OpenStack镜像服务(glance)允许用户发现、注册和恢复虚拟机镜像。Glance提供Rest API可以查询虚拟机镜像的metadata并且可以获取镜像。通过Glance,虚拟机镜像可以被存储到多种存储上,比如简单的文件存储或者对象存储(比如OpenStack中swift项目)。
一、OpenStack 镜像服务包含组件
图1.1. OpenStack glance组件
二、OpenStack 镜像服务安装
下面介绍如何安装和配置镜像服务,即glance。这个配置将镜像保存到本地文件系统中,默认存储在/var/lib/glance/images/目录中。所有的步骤将在控制节点(Controller Node)上面进行操作。
1.安装前的准备
安装和配置镜像服务之前,必须创建数据库、服务证书和API端点。
1.1数据库配置
1)创建数据库
1
2
3
|
root@controller:~
# mysql -uroot -p
MariaDB [(none)]> create database glance;
Query OK, 1 row affected (0.06 sec)
|
2)给数据库授权
1
2
3
4
5
6
|
MariaDB [(none)]> GRANT ALL PRIVILEGES ON glance.* TO
'glance'
@
'localhost'
IDENTIFIED BY
'sfzhang1109'
;
Query OK, 0 rows affected (0.45 sec)
MariaDB [(none)]> GRANT ALL PRIVILEGES ON glance.* TO
'glance'
@
'%'
IDENTIFIED BY
'sfzhang1109'
;
Query OK, 0 rows affected (0.00 sec)
MariaDB [(none)]> flush privileges;
Query OK, 0 rows affected (0.06 sec)
|
3)退出数据库客户端
1
2
|
MariaDB [(none)]>
exit
Bye
|
1.2 导入admin身份凭证以便执行管理命令
1
|
root@controller:~
# source admin-openrc.sh
|
1.3 创建服务证书
1)创建glance用户(密码:glance)
1
2
3
4
5
6
7
8
9
10
11
12
|
root@controller:~
# openstack user create --password-prompt glance
User Password:
Repeat User Password:
+----------+----------------------------------+
| Field | Value |
+----------+----------------------------------+
| email | None |
| enabled | True |
|
id
| 8d333920d9df49af8d57910c3c18dcf8 |
| name | glance |
| username | glance |
+----------+----------------------------------+
|
2)将glance用户和租户服务添加管理员角
1
2
3
4
5
6
7
|
root@controller:~
# openstack role add --project service --user glance admin
+-------+----------------------------------+
| Field | Value |
+-------+----------------------------------+
|
id
| 05616505a61c4aa78f43fba9e60ba7fc |
| name | admin |
+-------+----------------------------------+
|
3)创建glance服务实体
1
2
3
4
5
6
7
8
9
10
|
root@controller:~
# openstack service create --name glance --description "OpenStack Image service" image
+-------------+----------------------------------+
| Field | Value |
+-------------+----------------------------------+
| description | OpenStack Image service |
| enabled | True |
|
id
| e448c04b115a4cd3b745b70b17fa95b3 |
| name | glance |
|
type
| image |
+-------------+----------------------------------+
|
1.4 创建镜像服务API端点
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
|
root@controller:~
# openstack endpoint create \
--publicurl http:
//controller
:9292 \
--internalurl http:
//controller
:9292 \
--adminurl http:
//controller
:9292 \
--region RegionOne \
image
+--------------+----------------------------------+
| Field | Value |
+--------------+----------------------------------+
| adminurl | http:
//controller
:9292 |
|
id
| aa4ac4216c7a41fd8452c7186c9493ac |
| internalurl | http:
//controller
:9292 |
| publicurl | http:
//controller
:9292 |
| region | RegionOne |
| service_id | e448c04b115a4cd3b745b70b17fa95b3 |
| service_name | glance |
| service_type | image |
+--------------+----------------------------------+
|
2.安装和配置镜像服务组件
2.1安装软件包
1
|
root@controller:~
# apt-get install glance python-glanceclient
|
2.2编辑/etc/glance/glance-api.conf配置文件,完成下面的配置
1)在[database]部分配置数据库访问
1
2
3
|
[database]
…
connection = mysql:
//glance
:sfzhang1109@controller
/glance
|
2)在[keystone_authtoken] 和[paste_deploy]部分配置身份认证入口
1
2
3
4
5
6
7
8
9
10
11
12
13
|
[keystone_authtoken]
…
auth_uri = http:
//controller
:5000
auth_url = http:
//controller
:35357
auth_plugin = password
project_domain_id = default
user_domain_id = default
project_name = service
username = glance
password = glance
[paste_deploy]
…
flavor = keystone
|
3)在[glance_store]部分配置本地文件系统存储和镜像文件的位置
1
2
3
4
|
[glance_store]
...
