仅控制节点配置(可迁移)
Glance(镜像服务)允许用户查看镜像列表,且可上传和下载镜像。 Glance 服务包含两个组价: glance-api 和 glance-registry glance-api 用于接收镜像API调用;例如镜像的发现、恢复和存储。 glance-registry 用于存储,处理和恢复镜像的元数据;元数据包括的内容有镜像容积,镜像类型等属性。 |
step 01 创建服务数据库数据环境;
CREATE DATABASE glance; #创建glance数据库 GRANT ALL PRIVILEGES ON glance.* TO '用户名'@ 'localhost' IDENTIFIED BY '用户密码' #授权用户本地访问权限和密码(默认用户名: glance; 默认密码: GLANCE_DBPASS) GRANT ALL PRIVILEGES ON glance.* TO '用户名'@'%' IDENTIFIED BY '用户密码' #授权用户远程访问权限和密码(默认用户名: glance; 默认密码: GLANCE_DBPASS) |
[root@controller ~]# mysql -u root -p
......
MariaDB [(none)]> CREATE DATABASE glance;
Query OK, 1 row affected (0.00 sec)
MariaDB [(none)]> grant all privileges on glance.* to 'glance'@'localhost' identified by 'GLANCE_DBPASS';
Query OK, 0 rows affected (0.00 sec)
MariaDB [(none)]> grant all privileges on glance.* to 'glance'@'%' identified by 'GLANCE_DBPASSS';
Query OK, 0 rows affected (0.00 sec)
MariaDB [(none)]> exit
Bye
step 02 在keystone上创建用户,并关联角色(授权);
openstack user create --domain default --password 密码 用户名 #创建glance用户(默认用户名: glance, 默认密码: GLANCE_PASS) openstack role add --project service --user 用户名 admin #关联项目,用户和角色(默认用户名: glance) |
[root@controller ~]# openstack user create --domain default --password GLANCE_PASS glance
+-----------+----------------------------------+
| Field | Value |
+-----------+----------------------------------+
| domain_id | a98878297d154485a6ee2f0a5f9d3cc0 |
| enabled | True |
| id | 2c38f5b62d024cb99e7b6f68166ce642 |
| name | glance |
+-----------+----------------------------------+
[root@controller ~]# openstack role add --project service --user glance admin
[root@controller ~]# openstack role assignment list
+--------------------+--------------------+-------+--------------------+--------+-----------+
| Role | User | Group | Project | Domain | Inherited |
+--------------------+--------------------+-------+--------------------+--------+-----------+
| 9df1812622c745f4b5 | 2c38f5b62d024cb99e | | 71a03b450955432b98 | | False |
| beed5bcfaeabcc | 7b6f68166ce642 | | 5d4ed8137858ac | | |
| 9df1812622c745f4b5 | ee2329a7c00e4dc598 | | 97070590114e4689b1 | | False |
| beed5bcfaeabcc | 982c3c9ce15615 | | ec1579075a59e6 | | |
+--------------------+--------------------+-------+--------------------+--------+-----------+
step 03 在keystone上创建服务,注册API;
openstack service create --name glance --description "Openstack Image" image openstack endpoint create --region RegionOne image public http://controller:9292 openstack endpoint create --region RegionOne image internal http://controller:9292 openstack endpoint create --region RegionOne image admin http://controller:9292 |
[root@controller ~]# openstack service create --name glance --description "Openstack Image" image
+-------------+----------------------------------+
| Field | Value |
+-------------+----------------------------------+
| description | Openstack Image |
| enabled | True |
| id | 781f66ca7380407b94b9775caf1e6e26 |
| name | glance |
| type | image |
+-------------+----------------------------------+
[root@controller ~]# openstack endpoint create --region RegionOne image public http://controller:9292
+--------------+----------------------------------+
| Field | Value |
+--------------+----------------------------------+
| enabled | True |
| id | 78481538d0a1497eb0a54204a1183737 |
| interface | public |
| region | RegionOne |
| region_id | RegionOne |
| service_id | 781f66ca7380407b94b9775caf1e6e26 |
| service_name | glance |
| service_type | image |
| url | http://controller:9292 |
+--------------+----------------------------------+
[root@controller ~]# openstack endpoint create --region RegionOne image internal http://controller:9292
+--------------+----------------------------------+
| Field | Value |
+--------------+----------------------------------+
| enabled | True |
| id | 8766ddbbca8d44368b8cdb8241d3d0ff |
| interface | internal |
| region | RegionOne |
| region_id | RegionOne |
| service_id | 781f66ca7380407b94b9775caf1e6e26 |
| service_name | glance |
| service_type | image |
| url | http://controller:9292 |
+--------------+----------------------------------+
[root@controller ~]# openstack endpoint create --region RegionOne image admin http://controller:9292
+--------------+----------------------------------+
| Field | Value |
+--------------+----------------------------------+
| enabled | True |
| id | c04f052b452c4065984a6fe74df37302 |
| interface | admin |
| region | RegionOne |
| region_id | RegionOne |
| service_id | 781f66ca7380407b94b9775caf1e6e26 |
| service_name | glance |
| service_type | image |
| url | http://controller:9292 |
+--------------+----------------------------------+
step 04 安装服务相关的软件包;
yum install -y openstack-glance |
[root@controller ~]# yum install -y openstack-glance.noarch >/dev/null
[root@controller ~]# echo $?
