OpenStack-Glance镜像组件 “T版“ 简单部署以及原理解析
OpenStack镜像服务是IaaS的核心服务。镜像服务主要是由glance组件实现。它接受磁盘镜像或服务器镜像API请求,和来自终端用户或OpenStack计算组件的元数据定义。它也支持包括OpenStack对象存储在内的多种类型仓库上的磁盘镜像或服务器镜像存储。
镜像服务就是用来管理镜像的,让用户能够发现,获取和保存镜像。在OpenStack中提供镜像服务的是Glance,其主要功能如下:
查询和获取镜像的元数据和镜像本身
注册和上传虚拟机镜像,包括镜像的创建,上传,下载和管理
维护镜像信息,包括元数据和镜像本身
支持多种方式存储镜像,包括普通的文件系统,Swift,Amazon S3等
对虚拟机实例创造快照命令来创建新的镜像,或者备份虚拟机的状态
因为OpenStack上创建虚拟机需要镜像支持,所以先行进行部署部署思路
①创建数据库、授权
②创建openstack用户、授权、管理
③修改配置文件(glance-api.conf、glance-registry.conf)
④初始化数据库、上传实例镜像
一、创建数据库实例和数据库用户
[root@controller ~]# mysql -u root -p
MariaDB [(none)]> CREATE DATABASE glance;
Query OK, 1 row affected (0.001 sec)
MariaDB [(none)]> GRANT ALL PRIVILEGES ON glance.* TO 'glance'@'localhost' IDENTIFIED BY 'GLANCE_DBPASS';
Query OK, 0 rows affected (0.001 sec)
MariaDB [(none)]> GRANT ALL PRIVILEGES ON glance.* TO 'glance'@'%' IDENTIFIED BY 'GLANCE_DBPASS';
Query OK, 0 rows affected (0.000 sec)
MariaDB [(none)]> flush privileges;
Query OK, 0 rows affected (0.000 sec)
MariaDB [(none)]> exit
Bye
二、创建用户、修改配置文件
1.创建OpenStack的Glance用户
注:先前已经部署过keystone,创建用户前,需要首先执行管理员环境变量脚本(此处已经在~/.bashrc 中定义过了)
[root@controller ~]# openstack user create --domain default --password GLANCE_PASS glance
+---------------------+----------------------------------+
| Field | Value |
+---------------------+----------------------------------+
| domain_id | default |
| enabled | True |
| id | edc8c773fa93466d8d17826ee88b15ae |
| name | glance |
| options | {} |
| password_expires_at | None |
+---------------------+----------------------------------+
将glance用户添加到service项目中,并且针对这个项目拥有admin权限;注册glance的API,需要对service项目有admin权限
[root@controller ~]# openstack role add --project service --user glance admin
创建一个service服务,service名称为glance,类型为image;创建完成后可以通过 openstack service
list 查看
[root@controller ~]# openstack service create --name glance --description "OpenStack Image" image
+-------------+----------------------------------+
| Field | Value |
+-------------+----------------------------------+
| description | OpenStack Image |
| enabled | True |
| id | 6752f5c5220840baaefa64fd1a900e22 |
| name | glance |
| type | image |
+-------------+----------------------------------+
2.创建镜像服务 API 端点,OpenStack使用三种API端点代表三种服务:admin、internal、public
[root@controller ~]# openstack endpoint create --region RegionOne image public http://controller:9292
+--------------+----------------------------------+
| Field | Value |
+--------------+----------------------------------+
| enabled | True |
| id | cd124667d3184eb88390a76aae44f6b0 |
| interface | public |
| region | RegionOne |
| region_id | RegionOne |
| service_id | 6752f5c5220840baaefa64fd1a900e22 |
| service_name | glance |
| service_type | image |
| url | http://controller:9292 |
+--------------+----------------------------------+
[root@controller ~]# openstack endpoint create --region RegionOne image internal http://controller:9292
+--------------+----------------------------------+
| Field | Value |
+--------------+----------------------------------+
| enabled | True |
| id | 7eaba6920ccf46afa47fb2c361ae61d2 |
| interface | internal |
| region | RegionOne |
| region_id | RegionOne |
| service_id | 6752f5c5220840baaefa64fd1a900e22 |
| service_name | glance |
| service_type | image |
| url | http://controller:9292 |
+--------------+----------------------------------+
[root@controller ~]# openstack endpoint create --region RegionOne image admin http://controller:9292
+--------------+----------------------------------+
| Field | Value |
+--------------+----------------------------------+
| enabled | True |
| id | 7db4b64ebc634fbd805ecaf78aac4ff8 |
| interface | admin |
| region | RegionOne |
| region_id | RegionOne |
| service_id | 6752f5c5220840baaefa64fd1a900e22 |
| service_name | glance |
| service_type | image |
| url | http://controller:9292 |
+--------------+----------------------------------+
3.安装 openstack-glance 软件包
[root@controller ~]# yum -y install openstack-glance
4.修改glance配置文件,glance有两个配置文件,分别是/etc/glance/glance-api.conf /etc/glance/glance-registry.conf
glance-api.conf配置
[root@controller ~]# cp -a /etc/glance/glance-api.conf{,.bak}
[root@controller ~]# grep -Ev '^$|#' /etc/glance/glance-api.conf.bak > /etc/glance/glance-api.conf
[root@controller ~]# openstack-config --set /etc/glance/glance-api.conf database connection mysql+pymysql://glance:GLANCE_DBPASS@controller/glance
[root@controller ~]# openstack-config --set /etc/glance/glance-api.conf keystone_authtoken www_authenticate_uri http://controller:5000
[root@controller ~]# openstack-config --set /etc/glance/glance-api.conf keystone_authtoken auth_url http://controller:5000
[root@controller ~]# openstack-config --set /etc/glance/glance-api.conf keystone_authtoken memcached_servers controller:11211
