一、glance簡介
openstack中的glance服務是用來儲存在openstack上啟動虛擬機器所需映象;它主要用於發現、註冊及檢索虛擬機器映象;它通過提供RESTful風格的api對外提供服務;所謂RESTful風格的api指使用者可以通過http請求查詢虛擬機器的映象後設資料以及通過http請求獲取映象檔案;其中虛擬機器映象檔案的儲存可以是本地檔案系統,或者物件儲存系統(如openstack object storage)或者http,總之儲存映象的系統有很多;其大致的架構如下
glance服務主要有四部分組成,其中glance-api主要提供服務介面,負責接收對image service api中的映象檔案的檢視、下載以及儲存請求;glance-registry主要用來儲存、處理及獲取映象檔案中的後設資料資訊;比如虛擬機器映象檔案大小、型別、建立時間、名稱等等;glance database主要用來儲存虛擬機器映象檔案的後設資料資訊;不同於glace-registry,它不處理後設資料資訊,而是將glance-registry處理以後的資訊儲存下來,我們可以理解glance-registry是將虛擬機器的映象後設資料資訊通過某種格式寫入到glance database中進行儲存;最後是存放映象檔案的儲存倉庫;映象儲存倉庫就是用來存放真正的映象檔案,它支援多種型別的映象檔案儲存機制,包括使用普通的檔案系統、物件儲存、RADOS塊裝置、http以及亞馬遜的s3等等;
glance工作過程
客戶端(通常是openstack中的其他元件,Horizon/nova或者glance專有客戶端工具)將請求傳送給glance-api,glance-api接收到客戶端的請求,它首先會去glance-registry中查詢對應的映象後設資料資訊,拿到後設資料資訊後,glance-api會通過返回的後設資料資訊,用對應的儲存介面卡連線映象倉庫,進行映象下載;
二、glance服務的安裝、配置、測試
1、建立glance資料庫和glance使用者,並授權glance使用者允許從任何主機連線以及對glance資料庫有所有的許可權
[root@node02 ~]# mysql Welcome to the MariaDB monitor. Commands end with ; or \g. Your MariaDB connection id is 11 Server version: 10.1.20-MariaDB MariaDB Server Copyright (c) 2000, 2016, Oracle, MariaDB Corporation Ab and others. Type 'help;' or '\h' for help. Type '\c' to clear the current input statement. MariaDB [(none)]> CREATE DATABASE glance; Query OK, 1 row affected (0.00 sec) MariaDB [(none)]> GRANT ALL PRIVILEGES ON glance.* TO 'glance'@'%' IDENTIFIED BY 'glance123'; Query OK, 0 rows affected (0.00 sec) MariaDB [(none)]> flush privileges; Query OK, 0 rows affected (0.00 sec) MariaDB [(none)]>
驗證:在別的主機上使用glance使用者連線資料庫,看看是否能夠正常連線?
[root@node01 ~]# mysql -uglance -pglance123 -hnode02 Welcome to the MariaDB monitor. Commands end with ; or \g. Your MariaDB connection id is 12 Server version: 10.1.20-MariaDB MariaDB Server Copyright (c) 2000, 2016, Oracle, MariaDB Corporation Ab and others. Type 'help;' or '\h' for help. Type '\c' to clear the current input statement. MariaDB [(none)]> show databases; +--------------------+ | Database | +--------------------+ | glance | | information_schema | | test | +--------------------+ 3 rows in set (0.00 sec) MariaDB [(none)]>
2、匯出admin使用者的環境變數,建立glance使用者並設定其密碼為glance
[root@node01 ~]# source admin.sh
[root@node01 ~]# openstack user create --domain default --password-prompt glance
User Password:
Repeat User Password:
+---------------------+----------------------------------+
| Field | Value |
+---------------------+----------------------------------+
| domain_id | 47c0915c914c49bb8670703e4315a80f |
| enabled | True |
| id | 11adbc225a88482fb0313b415d2e909f |
| name | glance |
| options | {} |
| password_expires_at | None |
+---------------------+----------------------------------+
[root@node01 ~]#
3、將glance使用者授權為admin角色,並將其新增到service專案中
[root@node01 ~]# openstack role add --project service --user glance admin [root@node01 ~]#
4、建立glance服務
[root@node01 ~]# openstack service create --name glance \ > --description "OpenStack Image" image +-------------+----------------------------------+ | Field | Value | +-------------+----------------------------------+ | description | OpenStack Image | | enabled | True | | id | a6e98cad2c744ed9b73735a149f1bfe9 | | name | glance | | type | image | +-------------+----------------------------------+ [root@node01 ~]#
5、建立glance endport (服務端點,註冊服務)