0
step 05 修改服务相应的配置文件;(数据库的链接,keystone的认证信息,消息队列的链接,其他配置)
#/etc/glance/glance-api.conf cp /etc/glance/glance-api.conf{,.bak} #备份配置文件 grep -Ev '^$|#' /etc/glance/glance-api.conf.bak >/etc/glance/glance-api.conf #清除配置文件注释及空行 openstack-config --set /etc/glance/glance-api.conf database connection mysql+pymysql://用户名:密码@数据库IP/glance #配置数据库访问信息(默认用户名:glance; 默认密码: GLANCE_DBPASS) openstack-config --set /etc/glance/glance-api.conf glance_store stores file,http openstack-config --set /etc/glance/glance-api.conf glance_store default_store file openstack-config --set /etc/glance/glance-api.conf glance_store filesystem_store_datadir /目录 #制定镜像存储目录(默认:/var/lib/glance/images/) openstack-config --set /etc/glance/glance-api.conf keystone_authtoken auth_uri http://控制节点IP:5000 #指定keystone的访问地址 openstack-config --set /etc/glance/glance-api.conf keystone_authtoken auth_url http://控制节点IP:35357 #指定keystone的访问地址 openstack-config --set /etc/glance/glance-api.conf keystone_authtoken memcached_servers 控制节点IP:11211 #指定memcached的访问地址 openstack-config --set /etc/glance/glance-api.conf keystone_authtoken auth_type password #指定keystone的验证方式 openstack-config --set /etc/glance/glance-api.conf keystone_authtoken project_domain_name 域名称 #指定项目所在域(默认: default) openstack-config --set /etc/glance/glance-api.conf keystone_authtoken user_domain_name 域名称 #指定用户所在域(默认: default) openstack-config --set /etc/glance/glance-api.conf keystone_authtoken project_name 项目名称 #指定项目(默认: service) openstack-config --set /etc/glance/glance-api.conf keystone_authtoken username 用户名称 #指定用户(默认: glance) openstack-config --set /etc/glance/glance-api.conf keystone_authtoken password GLANCE_PASS #指定用户登录密码(默认: GLANCE_PASS) openstack-config --set /etc/glance/glance-api.conf paste_deploy flavor keystone #指定glance服务验证方式为keystone |
[root@controller ~]# cp /etc/glance/glance-api.conf{,.bak}
[root@controller ~]# grep -Ev '^#|^$' /etc/glance/glance-api.conf.bak >/etc/glance/glance-api.conf
[root@controller ~]# openstack-config --set /etc/glance/glance-api.conf database connection mysql+pymysql://glance:GLANCE_DBPASS@controller/glance
[root@controller ~]# openstack-config --set /etc/glance/glance-api.conf glance_store stores file,http
[root@controller ~]# openstack-config --set /etc/glance/glance-api.conf glance_store default_store file
[root@controller ~]# openstack-config --set /etc/glance/glance-api.conf glance_store filesystem_store_datadir /var/lib/glance/images/
[root@controller ~]# openstack-config --set /etc/glance/glance-api.conf keystone_authtoken auth_uri http://controller:5000
[root@controller ~]# openstack-config --set /etc/glance/glance-api.conf keystone_authtoken auth_url http://controller:35357
[root@controller ~]# openstack-config --set /etc/glance/glance-api.conf keystone_authtoken memcached_servers controller:11211
[root@controller ~]# openstack-config --set /etc/glance/glance-api.conf keystone_authtoken auth_type password
[root@controller ~]# openstack-config --set /etc/glance/glance-api.conf keystone_authtoken project_domain_name default
[root@controller ~]# openstack-config --set /etc/glance/glance-api.conf keystone_authtoken user_domain_name default
[root@controller ~]# openstack-config --set /etc/glance/glance-api.conf keystone_authtoken project_name service
[root@controller ~]# openstack-config --set /etc/glance/glance-api.conf keystone_authtoken username glance
[root@controller ~]# openstack-config --set /etc/glance/glance-api.conf keystone_authtoken password GLANCE_PASS
[root@controller ~]# openstack-config --set /etc/glance/glance-api.conf paste_deploy flavor keystone
