Openstack glance 镜像服务 (五)
引用: 官方文档glance安装 https://docs.openstack.org/ocata/zh_CN/install-guide-rdo/glance.html
介绍:
OpenStack镜像服务是IaaS的核心服务,如同 :ref:`get_started_conceptual_architecture`所示。它接受磁盘镜像或服务器镜像API请求,和来自终端用户或OpenStack计算组件的元数据定义。它也支持包括OpenStack对象存储在内的多种类型仓库上的磁盘镜像或服务器镜像存储。
大量周期性进程运行于OpenStack镜像服务上以支持缓存。同步复制(Replication)服务保证集群中的一致性和可用性。其它周期性进程包括auditors, updaters, 和 reapers。
OpenStack镜像服务包括以下组件:
glance-api
接收镜像API的调用,诸如镜像发现、恢复、存储。
glance-registry
存储、处理和恢复镜像的元数据,元数据包括项诸如大小和类型。
警告
glance-registry是私有内部服务,用于服务OpenStack Image服务。不要向用户暴露该服务
glance
# 先决条件:
[root@db1 ~]# mysql -u root -p
MariaDB [(none)]> CREATE DATABASE glance;
MariaDB [(none)]> GRANT ALL PRIVILEGES ON glance.* TO 'glance'@'%' IDENTIFIED BY '123456';
MariaDB [(none)]> flush privileges;
# 做一下账号登录测试:
[root@db1 ~]# mysql -u glance -p123456
MariaDB [(none)]> show databases;
+--------------------+
| Database |
+--------------------+
| glance |
| information_schema |
+--------------------+
2 rows in set (0.001 sec)
## 创建服务证书.完成这些步骤:
### 创建 glance 用户:
openstack user create --domain default --password-prompt glance
[root@cont-1 ~]# openstack user create --domain default --password-prompt glance
User Password: # 密码 就是 123456
Repeat User Password:
+---------------------+----------------------------------+
| Field | Value |
+---------------------+----------------------------------+
| domain_id | 317ace63cb8f4562af682ca6c7bdf955 |
| enabled | True |
| id | afb631a3fbb243a98cea0a44241b13df |
| name | glance |
| options | {} |
| password_expires_at | None |
+---------------------+----------------------------------+
### 查看是否存在glance 账号:
[root@cont-1 ~]# openstack user list
+----------------------------------+--------+
| ID | Name |
+----------------------------------+--------+
| 00ff302f8c924bb1b171965c5d5aca92 | demo |
| 7e5fe95e8caa48f78e218919d05693d5 | admin |
| afb631a3fbb243a98cea0a44241b13df | glance |
+----------------------------------+--------+
### 添加admin 角色到glance用户和service项目上:
openstack role add --project service --user glance admin
*** 这个命令执行后没有输出。
### 注册``` glance ```服务实体:
openstack service create --name glance --description "OpenStack Image" image
[root@cont-1 ~]# openstack service create --name glance --description "OpenStack Image" image
+-------------+----------------------------------+
| Field | Value |
+-------------+----------------------------------+
| description | OpenStack Image |
| enabled | True |
| id | ea21acd8e94641f888033dfe1d13ef36 |
| name | glance |
| type | image |
+-------------+----------------------------------+
[root@cont-1 ~]# openstack service list
+----------------------------------+----------+----------+
| ID | Name | Type |
+----------------------------------+----------+----------+
| 376d49d3d59147a49e5f5081cb04a2b1 | keystone | identity |
| ea21acd8e94641f888033dfe1d13ef36 | glance | image |
+----------------------------------+----------+----------+
### 创建镜像服务的 API 端点:
** 公共端点
openstack endpoint create --region RegionOne image public http://openstack-linux36-vip.magedu.net:9292
** 私有端点
openstack endpoint create --region RegionOne image internal http://openstack-linux36-vip.magedu.net:9292
** 管理端点
openstack endpoint create --region RegionOne image admin http://openstack-linux36-vip.magedu.net:9292
** 执行结果
[root@cont-1 ~]# openstack endpoint create --region RegionOne image public http://openstack-linux36-vip.magedu.net:9292
+--------------+----------------------------------------------+
| Field | Value |
+--------------+----------------------------------------------+
| enabled | True |
| id | b1c38d9b331043f0a625507514edb824 |
| interface | public |
| region | RegionOne |
| region_id | RegionOne |
| service_id | ea21acd8e94641f888033dfe1d13ef36 |
| service_name | glance |
| service_type | image |
| url | http://openstack-linux36-vip.magedu.net:9292 |
+--------------+----------------------------------------------+
