4 Openstack-Ussuri-Glance部署-ubuntu1804
Glance 具体功能如下:
1 提供 RESTful API 让用户能够查询和获取镜像的元数据和镜像本身;
2 支持多种方式存储镜像,包括普通的文件系统、Swift、Ceph 等;
3 对实例执行快照创建新的镜像。
4.1 配置Glance数据库
#使用root登陆数据库:
mysql -u root -p
#创建keystone数据库:
CREATE DATABASE glance;
#授予对keystone数据库的访问权限及密码,刷新退出数据库:
GRANT ALL PRIVILEGES ON glance.* TO 'glance'@'localhost' \
IDENTIFIED BY 'glance.123';
GRANT ALL PRIVILEGES ON glance.* TO 'glance'@'%' \
IDENTIFIED BY 'glance.123';
flush privileges;
exit
4.2 加载管理凭证
source adminrc.sh
4.3 创建glance相关服务凭证
#创建glance服务用户,并设置密码 glance.123
openstack user create --domain default --password-prompt glance
#输出
User Password:
Repeat User Password:
+---------------------+----------------------------------+
| Field | Value |
+---------------------+----------------------------------+
| domain_id | default |
| enabled | True |
| id | 85411185cafe45f9b72252acb117342d |
| name | glance |
| options | {} |
| password_expires_at | None |
+---------------------+----------------------------------+
#赋予glance服务用户服务管理员权限及角色,无输出
openstack role add --project service --user glance admin
#创建glance服务
openstack service create --name glance --description "OpenStack Image" image
#输出
+-------------+----------------------------------+
| Field | Value |
+-------------+----------------------------------+
| description | OpenStack Image |
| enabled | True |
| id | 6ad962f2c8834b1cbaac24c5c952bbe7 |
| name | glance |
| type | image |
+-------------+----------------------------------+
4.4 创建glance API endpoints
#public
openstack endpoint create --region RegionOne image public http://controller160:9292
#输出
+--------------+----------------------------------+
| Field | Value |
+--------------+----------------------------------+
| enabled | True |
| id | 5911cf959e8d496aa23b132ad7b1dc12 |
| interface | public |
| region | RegionOne |
| region_id | RegionOne |
| service_id | 6ad962f2c8834b1cbaac24c5c952bbe7 |
| service_name | glance |
| service_type | image |
| url | http://controller160:9292 |
+--------------+----------------------------------+
#internal
openstack endpoint create --region RegionOne image internal http://controller160:9292
#输出
+--------------+----------------------------------+
| Field | Value |
+--------------+----------------------------------+
| enabled | True |
| id | 7c3ab2f6c1014245b5ee2bc39a330b80 |
| interface | internal |
| region | RegionOne |
| region_id | RegionOne |
| service_id | 6ad962f2c8834b1cbaac24c5c952bbe7 |
| service_name | glance |
| service_type | image |
| url | http://controller160:9292 |
+--------------+----------------------------------+
#admin
openstack endpoint create --region RegionOne image admin http://controller160:9292
#输出
+--------------+----------------------------------+
| Field | Value |
+--------------+----------------------------------+
| enabled | True |
| id | 7c1cd31a60264c4a96bad9c20aadf661 |
| interface | admin |
| region | RegionOne |
| region_id | RegionOne |
| service_id | 6ad962f2c8834b1cbaac24c5c952bbe7 |
| service_name | glance |
| service_type | image |
| url | http://controller160:9292 |
+--------------+----------------------------------+
4.5 部署与配置glance
#安装包
apt install glance -y
#备份glance-api配置
cp /etc/glance/glance-api.conf /etc/glance/glance-api.conf.bak
egrep -v "^$|^#" /etc/glance/glance-api.conf.bak >/etc/glance/glance-api.conf
#配置glance配置文件,在对应项底下增加以下字段
#vim /etc/glance/glance-api.conf
[database]
# ...
connection = mysql+pymysql://glance:glance.123@controller160/glance
[keystone_authtoken]
# ...
www_authenticate_uri = http://controller160:5000
auth_url = http://controller160:5000
memcached_servers = controller160:11211
auth_type = password
project_domain_name = Default
user_domain_name = Default
project_name = service
username = glance
password = glance.123
[paste_deploy]
# ...
flavor = keystone
[glance_store]
# ...
stores = file,http
default_store = file
filesystem_store_datadir = /var/lib/glance/images/
#填充glance数据库
su -s /bin/sh -c "glance-manage db_sync" glance
#输出
2020-05-18 22:31:52.473 20998 INFO alembic.runtime.migration [-] Context impl MySQLImpl.
2020-05-18 22:31:52.474 20998 INFO alembic.runtime.migration [-] Will assume non-transactional DDL.
2020-05-18 22:31:52.492 20998 INFO alembic.runtime.migration [-] Context impl MySQLImpl.
2020-05-18 22:31:52.492 20998 INFO alembic.runtime.migration [-] Will assume non-transactional DDL.
INFO [alembic.runtime.migration] Context impl MySQLImpl.
INFO [alembic.runtime.migration] Will assume non-transactional DDL.
