手动搭建OpenStack之glance

最新推荐文章于 2022-11-20 17:17:20 发布

运维到最后

最新推荐文章于 2022-11-20 17:17:20 发布

阅读量1k

点赞数 3

本文链接：https://blog.csdn.net/thq1443765353/article/details/117672250

版权

本文档详细介绍了如何在OpenStack环境中安装和配置Glance服务，包括安装Glance组件、创建数据库、修改配置文件、初始化数据库、创建OpenStack用户和账号，以及上传镜像的过程。此外，还解决了在上传镜像时可能遇到的身份验证错误问题。

摘要生成于 C知道，由 DeepSeek-R1 满血版支持，前往体验 >

前言

glance是什么？

是一个提供发现，注册，和下载镜像的服务，Glance 提供了虚拟机镜像的集中存储。

主要是维护镜像用户或者租户可以上传到自定义的镜像，主要用来创建云主机的

构架

glance-api

主要负责相应用户请求比如说你创建云主机

glance-registy

主要负责数据库查询以及记录，与镜像相关的数据存储

安装glance，创建数据库

[root@controller ~]# yum install openstack-glance python-glance python-glanceclient -y
[root@controller ~]# mysql -uroot -p000000
MariaDB [(none)]> CREATE DATABASE glance; 
MariaDB [(none)]> GRANT ALL PRIVILEGES ON glance.* TO 'glance'@'localhost' IDENTIFIED BY '000000';
MariaDB [(none)]> GRANT ALL PRIVILEGES ON glance.* TO 'glance'@'%' IDENTIFIED BY '000000';

修改glance的配置文件

修改glance-api.conf
[root@controller ~]# grep -vE "^$|^#" /etc/glance/glance-api.conf 
[DEFAULT]
debug = False
verbose = True
bind_host = 192.168.200.10
bind_port = 9292
registry_host = 192.168.200.10
registry_port = 9191
auth_region = RegionOne
registry_client_protocol = http
show_image_direct_url = False
workers = 4
rpc_backend = rabbit
delayed_delete = True
scrub_time = 43200
enable_v1_api = False
enable_v2_api = True
transport_url = rabbit://openstack:000000@192.168.200.10:5672
[cinder]
[cors]
[database]
connection = mysql+pymysql://glance:000000@192.168.200.10:3306/glance
idle_timeout = 3600
max_pool_size = 30
max_retries = -1
retry_interval = 2
max_overflow = 60
[file]
[glance.store.http.store]
[glance.store.rbd.store]
[glance.store.sheepdog.store]
[glance.store.swift.store]
[glance.store.vmware_datastore.store]
[glance_store]
stores = file,http
default_store = file
filesystem_store_datadir = /var/lib/glance/images/
[image_format]
[keystone_authtoken]
auth_uri = http://192.168.200.10:5000
auth_url = http://192.168.200.10:35357
memcached_servers = 192.168.200.10:11211
auth_type = password
project_domain_name = default
user_domain_name = default
username = glance
password = 000000
project_name = service
token_cache_time = -1
[oslo_concurrency]
lock_path = /var/lock/glance
lock_path = /var/lock/glance
[oslo_messaging_amqp]
[oslo_messaging_kafka]
[oslo_messaging_notifications]
[oslo_messaging_rabbit]
[oslo_middleware]
[oslo_policy]
[paste_deploy]
flavor = keystone
[profiler]
[store_type_location_strategy]
[task]
[taskflow_executor]

修改glance-register.conf
[root@controller ~]# grep -vE "^$|^#" /etc/glance/glance-registry.conf 
[DEFAULT]
debug = False
verbose = True
bind_host = 192.168.200.10
bind_port = 9191
workers = 4
transport_url = rabbit://opensatck:000000@192.168.200.10:5672
[database]
connection = mysql+pymysql://glance:000000@192.168.200.10:3306/glance
idle_timeout = 3600
max_pool_size = 30
max_retries = -1
retry_interval = 2
max_overflow = 60
[keystone_authtoken]
auth_uri = http://192.168.200.10:5000
auth_url = http://192.168.200.10:35357
memcached_servers = 192.168.200.10:11211
auth_type = password
project_domain_name = default
user_domain_name = default
project_name = service
username = glance
password = 000000
[oslo_messaging_amqp]
[oslo_messaging_kafka]
[oslo_messaging_notifications]
[oslo_messaging_rabbit]
[oslo_policy]
[paste_deploy]
flavor = keystone
[profiler]
[glance_store]
filesystem_store_datadir = /var/lib/glance/images/
os_region_name = RegionOne

初始化数据库

[root@controller ~]# su -s /bin/sh -c "glance-manage db_sync" glance

成功了会显示successfully
INFO  [alembic.runtime.migration] Running upgrade rocky_contract02 -> train_contract01
INFO  [alembic.runtime.migration] Context impl MySQLImpl.
INFO  [alembic.runtime.migration] Will assume non-transactional DDL.
Upgraded database to: train_contract01, current revision(s): train_contract01
INFO  [alembic.runtime.migration] Context impl MySQLImpl.
INFO  [alembic.runtime.migration] Will assume non-transactional DDL.
Database is synced successfully.

