LoginSignup
5
6

More than 5 years have passed since last update.

@tsujimitsu(Toshimitsu Tsuji)

Setup centos7 on amazon web services (aws)

Last updated at Posted at 2016-01-01

Create ec2 instance

  • 「インスタンスの作成」で「AWS Marketplace」から、「CentOS 7 (x86_64) with Updates HVM」を選択する。
  • スペックは以下の通りとする。
    • t2.micro / SSD 30GB

Login ec2 instance

  • 以下のコマンドを実行する。
$ ssh -i aws-centos70.pem centos@XXX.XXX.XXX.XXX
※「aws-centos70.pem」はインスタンス作成時に指定した公開鍵の対となる秘密鍵
※centos7 へは root 直ログインはできない。

$ sudo su -
# id
uid=0(root) ...
# exit
logout
$ id
uid=1000(centos) ...

Add new local user

$ sudo adduser new-username
$ tail -1 /etc/passwd
new-username:x:1001:1001::/home/new-username:/bin/bash

$ sudo su -
# cp -R /home/centos/.ssh/ /home/new-username/
# chown -R new-username:new-username /home/new-username/.ssh/
# ls -la /home/new-username/.ssh/
-rw-------. 1 new-username new-username 394 Jan  1 14:02 authorized_keys

# exit
$ exit
$ ssh -i aws-centos70.pem new-username@XXX.XXX.XXX.XXX
$ id
uid=1001(new-username) ...
※centosユーザではなく、他のローカルユーザを作成してcentosユーザと同じ権限を付与する。
 その後、centosユーザを削除するかSSHログイン不可とする。

Change settings

$ sudo vi /etc/hostname
new-hostname
$ sudo vi /etc/cloud/cloud.cfg
preserve_hostname:true

$ sudo vi /etc/sysconfig/selinux
#SELINUX=enforcing
SELINUX=disabled

$ sudo localectl set-locale LANG=ja_JP.utf8
$ sudo localectl set-keymap jp106
$ localectl status
   System Locale: LANG=ja_JP.utf8
       VC Keymap: jp106
      X11 Layout: jp
       X11 Model: jp106
     X11 Options: terminate:ctrl_alt_bksp

$ sudo timedatectl set-timezone Asia/Tokyo
$ timedatectl status
      Local time: 金 2016-01-01 23:32:23 JST
  Universal time: 金 2016-01-01 14:32:23 UTC
        Timezone: Asia/Tokyo (JST, +0900)
     NTP enabled: yes
NTP synchronized: yes
 RTC in local TZ: no
      DST active: n/a

$ sudo systemctl stop postfix.service
$ sudo systemctl disable postfix.service
rm '/etc/systemd/system/multi-user.target.wants/postfix.service'
$ systemctl list-unit-files --type service | grep postfix
postfix.service                        disabled

$ sudo yum install firewalld
$ sudo systemctl start firewalld
$ firewall-cmd --list-all
public (default)
  interfaces:
  sources:
  services: dhcpv6-client ssh
  ports:
  masquerade: no
  forward-ports:
  icmp-blocks:
  rich rules:
$ sudo firewall-cmd --permanent --add-port=20022/tcp
$ sudo firewall-cmd --reload
$ sudo semanage port -a -t ssh_port_t -p tcp 20022
$ sudo semanage port -l | grep ssh
ssh_port_t                     tcp      20022, 22
$ sudo vi /etc/ssh/sshd_config
Port 20022
$ sudo systemctl restart sshd.service

$ exit
$ ssh -i aws-centos70.pem -p 20022 new-username@XXX.XXX.XXX.XXX

Update packages

sudo yum update

Install favorite packages

sudo yum install vim

Reboot

sudo shutdown -r now

Check settings

$ cat /etc/redhat-release
CentOS Linux release 7.2.1511 (Core)
$ rpm -q cloud-init
cloud-init-0.7.5-10.el7.centos.1.x86_64

Reference

5
6
0

Register as a new user and use Qiita more conveniently

  1. You get articles that match your needs
  2. You can efficiently read back useful information
  3. You can use dark theme
What you can do with signing up
Sign upLogin
5
6