且在默认密钥位置中不存在 SSH 密钥时创建这些密钥。The following example creates a VM named centos74 and creates SSH keys if they do not already exist in a default key location. 若要使用特定的一组密钥,请使用 --ssh-key-value 选项。To use a specific set of keys, use the --ssh-key-value option. 使用 --custom-data 参数传递到 cloud-init 配置文件中。Use the --custom-data parameter to pass in your cloud-init config file. 如果未将 cloud-init.txt 配置文件保存在现有工作目录中,请提供该文件的完整路径。Provide the full path to the cloud-init.txt config if you saved the file outside of your present working directory.

az vm create \
  --resource-group myResourceGroup \
  --name centos74 \
  --image OpenLogic:CentOS-CI:7-CI:latest \
  --custom-data cloud-init.txt \
  --generate-ssh-keys 

创建 VM 后,Azure CLI 会显示部署的特定信息。When the VM has been created, the Azure CLI shows information specific to your deployment. 记下 publicIpAddressTake note of the publicIpAddress. 此地址用于访问 VM。This address is used to access the VM. 创建 VM、安装程序包和启动应用需要一些时间。It takes some time for the VM to be created, the packages to install, and the app to start. 在 Azure CLI 向你返回提示之后,仍然存在继续运行的后台任务。There are background tasks that continue to run after the Azure CLI returns you to the prompt. 你可以使用 SSH 连接到 VM 并使用故障排除部分中所述的步骤来查看 cloud-init 日志。You can SSH into the VM and use the steps outlined in the Troubleshooting section to view the cloud-init logs.

还可通过传递 ARM 模板中的参数来部署已启用 cloud-init 的 VM。You can also deploy a cloud-init enabled VM by passing the parameters in ARM template.

对 cloud-init 进行故障排除Troubleshooting cloud-init

VM 预配完成后,会在 --custom-data 中定义的所有模块和脚本上运行 cloud-init,以便配置 VM。Once the VM has been provisioned, cloud-init will run through all the modules and script defined in --custom-data in order to configure the VM. 若要对配置中存在的任何错误或遗漏进行故障排除,需要在位于 /var/log/cloud-init.log 的 cloud-init 日志中搜索模块名称(例如 disk_setupruncmd)。If you need to troubleshoot any errors or omissions from the configuration, you need to search for the module name (disk_setup or runcmd for example) in the cloud-init log - located in /var/log/cloud-init.log.

备注

并不是每个模块故障都会导致严重的 cloud-init 整体配置故障。Not every module failure results in a fatal cloud-init overall configuration failure. 例如使用 runcmd 模块,如果脚本发生故障,cloud-init 依然会报告预配成功,因为 runcmd 模块已执行。For example, using the runcmd module, if the script fails, cloud-init will still report provisioning succeeded because the runcmd module executed.

有关 cloud-init 日志的更多详细信息,请参阅 cloud-init 文档For more details of cloud-init logging, refer to the cloud-init documentation

后续步骤Next steps

排查 cloud-init 问题Troubleshoot issues with cloud-init.

有关配置更改的 cloud-init 示例,请参阅以下文档:For cloud-init examples of configuration changes, see the following documents: