@[TOC](openstack 镜像服务 glance(小节2))
部署镜像服务 glance:
Glance 是 OpenStack 镜像服务组件,glance 服务默认监听在 9292 端口,其接收 REST API 请求,然后通过其他模块(glance-registry 及 image store)来完成诸如镜像的获取、上传、删除等操作,Glance 提供 restful API 可以查询虚拟机镜像的 metadata,并且可以获得镜像,通过Glance,虚拟机镜像可以被存储到多种存储上,比如简单的文件存储或者对象存储(比如OpenStack 中 swift 项目)是在创建虚拟机的时候,需要先把镜像上传到 glance,对镜像的列出镜像、删除镜像和上传镜像都是通过 glance 进行理,glance 有两个主要的服务,一个是glace-api 接收镜像的删除上传和读取,一个是 glance-Registry。
glance-registry 负责与 mysql 数据交互,用于存储或获取镜像的元数据(metadata),提供镜像元数据相关的 REST 接口,通过 glance-registry 可以向数据库中写入或获取镜像的各种数据,glance-registyr 监听的端口是 9191,glance 数据库中有两张表,一张是 glance 表,一张是 imane property 表,image 表保存了镜像格式、大小等信息,image property 表保存了镜像的定制化信息。
image store 是一个存储的接口层,通过这个接口 glance 可以获取镜像,image store 支持的存储有 Amazon 的 S3、openstack 本身的 swift、还有 ceph、glusterFS、sheepdog 等分布式存储,image store 是镜像保存与读取的接口,但是它只是一个接口,具体的实现需要外部的支持,glance 不需要配置消息队列,但是需要配置数据库和keystone。
官方部署文档:docs.openstack.org/mitaka/zh_C…
mysql
[root@mysql ~]# mysql -uroot -p123.com -h127.0.0.1
MariaDB [(none)]> use keystone;
#创建数据库'glance'
MariaDB [keystone]> CREATE DATABASE glance;
#授权
MariaDB [keystone]> GRANT ALL PRIVILEGES ON glance.* TO 'glance'@'%' IDENTIFIED BY 'glance123';
controller1
测试再控制端是否能连接
[root@controller1 ~]# mysql -uglance -pglance123 -h 192.168.37.105
Welcome to the MariaDB monitor. Commands end with ; or \g.
Your MariaDB connection id is 14
Server version: 10.3.10-MariaDB MariaDB Server
Copyright (c) 2000, 2018, Oracle, MariaDB Corporation Ab and others.
Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.
MariaDB [(none)]> show databases;
+--------------------+
| Database |
+--------------------+
| glance |
| information_schema |
+--------------------+
2 rows in set (0.001 sec)
MariaDB [(none)]> exit
Bye
[root@controller1 ~]# yum install haproxy -y
#第63行后面全部删除、添加下面信息(让101转到105上)
[root@controller1 ~]# vim /etc/haproxy/haproxy.cfg
63 listen mysql
64 bind 192.168.37.101:3306
65 mode tcp
66 server mysql1 192.168.37.105:3306 check
#重启haproxy
[root@controller1 ~]# systemctl restart haproxy
#开机启动haproxy
[root@controller1 ~]# systemctl enable haproxy
再次打卡一个新窗口()
#导入变量
[root@controller1 ~]# source scripts/admin_stein.sh
#查看'project'列表
[root@controller1 ~]# openstack project list
+----------------------------------+---------+
| ID | Name |
+----------------------------------+---------+
| 0c1e7970dcb044c7a4b31bec89c8765d | admin |
| 6981b2287cd240e3af6dce336206ae58 | service |
| 6f4ccd7c5c7b4a55bc7cec2b5894e0e5 | demo |
+----------------------------------+---------+
#创建账号
[root@controller1 ~]# openstack user create --domain default --password-prompt glance
User Password: <--密码'glance'
Repeat User Password: <--密码'glance'
+---------------------+----------------------------------+
| Field | Value |
+---------------------+----------------------------------+
| domain_id | 43d6f7b6f0f2454c9d166b414c7469f2 |
| enabled | True |
| id | 740b53b90503428bb76cb7265347a730 |
| name | glance |
| options | {} |
| password_expires_at | None |
+---------------------+----------------------------------+
[root@controller1 ~]# openstack role add --project service --user glance admin
[root@controller1 ~]# openstack service create --name glance --description "OpenStack Image" image
+-------------+----------------------------------+
| Field | Value |
+-------------+----------------------------------+
| description | OpenStack Image |
| enabled | True |
| id | e479e8516dd8496ca40e9f8b8228d855 |
| name | glance |
| type | image |
+-------------+----------------------------------+
[root@controller1 ~]# openstack service list
+----------------------------------+----------+----------+
| ID | Name | Type |
+----------------------------------+----------+----------+
| 16cff76e5c094b0098e996a8bf7a485a | keystone | identity |
| e479e8516dd8496ca40e9f8b8228d855 | glance | image | <--
+----------------------------------+----------+----------+
#注册后端API
[root@controller1 ~]# openstack endpoint create --region RegionOne image public http://openstack.123.net:9292
+--------------+----------------------------------+
| Field | Value |
+--------------+----------------------------------+
| enabled | True |
| id | da3db70cd7404827affd71d6149af6fb |
| interface | public |
| region | RegionOne |
| region_id | RegionOne |
| service_id | e479e8516dd8496ca40e9f8b8228d855 |
| service_name | glance |
| service_type | image |
| url | http://openstack.123.net:9292 |
+--------------+----------------------------------+
[root@controller1 ~]# openstack endpoint create --region RegionOne image internal http://openstack.123.net:9292
+--------------+----------------------------------+
| Field | Value |
+--------------+----------------------------------+
| enabled | True |
| id | 69878d4ab13a412a9683581618e6584f |
| interface | internal |
| region | RegionOne |
| region_id | RegionOne |
| service_id | e479e8516dd8496ca40e9f8b8228d855 |
| service_name | glance |
| service_type | image |
| url | http://openstack.123.net:9292 |
+--------------+----------------------------------+
[root@controller1 ~]# openstack endpoint create --region RegionOne image admin http://openstack.123.net:9292
+--------------+----------------------------------+
| Field | Value |
+--------------+----------------------------------+
| enabled | True |
| id | e08dad2b105641a19fe458a483c2884e |
| interface | admin |
| region | RegionOne |
| region_id | RegionOne |
| service_id | e479e8516dd8496ca40e9f8b8228d855 |
| service_name | glance |
| service_type | image |
| url | http://openstack.123.net:9292 |
+--------------+----------------------------------+
#安装
[root@controller1 ~]# yum install openstack-glance -y
mysql
安装NFS
[root@mysql ~]# yum install nfs-utils -y
#创建目录、保存镜像文件
[root@mysql ~]# mkdir -pv /data/openstack/image
#把目录共享出来
[root@mysql ~]# vim /etc/exports
/data/openstack/image *(rw,no_root_squash)
#重启nfs
[root@mysql ~]# systemctl restart nfs
#设置开机启动nfs
[root@mysql ~]# systemctl enable nfs
controller1
[root@controller1 ~]# yum install nfs-utils -y
#测试能否看到'105'共享出来的目录
[root@controller1 ~]# showmount -e 192.168.37.105
Export list for 192.168.37.105:
/data/openstack/image *
#配置
[root@controller1 ~]# vim /etc/glance/glance-api.conf
...
#数据库
[database]
connection = mysql+pymysql://glance:glance123@openstack.123.net/glance
#认证
[keystone_authtoken]
www_authenticate_uri = http://openstack.123.net:5000
auth_url = http://openstack.123.net:5000
memcached_servers = openstack.123.net:11211
auth_type = password
project_domain_name = Default
user_domain_name = Default
project_name = service
username = glance
password = glance
#使用'keystone'认证
[paste_deploy]
flavor = keystone
#存储
[glance_store]
stores = file,http
default_store = file
filesystem_store_datadir = /var/lib/glance/images/ <--目录自动创建
...
[root@controller1 ~]# vim /etc/glance/glance-registry.conf
...
#数据库
[database]
connection = mysql+pymysql://glance:glance123@openstack.123.net/glance
#认证
[keystone_authtoken]
www_authenticate_uri = http://openstack.123.net:5000
auth_url = http://openstack.123.net:5000
memcached_servers = openstack.123.net:11211
auth_type = password
project_domain_name = Default
user_domain_name = Default
project_name = service
username = glance
password = glance
#使用'keystone'认证
[paste_deploy]
flavor = keystone
...
[root@controller1 ~]# vim /etc/haproxy/haproxy.cfg
63 listen mysql
64 bind 192.168.37.101:3306
65 mode tcp
66 server mysql1 192.168.37.105:3306 check
67 #添加(下面4行)
68 listen memcached
69 bind 192.168.37.101:11211
70 mode tcp
71 server mysql1 192.168.37.105:11211 check
#重启haproxy服务
[root@controller1 ~]# systemctl restart haproxy
mysql
[root@mysql ~]# mysql -uroot -p123.com -h127.0.0.1
Welcome to the MariaDB monitor. Commands end with ; or \g.
Your MariaDB connection id is 37
Server version: 10.3.10-MariaDB MariaDB Server
Copyright (c) 2000, 2018, Oracle, MariaDB Corporation Ab and others.
Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.
