OpenStack镜像服务(glance)允许用户发现、注册和恢复虚拟机镜像。Glance提供Rest API可以查询虚拟机镜像的metadata并且可以获取镜像。通过Glance,虚拟机镜像可以被存储到多种存储上,比如简单的文件存储或者对象存储(比如OpenStack中swift项目)。
一、OpenStack 镜像服务包含组件
图1.1. OpenStack glance组件
二、OpenStack 镜像服务安装
下面介绍如何安装和配置镜像服务,即glance。这个配置将镜像保存到本地文件系统中,默认存储在/var/lib/glance/images/目录中。所有的步骤将在控制节点(Controller Node)上面进行操作。
1.安装前的准备
安装和配置镜像服务之前,必须创建数据库、服务证书和API端点。
1.1数据库配置
1)创建数据库
|
1
2
3
|
root@controller:~# mysql -uroot -p
MariaDB [(none)]> create database glance;Query OK, 1 row affected (0.06 sec) |
2)给数据库授权
|
1
2
3
4
5
6
|
MariaDB [(none)]> GRANT ALL PRIVILEGES ON glance.* TO 'glance'@'localhost' IDENTIFIED BY 'sfzhang1109';
Query OK, 0 rows affected (0.45 sec)MariaDB [(none)]> GRANT ALL PRIVILEGES ON glance.* TO 'glance'@'%' IDENTIFIED BY 'sfzhang1109';
Query OK, 0 rows affected (0.00 sec)MariaDB [(none)]> flush privileges;Query OK, 0 rows affected (0.06 sec) |
3)退出数据库客户端
|
1
2
|
MariaDB [(none)]> exit
Bye |
1.2 导入admin身份凭证以便执行管理命令
|
1
|
root@controller:~# source admin-openrc.sh
|
1.3 创建服务证书
1)创建glance用户(密码:glance)
|
1
2
3
4
5
6
7
8
9
10
11
12
|
root@controller:~# openstack user create --password-prompt glance
User Password:Repeat User Password:+----------+----------------------------------+| Field | Value |+----------+----------------------------------+| email | None || enabled | True || id | 8d333920d9df49af8d57910c3c18dcf8 |
| name | glance || username | glance |+----------+----------------------------------+ |
2)将glance用户和租户服务添加管理员角
|
1
2
3
4
5
6
7
|
root@controller:~# openstack role add --project service --user glance admin
+-------+----------------------------------+| Field | Value |+-------+----------------------------------+| id | 05616505a61c4aa78f43fba9e60ba7fc |
| name | admin |+-------+----------------------------------+ |
3)创建glance服务实体
|
1
2
3
4
5
6
7
8
9
10
|
root@controller:~# openstack service create --name glance --description "OpenStack Image service" image
+-------------+----------------------------------+| Field | Value |+-------------+----------------------------------+| description | OpenStack Image service || enabled | True || id | e448c04b115a4cd3b745b70b17fa95b3 |
| name | glance || type | image |
+-------------+----------------------------------+ |
1.4 创建镜像服务API端点
|
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
|
root@controller:~# openstack endpoint create \
--publicurl http://controller:9292 \
--internalurl http://controller:9292 \
--adminurl http://controller:9292 \
--region RegionOne \
image
+--------------+----------------------------------+| Field | Value |+--------------+----------------------------------+| adminurl | http://controller:9292 |
| id | aa4ac4216c7a41fd8452c7186c9493ac |
| internalurl | http://controller:9292 |
| publicurl | http://controller:9292 |
| region | RegionOne || service_id | e448c04b115a4cd3b745b70b17fa95b3 || service_name | glance || service_type | image |+--------------+----------------------------------+ |
2.安装和配置镜像服务组件
2.1安装软件包
|
1
|
root@controller:~# apt-get install glance python-glanceclient
|
2.2编辑/etc/glance/glance-api.conf配置文件,完成下面的配置
1)在[database]部分配置数据库访问
|
1
2
3
|
[database]…connection = mysql://glance:sfzhang1109@controller/glance
|
2)在[keystone_authtoken] 和[paste_deploy]部分配置身份认证入口
|
1
2
3
4
5
6
7
8
9
10
11
12
13
|
[keystone_authtoken]…auth_uri = http://controller:5000
auth_url = http://controller:35357
auth_plugin = passwordproject_domain_id = defaultuser_domain_id = defaultproject_name = serviceusername = glancepassword = glance[paste_deploy]…flavor = keystone |
3)在[glance_store]部分配置本地文件系统存储和镜像文件的位置