创建OpenStack用户及账号

[root@controller ~(keystone_admin)]# openstack user create --domain default --password-prompt glance

[root@controller ~(keystone_admin)]# openstack role add --project service --user glance admin


[root@controller ~(keystone_admin)]# openstack service create --name glance --description "OpenStack Image" image


[root@controller ~(keystone_admin)]# openstack endpoint create --region RegionOne image public http://192.168.200.10:9292


[root@controller ~(keystone_admin)]# openstack endpoint create --region RegionOne image internal http://192.168.200.10:9292

[root@controller ~(keystone_admin)]# openstack endpoint create --region RegionOne image admin http://192.168.200.10:9292

上传镜像

上传一个测试镜像
[root@controller ~(keystone_admin)]# glance image-create --name cirros --disk-format qcow2 --container-format bare < /root/cirros-0.3.4-x86_64-disk.img 
 //最后跟的是镜像的路径

查看是否有镜像了
[root@controller ~(keystone_admin)]# openstack image list
+--------------------------------------+--------+--------+
| ID                                   | Name   | Status |
+--------------------------------------+--------+--------+
| 04cbd50f-ba56-4ea2-9eb6-b4f27b5238d5 | cirros | active |
+--------------------------------------+--------+--------+
如果遇到以下报错了
[root@controller ~(keystone_admin)]# glance image-create --name cirros --disk-format qcow2 --container-format bare < /root/cirros-0.3.4-x86_64-disk.img

Invalid OpenStack Identity credentials.

解决方法：
[root@controller ~]# vi /etc/httpd/conf.d/wsgi-keystone.conf  //把之前的内容删掉，操作方法   :.,%d   删掉所以内容
Listen 192.168.200.10:5000
Listen 192.168.200.10:35357
<VirtualHost 192.168.200.10:5000>
    WSGIDaemonProcess keystone-public processes=5 threads=1 user=keystone group=keystone display-name=%{GROUP}
    WSGIProcessGroup keystone-public
    WSGIScriptAlias / /usr/bin/keystone-wsgi-public
    WSGIApplicationGroup %{GLOBAL}
    WSGIPassAuthorization On
    LimitRequestBody 114688
    <IfVersion >= 2.4>
      ErrorLogFormat "%{cu}t %M"
    </IfVersion>
    ErrorLog /var/log/httpd/keystone.log
    CustomLog /var/log/httpd/keystone_access.log combined
    <Directory /usr/bin>
        <IfVersion >= 2.4>
            Require all granted
        </IfVersion>
        <IfVersion < 2.4>
            Order allow,deny
            Allow from all
        </IfVersion>
    </Directory>
</VirtualHost>
<VirtualHost 192.168.200.10:35357>
    WSGIDaemonProcess keystone-admin processes=5 threads=1 user=keystone group=keystone display-name=%{GROUP}
    WSGIProcessGroup keystone-admin
    WSGIScriptAlias / /usr/bin/keystone-wsgi-admin
    WSGIApplicationGroup %{GLOBAL}
    WSGIPassAuthorization On
    LimitRequestBody 114688
    <IfVersion >= 2.4>
      ErrorLogFormat "%{cu}t %M"
    </IfVersion>
    ErrorLog /var/log/httpd/keystone.log
    CustomLog /var/log/httpd/keystone_access.log combined
    <Directory /usr/bin>
        <IfVersion >= 2.4>
            Require all granted
        </IfVersion>
        <IfVersion < 2.4>
            Order allow,deny
            Allow from all
        </IfVersion>
    </Directory>
</VirtualHost>
Alias /identity /usr/bin/keystone-wsgi-public
<Location /identity>
    SetHandler wsgi-script
    Options +ExecCGI
    WSGIProcessGroup keystone-public
    WSGIApplicationGroup %{GLOBAL}
    WSGIPassAuthorization On
</Location>
Alias /identity_admin /usr/bin/keystone-wsgi-admin
<Location /identity_admin>
    SetHandler wsgi-script
    Options +ExecCGI
    WSGIProcessGroup keystone-admin
    WSGIApplicationGroup %{GLOBAL}
    WSGIPassAuthorization On
</Location>