1. glance architecture
The architecture of glance is shown in Figure 1-1. 
Figure 1-1 glance architecture 
Figure 1-2 glance architecture in the openstack official document Figure
1) Mirror service components:
Glance-api: is an external API interface that can accept external API mirroring requests. It is mainly used to analyze, distribute, and respond to various image management REST Requests, and then complete image discovery, acquisition, and storage operations through other modules (EG. Glance-registry, Store Backend storage interface). The default binding port is 9292.
Glance provides a REST API supports the following mirroring: inquiries, registration, upload, access, delete, access rights management
l the Glance-Registry : for storage, processing, access to Image Metadata. By responding to the Image Metadata REST Request sent from glance-api, and then interacting with MySQL, the Image Metadate can be stored, processed, and retrieved. The default bound port is 9191.
glance-db : Supported by MySQL in Openstack, used to store Image Metadata.
Image Metadate (Mirror Metadata) : refers to being stored in MySQL Database through glance-registry; chunk data of image is stored in various backend stores through glance-store and obtained from it.
Glance Store: Used to store image files. Contact the glance-api through the Store Backend storage interface. Through this interface, glance can obtain the image file from the Image Store and hand it over to Nova to create a virtual machine.
Glance supports multiple Image Store solutions through Store Adapter (storage adapter) to
support swift, file system, s3, sheepdog, rbd, cinder, etc.
2) The access rights of image are divided into:
public: can be used by all tenants.
private Private / item: can only be used by the tenant where the image owner is located.
Shared: A non-shared image can be shared with another tenant, which can be achieved through the member- * operation.
protected Protected: The protected image cannot be deleted.
3) Various states of image
queued: no image data is uploaded, only metadata in db.
saving: uploading image data
active: normal state
deleted / pending_delete: deleted / waiting to delete
killed: image metadata is incorrect, waiting to be deleted.
2. Image format supported by Glance
raw - unstructured image format
vhd - a common virtual machine disk format for Vmware, Xen, Microsoft Virtual PC / Virtual Server / Hyper-V, VirtualBox , etc.
vmdk - Vmware virtual machine disk format, Also supports multiple Hypervisors
vdi – Virtual Machine, QEMU and other supported virtual machine disk formats
qcow2 – a disk format that supports QEMU and can be dynamically expanded
aki – Amazon Kernel image
ari – Amazon Ramdisk image
ami – Amazon Virtual Machine image
3. Common interview questions
1), openstack connects to ceph cluster, what format does image use?
Answer: Use raw format.
2) The difference between raw and qcow2:
Answer:
(1) The difference in space occupation, such as the specified space of 20G, when only 5G is actually used, raw is displayed as 20G externally, and qcow2 is displayed as the actual size of 5G externally Look at using qcow2;
(2) If you use ceph to use the raw format, it has better compatibility with the raw format. Even if you specify the qcow2 format, the backend will first convert to the raw format.
4. The working process of glance component
5. Actual combat: manual construction of glance
5.1. Installation and configuration of the control node
(1) Create glance database:
[root@controller ~]# mysql -uroot -popenstack <<EOF
create database glance;
GRANT ALL PRIVILEGES ON glance.* TO 'glance'@'localhost' IDENTIFIED BY 'openstack'; GRANT ALL PRIVILEGES ON glance.* TO 'glance'@'%' IDENTIFIED BY 'openstack';
EOF(2) Create a glance user and add the administrator role in the service project
[root@controller ~]# source admin_openrc
下面这句要分开执行,要输入glance用户的密码:
[root@controller ~]# openstack user create --domain default --password-prompt glance
User Password:
Repeat User Password:
+---------------------+----------------------------------+
| Field | Value |
+---------------------+----------------------------------+
| domain_id | default |
| enabled | True |
| id | cd90f56cf9bc4c8f8a01f88c5c179762 |
| name | glance |
| options | {} |
| password_expires_at | None |
+---------------------+----------------------------------+
[root@controller ~]# openstack role add --project service --user glance admin(3) Create glance service and port
[root@controller ~]# openstack service create --name glance --description "OpenStack Image" image
+-------------+----------------------------------+
| Field | Value |