公共端點
[root@node01 ~]# openstack endpoint create --region RegionOne image public http://controller:9292 +--------------+----------------------------------+ | Field | Value | +--------------+----------------------------------+ | enabled | True | | id | 358ccfc245264b60a9d1a0c113dfa628 | | interface | public | | region | RegionOne | | region_id | RegionOne | | service_id | a6e98cad2c744ed9b73735a149f1bfe9 | | service_name | glance | | service_type | image | | url | http://controller:9292 | +--------------+----------------------------------+ [root@node01 ~]#
私有端點
[root@node01 ~]# openstack endpoint create --region RegionOne image internal http://controller:9292 +--------------+----------------------------------+ | Field | Value | +--------------+----------------------------------+ | enabled | True | | id | 09f5ec434ea24d4c8dc9efe2bbb62b01 | | interface | internal | | region | RegionOne | | region_id | RegionOne | | service_id | a6e98cad2c744ed9b73735a149f1bfe9 | | service_name | glance | | service_type | image | | url | http://controller:9292 | +--------------+----------------------------------+ [root@node01 ~]#
管理端點
[root@node01 ~]# openstack endpoint create --region RegionOne image admin http://controller:9292 +--------------+----------------------------------+ | Field | Value | +--------------+----------------------------------+ | enabled | True | | id | 04cd3747614b42a3ba086cef39a1acd9 | | interface | admin | | region | RegionOne | | region_id | RegionOne | | service_id | a6e98cad2c744ed9b73735a149f1bfe9 | | service_name | glance | | service_type | image | | url | http://controller:9292 | +--------------+----------------------------------+ [root@node01 ~]#
6、安裝openstack-glance
[root@node01 ~]# yum install openstack-glance -y Loaded plugins: fastestmirror Loading mirror speeds from cached hostfile * base: mirrors.aliyun.com * centos-qemu-ev: mirrors.aliyun.com * extras: mirrors.aliyun.com * updates: mirrors.aliyun.com Resolving Dependencies --> Running transaction check ---> Package openstack-glance.noarch 1:17.0.1-1.el7 will be installed --> Processing Dependency: python-glance = 1:17.0.1-1.el7 for package: 1:openstack-glance-17.0.1-1.el7.noarch --> Running transaction check ---> Package python-glance.noarch 1:17.0.1-1.el7 will be installed --> Processing Dependency: python2-glance-store >= 0.26.1 for package: 1:python-glance-17.0.1-1.el7.noarch --> Processing Dependency: python2-os-brick >= 1.8.0 for package: 1:python-glance-17.0.1-1.el7.noarch --> Processing Dependency: python2-oslo-vmware >= 0.11.1 for package: 1:python-glance-17.0.1-1.el7.noarch --> Processing Dependency: python2-swiftclient >= 2.2.0 for package: 1:python-glance-17.0.1-1.el7.noarch --> Processing Dependency: python2-taskflow >= 2.16.0 for package: 1:python-glance-17.0.1-1.el7.noarch --> Processing Dependency: python2-wsme >= 0.8 for package: 1:python-glance-17.0.1-1.el7.noarch --> Processing Dependency: pysendfile for package: 1:python-glance-17.0.1-1.el7.noarch --> Processing Dependency: python-httplib2 for package: 1:python-glance-17.0.1-1.el7.noarch --> Processing Dependency: python-retrying for package: 1:python-glance-17.0.1-1.el7.noarch --> Processing Dependency: python2-boto for package: 1:python-glance-17.0.1-1.el7.noarch --> Processing