前言:
1,glance作用和特性
用户使用镜像服务 (glance) 允许来创建,查询虚拟机镜像。它提供了一个 REST API,允许查询虚拟机镜像的 metadata 并获取一个现存的镜像
可以将虚拟机镜像存储到各种位置,如简单的文件系统或者是对象存储系统,例如 OpenStack 对象存储, 并通过镜像服务使用
上传指定的文件作为后端配置镜像服务,默认目录是 /var/lib/glance/images/
(glance)使用户能够发现、注册和检索虚拟机映像。它提供了一个REST API,使您能够查询虚拟机映像元数据并检索实际映像。您可以将通过映像服务提供的虚拟机映像存储在各种位置,从简单的文件系统到OpenStack对象存储等对象存储系统。总的来说,就是一个专门管理镜像的服务。
,2,glance镜像服务的组件
glance-api:
用于接收镜像REST API的调用,诸如镜像查找,获取,上传,删除
glance-registry:
用于与mysql数据库交互,监听端口为9191,
提供镜像元数据相关的REST接口,用于存储、处理和恢复镜像的元数据(metadata),元数据包括项诸如大小和类型。
通过glance-registry可以向数据库中写入或获取镜像的各种数据
其中有两张表,image表保存了镜像格式大小等信息,image property表保存进行的定制化信息
注意:glance-registry是私有内部服务,用于服务OpenStack Image服务。不能向用户暴露
image:镜像文件的存储仓库
支持多种类型的仓库,它们有普通文件系统、对象存储、RADOS块设备、HTTP、以及亚马逊S3。另外,其中一些仓库仅支持只读方式使用。
image store:
是一个存储的接口层,通过这个接口glance可以获取镜像,支持的存储有亚马逊的S3,openstack本身的swift,还有ceph,sheepdog,GlusterFS等分布式存储
image store是镜像保存与获取的接口,仅仅是一个接口层,具体的实现需要外部的存储支持
数据库:
存放镜像元数据,用户是可以依据个人喜好选择数据库的,多数的部署使用MySQL或SQLite,本例使用的是mariadb
元数据定义服务:
通用的API,是用于为厂商,管理员,服务,以及用户自定义元数据。
这种元数据可用于不同的资源,例如镜像,工件,卷,配额以及集合。
一个定义包括了新属性的键,描述,约束以及可以与之关联的资源的类型。
本文将基于官方文档来部署,并根据自己的实际情况进行修改说明。
官方文档链接:OpenStack Docs: Install and configure (Red Hat)
一,
数据库初始化
登陆MySQL,运行以下SQL语句:
创建glance服务使用的数据库,创建数据库用户glance并赋予数据库操作权限
create database glance; GRANT ALL PRIVILEGES ON glance.* TO 'glance'@'localhost' IDENTIFIED BY 'glance123456'; GRANT ALL PRIVILEGES ON glance.* TO 'glance'@'%' IDENTIFIED BY 'glance123456'; flush privileges;
二,
在keystone上面注册glance
1,
Create the glance user
openstack user create --domain default --password=glance glance
输出如下:
1. +---------------------+----------------------------------+ 2. | Field | Value | 3. +---------------------+----------------------------------+ 4. | domain_id | default | 5. | enabled | True | 6. | id | 889842492a2f45cc9ddc5d1eae2d64f1 | 7. | name | glance | 8. | options | a{} | 9. | password_expires_at | None | 10. +---------------------+----------------------------------+
2,
在keystone上将glance用户添加为service项目的admin角色(权限)
openstack role add --project service --user glance admin #注:此命令无输出为正确
3,
创建glance镜像服务的实体
在创建前,我们先看一下有哪些service(服务),就一个keystone
[root@openstack1 ~]# openstack service list +----------------------------------+----------+----------+ | ID | Name | Type | +----------------------------------+----------+----------+ | 0aefcadb64fc4bdc8195f5a9df0cc516 | keystone | identity | +----------------------------------+----------+----------+
OK,创建一个glance相关的service:
openstack service create --name glance --description "OpenStack Image" image openstack service list
输出如下:
可以看到多了一个service
[root@openstack1 ~]# openstack service create --name glance --description "OpenStack Image" image +-------------+----------------------------------+ | Field | Value | +-------------+----------------------------------+ | description | OpenStack Image | | enabled | True | | id | 4fb6e6f07d5041deb8c3e317f54f8f6c | | name | glance | | type | image | +-------------+----------------------------------+ [root@openstack1 ~]# openstack service list +----------------------------------+----------+----------+ | ID | Name | Type | +----------------------------------+----------+----------+ | 0aefcadb64fc4bdc8195f5a9df0cc516 | keystone | identity | | 4fb6e6f07d5041deb8c3e317f54f8f6c | glance | image | +----------------------------------+----------+----------+
4,创建glance服务的检查点:
注:这个地方还是和老版本一样,没有改变,不过一般也是不会出错的,注意是192.168.123.130的主机名 openstack1
openstack endpoint create --region RegionOne image public http://openstack1:9292 openstack endpoint create --region RegionOne image internal http://openstack1:9292 openstack endpoint create --region RegionOne image admin http://openstack1:9292
输出如下:
