参考资料:官方配置文档(http://docs.openstack.org/mitaka/install-guide-rdo/glance-install.html)
简介
镜像服务,顾名思义就是管理镜像文件用的。当你在openstack中创建虚拟机的时候,需要的系统镜像文件就是由这个服务提供的。因为它提供了一个REST API让你能够查询虚拟机镜像的元数据和检索一个实际的镜像。所以无论是一个简单的file systems还是一个OpenStack Object Storage,你都可以通过Image service在各种不同的位置上存储一个虚拟机镜像。
一个拓展知识–>不知道大家有没有疑问,服务之间都是如何通过一个API去发送请求和响应请求的?我觉得这得从RESET API说起,如果有开发经验的小朋友还是很清楚这东西的。RESTful(Representational State Transfer)是一种设计风格而不是标准,它是目前最流行的一种互联网软件架构。openstack各个项目都提供了RESTful架构的API作为对外提供的接口,而RESETful架构的核心是资源与资源上的操作(从RESTful的角度上看,任何东西都可以是资源,包括一张图片,一段文本,一首歌曲和一种服务等等)。这也就是说,openstack定义了很多资源,并实现了针对这些资源的各种操作函数。openstack的API服务进程收到客户端的HTTP请求时,一个所谓的路由模块会将请求的URL转换成相应的资源,并路由到合适的操作函数上。比如执行nova list命令时,nova客户端将这个命令转换成HTTP请求发送给Nova的API服务进程,然后被路由到一个’index’操作,最后就会列出当前租户的所有虚拟机。
准备工作
Before you install and configure the Image service, you must create a database, service credentials, and API endpoints.
1.创建glance数据库,设置密码,123456是我设置的密码
command:
mysql -u root -p123456
CREATE DATABASE glance;
GRANT ALL PRIVILEGES ON glance.* TO 'glance'@'localhost' IDENTIFIED BY '123456';
GRANT ALL PRIVILEGES ON glance.* TO 'glance'@'%' IDENTIFIED BY '123456';
exit
OutPut:
[root@controller ~]# mysql -u root -p123456
Welcome to the MariaDB monitor. Commands end with ; or \g.
Your MariaDB connection id is 24
Server version: 10.1.12-MariaDB MariaDB Server
Copyright (c) 2000, 2016, Oracle, MariaDB Corporation Ab and others.
Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.
MariaDB [(none)]> CREATE DATABASE glance;
Query OK, 1 row affected (0.00 sec)
MariaDB [(none)]> GRANT ALL PRIVILEGES ON glance.* TO 'glance'@'localhost' IDENTIFIED BY '123456';
Query OK, 0 rows affected (0.00 sec)
MariaDB [(none)]> GRANT ALL PRIVILEGES ON glance.* TO 'glance'@'%' IDENTIFIED BY '123456';
Query OK, 0 rows affected (0.00 sec)
MariaDB [(none)]> exit
Bye
[root@controller ~]#
2.创建glance用户,设置密码
[root@controller ~]# source ~/admin-openrc
[root@controller ~]# openstack user create --domain default --password-prompt glance
User Password:
Repeat User Password:
+-----------+----------------------------------+
| Field | Value |
+-----------+----------------------------------+
| domain_id | 098b1a4d36d241ed87e979ec86d32722 |
| enabled | True |
| id | ac242ac0f6b34296aa411a864fc32b16 |
| name | glance |
+-----------+----------------------------------+
[root@controller ~]# openstack role add --project service --user glance admin #添加glance用户为service project的adminRole
3.创建glance service :
[root@controller ~]# openstack service create --name glance --description "OpenStack Image" image
+-------------+----------------------------------+
| Field | Value |
+-------------+----------------------------------+
| description | OpenStack Image |
| enabled | True |
| id | 09dfb860d1654ecfa2a67ee84e25d47c |
| name | glance |
| type | image |
+-------------+----------------------------------+
4.创建镜像服务的API认证端口,同样提供三种形式的API endpoint:admin管理, internal内部, and public外部
[root@controller ~]# openstack endpoint create --region RegionOne image public http://controller.example.com:9292
+--------------+------------------------------------+
| Field | Value |
+--------------+------------------------------------+
| enabled | True |
| id | f593b133cdf442f786531fb2c12f594f |
| interface | public |
| region | RegionOne |
| region_id | RegionOne |
| service_id | 09dfb860d1654ecfa2a67ee84e25d47c |
| service_name | glance |
| service_type | image |
| url | http://controller.example.com:9292 |
+--------------+------------------------------------+
