概念
理解Image Service
Image Service 的功能是管理 Image,让用户能够发现、获取和保存 Image。在 OpenStack 中,提供 Image Service 的是 Glance,其具体功能如下:
- 提供 REST API 让用户能够查询和获取 image 的元数据和 image 本身
- 支持多种方式存储 image,包括普通的文件系统、Swift、Amazon S3 等
- 对 Instance 执行 Snapshot 创建新的 image
架构图
glance-api:
glance-api 是系统后台运行的服务进程。 对外提供 REST API,响应 image 查询、获取和存储的调用。
glance-api 不会真正处理请求。 如果操作是与 image metadata(元数据)相关,glance-api 会把请求转发给 glance-registry; 如果操作是与 image 自身存取相关,glance-api 会把请求转发给该 image 的 store backend。
在控制节点上可以查看 glance-api 进程
ps aux | grep glance-api
glance-registry
glance-registry 是系统后台运行的服务进程。 负责处理和存取 image 的 metadata,例如 image 的大小和类型。
在控制节点上可以查看 glance-registry 进程,
ps aux | grep glance-registry
Store backend
Glance 自己并不存储 image。 真正的 image 是存放在 backend 中的。 Glance 支持多种 backend,包括:
- A directory on a local file system(这是默认配置)
- GridFS
- Ceph RBD
- Amazon S3
- Sheepdog
- OpenStack Block Storage (Cinder)
- OpenStack Object Storage (Swift)
- VMware ESX
具体使用哪种 backend,是在 /etc/glance/glance-api.conf 中配置的
查看目前存在的image
openstack image list
查看保存目录
ls /var/lib/glance/images
执行image上传镜像命令:
openstack image create “cirros” --file cirros-0.3.3-x86_64-disk.img.img --disk-format qcow2 --container-format bare --public
操作部署
mysql -uroot -p123
创建glance数据库
CREATE DATABASE glance;
创建glance数据库
设置可以本地登录
GRANT ALL PRIVILEGES ON glance.* TO ‘glance’@‘localhost’
IDENTIFIED BY ‘123’;
设置可以远程登录
GRANT ALL PRIVILEGES ON glance.* TO ‘glance’@’%’
IDENTIFIED BY ‘123’;
创建glance用户
openstack user create --domain default --password=glance glance
[root@chen1 ~]# openstack user create --domain default --password=admin glance
+---------------------+----------------------------------+
| Field | Value |
+---------------------+----------------------------------+
| domain_id | default |
| enabled | True |
| id | be520627818844429e73dfc84132e4a3 |
| name | glance |
| options | {} |
| password_expires_at | None |
+---------------------+----------------------------------+
将glance用户设置为service的管理员
openstack role add --project service --user glance admin
建立glance的服务
openstack service create --name glance
–description “OpenStack Image” image
[root@chen1 ~]# openstack service create --name glance \
> --description "OpenStack Image" image
+-------------+----------------------------------+
| Field | Value |
+-------------+----------------------------------+
| description | OpenStack Image |
| enabled | True |
| id | 1bab5039ff5a4c7d9cb2887845e41535 |
| name | glance |
| type | image |
+-------------+----------------------------------+
建立服务端口
openstack endpoint create --region RegionOne
image public http://chen1:9292
[root@chen1 ~]# openstack endpoint create --region RegionOne \
> image public http://chen1:9292
+--------------+----------------------------------+
| Field | Value |
+--------------+----------------------------------+
| enabled | True |
| id | 69d7a7c6f96442d6ba4e5e5d8e8a383c |
| interface | public |
| region | RegionOne |
| region_id | RegionOne |
| service_id | 1bab5039ff5a4c7d9cb2887845e41535 |
| service_name | glance |
| service_type | image |
| url | http://chen1:9292 |
+--------------+----------------------------------+
openstack endpoint create --region RegionOne
image internal http://chen1:9292
[root@chen1 ~]# openstack endpoint create --region RegionOne \
> image internal http://chen1:9292
+--------------+----------------------------------+
| Field | Value |
+--------------+----------------------------------+
| enabled | True |
| id | 2deab16e4dee47718a834d0841de1c89 |
| interface | internal |
| region | RegionOne |
| region_id | RegionOne |
| service_id | 1bab5039ff5a4c7d9cb2887845e41535 |
| service_name | glance |
| service_type | image |
| url | http://chen1:9292 |
+--------------+----------------------------------+
openstack endpoint create --region RegionOne
image admin http://chen1:9292
[root@chen1 ~]# openstack endpoint create --region RegionOne \
> image admin http://chen1:9292