+-------------+----------------------------------+
| description | OpenStack Image |
| enabled | True |
| id | ad61f9ee483e4bea9cb374796f097dd3 |
| name | glance |
| type | image |
+-------------+----------------------------------+
[root@controller ~]# openstack endpoint create --region RegionOne image public http://controller:9292
+--------------+----------------------------------+
| Field | Value |
+--------------+----------------------------------+
| enabled | True |
| id | b781cb1117f040f1a18615b649fb5388 |
| interface | public |
| region | RegionOne |
| region_id | RegionOne |
| service_id | ad61f9ee483e4bea9cb374796f097dd3 |
| service_name | glance |
| service_type | image |
| url | http://controller:9292 |
+--------------+----------------------------------+
[root@controller ~]# openstack endpoint create --region RegionOne image internal http://controller:9292
+--------------+----------------------------------+
| Field | Value |
+--------------+----------------------------------+
| enabled | True |
| id | 129da42ca64c4cfb821afcf3c2e81dfd |
| interface | internal |
| region | RegionOne |
| region_id | RegionOne |
| service_id | ad61f9ee483e4bea9cb374796f097dd3 |
| service_name | glance |
| service_type | image |
| url | http://controller:9292 |
+--------------+----------------------------------+
[root@controller ~]# openstack endpoint create --region RegionOne image admin http://controller:9292
+--------------+----------------------------------+
| Field | Value |
+--------------+----------------------------------+
| enabled | True |
| id | 9fc675719b1d49a48851abeee9f2622c |
| interface | admin |
| region | RegionOne |
| region_id | RegionOne |
| service_id | ad61f9ee483e4bea9cb374796f097dd3 |
| service_name | glance |
| service_type | image |
| url | http://controller:9292 |
+--------------+----------------------------------+
[root@controller ~]# openstack endpoint list
---------+-----------+-----------------------------+
| ID | Region | Service Name | Service Type | Enabled | Interface | URL |
---------+-----------+-----------------------------+
| 01ccfab5acb0407888620ca056f93dfe | RegionOne | keystone | identity | True | admin | http://controller:35357/v3/ |
| 129da42ca64c4cfb821afcf3c2e81dfd | RegionOne | glance | image | True | internal | http://controller:9292 |
| 4c2bd465260043039bcf7bf78776dd6b | RegionOne | keystone | identity | True | internal | http://controller:5000/v3/ |
| 9cd64dded6014abea4936800d3fd614c | RegionOne | glance | image | True | public | http://controller:9292 |
| 9fc675719b1d49a48851abeee9f2622c | RegionOne | glance | image | True | admin | http://controller:9292 |
| bdc34c7c99bb432eb13fa83a45d0065e | RegionOne | keystone | identity | True | public | http://controller:5000/v3/ |
+----------------------------------+-----------+--------------+--------------+---------+-----------+-----------------------------+
操作删除endpoint命令
[root@controller ~]# openstack endpoint delete IDNAME
(4) Install and configure related packages on the control node
[root@controller ~]# yum -y install openstack-glance
[root@controller ~]# vim /etc/glance/glance-api.conf
[database]
connection = mysql+pymysql://glance:openstack@controller/glance
[keystone_authtoken]
auth_uri = http://controller:5000 内部端口
auth_url = http://controller:35357 管理员端口
memcached_servers = controller:11211
auth_type = password
project_domain_name = default
user_domain_name = default
project_name = service
username = glance
password = openstack
[paste_deploy] (开启如下配置)
flavor = keystone
[glance_store] (开启如下配置)
stores = file,http
default_store = file
filesystem_store_datadir = /var/lib/glance/images/
[root@controller ~]# egrep -v "^#|^$" /etc/glance/glance-api.conf
[root@controller ~]# vim /etc/glance/glance-registry.conf
[database]
connection = mysql+pymysql://glance:openstack@controller/glance
[keystone_authtoken]
auth_uri = http://controller:5000
auth_url = http://controller:35357
memcached_servers = controller:11211
auth_type = password
project_domain_name = default
user_domain_name = default
project_name = service
username = glance
password = openstack
[paste_deploy]
flavor = keystone
[root@controller ~]# egrep -v "^#|^$" /etc/glance/glance-registry.conf(5) Initialize the database table structure
[root@controller ~]# su -s /bin/sh -c "glance-manage db_sync" glance
/usr/lib/python2.7/site-packages/oslo_db/sqlalchemy/enginefacade.py:1336: OsloDBDeprecationWarning: EngineFacade is deprecated; please use oslo_db.sqlalchemy.enginefacade
expire_on_commit=expire_on_commit, _conf=conf)
INFO [alembic.runtime.migration] Context impl MySQLImpl.
INFO [alembic.runtime.migration] Will assume non-transactional DDL.
