上篇文章分享了keystone的安裝配置,本文接着分享openstack的鏡像服務glance。html
--------------- 完美的分割線 ----------------python
3.0.glance概述
1)glance做用和特性
用戶使用鏡像服務 (glance) 容許來建立,查詢虛擬機鏡像。它提供了一個 REST API,容許查詢虛擬機鏡像的 metadata 並獲取一個現存的鏡像mysql
能夠將虛擬機鏡像存儲到各類位置,如簡單的文件系統或者是對象存儲系統,例如 OpenStack 對象存儲, 並經過鏡像服務使用sql
上傳指定的文件做爲後端配置鏡像服務,默認目錄是 /var/lib/glance/images/。數據庫
2)glance鏡像服務的組件
glance-api:swift
用於接收鏡像REST API的調用,諸如鏡像查找,獲取,上傳,刪除後端
glance-registry:api
用於與mysql數據庫交互,監聽端口爲9191,dom
提供鏡像元數據相關的REST接口,用於存儲、處理和恢復鏡像的元數據(metadata),元數據包括項諸如大小和類型。
經過glance-registry能夠向數據庫中寫入或獲取鏡像的各類數據
其中有兩張表,image表保存了鏡像格式大小等信息,image property表保存進行的定製化信息
注意:glance-registry是私有內部服務,用於服務OpenStack Image服務。不能向用戶暴露分佈式
image:鏡像文件的存儲倉庫
支持多種類型的倉庫,它們有普通文件系統、對象存儲、RADOS塊設備、HTTP、以及亞馬遜S3。另外,其中一些倉庫僅支持只讀方式使用。
image store:
是一個存儲的接口層,經過這個接口glance能夠獲取鏡像,支持的存儲有亞馬遜的S3,openstack自己的swift,還有ceph,sheepdog,GlusterFS等分佈式存儲
image store是鏡像保存與獲取的接口,僅僅是一個接口層,具體的實現須要外部的存儲支持
數據庫:
存放鏡像元數據,用戶是能夠依據我的喜愛選擇數據庫的,多數的部署使用MySQL或SQLite。
元數據定義服務:
通用的API,是用於爲廠商,管理員,服務,以及用戶自定義元數據。
這種元數據可用於不一樣的資源,例如鏡像,工件,卷,配額以及集合。
一個定義包括了新屬性的鍵,描述,約束以及能夠與之關聯的資源的類型。
3.1.在控制端安裝鏡像服務glance
1)建立glance數據庫
mysql -p123456 ---------------------------------- CREATE DATABASE glance; GRANT ALL PRIVILEGES ON glance.* TO 'glance'@'localhost' IDENTIFIED BY 'glance'; GRANT ALL PRIVILEGES ON glance.* TO 'glance'@'%' IDENTIFIED BY 'glance'; flush privileges; exit ----------------------------------
#
3.2.在keystone上面註冊glance
1)在keystone上建立glance用戶
# 如下命令在local_user表建立glance用戶
cd /server/tools source keystone-admin-pass.sh openstack user create --domain default --password=glance glance openstack user list
# 實例演示:
[root@openstack01 tools]# openstack user create --domain default --password=glance glance +---------------------+----------------------------------+ | Field | Value | +---------------------+----------------------------------+ | domain_id | default | | enabled | True | | id | 82a27e65ca644a5eadcd54ff44e5e05b | | name | glance | | options | {} | | password_expires_at | None | +---------------------+----------------------------------+ [root@openstack01 tools]# openstack user list +----------------------------------+--------+ | ID | Name | +----------------------------------+--------+ | 82a27e65ca644a5eadcd54ff44e5e05b | glance | | cbb2b3830a8f44bc837230bca27ae563 | myuser | | e5dbfc8b394c41679fd5ce229cdd6ed3 | admin | +----------------------------------+--------+
2)在keystone上將glance用戶添加爲service項目的admin角色(權限)
# 如下命令無輸出
openstack role add --project service --user glance admin
3)建立glance鏡像服務的實體
# 如下命令在service表中增長glance項目
openstack service create --name glance --description "OpenStack Image" image openstack service list
# 實例演示:
[root@openstack01 tools]# openstack service create --name glance --description "OpenStack Image" image +-------------+----------------------------------+ | Field | Value | +-------------+----------------------------------+ | description | OpenStack Image | | enabled | True | | id | 6c31f22e259b460fa0168ac206265c30 | | name | glance | | type | image | +-------------+----------------------------------+ [root@openstack01 tools]# openstack service list +----------------------------------+----------+----------+ | ID | Name | Type | +----------------------------------+----------+----------+ | 63c882889b204d81a9867f9b7c0ba7aa | keystone | identity | | 6c31f22e259b460fa0168ac206265c30 | glance | image | +----------------------------------+----------+----------+
4)建立鏡像服務的 API 端點(endpoint)
# 如下命令會在endpoint表增長3條項目
openstack endpoint create --region RegionOne image public http://192.168.1.81:9292 openstack endpoint create --region RegionOne image internal http://192.168.1.81:9292 openstack endpoint create --region RegionOne image admin http://192.168.1.81:9292 openstack endpoint list