Dependency: python2-cursive for package: 1:python-glance-17.0.1-1.el7.noarch --> Running transaction check ……省略部分內容…… Installed: openstack-glance.noarch 1:17.0.1-1.el7 Dependency Installed: atlas.x86_64 0:3.10.1-12.el7 device-mapper-multipath.x86_64 0:0.4.9-131.el7 device-mapper-multipath-libs.x86_64 0:0.4.9-131.el7 libgfortran.x86_64 0:4.8.5-39.el7 libquadmath.x86_64 0:4.8.5-39.el7 libxslt.x86_64 0:1.1.28-5.el7 pysendfile.x86_64 0:2.0.0-5.el7 python-glance.noarch 1:17.0.1-1.el7 python-lxml.x86_64 0:3.2.1-4.el7 python-networkx.noarch 0:1.10-1.el7 python-networkx-core.noarch 0:1.10-1.el7 python-nose.noarch 0:1.3.7-7.el7 python-oslo-privsep-lang.noarch 0:1.29.2-1.el7 python-oslo-vmware-lang.noarch 0:2.31.0-1.el7 python-retrying.noarch 0:1.2.3-4.el7 python-simplegeneric.noarch 0:0.8-7.el7 python2-automaton.noarch 0:1.15.0-1.el7 python2-boto.noarch 0:2.45.0-3.el7 python2-castellan.noarch 0:0.19.0-1.el7 python2-cursive.noarch 0:0.2.2-1.el7 python2-glance-store.noarch 0:0.26.2-1.el7 python2-httplib2.noarch 0:0.18.1-3.el7 python2-numpy.x86_64 1:1.14.5-1.el7 python2-os-brick.noarch 0:2.5.10-1.el7 python2-os-win.noarch 0:4.0.1-1.el7 python2-oslo-privsep.noarch 0:1.29.2-1.el7 python2-oslo-rootwrap.noarch 0:5.14.2-1.el7 python2-oslo-vmware.noarch 0:2.31.0-1.el7 python2-rsa.noarch 0:3.4.2-1.el7 python2-scipy.x86_64 0:0.18.0-3.el7 python2-suds.noarch 0:0.7-0.4.94664ddd46a6.el7 python2-swiftclient.noarch 0:3.6.1-1.el7 python2-taskflow.noarch 0:3.2.0-1.el7 python2-wsme.noarch 0:0.9.3-1.el7 sg3_utils.x86_64 1:1.37-19.el7 sg3_utils-libs.x86_64 1:1.37-19.el7 sysfsutils.x86_64 0:2.1.0-16.el7 Dependency Updated: kpartx.x86_64 0:0.4.9-131.el7 Complete! [root@node01 ~]#
7、配置gilance-api
編輯/etc/glance/glance-api.conf檔案,在【database】配置段配置連線glance資料的地址
在【keystone_authtoken】配置段中配置認證相關資訊
提示:這裡需要注意memcached服務的地址;我這裡memcached沒有在控制節點,而是單獨放在了資料庫節點上的;
在【paste_deploy】配置段中新增flavor = keystone
在【glance_store】配置段中配置後端儲存相關資訊
glance-api.conf最終配置
[root@node01 ~]# grep "^[a-Z\[]" /etc/glance/glance-api.conf [DEFAULT] [cors] [database] connection = mysql+pymysql://glance:glance123@node02/glance [glance_store] stores = file,http default_store = file filesystem_store_datadir = /var/lib/glance/images/ [image_format] [keystone_authtoken] www_authenticate_uri = http://controller:5000 auth_url = http://controller:5000 memcached_servers = node02:11211 auth_type = password project_domain_name = Default user_domain_name = Default project_name = service username = glance password = glance [matchmaker_redis] [oslo_concurrency] [oslo_messaging_amqp] [oslo_messaging_kafka] [oslo_messaging_notifications] [oslo_messaging_rabbit] [oslo_messaging_zmq] [oslo_middleware] [oslo_policy] [paste_deploy] flavor = keystone [profiler] [store_type_location_strategy] [task] [taskflow_executor] [root@node01 ~]#
8、配置glance-registry
編輯/etc/glance/glance-registry.conf,在【database】配置段配置連線glance資料的地址
在【keystone_authtoken】配置段中配置認證相關資訊
在【paste_deploy】配置段中新增flavor = keystone
glance-registry.conf的最終配置