INFO [alembic.runtime.migration] Running upgrade -> liberty, liberty initial
INFO [alembic.runtime.migration] Running upgrade liberty -> mitaka01, add index on created_at and updated_at columns of 'images' table
INFO [alembic.runtime.migration] Running upgrade mitaka01 -> mitaka02, update metadef os_nova_server
INFO [alembic.runtime.migration] Running upgrade mitaka02 -> ocata_expand01, add visibility to images
INFO [alembic.runtime.migration] Running upgrade ocata_expand01 -> pike_expand01, empty expand for symmetry with pike_contract01
INFO [alembic.runtime.migration] Running upgrade pike_expand01 -> queens_expand01
INFO [alembic.runtime.migration] Context impl MySQLImpl.
INFO [alembic.runtime.migration] Will assume non-transactional DDL.
Upgraded database to: queens_expand01, current revision(s): queens_expand01
INFO [alembic.runtime.migration] Context impl MySQLImpl.
INFO [alembic.runtime.migration] Will assume non-transactional DDL.
INFO [alembic.runtime.migration] Context impl MySQLImpl.
INFO [alembic.runtime.migration] Will assume non-transactional DDL.
Database migration is up to date. No migration needed.
INFO [alembic.runtime.migration] Context impl MySQLImpl.
INFO [alembic.runtime.migration] Will assume non-transactional DDL.
INFO [alembic.runtime.migration] Context impl MySQLImpl.
INFO [alembic.runtime.migration] Will assume non-transactional DDL.
INFO [alembic.runtime.migration] Running upgrade mitaka02 -> ocata_contract01, remove is_public from images
INFO [alembic.runtime.migration] Running upgrade ocata_contract01 -> pike_contract01, drop glare artifacts tables
INFO [alembic.runtime.migration] Running upgrade pike_contract01 -> queens_contract01
INFO [alembic.runtime.migration] Context impl MySQLImpl.
INFO [alembic.runtime.migration] Will assume non-transactional DDL.
Upgraded database to: queens_contract01, current revision(s): queens_contract01
INFO [alembic.runtime.migration] Context impl MySQLImpl.
INFO [alembic.runtime.migration] Will assume non-transactional DDL.
Database is synced successfully.
[root@controller ~]# mysql -hlocalhost -uglance -popenstack -e "use glance;show tables;"(6) Service start and set to start automatically
[root@controller ~]# systemctl enable openstack-glance-api.service openstack-glance-registry.service
[root@controller ~]# systemctl start openstack-glance-api.service openstack-glance-registry.service5.2, verification
(1) Executive authorization
[root@controller ~]# source admin_openrc(2) Download the experimental mirror cirros
[root@controller ~]# wget http://download.cirros-cloud.net/0.3.5/cirros-0.3.5-x86_64-disk.img(3) Create a mirror:
[root@controller ~]# openstack image create "cirros" --file cirros-0.3.5-x86_64-disk.img --disk-format qcow2 --container-format bare --public
+------------------+------------------------------------------------------+
| Field | Value |
+------------------+------------------------------------------------------+
| checksum | ee1eca47dc88f4879d8a229cc70a07c6 |
| container_format | bare |
| created_at | 2020-03-17T14:16:48Z |
| disk_format | qcow2 |
| file | 2/images/7dfa1f88-6e3a-45aa-90ff-f348e6e399c0/file |
| id | 7dfa1f88-6e3a-45aa-90ff-f348e6e399c0 |
| min_disk | 0 |
| min_ram | 0 |
| name | cirros |
| owner | db82536ef7124608b3f3931ba4ce9615 |
| protected | False |
| schema | /v2/schemas/image |
| size | 13287936 |
| status | active |
| tags | |
| updated_at | 2020-03-17T14:16:48Z |
| virtual_size | None |
| visibility | public |
+------------------+------------------------------------------------------+
[root@controller ~]# openstack image list
+--------------------------------------+--------+--------+
| ID | Name | Status |
+--------------------------------------+--------+--------+
| 7dfa1f88-6e3a-45aa-90ff-f348e6e399c0 | cirros | active |
+--------------------------------------+--------+--------+
#查看镜像文件信息
[root@controller ~]# openstack image show cirros
#设置镜像受保护状态(不可删除)
[root@controller ~]# openstack image set --protected IDNAME
#设置镜像未受保护状态(可删除)
[root@controller ~]# openstack image set --unprotected IDNAMEAt this point, the installation of Glance is completed. The next chapter introduces the Nova component and its installation process