Glance的概述
Glance在OpenStack中主要是为用户提供镜像服务的
Glance重要的组件:
-
Glance-Api(接收用户的请求,进行镜像的查找、删除、创建、获取,主要通过REST API接口来完成) -
Glance-Registry(和mysql交互进行存储、处理、检索镜像等操作)
Glance-Api:监听的端口号为9292(对外开放)
Glance-Registry:监听的端口号为9191(内部使用)默认状态下上传的镜像存放路径为:
/var/lib/glance/images
Glance的构建
测试环境
| 主机 | IP地址 |
|---|---|
| controller | ens33:192.168.1.10 ens37:192.168.2.10 |
| compute | ens33:192.168.1.20 ens37:192.168.2.20 |
Glance的配置
以下操作均在controller节点进行
安装Glance相关软件包
[root@controller ~]# yum install -y openstack-glance
创建Glance数据库
[root@controller ~]# mysql -uroot -p
MariaDB [(none)]> create database glance;
Query OK, 1 row affected (0.00 sec)
MariaDB [(none)]> grant all privileges on glance.* to 'glance'@'localhost' identified by 'glance';
Query OK, 0 rows affected (0.11 sec)
MariaDB [(none)]> grant all privileges on glance.* to 'glance'@'%' identified by 'glance';
Query OK, 0 rows affected (0.00 sec)
修改配置文件,配置数据库连接
[root@controller ~]# vi /etc/glance/glance-api.conf
connection = mysql+pymysql://glance:glance@controller/glance
[root@controller ~]# vi /etc/glance/glance-registry.conf
connection = mysql+pymysql://glance:glance@controller/glance
然后初始化glance数据库
[root@controller ~]# su -s /bin/sh -c "glance-manage db_sync" glance
检查数据表是否生成成功
[root@controller ~]# mysql -h 192.168.1.10 -uglance -pglance -e "use glance;show tables;"
创建service项目
服务之间交互就需要用到keystone认证,用到认证就需要用户,用户必须属于一个项目当中,我们将这一些组件的用户都放入到service项目中,便于管理
在执行命令之前记得先运行如下命令:
[root@controller ~]# source admin-openstack.sh
[root@controller ~]# openstack project create --domain default --description "Service Project" service
+-------------+----------------------------------+
| Field | Value |
+-------------+----------------------------------+
| description | Service Project |
| domain_id | 81bf28300f9c474d9d26d64ec2c751f4 |
| enabled | True |
| id | 00a8a020584140ba8076e686892f47cc |
| is_domain | False |
| name | service |
| parent_id | 81bf28300f9c474d9d26d64ec2c751f4 |
| tags | [] |
+-------------+----------------------------------+
创建glance用户
[root@controller ~]# openstack user create --domain default --password-prompt glance
User Password:
Repeat User Password:
+---------------------+----------------------------------+
| Field | Value |
+---------------------+----------------------------------+
| domain_id | 81bf28300f9c474d9d26d64ec2c751f4 |
| enabled | True |
| id | 74ebaa50beb54ed7aa216f503faf1bdf |
| name | glance |
| options | {} |
| password_expires_at | None |
+---------------------+----------------------------------+
这个glance用户主要是用于glance组件认证用的
赋予glance用户admin角色
在keystone篇章已经创建admin角色,这里就不在创建了
[root@controller ~]# openstack role add --project service --user glance admin
创建glance实体和endpoint端点信息
OpenStack里的每一个组件都需要在keystone里面创建对应的服务实体以及端点信息,这样才能够为外部访问用户提供访问路径
创建glance服务实体
[root@controller ~]# openstack service create --name glance --description "Openstack Image" image
+-------------+----------------------------------+
| Field | Value |
+-------------+----------------------------------+
| description | Openstack Image |
| enabled | True |
| id | 5858ee4dd4e6458c824ffdcd6b52ce12 |
| name | glance |
| type | image |
+-------------+----------------------------------+
创建Glance服务的三个API端点(公有、私有、admin)
公有端点的创建
[root@controller ~]# openstack endpoint create --region RegionOne image public http://controller:9292
+--------------+----------------------------------+
| Field | Value |
+--------------+----------------------------------+
| enabled | True |
| id | db90c46288cc416a81f42a973cf33032 |
| interface | public |
| region | RegionOne |
| region_id | RegionOne |
| service_id | 5858ee4dd4e6458c824ffdcd6b52ce12 |
| service_name | glance |
| service_type | image |
| url | http://controller:9292 |
+--------------+----------------------------------+
创建私有端点信息
[root@controller ~]# openstack endpoint create --region RegionOne image internal http://controller:9292
+--------------+----------------------------------+
| Field | Value |
+--------------+----------------------------------+
| enabled | True |
| id | 066f7e7bb19e43a2b18073f58309d61e |
| interface | internal |
| region | RegionOne |
| region_id | RegionOne |
| service_id | 5858ee4dd4e6458c824ffdcd6b52ce12 |
| service_name | glance |