[root@node01 ~]# grep "^[a-Z\[]" /etc/glance/glance-registry.conf [DEFAULT] [database] connection = mysql+pymysql://glance:glance123@node02/glance [keystone_authtoken] www_authenticate_uri = http://controller:5000 auth_url = http://controller:5000 memcached_servers = node02:11211 auth_type = password project_domain_name = Default user_domain_name = Default project_name = service username = glance password = glance [matchmaker_redis] [oslo_messaging_amqp] [oslo_messaging_kafka] [oslo_messaging_notifications] [oslo_messaging_rabbit] [oslo_messaging_zmq] [oslo_policy] [paste_deploy] flavor = keystone [profiler] [root@node01 ~]#
9、初始化glance資料,生成相關表
[root@node01 ~]# su -s /bin/sh -c "glance-manage db_sync" glance /usr/lib/python2.7/site-packages/oslo_db/sqlalchemy/enginefacade.py:1352: OsloDBDeprecationWarning: EngineFacade is deprecated; please use oslo_db.sqlalchemy.enginefacade expire_on_commit=expire_on_commit, _conf=conf) INFO [alembic.runtime.migration] Context impl MySQLImpl. INFO [alembic.runtime.migration] Will assume non-transactional DDL. INFO [alembic.runtime.migration] Running upgrade -> liberty, liberty initial INFO [alembic.runtime.migration] Running upgrade liberty -> mitaka01, add index on created_at and updated_at columns of 'images' table INFO [alembic.runtime.migration] Running upgrade mitaka01 -> mitaka02, update metadef os_nova_server INFO [alembic.runtime.migration] Running upgrade mitaka02 -> ocata_expand01, add visibility to images INFO [alembic.runtime.migration] Running upgrade ocata_expand01 -> pike_expand01, empty expand for symmetry with pike_contract01 INFO [alembic.runtime.migration] Running upgrade pike_expand01 -> queens_expand01 INFO [alembic.runtime.migration] Running upgrade queens_expand01 -> rocky_expand01, add os_hidden column to images table INFO [alembic.runtime.migration] Running upgrade rocky_expand01 -> rocky_expand02, add os_hash_algo and os_hash_value columns to images table INFO [alembic.runtime.migration] Context impl MySQLImpl. INFO [alembic.runtime.migration] Will assume non-transactional DDL. Upgraded database to: rocky_expand02, current revision(s): rocky_expand02 INFO [alembic.runtime.migration] Context impl MySQLImpl. INFO [alembic.runtime.migration] Will assume non-transactional DDL. INFO [alembic.runtime.migration] Context impl MySQLImpl. INFO [alembic.runtime.migration] Will assume non-transactional DDL. Database migration is up to date. No migration needed. INFO [alembic.runtime.migration] Context impl MySQLImpl. INFO [alembic.runtime.migration] Will assume non-transactional DDL. INFO [alembic.runtime.migration] Context impl MySQLImpl. INFO [alembic.runtime.migration] Will assume non-transactional DDL. INFO [alembic.runtime.migration] Running upgrade mitaka02 -> ocata_contract01, remove is_public from images INFO [alembic.runtime.migration] Running upgrade ocata_contract01 -> pike_contract01, drop glare artifacts tables INFO [alembic.runtime.migration] Running upgrade pike_contract01 -> queens_contract01 INFO [alembic.runtime.migration] Running upgrade queens_contract01 -> rocky_contract01 INFO [alembic.runtime.migration] Running upgrade rocky_contract01 -> rocky_contract02 INFO [alembic.runtime.migration] Context impl MySQLImpl. INFO [alembic.runtime.migration] Will assume non-transactional DDL. Upgraded database to: rocky_contract02, current revision(s): rocky_contract02 INFO [alembic.runtime.migration] Context impl MySQLImpl. INFO [alembic.runtime.migration] Will assume non-transactional DDL. Database is synced successfully. [root@node01 ~]#
驗證:去資料庫中檢視glance庫中是否有表生成?
