glance镜像搭建

 

 

一、创建数据库实例和数据库用户

[root@ct ~]# mysql -u root -p
Enter password: 

MariaDB [(none)]> create database glance;
   
Query OK, 1 row affected (0.001 sec)

MariaDB [(none)]> grant all privileges on glance.* TO 'glance'@'localhost' identified by 'GLANCE_DBPASS';
Query OK, 0 rows affected (0.005 sec)

MariaDB [(none)]> grant all privileges on glance.* TO 'glance'@'%' identified  by 'GLANCE_DBPASS';
Query OK, 0 rows affected (0.000 sec)

MariaDB [(none)]> flush privileges;
Query OK, 0 rows affected (0.006 sec)

二、创建用户、修改配置文件

 

创建OpenStack的Glance用户

[root@ct ~]# openstack user create --domain default --password GLANCE_PASS glance
+---------------------+----------------------------------+
| Field               | Value                            |
+---------------------+----------------------------------+
| domain_id           | default                          |
| enabled             | True                             |
| id                  | 9c7c77afb21541b286b608b9aed5da5e |
| name                | glance                           |
| options             | {}                               |
| password_expires_at | None                             |
+---------------------+----------------------------------+

将glance用户添加到service项目中，并且针对这个项目拥有admin权限；注册glance的API，需要对service项目有admin权限

[root@ct ~]# openstack role add --project service --user glance admin

创建一个service服务，service名称为glance，类型为image；创建完成后可以通过 openstack service list 查看

[root@ct ~]# openstack service create --name glance --description "Opensatck image" image
+-------------+----------------------------------+
| Field       | Value                            |
+-------------+----------------------------------+
| description | Opensatck image                  |
| enabled     | True                             |
| id          | 6ca11e20b4f44ee39783ff64f1f2733e |
| name        | glance                           |
| type        | image                            |
+-------------+----------------------------------+
[root@ct ~]# openstack service list
+----------------------------------+----------+----------+
| ID                               | Name     | Type     |
+----------------------------------+----------+----------+
| 1acc39845aed4c76b7ab9f0964b7294c | keystone | identity |
| 6ca11e20b4f44ee39783ff64f1f2733e | glance   | image    |
+----------------------------------+----------+----------+

创建镜像服务 API 端点，OpenStack使用三种API端点代表三种服务：admin、internal、public

[root@ct ~]# openstack endpoint create --region RegionOne image public http://ct:9292
+--------------+----------------------------------+
| Field        | Value                            |
+--------------+----------------------------------+
| enabled      | True                             |
| id           | 56648794b05b448da94fa757fb8f842c |
| interface    | public                           |
| region       | RegionOne                        |
| region_id    | RegionOne                        |
| service_id   | 6ca11e20b4f44ee39783ff64f1f2733e |
| service_name | glance                           |
| service_type | image                            |
| url          | http://ct:9292                   |
+--------------+----------------------------------+
[root@ct ~]# openstack endpoint create --region RegionOne image internal http://ct:9292
+--------------+----------------------------------+
| Field        | Value                            |
+--------------+----------------------------------+
| enabled      | True                             |
| id           | 960c5c2075e44125b719b8bf5373e6cf |
| interface    | internal                         |
| region       | RegionOne                        |
| region_id    | RegionOne                        |
| service_id   | 6ca11e20b4f44ee39783ff64f1f2733e |
| service_name | glance                           |
| service_type | image                            |
| url          | http://ct:9292                   |
+--------------+----------------------------------+
[root@ct ~]# openstack endpoint create --region RegionOne image admin http://ct:9292
+--------------+----------------------------------+
| Field        | Value                            |
+--------------+----------------------------------+
| enabled      | True                             |
| id           | 7a3d6b9ce1714132b7a9d51d75c7c095 |
| interface    | admin                            |
| region       | RegionOne                        |
| region_id    | RegionOne                        |
| service_id   | 6ca11e20b4f44ee39783ff64f1f2733e |
| service_name | glance                           |
| service_type | image                            |
| url          | http://ct:9292                   |
+--------------+----------------------------------+

安装 openstack-glance 软件包。

[root@ct ~]# yum -y install openstack-glance

修改glance配置文件，glance有两个配置文件

[root@ct ~]# cp -a /etc/glance/glance-api.conf{,.bak}
[root@ct ~]# grep -Ev '^$|#' /etc/glance/glance-api.conf.bak > /etc/glance/glance-api.conf
[root@ct ~]# cp -a /etc/glance/glance-registry.conf{,.bak}
[root@ct ~]# grep -Ev '^$|#' /etc/glance/glance-registry.conf.bak > /etc/glance/glance-registry.conf