[root@controller ~]# openstack endpoint create --region RegionOne image internal http://controller.example.com:9292
+--------------+------------------------------------+
| Field | Value |
+--------------+------------------------------------+
| enabled | True |
| id | 8b89a264a4d04f3a9f4d1706e4456521 |
| interface | internal |
| region | RegionOne |
| region_id | RegionOne |
| service_id | 09dfb860d1654ecfa2a67ee84e25d47c |
| service_name | glance |
| service_type | image |
| url | http://controller.example.com:9292 |
+--------------+------------------------------------+
[root@controller ~]# openstack endpoint create --region RegionOne image admin http://controller.example.com:9292
+--------------+------------------------------------+
| Field | Value |
+--------------+------------------------------------+
| enabled | True |
| id | 37870c664e1841fea72e24ad0b8f38c0 |
| interface | admin |
| region | RegionOne |
| region_id | RegionOne |
| service_id | 09dfb860d1654ecfa2a67ee84e25d47c |
| service_name | glance |
| service_type | image |
| url | http://controller.example.com:9292 |
+--------------+------------------------------------+
[root@controller ~]#
安装
1.安装glance组件
yum install openstack-glance -y
2.编辑 /etc/glance/glance-api.conf
编辑前我们先对文件做个备份,用处挺多的。
cp -p /etc/glance/glance-api.conf /etc/glance/glance-api.conf.bak
vim /etc/glance/glance-api.conf
[database]
...
connection = mysql+pymysql://glance:123456@controller.example.com/glance
[keystone_authtoken]
...
auth_uri = http://controller.example.com:5000
auth_url = http://controller.example.com:35357
memcached_servers = controller.example.com:11211
auth_type = password
project_domain_name = default
user_domain_name = default
project_name = service
username = glance
password = 123456
[paste_deploy]
...
flavor = keystone
[glance_store]
...
stores = file,http
default_store = file
filesystem_store_datadir = /var/lib/glance/images/
总览:
[root@controller ~]# cat /etc/glance/glance-api.conf | grep -v ^# | grep -v ^$
[DEFAULT]
[cors]
[cors.subdomain]
[database] #连接数据库,123456是我的glance数据库的密码
connection = mysql+pymysql://glance:123456@controller.example.com/glance
[glance_store] #配置本地文件系统存储和镜像文件的存放路径
stores = file,http
default_store = file
filesystem_store_datadir = /var/lib/glance/images/
[image_format]
[keystone_authtoken] #keystone认证模块,官档强调要注释或者删除这个模块中的其他参数,M版默认是全注释掉的,所以我们不需要做其他多余的操作,注意一下就行
auth_uri = http://controller.example.com:5000
auth_url = http://controller.example.com:35357
memcached_servers = controller.example.com:11211
auth_type = password
project_domain_name = default
user_domain_name = default
project_name = service
username = glance
password = 123456 #123456是我glance用户的密码
[matchmaker_redis]
[oslo_concurrency]
[oslo_messaging_amqp]
[oslo_messaging_notifications]
[oslo_messaging_rabbit]
[oslo_policy]
[paste_deploy]
flavor = keystone
[profiler]
[store_type_location_strategy]
[task]
[taskflow_executor]
[root@controller ~]#
3.编辑/etc/glance/glance-registry.conf
cp -p /etc/glance/glance-registry.conf /etc/glance/glance-registry.conf.bak
vim /etc/glance/glance-registry.conf
[database]
...
connection = mysql+pymysql://glance:123456@controller.example.com/glance
[keystone_authtoken]
...
auth_uri = http://controller.example.com:5000
auth_url = http://controller.example.com:35357
memcached_servers = controller.example.com:11211
auth_type = password
project_domain_name = default
user_domain_name = default
project_name = service
username = glance
password = 123456
[paste_deploy]
...