MariaDB [(none)]> use glance; Reading table information for completion of table and column names You can turn off this feature to get a quicker startup with -A Database changed MariaDB [glance]> show tables; +----------------------------------+ | Tables_in_glance | +----------------------------------+ | alembic_version | | image_locations | | image_members | | image_properties | | image_tags | | images | | metadef_namespace_resource_types | | metadef_namespaces | | metadef_objects | | metadef_properties | | metadef_resource_types | | metadef_tags | | migrate_version | | task_info | | tasks | +----------------------------------+ 15 rows in set (0.00 sec) MariaDB [glance]>
10、啟動openstack-glance-api和openstack-glance-registry服務,並將其設定為開機啟動
[root@node01 ~]# systemctl start openstack-glance-api.service openstack-glance-registry.service [root@node01 ~]# systemctl enable openstack-glance-api.service openstack-glance-registry.service Created symlink from /etc/systemd/system/multi-user.target.wants/openstack-glance-api.service to /usr/lib/systemd/system/openstack-glance-api.service. Created symlink from /etc/systemd/system/multi-user.target.wants/openstack-glance-registry.service to /usr/lib/systemd/system/openstack-glance-registry.service. [root@node01 ~]# ss -tnl State Recv-Q Send-Q Local Address:Port Peer Address:Port LISTEN 0 128 *:9292 *:* LISTEN 0 128 *:22 *:* LISTEN 0 100 127.0.0.1:25 *:* LISTEN 0 128 *:9191 *:* LISTEN 0 128 :::80 :::* LISTEN 0 128 :::22 :::* LISTEN 0 100 ::1:25 :::* LISTEN 0 128 :::5000 :::* [root@node01 ~]#
提示:glance-api服務將聽在9292埠,glance-registry服務監聽在9191埠,確保對應的埠處於監聽狀態,說明我們的配置沒有問題,服務已經正常啟動了;
驗證:匯入admin使用者的環境變數,下載一個測試映象,看看能不能將其上傳至glance中去?
[root@node01 ~]# source admin.sh [root@node01 ~]# rz rz waiting to receive. zmodem trl+C ȡ 100% 12418 KB 12418 KB/s 00:00:01 0 Errorsk.img... [root@node01 ~]# ll total 12428 -rwxr-xr-x 1 root root 272 Oct 28 20:23 admin.sh -rw-r--r-- 1 root root 12716032 Oct 29 01:10 cirros-0.4.0-x86_64-disk.img -rwxr-xr-x 1 root root 269 Oct 28 20:24 demo.sh [root@node01 ~]#
提示:我這裡準備了一個cirros的測試映象;
將cirros上傳至glance看看是否能夠正常上傳?
[root@node01 ~]# openstack image create "cirros" \ > --file cirros-0.4.0-x86_64-disk.img \ > --disk-format qcow2 --container-format bare \ > --public +------------------+--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+ | Field | Value | +------------------+--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+ | checksum | 443b7623e27ecf03dc9e01ee93f67afe | | container_format | bare | | created_at | 2020-10-28T17:12:58Z | | disk_format | qcow2 | | file | /v2/images/94dd2ba0-1736-4307-865d-7cb86b85d32e/file | | id | 94dd2ba0-1736-4307-865d-7cb86b85d32e | | min_disk | 0 | | min_ram | 0 | | name | cirros | | owner | b4e56eeb160948c581e98d685133d19a | | properties | os_hash_algo='sha512', os_hash_value='6513f21e44aa3da349f248188a44bc304a3653a04122d8fb4535423c8e1d14cd6a153f735bb0982e2161b5b5186106570c17a9e58b64dd39390617cd5a350f78', os_hidden='False' | | protected | False | | schema | /v2/schemas/image | | size | 12716032 | | status | active | | tags | | | updated_at | 2020-10-28T17:12:58Z | | virtual_size | None | | visibility | public | +------------------+--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+ [root@node01 ~]# openstack image list +--------------------------------------+--------+--------+ | ID | Name | Status | +--------------------------------------+--------+--------+ | 94dd2ba0-1736-4307-865d-7cb86b85d32e | cirros | active | +--------------------------------------+--------+--------+ [root@node01 ~]#
提示:可以看到我們上傳到映象已經在映象列表中能夠看到,說明映象已經成功上傳到glance中去了;
驗證:檢視glance的映象倉庫目錄下是否有檔案生成?
[root@node01 ~]# ll /var/lib/glance/images/ total 12420 -rw-r----- 1 glance glance 12716032 Oct 29 01:12 94dd2ba0-1736-4307-865d-7cb86b85d32e [root@node01 ~]# file /var/lib/glance/images/94dd2ba0-1736-4307-865d-7cb86b85d32e /var/lib/glance/images/94dd2ba0-1736-4307-865d-7cb86b85d32e: QEMU QCOW Image (v3), 46137344 bytes [root@node01 ~]#
提示:可以看到在對應的目錄下有一個檔案生成,其檔案格式為qcow image的檔案;到此openstack的映象服務glance的安裝配置和測試就完成了;