default_store =
file
filesystem_store_datadir =
/data/glance/images/
|
4)在[DEFAULT]部分禁用noop消息驱动,因为该选项只和可选的Telemetry服务有关
1
2
3
|
[DEFAULT]
...
notification_driver = noop
|
5)在[DEFAULT]部分开启详细日志配置,方便故障分析和排查
1
2
3
|
[DEFAULT]
...
verbose = True
|
2.3编辑/etc/glance/glance-registry.conf配置文件,完成下面的配置
1)在[database]部分配置数据库访问
1
|
connection = mysql:
//glance
:sfzhang1109@controller
/glance
|
2)在[keystone_authtoken] 和[paste_deploy]部分配置身份认证入口
1
2
3
4
5
6
7
8
9
10
|
[keystone_authtoken]
...
auth_uri = http:
//controller
:5000
auth_url = http:
//controller
:35357
auth_plugin = password
project_domain_id = default
user_domain_id = default
project_name = service
username = glance
password = glance
|
3)在[DEFAULT]部分禁用noop消息驱动,因为该选项只和可选的Telemetry服务有关
1
2
3
|
[paste_deploy]
...
flavor = keystone
|
4)在[DEFAULT]部分开启详细日志配置,方便故障分析和排查
1
2
3
|
[DEFAULT]
...
verbose = True
|
2.4 初始化镜像服务数据库
1
2
3
4
|
root@controller:~
# su -s /bin/sh -c "glance-manage db_sync" glance
2015-09-01 06:17:25.166 18641 INFO migrate.versioning.api [-] 0 -> 1...
2015-09-01 06:17:25.193 18641 INFO glance.db.sqlalchemy.migrate_repo.schema [-] creating table images
…
|
3.安装完成
1)重启Image service的服务
1
2
|
root@controller:~
# service glance-registry restart
root@controller:~
# service glance-api restart
|
2默认会创建SQLite数据库,因为使用的是MYSQL数据库,因此要删除QLite数据库文件
三、OpenStack Image service服务验证
1)配置镜像服务客户端使用API的版本为2.0
1
|
root@controller:~
# echo "export OS_IMAGE_API_VERSION=2" | tee -a admin-openrc.sh demo-openrc.sh
|
2)执行admin身份凭证
1
|
root@controller:~
# source admin-openrc.sh
|
3)在本地创建临时目录
1
|
root@controller:~
# mkdir /tmp/images
|
4)下载镜像到该目录
1
|
root@controller:~
# wget -P /tmp/images http://download.cirros-cloud.net/0.3.4/cirros-0.3.4-x86_64-disk.img
|
5)上传镜像到Image service,镜像格式为QCOW2。
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
|
root@controller:~
# glance image-create --name "cirros-0.3.4-x86_64" --file /tmp/images/cirros-0.3.4-x86_64-disk.img --disk-format qcow2 --container-format bare --progress
[=============================>] 100%
+------------------+--------------------------------------+
| Property | Value |
+------------------+--------------------------------------+
| checksum | ee1eca47dc88f4879d8a229cc70a07c6 |
| container_format | bare |
| created_at | 2015-09-11T07:04:31.000000 |
| deleted | False |
| deleted_at | None |
| disk_format | qcow2 |
|
id
| df54ff49-b167-4fed-987a-0ade3cbc9aca |
| is_public | False |
| min_disk | 0 |
| min_ram | 0 |
| name | cirros-0.3.4-x86_64 |
| owner | d04d4985d62f42e2af2ddc35f442ffd9 |
| protected | False |
| size | 13287936 |
| status | active |
| updated_at | 2015-09-11T07:04:32.000000 |
| virtual_size | None |
+------------------+--------------------------------------+
|
6)确认镜像上传并验证属性
1
2
3
4
5
6
|
root@controller:~
# glance image-list
+--------------------------------------+---------------------+-------------+------------------+----------+--------+
| ID | Name | Disk Format | Container Format | Size | Status |
+--------------------------------------+---------------------+-------------+------------------+----------+--------+
| df54ff49-b167-4fed-987a-0ade3cbc9aca | cirros-0.3.4-x86_64 | qcow2 | bare | 13287936 | active |
+--------------------------------------+---------------------+-------------+------------------+----------+--------+
|
7)删除临时目录的镜像文件
1
|
root@controller:~
# rm -r /tmp/images/
|
备注:
1)OpenStack官方文档:
http://docs.openstack.org/kilo/install-guide/install/apt/content/