# 實例演示:
[root@openstack01 tools]# openstack endpoint create --region RegionOne image public http://controller:9292 +--------------+----------------------------------+ | Field | Value | +--------------+----------------------------------+ | enabled | True | | id | f13c44af4e8d45d5b0229ea870f2c24f | | interface | public | | region | RegionOne | | region_id | RegionOne | | service_id | 6c31f22e259b460fa0168ac206265c30 | | service_name | glance | | service_type | image | | url | http://controller:9292 | +--------------+----------------------------------+ [root@openstack01 tools]# openstack endpoint create --region RegionOne image internal http://controller:9292 +--------------+----------------------------------+ | Field | Value | +--------------+----------------------------------+ | enabled | True | | id | 756084d018c948039d2ae55b13fc7d4a | | interface | internal | | region | RegionOne | | region_id | RegionOne | | service_id | 6c31f22e259b460fa0168ac206265c30 | | service_name | glance | | service_type | image | | url | http://controller:9292 | +--------------+----------------------------------+ [root@openstack01 tools]# openstack endpoint create --region RegionOne image admin http://controller:9292 +--------------+----------------------------------+ | Field | Value | +--------------+----------------------------------+ | enabled | True | | id | 7226f8f9c7164214b815821b77ae3ce6 | | interface | admin | | region | RegionOne | | region_id | RegionOne | | service_id | 6c31f22e259b460fa0168ac206265c30 | | service_name | glance | | service_type | image | | url | http://controller:9292 | +--------------+----------------------------------+ [root@openstack01 tools]# openstack endpoint list +----------------------------------+-----------+--------------+--------------+---------+-----------+----------------------------+ | ID | Region | Service Name | Service Type | Enabled | Interface | URL | +----------------------------------+-----------+--------------+--------------+---------+-----------+----------------------------+ | 7226f8f9c7164214b815821b77ae3ce6 | RegionOne | glance | image | True | admin | http://controller:9292 | | 756084d018c948039d2ae55b13fc7d4a | RegionOne | glance | image | True | internal | http://controller:9292 | | b8dabe6c548e435eb2b1f7efe3b23236 | RegionOne | keystone | identity | True | admin | http://controller:5000/v3/ | | eb72eb6ea51842feb67ba5849beea48c | RegionOne | keystone | identity | True | internal | http://controller:5000/v3/ | | f13c44af4e8d45d5b0229ea870f2c24f | RegionOne | glance | image | True | public | http://controller:9292 | | f172f6159ad34fbd8e10e0d42828d8cd | RegionOne | keystone | identity | True | public | http://controller:5000/v3/ | +----------------------------------+-----------+--------------+--------------+---------+-----------+----------------------------+
# 至此,glance在keystone上面註冊完成,能夠進行安裝
3.3.安裝glance相關軟件
1)檢查Python版本
# 在安裝glance前須要確認系統的Python版本
# 在當前版本中有一個bug在Python3.5中可能會有ssl方面的問題,如下是詳情頁面
https://docs.openstack.org/glance/rocky/install/get-started.html#running-glance-under-python3
Running Glance Under Python3¶ You should always run Glance under whatever version of Python your distribution of OpenStack specifies. If you are building OpenStack yourself from source, Glance is currently supported to run under Python2 (specifically, Python 2.7 or later). Some deployment configuration is required if you wish to run Glance under Python3. Glance is tested with unit and functional tests running Python 3.5. The eventlet-based server that Glance runs, however, is currently affected by a bug that prevents SSL handshakes from completing (see Bug #1482633). Thus if you wish to run Glance under Python 3.5, you must deploy Glance in such a way that SSL termination is handled by something like HAProxy before calls reach Glance.