+--------------+----------------------------------+
| Field | Value |
+--------------+----------------------------------+
| enabled | True |
| id | 77d87ebe3d2246d88f8e3264730e4c73 |
| interface | admin |
| region | RegionOne |
| region_id | RegionOne |
| service_id | 1bab5039ff5a4c7d9cb2887845e41535 |
| service_name | glance |
| service_type | image |
| url | http://chen1:9292 |
+--------------+----------------------------------+
如果添加错误:
openstack endpoint delete id号
安装glance服务
yum -y install openstack-glance
如果失败,检查下sr0是否挂载,以及全局dns配置文件是否更改/etc/resolve.conf
编辑glance配置文件
先备份
cp /etc/glance/glance-api.conf /etc/glance/glance-api.conf.bak
cp /etc/glance/glance-registry.conf /etc/glance/glance-registry.conf.bak
vim /etc/glance/glance-api.conf
[DEFAULT]
[cors]
[cors.subdomain]
[database]
connection = mysql+pymysql://glance:123@chen1/glance
[glance_store]
stores = file,http
default_store = file
filesystem_store_datadir = /var/lib/glance/images/
[image_format]
[keystone_authtoken]
auth_uri = http://chen1:5000
auth_url = http://chen1:35357
memcached_servers = chen1:11211
auth_type = password
project_domain_name = default
user_domain_name = default
project_name = service
username = glance
password = glance
[matchmaker_redis]
[oslo_concurrency]
[oslo_messaging_amqp]
[oslo_messaging_kafka]
[oslo_messaging_notifications]
[oslo_messaging_rabbit]
[oslo_messaging_zmq]
[oslo_middleware]
[oslo_policy]
[paste_deploy]
flavor = keystone
[profiler]
[store_type_location_strategy]
[task]
[taskflow_executor]
给予权限
chmod 640 glance-api.conf
chown root.glance glance-api.conf
vim /etc/glance/glance-registry.conf
[DEFAULT]
[database]
connection = mysql+pymysql://glance:123@chen1/glance
[keystone_authtoken]
auth_uri = http://chen1:5000
auth_url = http://chen1:35357
memcached_servers = chen1:11211
auth_type = password
project_domain_name = default
user_domain_name = default
project_name = service
username = glance
password = glance
[matchmaker_redis]
[oslo_messaging_amqp]
[oslo_messaging_kafka]
[oslo_messaging_notifications]
[oslo_messaging_rabbit]
[oslo_messaging_zmq]
[oslo_policy]
[paste_deploy]
flavor = keystone
[profiler]
同步数据库
su -s /bin/sh -c “glance-manage db_sync” glance
启动glance相关服务
systemctl enable openstack-glance-api.service
openstack-glance-registry.service
systemctl start openstack-glance-api.service
openstack-glance-registry.service
进入目录进行验证
cd /var/lib/glance/images
ls
如果什么没有
则需要下载镜像
wget http://download.cirros-cloud.net/0.3.5/cirros-0.3.5-x86_64-disk.img
创建cirros镜像
openstack image create "cirros" \
--file cirros-0.3.5-x86_64-disk.img \ #文件来源于刚刚下载的
--disk-format qcow2 --container-format bare \ #格式为qcow2
--public #类型为public类型
显示如下
+------------------+------------------------------------------------------+
| Field | Value |
+------------------+------------------------------------------------------+
| checksum | f8ab98ff5e73ebab884d80c9dc9c7290 |
| container_format | bare |
| created_at | 2019-04-09T11:30:55Z |
| disk_format | qcow2 |
| file | /v2/images/d34fd470-b2aa-44a8-b1c9-eb9af3eb4184/file |
| id | d34fd470-b2aa-44a8-b1c9-eb9af3eb4184 |
| min_disk | 0 |
| min_ram | 0 |
| name | cirros |
| owner | bd5cc336450942d8817b10845ef20605 |
| protected | False |
| schema | /v2/schemas/image |
| size | 13267968 |
| status | active |
| tags | |
| updated_at | 2019-04-09T11:30:55Z |
| virtual_size | None |
| visibility | public |
+------------------+------------------------------------------------------+
如果失败,则检查下之前创建glance用户时密码与 /etc/glance/glance-registry.conf、/etc/glance/glance-api.conf里面设置的密码是否相同,如果不同,可以更改配置文件或者删除用户重新创建用户,但是密码必须相同
查看
openstack image list
+--------------------------------------+--------+--------+
| ID | Name | Status |
+--------------------------------------+--------+--------+
| d34fd470-b2aa-44a8-b1c9-eb9af3eb4184 | cirros | active |
+--------------------------------------+--------+--------+