INFO [alembic.runtime.migration] Running upgrade -> liberty, liberty initial
INFO [alembic.runtime.migration] Running upgrade liberty -> mitaka01, add index on created_at and updated_at columns of 'images' table
INFO [alembic.runtime.migration] Running upgrade mitaka01 -> mitaka02, update metadef os_nova_server
INFO [alembic.runtime.migration] Running upgrade mitaka02 -> ocata_expand01, add visibility to images
INFO [alembic.runtime.migration] Running upgrade ocata_expand01 -> pike_expand01, empty expand for symmetry with pike_contract01
INFO [alembic.runtime.migration] Running upgrade pike_expand01 -> queens_expand01
INFO [alembic.runtime.migration] Running upgrade queens_expand01 -> rocky_expand01, add os_hidden column to images table
INFO [alembic.runtime.migration] Running upgrade rocky_expand01 -> rocky_expand02, add os_hash_algo and os_hash_value columns to images table
INFO [alembic.runtime.migration] Running upgrade rocky_expand02 -> train_expand01, empty expand for symmetry with train_contract01
INFO [alembic.runtime.migration] Running upgrade train_expand01 -> ussuri_expand01, empty expand for symmetry with ussuri_expand01
INFO [alembic.runtime.migration] Context impl MySQLImpl.
INFO [alembic.runtime.migration] Will assume non-transactional DDL.
Upgraded database to: ussuri_expand01, current revision(s): ussuri_expand01
INFO [alembic.runtime.migration] Context impl MySQLImpl.
INFO [alembic.runtime.migration] Will assume non-transactional DDL.
INFO [alembic.runtime.migration] Context impl MySQLImpl.
INFO [alembic.runtime.migration] Will assume non-transactional DDL.
Database migration is up to date. No migration needed.
INFO [alembic.runtime.migration] Context impl MySQLImpl.
INFO [alembic.runtime.migration] Will assume non-transactional DDL.
INFO [alembic.runtime.migration] Context impl MySQLImpl.
INFO [alembic.runtime.migration] Will assume non-transactional DDL.
INFO [alembic.runtime.migration] Running upgrade mitaka02 -> ocata_contract01, remove is_public from images
INFO [alembic.runtime.migration] Running upgrade ocata_contract01 -> pike_contract01, drop glare artifacts tables
INFO [alembic.runtime.migration] Running upgrade pike_contract01 -> queens_contract01
INFO [alembic.runtime.migration] Running upgrade queens_contract01 -> rocky_contract01
INFO [alembic.runtime.migration] Running upgrade rocky_contract01 -> rocky_contract02
INFO [alembic.runtime.migration] Running upgrade rocky_contract02 -> train_contract01
INFO [alembic.runtime.migration] Running upgrade train_contract01 -> ussuri_contract01
INFO [alembic.runtime.migration] Context impl MySQLImpl.
INFO [alembic.runtime.migration] Will assume non-transactional DDL.
Upgraded database to: ussuri_contract01, current revision(s): ussuri_contract01
INFO [alembic.runtime.migration] Context impl MySQLImpl.
INFO [alembic.runtime.migration] Will assume non-transactional DDL.
Database is synced successfully.
#验证glance数据库是否正常写入:
mysql -h controller160 -uglance -pglance.123 -e "use glance;show tables;"
#启动glance服务,并配置开机启动:
systemctl enable glance-api.service
systemctl start glance-api.service
systemctl status glance-api.service
4.6 glance服务验证
#加载管理凭证
source adminrc.sh
#下载测试镜像文件:
wget http://download.cirros-cloud.net/0.4.0/cirros-0.4.0-x86_64-disk.img
#使用QCOW2磁盘格式、共享上传到image服务,以便所有项目都可以访问它:
glance image-create --name "cirros-0.4.0" \
--file cirros-0.4.0-x86_64-disk.img \
--disk-format qcow2 --container-format bare \
--visibility=public
#输出
+------------------+----------------------------------------------------------------------------------+
| Property | Value |
+------------------+----------------------------------------------------------------------------------+
| checksum | 443b7623e27ecf03dc9e01ee93f67afe |
| container_format | bare |
| created_at | 2020-05-18T14:34:02Z |
| disk_format | qcow2 |
| id | fc2c3020-ca25-4e3b-ab84-e56b7da9fa71 |
| min_disk | 0 |
| min_ram | 0 |
| name | cirros-0.4.0 |
| os_hash_algo | sha512 |
| os_hash_value | 6513f21e44aa3da349f248188a44bc304a3653a04122d8fb4535423c8e1d14cd6a153f735bb0982e |
| | 2161b5b5186106570c17a9e58b64dd39390617cd5a350f78 |
| os_hidden | False |
| owner | 1955bd474e8e4081b7d262f43068d05b |
| protected | False |
| size | 12716032 |
| status | active |
| tags | [] |
| updated_at | 2020-05-18T14:34:02Z |
| virtual_size | Not available |
| visibility | public |
+------------------+----------------------------------------------------------------------------------+
#查看镜像列表
glance image-list
#输出
+--------------------------------------+--------------+
| ID | Name |
+--------------------------------------+--------------+
| fc2c3020-ca25-4e3b-ab84-e56b7da9fa71 | cirros-0.4.0 |
+--------------------------------------+--------------+
至此,Glance服务已部署完毕,如有问题请联系我改正,感激不尽!
4.x 部署过程遇到的问题汇总
eg.1 执行su -s /bin/sh -c "glance-manage db_sync" glance 报错
ERROR glance sqlalchemy.exc.OperationalError: (pymysql.err.OperationalError) (1044, "Access denied for user 'glance'@'%' to database 'glance'")
解决方案:进入数据库,对glance用户重新授权,见4.1
eg.2 执行glance image-create --name "cirros-0.4.0" \
> --file cirros-0.4.0-x86_64-disk.img \
> --disk-format qcow2 --container-format bare \
> --visibility=public
HTTP 403 Forbidden: You are not authorized to complete publicize_image action.
解决方案:查看/etc/glance/glance-api.conf是否有添加如下配置并去除空行
[paste_deploy]
flavor = keystone