python --version [root@openstack01 tools]# python --version Python 2.7.5
2)安裝glance軟件
yum install openstack-glance python-glance python-glanceclient -y
3)執行如下命令能夠快速配置glance-api.conf
openstack-config --set /etc/glance/glance-api.conf database connection mysql+pymysql://glance:glance@controller/glance openstack-config --set /etc/glance/glance-api.conf keystone_authtoken www_authenticate_uri http://controller:5000 openstack-config --set /etc/glance/glance-api.conf keystone_authtoken auth_url http://controller:5000 openstack-config --set /etc/glance/glance-api.conf keystone_authtoken memcached_servers controller:11211 openstack-config --set /etc/glance/glance-api.conf keystone_authtoken auth_type password openstack-config --set /etc/glance/glance-api.conf keystone_authtoken project_domain_name Default openstack-config --set /etc/glance/glance-api.conf keystone_authtoken user_domain_name Default openstack-config --set /etc/glance/glance-api.conf keystone_authtoken project_name service openstack-config --set /etc/glance/glance-api.conf keystone_authtoken username glance openstack-config --set /etc/glance/glance-api.conf keystone_authtoken password glance openstack-config --set /etc/glance/glance-api.conf paste_deploy flavor keystone openstack-config --set /etc/glance/glance-api.conf glance_store stores file,http openstack-config --set /etc/glance/glance-api.conf glance_store default_store file openstack-config --set /etc/glance/glance-api.conf glance_store filesystem_store_datadir /var/lib/glance/images/
4)執行如下命令能夠快速配置glance-registry.conf
openstack-config --set /etc/glance/glance-registry.conf database connection mysql+pymysql://glance:glance@controller/glance openstack-config --set /etc/glance/glance-registry.conf keystone_authtoken www_authenticate_uri http://controller:5000 openstack-config --set /etc/glance/glance-registry.conf keystone_authtoken auth_url http://controller:5000 openstack-config --set /etc/glance/glance-registry.conf keystone_authtoken memcached_servers controller:11211 openstack-config --set /etc/glance/glance-registry.conf keystone_authtoken auth_type password openstack-config --set /etc/glance/glance-registry.conf keystone_authtoken project_domain_name Default openstack-config --set /etc/glance/glance-registry.conf keystone_authtoken user_domain_name Default openstack-config --set /etc/glance/glance-registry.conf keystone_authtoken project_name service openstack-config --set /etc/glance/glance-registry.conf keystone_authtoken username glance openstack-config --set /etc/glance/glance-registry.conf keystone_authtoken password glance openstack-config --set /etc/glance/glance-registry.conf paste_deploy flavor keystone
# 查看生效的配置
[root@openstack01 tools]# grep '^[a-z]' /etc/glance/glance-api.conf connection = mysql+pymysql://glance:glance@controller/glance stores = file,http default_store = file filesystem_store_datadir = /var/lib/glance/images/ www_authenticate_uri = http://controller:5000 auth_url = http://controller:5000 memcached_servers = controller:11211 auth_type = password project_domain_name = Default user_domain_name = Default project_name = service username = glance password = glance flavor = keystone [root@openstack01 tools]# grep '^[a-z]' /etc/glance/glance-registry.conf connection = mysql+pymysql://glance:glance@controller/glance www_authenticate_uri = http://controller:5000 auth_url = http://controller:5000 memcached_servers = controller:11211 auth_type = password project_domain_name = Default user_domain_name = Default project_name = service username = glance password = glance flavor = keystone
# 至此,glance服務安裝完畢,該服務須要啓動
4.4.同步glance數據庫
1)爲glance鏡像服務初始化同步數據庫
# 生成的相關表(15張表)
su -s /bin/sh -c "glance-manage db_sync" glance
2)同步完成進行鏈接測試
# 保證全部須要的表已經創建,不然後面可能沒法進行下去
mysql -h192.168.1.81 -uglance -pglance -e "use glance;show tables;"
實例演示:
[root@openstack01 tools]# mysql -h192.168.1.81 -uglance -pglance -e "use glance;show tables;" +----------------------------------+ | Tables_in_glance | +----------------------------------+ | alembic_version | | image_locations | | image_members | | image_properties | | image_tags | | images | | metadef_namespace_resource_types | | metadef_namespaces | | metadef_objects | | metadef_properties | | metadef_resource_types | | metadef_tags | | migrate_version | | task_info | | tasks | +----------------------------------+
3.5.啓動glance鏡像服務
1)啓動glance鏡像服務、並配置開機自啓動