flavor = keystone
总览:
[root@controller ~]# cat /etc/glance/glance-registry.conf | grep -v ^# | grep -v ^$
[DEFAULT]
[database] #连接数据库
connection = mysql+pymysql://glance:123456@controller.example.com/glance
[glance_store]
[keystone_authtoken] #keystone认证模块,官档强调要注释或者删除这个模块中的其他参数,M版默认是全注释掉的,所以我们不需要做其他多余的操作,注意一下就行
auth_uri = http://controller.example.com:5000
auth_url = http://controller.example.com:35357
memcached_servers = controller.example.com:11211
auth_type = password
project_domain_name = default
user_domain_name = default
project_name = service
username = glance
password = 123456 #123456是我glance用户的密码
[matchmaker_redis]
[oslo_messaging_amqp]
[oslo_messaging_notifications]
[oslo_messaging_rabbit]
[oslo_policy]
[paste_deploy]
flavor = keystone
[profiler]
[root@controller ~]#
4.同步数据库
su -s /bin/sh -c "glance-manage db_sync" glance
忽略所有有关’弃用’(deprecate)的输出,如:
[root@controller ~]# su -s /bin/sh -c "glance-manage db_sync" glance
Option "verbose" from group "DEFAULT" is deprecated for removal. Its value may be silently ignored in the future.
/usr/lib/python2.7/site-packages/oslo_db/sqlalchemy/enginefacade.py:1056: OsloDBDeprecationWarning: EngineFacade is deprecated; please use oslo_db.sqlalchemy.enginefacade
expire_on_commit=expire_on_commit, _conf=conf)
/usr/lib/python2.7/site-packages/pymysql/cursors.py:146: Warning: Duplicate index 'ix_image_properties_image_id_name' defined on the table 'glance.image_properties'. This is deprecated and will be disallowed in a future release.
result = self._query(query)
5.启动服务,并设置为开机自启
systemctl enable openstack-glance-api.service \
openstack-glance-registry.service
systemctl start openstack-glance-api.service \
openstack-glance-registry.service
验证
1.用wget下载一个 CirrOS镜像,CirrOS是一个小型的系统镜像,有兴趣的朋友可以百度或者谷歌一下。centos7好像自带wget的,反正我的就有,没有的可以用yum install -y wget安装一个。
command:
source ~/admin-openrc
wget http://download.cirros-cloud.net/0.3.4/cirros-0.3.4-x86_64-disk.img
OutPut:
[root@controller ~]# source ~/admin-openrc
[root@controller ~]# wget http://download.cirros-cloud.net/0.3.4/cirros-0.3.4-x86_64-disk.img
--2016-08-04 11:46:56-- http://download.cirros-cloud.net/0.3.4/cirros-0.3.4-x86_64-disk.img
Resolving download.cirros-cloud.net (download.cirros-cloud.net)... 64.90.42.85
Connecting to download.cirros-cloud.net (download.cirros-cloud.net)|64.90.42.85|:80... connected.
HTTP request sent, awaiting response... 200 OK
Length: 13287936 (13M) [text/plain]
Saving to: ‘cirros-0.3.4-x86_64-disk.img’
100%[==============================================>] 13,287,936 113KB/s in 2m 23s
2016-08-04 11:49:19 (90.8 KB/s) - ‘cirros-0.3.4-x86_64-disk.img’ saved [13287936/13287936]
[root@controller ~]#
2.上传镜像
[root@controller ~]# openstack image create "cirros" \
> --file cirros-0.3.4-x86_64-disk.img \
> --disk-format qcow2 --container-format bare \
> --public
+------------------+------------------------------------------------------+
| Field | Value |
+------------------+------------------------------------------------------+
| checksum | ee1eca47dc88f4879d8a229cc70a07c6 |
| container_format | bare |
| created_at | 2016-08-04T03:53:44Z |
| disk_format | qcow2 |
| file | /v2/images/4bbf51ba-f211-400b-9dfd-eb6db10f4592/file |
| id | 4bbf51ba-f211-400b-9dfd-eb6db10f4592 |
| min_disk | 0 |
| min_ram | 0 |
| name | cirros |
| owner | a406cf3ba524428bbcb853c1d6d4f2f3 |
| protected | False |
| schema | /v2/schemas/image |
| size | 13287936 |
| status | active |
| tags | |
| updated_at | 2016-08-04T03:53:45Z |
| virtual_size | None |
| visibility | public |
+------------------+------------------------------------------------------+
[root@controller ~]#
因为是以QCOW2的磁盘格式、bare容器格式、public visibility的方式将镜像上传到Image service,所以所有的用户都能访问这个镜像。
可以在我们之前设置的镜像存储路劲找到我们刚上传的镜像:
[root@controller ~]# ll /var/lib/glance/images/
total 12980
-rw-r----- 1 glance glance 13287936 Aug 4 11:53 4bbf51ba-f211-400b-9dfd-eb6db10f4592
至此Openstack的镜像服务的安装就完成,到目前为止,还没有翻过车,这不清真·····