[root@cont-1 ~]# openstack endpoint create --region RegionOne image internal http://openstack-linux36-vip.magedu.net:9292
+--------------+----------------------------------------------+
| Field | Value |
+--------------+----------------------------------------------+
| enabled | True |
| id | 01fcaa8287674f80afc2034f2a019016 |
| interface | internal |
| region | RegionOne |
| region_id | RegionOne |
| service_id | ea21acd8e94641f888033dfe1d13ef36 |
| service_name | glance |
| service_type | image |
| url | http://openstack-linux36-vip.magedu.net:9292 |
+--------------+----------------------------------------------+
[root@cont-1 ~]# openstack endpoint create --region RegionOne image admin http://openstack-linux36-vip.magedu.net:9292
+--------------+----------------------------------------------+
| Field | Value |
+--------------+----------------------------------------------+
| enabled | True |
| id | 2700c899c78f4503961ad21fed01960b |
| interface | admin |
| region | RegionOne |
| region_id | RegionOne |
| service_id | ea21acd8e94641f888033dfe1d13ef36 |
| service_name | glance |
| service_type | image |
| url | http://openstack-linux36-vip.magedu.net:9292 |
+--------------+----------------------------------------------+
[root@cont-1 ~]# openstack endpoint list
+----------------------------------+-----------+--------------+--------------+---------+-----------+--------------------------------------------------+
| ID | Region | Service Name | Service Type | Enabled | Interface | URL |
+----------------------------------+-----------+--------------+--------------+---------+-----------+--------------------------------------------------+
| 01fcaa8287674f80afc2034f2a019016 | RegionOne | glance | image | True | internal | http://openstack-linux36-vip.magedu.net:9292 |
| 2700c899c78f4503961ad21fed01960b | RegionOne | glance | image | True | admin | http://openstack-linux36-vip.magedu.net:9292 |
| 65605d57632a4c8ba0521b20f28bbcc2 | RegionOne | keystone | identity | True | public | http://openstack-linux36-vip.magedu.net:5000/v3 |
| 858dee6eafb54902826175be76954094 | RegionOne | keystone | identity | True | admin | http://openstack-linux36-vip.magedu.net:35357/v3 |
| b1c38d9b331043f0a625507514edb824 | RegionOne | glance | image | True | public | http://openstack-linux36-vip.magedu.net:9292 |
| ec3647ea42f347008d7e35b52324d995 | RegionOne | keystone | identity | True | internal | http://openstack-linux36-vip.magedu.net:5000/v3 |
+----------------------------------+-----------+--------------+--------------+---------+-----------+--------------------------------------------------+
安装并配置组件
yum install openstack-glance -y
编辑文件 /etc/glance/glance-api.conf 并完成如下动作:
在 [database] 部分,配置数据库访问:
[database]
# ...
connection = mysql+pymysql://glance:123456@openstack-linux36-vip.magedu.net/glance
[keystone_authtoken]
auth_uri = http://openstack-linux36-vip.magedu.net:5000
auth_url = http://openstack-linux36-vip.magedu.net:35357
memcached_servers = openstack-linux36-vip.magedu.net:11211
auth_type = password
project_domain_name = default
user_domain_name = default
project_name = service
username = glance
password = 123456
[paste_deploy]
# ...
flavor = keystone
[glance_store]
stores = file,http
default_store = file
filesystem_store_datadir = /var/lib/glance/images/
编辑文件 ``/etc/glance/glance-registry.conf``并完成如下动作:
在 [database] 部分,配置数据库访问:
[database]
# ...
connection = mysql+pymysql://glance:123456@openstack-linux36-vip.magedu.net/glance
[keystone_authtoken]
auth_uri = http://openstack-linux36-vip.magedu.net:5000
auth_url = http://openstack-linux36-vip.magedu.net:35357
memcached_servers = openstack-linux36-vip.magedu.net:11211
auth_type = password
project_domain_name = default
user_domain_name = default
project_name = service
username = glance
password = 123456
[paste_deploy]