[root@openstack1 ~]# openstack endpoint create --region RegionOne image public http://openstack1:9292 +--------------+----------------------------------+ | Field | Value | +--------------+----------------------------------+ | enabled | True | | id | 0dff640b6887445c91f6b697d38b63f3 | | interface | public | | region | RegionOne | | region_id | RegionOne | | service_id | 4fb6e6f07d5041deb8c3e317f54f8f6c | | service_name | glance | | service_type | image | | url | http://openstack1:9292 | +--------------+----------------------------------+ [root@openstack1 ~]# openstack endpoint create --region RegionOne image internal http://openstack1:9292 +--------------+----------------------------------+ | Field | Value | +--------------+----------------------------------+ | enabled | True | | id | 23bb125457d54ee18d384c37596854ea | | interface | internal | | region | RegionOne | | region_id | RegionOne | | service_id | 4fb6e6f07d5041deb8c3e317f54f8f6c | | service_name | glance | | service_type | image | | url | http://openstack1:9292 | +--------------+----------------------------------+ [root@openstack1 ~]# openstack endpoint create --region RegionOne image public http://openstack1:9292 +--------------+----------------------------------+ | Field | Value | +--------------+----------------------------------+ | enabled | True | | id | 0bd355f15aaa4526a4a306f212a9471f | | interface | public | | region | RegionOne | | region_id | RegionOne | | service_id | 4fb6e6f07d5041deb8c3e317f54f8f6c | | service_name | glance | | service_type | image | | url | http://openstack1:9292 | +--------------+----------------------------------+
查询检查点:
总共是六个endpoint,表示正确,不能多也不能少
[root@openstack1 ~]# openstack endpoint list +----------------------------------+-----------+--------------+--------------+---------+-----------+----------------------------+ | ID | Region | Service Name | Service Type | Enabled | Interface | URL | +----------------------------------+-----------+--------------+--------------+---------+-----------+----------------------------+ | 09fb81fcb9fd48a2b24acd4874bddc76 | RegionOne | glance | image | True | internal | http://openstack1:9292 | | 4199c37c0d2c4e6990899581538987d3 | RegionOne | glance | image | True | admin | http://openstack1:9292 | | 900b2ea657b04c4d89cf740bb3c74050 | RegionOne | keystone | identity | True | public | http://openstack1:5000/v3/ | | 9e03fca7bea64ecf8c89abc4459142c4 | RegionOne | keystone | identity | True | internal | http://openstack1:5000/v3/ | | b276b0e8921e4d879c3cac5f7c4256bf | RegionOne | glance | image | True | public | http://openstack1:9292 | | ba2d3158fd724aa19a009131a9d6b864 | RegionOne | keystone | identity | True | admin | http://openstack1:5000/v3/ | +----------------------------------+-----------+--------------+--------------+---------+-----------+----------------------------+
如果某个endpoint创建的时候错误了,比如手抖写错了或者重复创建了(允许重复创建,创建的记录在MySQL数据库内),可以删除,删除命令为:
openstack endpoint delete ID 例如删除第一个: openstack endpoint delete 09fb81fcb9fd48a2b24acd4874bddc76
以上的步骤都是写入到了keystone这个数据库内了,这里不要搞错了,不是glance数据库,glance数据库还没开始使用
# 至此,glance在keystone上面注册完成,可以进行下一步的安装
三,
安装glance相关软件
1,
Python的版本问题
#这里不能使用Python3,必须使用Python2.7或者非Python-3.5
# 在当前版本中有一个bug在Python3.5中可能会有ssl方面的问题,以下是详情页面
2,
安装软件:
yum install openstack-glance python-glance python-glanceclient -y
3,
修改glance服务的配置文件
这里采用一个快速修改的方式,使用openstack-utils:
glance-api服务:
主要是需要仔细核对用户和密码以及主机名,例如,第一行的数据库密码不能错了,否则后面建表可能会失败的哦
openstack-config --set /etc/glance/glance-api.conf database connection mysql+pymysql://glance:glance123456@openstack1/glance openstack-config --set /etc/glance/glance-api.conf keystone_authtoken www_authenticate_uri http://openstack1:5000 openstack-config --set /etc/glance/glance-api.conf keystone_authtoken auth_url http://openstack1:5000 openstack-config --set /etc/glance/glance-api.conf keystone_authtoken memcached_servers openstack1:11211 openstack-config --set /etc/glance/glance-api.conf keystone_authtoken auth_type password openstack-config --set /etc/glance/glance-api.conf keystone_authtoken project_domain_name Default openstack-config --set /etc/glance/glance-api.conf keystone_authtoken user_domain_name Default openstack-config --set /etc/glance/glance-api.conf keystone_authtoken project_name service openstack-config --set /etc/glance/glance-api.conf keystone_authtoken username glance openstack-config --set /etc/glance/glance-api.conf keystone_authtoken password glance openstack-config --set /etc/glance/glance-api.conf paste_deploy flavor keystone openstack-config --set /etc/glance/glance-api.conf glance_store stores file,http openstack-config --set /etc/glance/glance-api.conf glance_store default_store file openstack-config --set /etc/glance/glance-api.conf glance_store filesystem_store_datadir /var/lib/glance/images/