glance-api配置

[root@ct ~]# vi glance-api.sh

openstack-config --set /etc/glance/glance-api.conf database connection mysql+pymysql://glance:GLANCE_DBPASS@ct/glance
openstack-config --set /etc/glance/glance-api.conf keystone_authtoken www_authenticate_uri http://ct:5000
openstack-config --set /etc/glance/glance-api.conf keystone_authtoken auth_url http://ct:5000
openstack-config --set /etc/glance/glance-api.conf keystone_authtoken memcached_servers ct:11211
openstack-config --set /etc/glance/glance-api.conf keystone_authtoken auth_type password
openstack-config --set /etc/glance/glance-api.conf keystone_authtoken project_domain_name Default
openstack-config --set /etc/glance/glance-api.conf keystone_authtoken user_domain_name Default
openstack-config --set /etc/glance/glance-api.conf keystone_authtoken project_name service
openstack-config --set /etc/glance/glance-api.conf keystone_authtoken username glance
openstack-config --set /etc/glance/glance-api.conf keystone_authtoken password GLANCE_PASS
openstack-config --set /etc/glance/glance-api.conf paste_deploy flavor keystone
openstack-config --set /etc/glance/glance-api.conf glance_store stores file,http
openstack-config --set /etc/glance/glance-api.conf glance_store default_store file
openstack-config --set /etc/glance/glance-api.conf glance_store filesystem_store_datadir /var/lib/glance/images/

[root@ct ~]# source glance-api.sh 

glance-registry配置

[root@ct ~]# vi glance-registry.sh

openstack-config --set /etc/glance/glance-registry.conf database connection mysql+pymysql://glance:GLANCE_DBPASS@ct/glance
openstack-config --set /etc/glance/glance-registry.conf keystone_authtoken www_authenticate_uri http://ct:5000
openstack-config --set /etc/glance/glance-registry.conf keystone_authtoken auth_url http://ct:5000
openstack-config --set /etc/glance/glance-registry.conf keystone_authtoken memcached_servers ct:11211
openstack-config --set /etc/glance/glance-registry.conf keystone_authtoken auth_type password
openstack-config --set /etc/glance/glance-registry.conf keystone_authtoken project_domain_name Default
openstack-config --set /etc/glance/glance-registry.conf keystone_authtoken user_domain_name Default
openstack-config --set /etc/glance/glance-registry.conf keystone_authtoken project_name service
openstack-config --set /etc/glance/glance-registry.conf keystone_authtoken username glance
openstack-config --set /etc/glance/glance-registry.conf keystone_authtoken password GLANCE_PASS
openstack-config --set /etc/glance/glance-registry.conf paste_deploy flavor keystone
openstack-config --set /etc/glance/glance-registry.conf glance_store stores file,http
openstack-config --set /etc/glance/glance-registry.conf glance_store default_store file
openstack-config --set /etc/glance/glance-registry.conf glance_store filesystem_store_datadir /var/lib/glance/images/

[root@ct ~]# source glance-registry.sh

初始化glance数据库，生成相关表结构；（不管有多少个controler，只需要初始化一次即可）

[root@ct ~]# su -s /bin/sh -c "glance-manage db_sync" glance

Database is synced successfully.

开启glance服务（此处开启之后会生成存放镜像的目录/var/lib/glance/image）

[root@ct ~]# systemctl enable openstack-glance-api.service 
Created symlink from /etc/systemd/system/multi-user.target.wants/openstack-glance-api.service to /usr/lib/systemd/system/openstack-glance-api.service.
[root@ct ~]# systemctl start openstack-glance-api.service
[root@ct ~]# systemctl start openstack-glance-registry.service 

查看端口

[root@ct ~]# netstat -anpt | grep 9292
tcp        0      0 0.0.0.0:9292            0.0.0.0:*               LISTEN      76868/python2

赋予openstack-glance-api.service服务对存储设备的可写权限（-h：只对符号连接/软链接的文件修改，而不更改其他任何相关文件)

[root@ct ~]# chown -hR glance:glance /var/lib/glance/

镜像导入

[root@ct ~]# openstack image create --file cirros-0.3.5-x86_64-disk.img --disk-format qcow2 --container-format bare --public cirros

查看镜像的两种方式

[root@ct ~]# openstack image list  ##可以看到镜像状态
+--------------------------------------+--------+--------+
| ID                                   | Name   | Status |
+--------------------------------------+--------+--------+
| d165b623-7eb7-479f-baff-31fd0526c535 | cirros | active |
| d39075f2-59d3-4159-b27c-cdf371249191 | cirros | active |
+--------------------------------------+--------+--------+

[root@ct ~]# glance image-list
+--------------------------------------+--------+
| ID                                   | Name   |
+--------------------------------------+--------+
| d39075f2-59d3-4159-b27c-cdf371249191 | cirros |
| d165b623-7eb7-479f-baff-31fd0526c535 | cirros |
+--------------------------------------+--------+

总结

OpenStack上创建虚拟机需要镜像支持，所以先行进行部署

Glance配置总结

1.glance服务需要使用数据库，需要在配置文件中配置数据库连接；
2.glance服务使用需要在keystone上进行注册认证，需要在配置文件中配置keystone的验证参数和方式，以及token的存储指定在memcache服务器上；
3.glance服务的镜像需要配置存储的类型以及路径。

部署思路：

1. 创建数据库、授权
2. 创建openstack用户、授权、管理
3. 修改配置文件（glance-api.conf、glance-registry.conf）
4. 初始化数据库、上传实例镜像