# ...
flavor = keystone
### 初始化数据库:
su -s /bin/sh -c "glance-manage db_sync" glance
启动glance并设置为开机自启动
systemctl enable openstack-glance-api.service openstack-glance-registry.service
systemctl start openstack-glance-api.service openstack-glance-registry.service
#######################################################################################
## 做一下 haproxy 的转发设置:
listen openstack_glance_port_9292
bind 0.0.0.0:9292
mode tcp
log global
server 10.10.5.138 10.10.5.138:9292 check inter 3000 fall 2 rise 5
/etc/init.d/haproxy restart
#######################################################################################
## 配置一个存储服务用来存放系统的镜像
# 配置一个nfs服务(存放image镜像):
yum install nfs-utils -y
vim /etc/exports
/data/openstack/glance *(rw,no_root_squash)
mkdir -p /data/openstack/glance/
chown -R 161.161 glance #这个161是用户ID和用户组ID,从控制机上获取 id glance
exportfs -r # 相当于reload 重读配置文件
systemctl enable nfs
systemctl restart nfs
## 主控机上测试一下
[root@cont-1 ~]# showmount -e 10.10.5.150
Export list for 10.10.5.150:
/data/openstack/glance *
## 挂在nfs到本地:
systemctl stop openstack-glance-api.service openstack-glance-registry.service
mount -t nfs 10.10.5.150:/data/openstack/glance /var/lib/glance/images
systemctl enable openstack-glance-api.service openstack-glance-registry.service
*** 记得开机挂载(_netdev 挂在不上直接跳过):
vim /etc/fstab
10.10.5.150:/data/openstack/glance /var/lib/glance/images nfs defaults,_netdev 0 0
[root@cont-1 ~]# mount -t nfs 10.10.5.150:/data/openstack/glance /var/lib/glance/images
[root@cont-1 ~]# df -Th
Filesystem Type Size Used Avail Use% Mounted on
devtmpfs devtmpfs 476M 0 476M 0% /dev
tmpfs tmpfs 487M 0 487M 0% /dev/shm
tmpfs tmpfs 487M 7.6M 479M 2% /run
tmpfs tmpfs 487M 0 487M 0% /sys/fs/cgroup
/dev/sda2 xfs 20G 2.1G 17G 11% /
tmpfs tmpfs 98M 0 98M 0% /run/user/0
10.10.5.150:/data/openstack/glance nfs4 20G 2.5G 17G 13% /var/lib/glance/images # 已经挂在上了
##上传和下载功能测试:
wget http://download.cirros-cloud.net/0.3.5/cirros-0.3.5-x86_64-disk.img
openstack image create "cirros-0.3.5" --file cirros-0.3.5-x86_64-disk.img --disk-format qcow2 --container-format bare --public
## 上传结果(如果有错误,请看glance日志):
[root@cont-1 ~]# openstack image create "cirros-0.3.5" --file cirros-0.3.5-x86_64-disk.img --disk-format qcow2 --container-format bare --public
+------------------+------------------------------------------------------+
| Field | Value |
+------------------+------------------------------------------------------+
| checksum | f8ab98ff5e73ebab884d80c9dc9c7290 |
| container_format | bare |
| created_at | 2020-05-22T03:21:05Z |
| disk_format | qcow2 |
| file | /v2/images/1511da48-c7d3-4237-85fb-015a69d2134b/file |
| id | 1511da48-c7d3-4237-85fb-015a69d2134b |
| min_disk | 0 |
| min_ram | 0 |
| name | cirros-0.3.5 |
| owner | 7895c74b24e640498acb869a790f7092 |
| protected | False |
| schema | /v2/schemas/image |
| size | 13267968 |
| status | active |
| tags | |
| updated_at | 2020-05-22T03:21:06Z |
| virtual_size | None |
| visibility | public |
+------------------+------------------------------------------------------+
## 查看glance 上的镜像:
[root@cont-1 ~]# source admin.sh
[root@cont-1 ~]# openstack image list
+--------------------------------------+--------------+--------+
| ID | Name | Status |
+--------------------------------------+--------------+--------+
| 1511da48-c7d3-4237-85fb-015a69d2134b | cirros-0.3.5 | active |
+--------------------------------------+--------------+--------+
#######################################################################################