glance-registry服务:
openstack-config --set /etc/glance/glance-registry.conf database connection mysql+pymysql://glance:glance123456@openstack1/glance openstack-config --set /etc/glance/glance-registry.conf keystone_authtoken www_authenticate_uri http://openstack1:5000 openstack-config --set /etc/glance/glance-registry.conf keystone_authtoken auth_url http://openstack1:5000 openstack-config --set /etc/glance/glance-registry.conf keystone_authtoken memcached_servers openstack1:11211 openstack-config --set /etc/glance/glance-registry.conf keystone_authtoken auth_type password openstack-config --set /etc/glance/glance-registry.conf keystone_authtoken project_domain_name Default openstack-config --set /etc/glance/glance-registry.conf keystone_authtoken user_domain_name Default openstack-config --set /etc/glance/glance-registry.conf keystone_authtoken project_name service openstack-config --set /etc/glance/glance-registry.conf keystone_authtoken username glance openstack-config --set /etc/glance/glance-registry.conf keystone_authtoken password glance openstack-config --set /etc/glance/glance-registry.conf paste_deploy flavor keystone
核对配置文件:
[root@openstack1 ~]# grep '^[a-z]' /etc/glance/glance-api.conf connection = mysql+pymysql://glance:glance_DBPASS@openstack1/glance stores = file,http default_store = file filesystem_store_datadir = /var/lib/glance/images/ www_authenticate_uri = http://openstack1:5000 auth_url = http://openstack1:5000 memcached_servers = openstack1:11211 auth_type = password project_domain_name = Default user_domain_name = Default project_name = service username = glance password = glance flavor = keystone
[root@openstack1 ~]# grep '^[a-z]' /etc/glance/glance-registry.conf connection = mysql+pymysql://glance:glance_DBPASS@openstack1/glance www_authenticate_uri = http://openstack1:5000 auth_url = http://openstack1:5000 memcached_servers = openstack1:11211 auth_type = password project_domain_name = Default user_domain_name = Default project_name = service username = glance password = glance flavor = keystone
四,
初始化同步glance数据库
如果有任何问题,比如,下面这个命令失败,可以查看日志文件:/var/log/glance/api.log
su -s /bin/sh -c "glance-manage db_sync" glance
输出如下:
这个警告可以忽略的
root@openstack1 ~]# su -s /bin/sh -c "glance-manage db_sync" glance /usr/lib/python2.7/site-packages/oslo_db/sqlalchemy/enginefacade.py:1352: OsloDBDeprecationWarning: EngineFacade is deprecated; please use oslo_db.sqlalchemy.enginefacade expire_on_commit=expire_on_commit, _conf=conf) INFO [alembic.runtime.migration] Context impl MySQLImpl. INFO [alembic.runtime.migration] Will assume non-transactional DDL. INFO [alembic.runtime.migration] Running upgrade -> liberty, liberty initial INFO [alembic.runtime.migration] Running upgrade liberty -> mitaka01, add index on created_at and updated_at columns of 'images' table INFO [alembic.runtime.migration] Running upgrade mitaka01 -> mitaka02, update metadef os_nova_server INFO [alembic.runtime.migration] Running upgrade mitaka02 -> ocata_expand01, add visibility to images INFO [alembic.runtime.migration] Running upgrade ocata_expand01 -> pike_expand01, empty expand for symmetry with pike_contract01 INFO [alembic.runtime.migration] Running upgrade pike_expand01 -> queens_expand01 INFO [alembic.runtime.migration] Running upgrade queens_expand01 -> rocky_expand01, add os_hidden column to images table INFO [alembic.runtime.migration] Running upgrade rocky_expand01 -> rocky_expand02, add os_hash_algo and os_hash_value columns to images table INFO [alembic.runtime.migration] Context impl MySQLImpl. INFO [alembic.runtime.migration] Will assume non-transactional DDL. Upgraded database to: rocky_expand02, current