[root@controller ~]# md5sum /etc/glance/glance-api.conf
3e1a4234c133eda11b413788e001cba3 /etc/glance/glance-api.conf
#/etc/glance/glance-registry.conf cp /etc/glance/glance-api.conf{,.bak} #备份配置文件 grep -Ev '^$|#' /etc/glance/glance-api.conf.bak >/etc/glance/glance-api.conf #清除配置文件注释及空行 openstack-config --set /etc/glance/glance-registry.conf database connection mysql+pymysql://用户名:密码@数据库IP/glance #配置数据库访问信息(默认用户名:glance; 默认密码: GLANCE_DBPASS) openstack-config --set /etc/glance/glance-registry.conf keystone_authtoken auth_uri http://控制节点IP:5000 #指定keystone的访问地址 openstack-config --set /etc/glance/glance-registry.conf keystone_authtoken auth_uri http://控制节点IP:35357 #指定keystone的访问地址 openstack-config --set /etc/glance/glance-registry.conf keystone_authtoken memcached_servers 控制节点IP:11211 #指定memcached的访问地址 openstack-config --set /etc/glance/glance-registry.conf keystone_authtoken auth_type password #指定keystone的验证方式 openstack-config --set /etc/glance/glance-registry.conf keystone_authtoken project_domain_name 域名称 #指定项目所在域(默认: default) openstack-config --set /etc/glance/glance-registry.conf keystone_authtoken user_domain_name 域名称 #指定用户所在域(默认: default) openstack-config --set /etc/glance/glance-registry.conf keystone_authtoken project_name 项目名称 #指定项目(默认: service) openstack-config --set /etc/glance/glance-registry.conf keystone_authtoken username 用户名称 #指定用户(默认: glance) openstack-config --set /etc/glance/glance-registry.conf keystone_authtoken password GLANCE_PASS #指定用户登录密码(默认: GLANCE_PASS) openstack-config --set /etc/glance/glance-registry.conf paste_deploy flavor keystone #指定glance服务验证方式为keystone |
[root@controller ~]# cp /etc/glance/glance-registry.conf{,.bak}
[root@controller ~]# grep -Ev '^#|^$' /etc/glance/glance-registry.conf.bak >/etc/glance/glance-registry.conf
[root@controller ~]# openstack-config --set /etc/glance/glance-registry.conf database connection mysql+pymysql://glance:GLANCE_DBPASS@controller/glance
[root@controller ~]# openstack-config --set /etc/glance/glance-registry.conf keystone_authtoken auth_uri http://controller:5000
[root@controller ~]# openstack-config --set /etc/glance/glance-registry.conf keystone_authtoken auth_url http://controller:35357
[root@controller ~]# openstack-config --set /etc/glance/glance-registry.conf keystone_authtoken memcached_servers controller:11211
[root@controller ~]# openstack-config --set /etc/glance/glance-registry.conf keystone_authtoken auth_type password
[root@controller ~]# openstack-config --set /etc/glance/glance-registry.conf keystone_authtoken project_domain_name default
[root@controller ~]# openstack-config --set /etc/glance/glance-registry.conf keystone_authtoken user_domain_name default
[root@controller ~]# openstack-config --set /etc/glance/glance-registry.conf keystone_authtoken project_name service
[root@controller ~]# openstack-config --set /etc/glance/glance-registry.conf keystone_authtoken username glance
[root@controller ~]# openstack-config --set /etc/glance/glance-registry.conf keystone_authtoken password GLANCE_PASS
[root@controller ~]# openstack-config --set /etc/glance/glance-registry.conf paste_deploy flavor keystone
[root@controller ~]# md5sum /etc/glance/glance-registry.conf
46acabd81a65b924256f56fe34d90b8f /etc/glance/glance-registry.conf
step 06 同步数据库,创建表;
su -s /bin/sh -c "glance-manage db_sync" glance #初始化镜像服务数据库(同步数据库) |
[root@controller ~]# su -s /bin/sh -c "glance-manage db_sync" glance
# 官方提示: 忽略提示信息。
Option "verbose" from group "DEFAULT" is deprecated for removal. Its value may be silently ignored in the future.