systemctl start openstack-glance-api.service openstack-glance-registry.service systemctl status openstack-glance-api.service openstack-glance-registry.service systemctl enable openstack-glance-api.service openstack-glance-registry.service systemctl list-unit-files |grep openstack-glance*
2)其餘命令:重啓,中止
systemctl restart openstack-glance-api.service openstack-glance-registry.service systemctl stop openstack-glance-api.service openstack-glance-registry.service
實例演示:
[root@openstack01 tools]# systemctl start openstack-glance-api.service openstack-glance-registry.service [root@openstack01 tools]# systemctl status openstack-glance-api.service openstack-glance-registry.service ● openstack-glance-api.service - OpenStack Image Service (code-named Glance) API server Loaded: loaded (/usr/lib/systemd/system/openstack-glance-api.service; disabled; vendor preset: disabled) Active: active (running) since 五 2018-10-26 21:54:42 CST; 237ms ago Main PID: 5420 (glance-api) CGroup: /system.slice/openstack-glance-api.service └─5420 /usr/bin/python2 /usr/bin/glance-api 10月 26 21:54:42 openstack01.zuiyoujie.com systemd[1]: Started OpenStack Image Service (code-named Glance) API server. 10月 26 21:54:42 openstack01.zuiyoujie.com systemd[1]: Starting OpenStack Image Service (code-named Glance) API server... ● openstack-glance-registry.service - OpenStack Image Service (code-named Glance) Registry server Loaded: loaded (/usr/lib/systemd/system/openstack-glance-registry.service; disabled; vendor preset: disabled) Active: active (running) since 五 2018-10-26 21:54:43 CST; 77ms ago Main PID: 5421 (glance-registry) CGroup: /system.slice/openstack-glance-registry.service └─5421 /usr/bin/python2 /usr/bin/glance-registry 10月 26 21:54:43 openstack01.zuiyoujie.com systemd[1]: Started OpenStack Image Service (code-named Glance) Registry server. 10月 26 21:54:43 openstack01.zuiyoujie.com systemd[1]: Starting OpenStack Image Service (code-named Glance) Registry server... [root@openstack01 tools]# systemctl enable openstack-glance-api.service openstack-glance-registry.service Created symlink from /etc/systemd/system/multi-user.target.wants/openstack-glance-api.service to /usr/lib/systemd/system/openstack-glance-api.service. Created symlink from /etc/systemd/system/multi-user.target.wants/openstack-glance-registry.service to /usr/lib/systemd/system/openstack-glance-registry.service. [root@openstack01 tools]# systemctl list-unit-files |grep openstack-glance* openstack-glance-api.service enabled openstack-glance-registry.service enabled openstack-glance-scrubber.service disabled
3.6.檢查確認glance安裝正確
# 能夠下載小型的Linux鏡像CirrOS用來進行 OpenStack部署測試。
# 下載地址:http://download.cirros-cloud.net/
1)下載鏡像
cd /server/tools wget http://download.cirros-cloud.net/0.3.5/cirros-0.3.5-x86_64-disk.img
2)獲取管理員權限
source keystone-admin-pass.sh
3)上傳鏡像到glance
# 使用qcow2磁盤格式, bare容器格式上傳鏡像到鏡像服務並設置公共可見,這樣全部的項目均可以訪問它
openstack image create "cirros" --file cirros-0.3.5-x86_64-disk.img --disk-format qcow2 --container-format bare --public
實例演示:
[root@openstack01 tools]# openstack image create "cirros" --file cirros-0.3.5-x86_64-disk.img --disk-format qcow2 --container-format bare --public +------------------+--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+ | Field | Value | +------------------+--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+ | checksum | f8ab98ff5e73ebab884d80c9dc9c7290 | | container_format | bare | | created_at | 2018-10-26T14:02:00Z | | disk_format | qcow2 | | file | /v2/images/78f5671b-fb2d-494f-8da7-25dbe425cad6/file | | id | 78f5671b-fb2d-494f-8da7-25dbe425cad6 | | min_disk | 0 | | min_ram | 0 | | name | cirros | | owner | 3706708374804e2eb4ed056f55d84666 | | properties | os_hash_algo='sha512', os_hash_value='f0fd1b50420dce4ca382ccfbb528eef3a38bbeff00b54e95e3876b9bafe7ed2d6f919ca35d9046d437c6d2d8698b1174a335fbd66035bb3edc525d2cdb187232', os_hidden='False' | | protected | False | | schema | /v2/schemas/image | | size | 13267968 | | status | active | | tags | | | updated_at | 2018-10-26T14:02:00Z | | virtual_size | None | | visibility | public | +------------------+--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
4)查看鏡像
openstack image list
實例演示:
[root@openstack01 tools]# openstack image list +--------------------------------------+--------+--------+ | ID | Name | Status | +--------------------------------------+--------+--------+ | 78f5671b-fb2d-494f-8da7-25dbe425cad6 | cirros | active | +--------------------------------------+--------+--------+
# 至此glance鏡像服務安裝完成,啓動成功
======== 完畢,呵呵呵呵 ========