| service_type | image |
| url | http://controller:9292 |
+--------------+----------------------------------+
创建admin管理员端点
[root@controller ~]# openstack endpoint create --region RegionOne image admin http://controller:9292
+--------------+----------------------------------+
| Field | Value |
+--------------+----------------------------------+
| enabled | True |
| id | 7ec76390dd294a8aa6ca4cf79472b284 |
| interface | admin |
| region | RegionOne |
| region_id | RegionOne |
| service_id | 5858ee4dd4e6458c824ffdcd6b52ce12 |
| service_name | glance |
| service_type | image |
| url | http://controller:9292 |
+--------------+----------------------------------+
注:以上创建都只存在一个端口信息,因为Glance只有一个端口是对外暴露的,就是Glance-api 的9292端口
配置镜像服务
修改Glance-Api的配置文件
[root@controller ~]# vi /etc/glance/glance-api.conf
[keystone_authtoken]
3501 auth_uri = http://controller:5000
3502 auth_url = http://controller:35357 #自行添加的
3552 memcached_servers = controller:11211
3659 auth_type = password #认证类型为密码认证
3661 project_domain_name = default
3662 user_domain_name = default
3663 project_name = service #项目名称
3664 username = glance #glance用户
3665 password = glance #glance用户的密码
[paste_deploy]
4509 flavor = keystone
配置上传镜像存放的路径信息
[glance_store]
2066 stores = file,http
2110 default_store = file
2429 filesystem_store_datadir = /var/lib/glance/images
修改Glance-Registry的配置文件
[root@controller ~]# vi /etc/glance/glance-registry.conf
[keystone_authtoken]
1314 auth_uri = http://controller:5000
1315 auth_url = http://controller:35357
1365 memcached_servers = controller:11211
1472 auth_type = password
1474 project_domain_name = default
1475 user_domain_name = default
1476 project_name = service
1477 username = glance
1478 password = glance
[paste_deploy]
2296 flavor = keystone
这个文件就只修改以上这一些即可
启动相应服务即可
[root@controller ~]# systemctl start openstack-glance-api
[root@controller ~]# systemctl enable openstack-glance-api
[root@controller ~]# systemctl start openstack-glance-registry
[root@controller ~]# systemctl enable openstack-glance-registry
查询对应端口是否运行
[root@controller ~]# ss -tan | grep 9191
LISTEN 0 128 *:9191 *:*
[root@controller ~]# ss -tan | grep 9292
LISTEN 0 128 *:9292 *:*
验证测试glance服务是否搭建成功
[root@controller ~]# openstack image list //使用这一个命令可以查询glance的镜像列表 当前为空
[root@controller ~]#
也可以使用如下命令进行查询
[root@controller ~]# glance image-list
+----+------+
| ID | Name |
+----+------+
+----+------+
上传镜像操作
下载cirros镜像用于测试
[root@controller ~]# wget http://download.cirros-cloud.net/0.3.4/cirros-0.3.4-x86_64-disk.img
然后上传到glance镜像服务当中去
命令格式:
openstack image create 名称 --file 指定镜像所在的路径 --disk-format 指定磁盘的类型为qcow2 --container-format 指定容器的格式为bare --public 代表公共资源,谁都可以访问
[root@controller ~]# openstack image create "cirros" --file /root/cirros-0.3.4-x86_64-disk.img --disk-format qcow2 --container-format bare --public
+------------------+------------------------------------------------------+
| Field | Value |
+------------------+------------------------------------------------------+
| checksum | ee1eca47dc88f4879d8a229cc70a07c6 |
| container_format | bare |
| created_at | 2021-01-14T15:16:06Z |
| disk_format | qcow2 |
| file | /v2/images/240571f7-1ede-45dc-a78b-7fb9dd415e1e/file |
| id | 240571f7-1ede-45dc-a78b-7fb9dd415e1e |
| min_disk | 0 |
| min_ram | 0 |
| name | cirros |
| owner | 05367053571a461da02673fed3067196 |
| protected | False |
| schema | /v2/schemas/image |
| size | 13287936 |
| status | active |
| tags | |
| updated_at | 2021-01-14T15:16:07Z |
| virtual_size | None |
| visibility | public |
+------------------+------------------------------------------------------+
注:除了以上的方法,还有一种方法也可以实现操作:
glance image-create --name 指定名称 --file 指定文件所在的路径 --disk-format 指定磁盘格式 --container-format 指定容器格式
查看上传的效果
[root@controller ~]# glance image-list
+--------------------------------------+--------+
| ID | Name |
+--------------------------------------+--------+
| 0ebd7a2a-5157-4eeb-9c35-9c4ff297bfbc | ceshi |
| 240571f7-1ede-45dc-a78b-7fb9dd415e1e | cirros |
+--------------------------------------+--------+
也可以使用:openstakc image list 来查看也可以
查看对应目录是否生成有镜像:
[root@controller ~]# ls /var/lib/glance/images/
0ebd7a2a-5157-4eeb-9c35-9c4ff297bfbc 240571f7-1ede-45dc-a78b-7fb9dd415e1e
至此,OpenStack的Glance镜像服务就搭建完成了