|
1
2
3
4
|
[glance_store]...default_store = file
filesystem_store_datadir = /data/glance/images/
|
4)在[DEFAULT]部分禁用noop消息驱动,因为该选项只和可选的Telemetry服务有关
|
1
2
3
|
[DEFAULT]...notification_driver = noop |
5)在[DEFAULT]部分开启详细日志配置,方便故障分析和排查
|
1
2
3
|
[DEFAULT]...verbose = True |
2.3编辑/etc/glance/glance-registry.conf配置文件,完成下面的配置
1)在[database]部分配置数据库访问
|
1
|
connection = mysql://glance:sfzhang1109@controller/glance
|
2)在[keystone_authtoken] 和[paste_deploy]部分配置身份认证入口
|
1
2
3
4
5
6
7
8
9
10
|
[keystone_authtoken]...auth_uri = http://controller:5000
auth_url = http://controller:35357
auth_plugin = passwordproject_domain_id = defaultuser_domain_id = defaultproject_name = serviceusername = glancepassword = glance |
3)在[DEFAULT]部分禁用noop消息驱动,因为该选项只和可选的Telemetry服务有关
|
1
2
3
|
[paste_deploy]...flavor = keystone |
4)在[DEFAULT]部分开启详细日志配置,方便故障分析和排查
|
1
2
3
|
[DEFAULT]...verbose = True |
2.4 初始化镜像服务数据库
|
1
2
3
4
|
root@controller:~# su -s /bin/sh -c "glance-manage db_sync" glance
2015-09-01 06:17:25.166 18641 INFO migrate.versioning.api [-] 0 -> 1... 2015-09-01 06:17:25.193 18641 INFO glance.db.sqlalchemy.migrate_repo.schema [-] creating table images… |
3.安装完成
1)重启Image service的服务
|
1
2
|
root@controller:~# service glance-registry restart
root@controller:~# service glance-api restart
|
2默认会创建SQLite数据库,因为使用的是MYSQL数据库,因此要删除QLite数据库文件
三、OpenStack Image service服务验证
1)配置镜像服务客户端使用API的版本为2.0
|
1
|
root@controller:~# echo "export OS_IMAGE_API_VERSION=2" | tee -a admin-openrc.sh demo-openrc.sh
|
2)执行admin身份凭证
|
1
|
root@controller:~# source admin-openrc.sh
|
3)在本地创建临时目录
|
1
|
root@controller:~# mkdir /tmp/images
|
4)下载镜像到该目录
|
1
|
root@controller:~# wget -P /tmp/images http://download.cirros-cloud.net/0.3.4/cirros-0.3.4-x86_64-disk.img
|
5)上传镜像到Image service,镜像格式为QCOW2。
|
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
|
root@controller:~# glance image-create --name "cirros-0.3.4-x86_64" --file /tmp/images/cirros-0.3.4-x86_64-disk.img --disk-format qcow2 --container-format bare --progress
[=============================>] 100%+------------------+--------------------------------------+| Property | Value |+------------------+--------------------------------------+| checksum | ee1eca47dc88f4879d8a229cc70a07c6 || container_format | bare || created_at | 2015-09-11T07:04:31.000000 || deleted | False || deleted_at | None || disk_format | qcow2 || id | df54ff49-b167-4fed-987a-0ade3cbc9aca |
| is_public | False || min_disk | 0 || min_ram | 0 || name | cirros-0.3.4-x86_64 || owner | d04d4985d62f42e2af2ddc35f442ffd9 || protected | False || size | 13287936 || status | active || updated_at | 2015-09-11T07:04:32.000000 || virtual_size | None |+------------------+--------------------------------------+ |
6)确认镜像上传并验证属性
|
1
2
3
4
5
6
|
root@controller:~# glance image-list
+--------------------------------------+---------------------+-------------+------------------+----------+--------+| ID | Name | Disk Format | Container Format | Size | Status |+--------------------------------------+---------------------+-------------+------------------+----------+--------+| df54ff49-b167-4fed-987a-0ade3cbc9aca | cirros-0.3.4-x86_64 | qcow2 | bare | 13287936 | active |+--------------------------------------+---------------------+-------------+------------------+----------+--------+ |
7)删除临时目录的镜像文件
|
1
|
root@controller:~# rm -r /tmp/images/
|
备注:
1)OpenStack官方文档:
http://docs.openstack.org/kilo/install-guide/install/apt/content/
本文转自 sfzhang 51CTO博客,原文链接:http://blog.51cto.com/sfzhang88/1693834,如需转载请自行联系原作者