MariaDB [(none)]> use glance;
Database changed
#现在是空的
MariaDB [glance]> show tables;
Empty set (0.000 sec)
controller1
在控制端初始化数据库
[root@controller1 ~]# su -s /bin/sh -c "glance-manage db_sync" glance
mysql
控制端初始化完成后、再测试,发现已经有表了
MariaDB [glance]> show tables;
+----------------------------------+
| Tables_in_glance |
+----------------------------------+
| alembic_version |
| image_locations |
| image_members |
| image_properties |
| image_tags |
| images |
| metadef_namespace_resource_types |
| metadef_namespaces |
| metadef_objects |
| metadef_properties |
| metadef_resource_types |
| metadef_tags |
| migrate_version |
| task_info |
| tasks |
+----------------------------------+
15 rows in set (0.000 sec)
controller1
#设置glance开机启动
[root@controller1 ~]# systemctl enable openstack-glance-api.service openstack-glance-registry.service
#启动glance
[root@controller1 ~]# systemctl start openstack-glance-api.service openstack-glance-registry.service
#属主属组都是'glance'
[root@controller1 ~]# ll -d /var/lib/glance/images/
drwxr-x--- 2 glance glance 6 Sep 19 16:13 /var/lib/glance/images/
#'glance'ID是161
[root@controller1 ~]# id glance
uid=161(glance) gid=161(glance) groups=161(glance)
#把服务停了
[root@controller1 ~]# systemctl stop openstack-glance-api.service openstack-glance-registry.service
#挂载
[root@controller1 ~]# mount -t nfs 192.168.37.105:/data/openstack/image /var/lib/glance/images
#启动服务
[root@controller1 ~]# systemctl start openstack-glance-api.service openstack-glance-registry.service
#开机挂载
[root@controller1 ~]# vim /etc/fstab
#网络挂载加上此项'_netdev',否则挂载不上会一直挂载,导致机器无法正常运行
192.168.37.105:/data/openstack/image /var/lib/glance/images nfs defaults,_netdev 0 0
[root@controller1 ~]# mount -a
[root@controller1 ~]# ll -d /var/lib/glance/images/
drwxr-xr-x 2 root root 6 Sep 19 15:24 /var/lib/glance/images/
#'-R'递归修改权限
[root@controller1 ~]# chown glance.glance /var/lib/glance/images/ -R
[root@controller1 ~]# ll -d /var/lib/glance/images/
drwxr-xr-x 2 glance glance 6 Sep 19 15:24 /var/lib/glance/images/
#glance端口号是'9191'和'9292'
[root@controller1 ~]# ss -tnlp|grep glance
LISTEN 0 128 *:9191 *:* users:(("glance-registry",pid=8215,fd=4),("glance-registry",pid=8214,fd=4),("glance-registry",pid=8193,fd=4))
LISTEN 0 128 *:9292 *:* users:(("glance-api",pid=8218,fd=4),("glance-api",pid=8217,fd=4),("glance-api",pid=8192,fd=4))
#下载镜像
[root@controller1 ~]# wget http://download.cirros-cloud.net/0.4.0/cirros-0.4.0-x86_64-disk.img
#重启服务
[root@controller1 ~]# systemctl restart openstack-glance-api.service openstack-glance-registry.service
#导入环境变量
[root@controller1 ~]# source scripts/admin_stein.sh
#上传镜像
[root@controller1 ~]# openstack image create "cirros-0.4.0" --file /root/cirros-0.4.0-x86_64-disk.img --disk-format qcow2 --container-format bare --public
+------------------+--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
| Field | Value |
+------------------+--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
| checksum | 443b7623e27ecf03dc9e01ee93f67afe |
| container_format | bare |
| created_at | 2022-09-20T01:46:06Z |
| disk_format | qcow2 |
| file | /v2/images/a36cbc0c-1813-46e7-9698-deef028a2a71/file |
| id | a36cbc0c-1813-46e7-9698-deef028a2a71 |
| min_disk | 0 |
| min_ram | 0 |
| name | cirros-0.4.0 |
| owner | c26c5975bb5a4519a7894f3191b0b425 |
| properties | os_hash_algo='sha512', os_hash_value='6513f21e44aa3da349f248188a44bc304a3653a04122d8fb4535423c8e1d14cd6a153f735bb0982e2161b5b5186106570c17a9e58b64dd39390617cd5a350f78', os_hidden='False' |
| protected | False |
| schema | /v2/schemas/image |
| size | 12716032 |
| status | active |
| tags | |
| updated_at | 2022-09-20T01:46:07Z |
| virtual_size | None |
| visibility | public |
+------------------+--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
[root@controller1 ~]# openstack image list
+--------------------------------------+--------------+--------+
| ID | Name | Status |
+--------------------------------------+--------------+--------+
| a36cbc0c-1813-46e7-9698-deef028a2a71 | cirros-0.4.0 | active |
+--------------------------------------+--------------+--------+