/usr/lib/python2.7/site-packages/oslo_db/sqlalchemy/enginefacade.py:1056: OsloDBDeprecationWarning: EngineFacade is deprecated; please use oslo_db.sqlalchemy.enginefacade
expire_on_commit=expire_on_commit, _conf=conf)
/usr/lib/python2.7/site-packages/pymysql/cursors.py:166: Warning: (1831, u'Duplicate index `ix_image_properties_image_id_name`. This is deprecated and will be disallowed in a future release.')
result = self._query(query)
[root@controller ~]# mysql -uroot glance -e "show tables;"| head -5
Tables_in_glance
artifact_blob_locations
artifact_blobs
artifact_dependencies
artifact_properties
step 07 启动服务;
systemctl enable openstack-glance-api.service openstack-glance-registry.service systemctl start openstack-glance-api.service openstack-glance-registry.service |
[root@controller ~]# systemctl enable openstack-glance-api.service openstack-glance-registry.service
Created symlink from /etc/systemd/system/multi-user.target.wants/openstack-glance-api.service to /usr/lib/systemd/system/openstack-glance-api.service.
Created symlink from /etc/systemd/system/multi-user.target.wants/openstack-glance-registry.service to /usr/lib/systemd/system/openstack-glance-registry.service.
[root@controller ~]# systemctl start openstack-glance-api.service openstack-glance-registry.service
[root@controller ~]# ps -ef | grep [g]lance
glance 12879 1 1 12:07 ? 00:00:02 /usr/bin/python2 /usr/bin/glance-api
glance 12880 1 0 12:07 ? 00:00:01 /usr/bin/python2 /usr/bin/glance-registry
glance 12897 12880 0 12:08 ? 00:00:00 /usr/bin/python2 /usr/bin/glance-registry
glance 12898 12879 0 12:08 ? 00:00:00 /usr/bin/python2 /usr/bin/glance-api
[root@controller ~]# netstat -lntup | grep -E '12879|12880'
tcp 0 0 0.0.0.0:9191 0.0.0.0:* LISTEN 12880/python2
tcp 0 0 0.0.0.0:9292 0.0.0.0:* LISTEN 12879/python2
step 08 验证;
验证镜像 提取码:6g0b |
openstack image create "镜像名称" \ --file /目录/镜像名称 \ --disk-format qcow2 --container-format bare \ --public #上传镜像 openstack image list #查看镜像列表 |
[root@controller ~]# openstack image create "cirros" --file cirros-0.3.4-x86_64-disk.img --disk-format qcow2 --container-format bare --public
+------------------+------------------------------------------------------+
| Field | Value |
+------------------+------------------------------------------------------+
| checksum | ee1eca47dc88f4879d8a229cc70a07c6 |
| container_format | bare |
| created_at | 2022-03-27T04:18:40Z |
| disk_format | qcow2 |
| file | /v2/images/2f6c5e1c-5f00-4da5-a834-1226867386ce/file |
| id | 2f6c5e1c-5f00-4da5-a834-1226867386ce |
| min_disk | 0 |
| min_ram | 0 |
| name | cirros |
| owner | 97070590114e4689b1ec1579075a59e6 |
| protected | False |
| schema | /v2/schemas/image |
| size | 13287936 |
| status | active |
| tags | |
| updated_at | 2022-03-27T04:18:41Z |
| virtual_size | None |
| visibility | public |
+------------------+------------------------------------------------------+
[root@controller ~]# openstack image list
+--------------------------------------+--------+--------+
| ID | Name | Status |
+--------------------------------------+--------+--------+
| 2f6c5e1c-5f00-4da5-a834-1226867386ce | cirros | active |
+--------------------------------------+--------+--------+
[root@controller ~]# ll -h /var/lib/glance/images/
total 13M
-rw-r----- 1 glance glance 13M Mar 27 12:18 2f6c5e1c-5f00-4da5-a834-1226867386ce
[root@controller ~]# mysql -uroot glance -e "show tables;" | grep image
image_locations
image_members
image_properties
image_tags
images