revision(s): rocky_expand02 INFO [alembic.runtime.migration] Context impl MySQLImpl. INFO [alembic.runtime.migration] Will assume non-transactional DDL. INFO [alembic.runtime.migration] Context impl MySQLImpl. INFO [alembic.runtime.migration] Will assume non-transactional DDL. Database migration is up to date. No migration needed. INFO [alembic.runtime.migration] Context impl MySQLImpl. INFO [alembic.runtime.migration] Will assume non-transactional DDL. INFO [alembic.runtime.migration] Context impl MySQLImpl. INFO [alembic.runtime.migration] Will assume non-transactional DDL. INFO [alembic.runtime.migration] Running upgrade mitaka02 -> ocata_contract01, remove is_public from images INFO [alembic.runtime.migration] Running upgrade ocata_contract01 -> pike_contract01, drop glare artifacts tables INFO [alembic.runtime.migration] Running upgrade pike_contract01 -> queens_contract01 INFO [alembic.runtime.migration] Running upgrade queens_contract01 -> rocky_contract01 INFO [alembic.runtime.migration] Running upgrade rocky_contract01 -> rocky_contract02 INFO [alembic.runtime.migration] Context impl MySQLImpl. INFO [alembic.runtime.migration] Will assume non-transactional DDL. Upgraded database to: rocky_contract02, current revision(s): rocky_contract02 INFO [alembic.runtime.migration] Context impl MySQLImpl. INFO [alembic.runtime.migration] Will assume non-transactional DDL. Database is synced successfully.
查看创建的新表,总计应该是15个:
[root@openstack1 ~]# mysql -uglance -pglance123456 -e 'use glance;show tables' +----------------------------------+ | Tables_in_glance | +----------------------------------+ | alembic_version | | image_locations | | image_members | | image_properties | | image_tags | | images | | metadef_namespace_resource_types | | metadef_namespaces | | metadef_objects | | metadef_properties | | metadef_resource_types | | metadef_tags | | migrate_version | | task_info | | tasks | +----------------------------------+ [root@openstack1 ~]# mysql -uglance -pglance123456 -e 'use glance;show tables' |wc -l 16
5,
启动两个glance服务,并加入自启:
systemctl enable openstack-glance-api.service openstack-glance-registry.service systemctl start openstack-glance-api.service openstack-glance-registry.service
五,
测试glance服务是否正常
#可以下载小型的Linux镜像CirrOS用来进行 OpenStack部署测试。
# 下载地址:Index of /
wget http://download.cirros-cloud.net/0.3.5/cirros-0.3.5-x86_64-disk.img
上传上面下载的镜像到glance服务上,并设置公共可见:
openstack image create "cirros" --file cirros-0.3.4-x86_64-disk.img --disk-format qcow2 --container-format bare --public
输出如下:
[root@openstack1 ~]# openstack image create "cirros" --file cirros-0.3.4-x86_64-disk.img --disk-format qcow2 --container-format bare --public +------------------+--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+ | Field | Value | +------------------+--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+ | checksum | ee1eca47dc88f4879d8a229cc70a07c6 | | container_format | bare | | created_at | 2023-01-31T14:11:12Z | | disk_format | qcow2 | | file | /v2/images/62ed12e2-c3d5-4e9b-bf6b-e0db99e8d2c1/file | | id | 62ed12e2-c3d5-4e9b-bf6b-e0db99e8d2c1 | | min_disk | 0 | | min_ram | 0 | | name | cirros | | owner | 7f8efc46f33a40769cf4a4dbad676b77 | | properties | os_hash_algo='sha512', os_hash_value='1b03ca1bc3fafe448b90583c12f367949f8b0e665685979d95b004e48574b953316799e23240f4f739d1b5eb4c4ca24d38fdc6f4f9d8247a2bc64db25d6bbdb2', os_hidden='False' | | protected | False | | schema | /v2/schemas/image | | size | 13287936 | | status | active | | tags | | | updated_at | 2023-01-31T14:11:13Z | | virtual_size | None | | visibility | public | +------------------+--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
OK,通过glance服务,查询镜像,能查到证明上传镜像功能没有问题:
[root@openstack1 ~]# openstack image list +--------------------------------------+--------+--------+ | ID | Name | Status | +--------------------------------------+--------+--------+ | 62ed12e2-c3d5-4e9b-bf6b-e0db99e8d2c1 | cirros | active | +--------------------------------------+--------+--------+
至此,glance服务安装部署完毕,下一个章节将安装部署nova服务