[root@controller ~]# openstack-config --set /etc/glance/glance-api.conf keystone_authtoken auth_type password
[root@controller ~]# openstack-config --set /etc/glance/glance-api.conf keystone_authtoken project_domain_name Default
[root@controller ~]# openstack-config --set /etc/glance/glance-api.conf keystone_authtoken user_domain_name Default
[root@controller ~]# openstack-config --set /etc/glance/glance-api.conf keystone_authtoken project_name service
[root@controller ~]# openstack-config --set /etc/glance/glance-api.conf keystone_authtoken username glance
[root@controller ~]# openstack-config --set /etc/glance/glance-api.conf keystone_authtoken password GLANCE_PASS
[root@controller ~]# openstack-config --set /etc/glance/glance-api.conf paste_deploy flavor keystone
[root@controller ~]# openstack-config --set /etc/glance/glance-api.conf glance_store stores file,http
[root@controller ~]# openstack-config --set /etc/glance/glance-api.conf glance_store default_store file
[root@controller ~]# openstack-config --set /etc/glance/glance-api.conf glance_store filesystem_store_datadir /var/lib/glance/images/
glance-registry.conf 配置
[root@controller ~]# cp -a /etc/glance/glance-registry.conf{,.bak}
[root@controller ~]# grep -Ev '^$|#' /etc/glance/glance-registry.conf.bak > /etc/glance/glance-registry.conf
[root@controller ~]# openstack-config --set /etc/glance/glance-registry.conf database connection mysql+pymysql://glance:GLANCE_DBPASS@controller/glance
[root@controller ~]# openstack-config --set /etc/glance/glance-registry.conf keystone_authtoken www_authenticate_uri http://controller:5000
[root@controller ~]# openstack-config --set /etc/glance/glance-registry.conf keystone_authtoken auth_url http://controller:5000
[root@controller ~]# openstack-config --set /etc/glance/glance-registry.conf keystone_authtoken memcached_servers controller:11211
[root@controller ~]# openstack-config --set /etc/glance/glance-registry.conf keystone_authtoken auth_type password
[root@controller ~]# openstack-config --set /etc/glance/glance-registry.conf keystone_authtoken project_domain_name Default
[root@controller ~]# openstack-config --set /etc/glance/glance-registry.conf keystone_authtoken user_domain_name Default
[root@controller ~]# openstack-config --set /etc/glance/glance-registry.conf keystone_authtoken project_name service
[root@controller ~]# openstack-config --set /etc/glance/glance-registry.conf keystone_authtoken username glance
[root@controller ~]# openstack-config --set /etc/glance/glance-registry.conf keystone_authtoken password GLANCE_PASS
[root@controller ~]# openstack-config --set /etc/glance/glance-registry.conf paste_deploy flavor keystone
5.初始化glance数据库,生成相关表结构
注:不管有多少个controler,只需要初始化一次即可
[root@controller ~]# su -s /bin/sh -c "glance-manage db_sync" glance
6.开启glance服务
注:此处开启之后会生成存放镜像的目录/var/lib/glance/image
[root@controller ~]# systemctl enable openstack-glance-api.service
[root@controller ~]# systemctl start openstack-glance-api.service
[root@controller ~]# netstat -natp | grep 9292
tcp 0 0 0.0.0.0:9292 0.0.0.0:* LISTEN 23002/python2
7.赋予openstack-glance-api.service服务对存储设备的可写权限
[root@controller ~]# chown -hR glance:glance /var/lib/glance/
8.镜像导入,先上传cirros镜像到控制节点的/root,然后导入glance,最后查看是否创建成功
镜像:cirros-0.3.5-x86_64-disk.img
[root@controller ~]# openstack image create --file cirros-0.3.5-x86_64-disk.img --disk-format qcow2 --container-format bare --public cirros
+------------------+--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
| Field | Value |
+------------------+--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
| checksum | f8ab98ff5e73ebab884d80c9dc9c7290 |
| container_format | bare |
| created_at | 2021-02-21T10:25:38Z |
| disk_format | qcow2 |
| file | /v2/images/3324344d-8663-46f8-8c76-10b13ae6f490/file |
| id | 3324344d-8663-46f8-8c76-10b13ae6f490 |
| min_disk | 0 |
| min_ram | 0 |
| name | cirros |
| owner | f1538b259c2940e09ac65e5443ffc8d5 |
| properties | os_hash_algo='sha512', os_hash_value='f0fd1b50420dce4ca382ccfbb528eef3a38bbeff00b54e95e3876b9bafe7ed2d6f919ca35d9046d437c6d2d8698b1174a335fbd66035bb3edc525d2cdb187232', os_hidden='False' |
| protected | False |
| schema | /v2/schemas/image |
| size | 13267968 |
| status | active |
| tags | |
| updated_at | 2021-02-21T10:25:38Z |
| virtual_size | None |
| visibility | public |
+------------------+--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
9.查看镜像
[root@controller ~]# openstack image list
+--------------------------------------+--------+--------+
| ID | Name | Status |
+--------------------------------------+--------+--------+
| 3324344d-8663-46f8-8c76-10b13ae6f490 | cirros | active |
+--------------------------------------+--------+--------+