文章目录
- 一、Glance 镜像服务
- 1、镜像
- 2、镜像服务的功能
- 3、镜像的API版本
- 4、镜像格式
- 5、镜像状态
- 6、镜像访问权限
- 二、部署
- 1、创建数据库实例和数据库用户
- 2、创建用户,修改配置文件
- 2.1 创建glance用户
- 2.2 创建镜像服务API端点
- 3、安装OpenStack-glance 软件包
- 3.1 添加galance-api.conf 配置
- 3.2 修改glance-registry.conf配置文件
- 4、初始化数据库
- 5、开启glance服务
- 6、赋予glance服务权限
- 7、镜像导入
- 8、查看镜像
一、Glance 镜像服务
1、镜像
- 镜像通常指的是一系列文件或一个磁盘驱动的精确副本,将特定的一系列文件按照一定的格式制作成独立的文件,以方便用户的下载和使用。
- 是一系列资源/服务的集合,也可以作为模板创建多个同样的独立的副本
2、镜像服务的功能
镜像服务主要是用来灌流镜像,让用户能够发现、获取和保存镜像,主要功能如下:
①查询和获取镜像的元数据和镜像本身(元数据:镜像的概要信息和描述信息)
②注册和上传虚拟机镜像,包括镜像的创建、上传、下载和管理
③维护镜像信息,包括元数据和镜像本身
④支持多种方式存储镜像,包括普通的文件系统、Swift、Amazon S3等
⑤对虚拟机实例执行床架快照命令来创建新的镜像或者备份虚拟机的状态
3、镜像的API版本
Glance提供的RESTful API有两个版本:V1;V2
① V1:只提供基本的镜像和成员操作功能,包括镜像创建、删除、下载、详细信息查询、更新,以及镜像租户成员的创建、删除和列表
②V2:除了支持V1的所有功能外,主要增加了镜像位置的添加。删除、修改,元数据和名称空间操作,以及镜像标记操作
4、镜像格式
4.1 虚拟机镜像文件磁盘格式
4.2 镜像文件容器格式
5、镜像状态
5.1 镜像从上传到可识别的几个状态
5.2 镜像在上载完成后的状态
6、镜像访问权限
二、部署
1、创建数据库实例和数据库用户
[root@ct ~]# mysql -uroot -p #登录mysql数据库
Enter password:
Welcome to the MariaDB monitor. Commands end with ; or \g.
Your MariaDB connection id is 25
Server version: 10.3.20-MariaDB MariaDB Server
Copyright (c) 2000, 2018, Oracle, MariaDB Corporation Ab and others.
Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.
MariaDB [(none)]> create database glance; # 创建glance数据库
Query OK, 1 row affected (0.000 sec)
MariaDB [(none)]> grant all privileges on glance.* to 'glance'@'localhost' identified by 'GLANCE_DBPASS'; #用户提权glance库的所有权限
Query OK, 0 rows affected (0.001 sec)
MariaDB [(none)]> grant all privileges on glance.* to 'glance'@'%' identified by 'GLANCE_DBPASS';
Query OK, 0 rows affected (0.001 sec)
MariaDB [(none)]> flush privileges; # 刷新权限表
Query OK, 0 rows affected (0.001 sec)
MariaDB [(none)]> show grants for glance; #查看glance用户的权限
+-------------------------------------------------------------------------------------------------------+
| Grants for glance@% |
+-------------------------------------------------------------------------------------------------------+
| GRANT USAGE ON *.* TO 'glance'@'%' IDENTIFIED BY PASSWORD '*C0CE56F2C0C7234791F36D89700B02691C1CAB8E' |
| GRANT ALL PRIVILEGES ON `glance`.* TO 'glance'@'%' |
+-------------------------------------------------------------------------------------------------------+
2 rows in set (0.000 sec)
MariaDB [(none)]>2、创建用户,修改配置文件
2.1 创建glance用户
[root@ct ~]# openstack user create --domain default --password GLANCE_PASS glance #创建glance用户
+---------------------+----------------------------------+
| Field | Value |
+---------------------+----------------------------------+
| domain_id | default |
| enabled | True |
| id | 401ece6ae6a84306a6c7773449cbd2c6 |
| name | glance |
| options | {} |
| password_expires_at | None |
+---------------------+----------------------------------+
[root@ct ~]# openstack role add --project service --user glance admin #将glance用户添加到service项目中,并且针对项目拥有admin权限
[root@ct ~]# openstack service create --name glance --description "OpenStack Image" image #创建一个service服务,service名称为glance,类似image
+-------------+----------------------------------+
| Field | Value |
+-------------+----------------------------------+
| description | OpenStack Image |
| enabled | True |
| id | 7504ed8e58994340b85307ba66addf51 |
| name | glance |
| type | image |
+-------------+----------------------------------+
[root@ct ~]# openstack service list # 查看项目
+----------------------------------+----------+----------+
| ID | Name | Type |
+----------------------------------+----------+----------+
| 7504ed8e58994340b85307ba66addf51 | glance | image |
| ef633d69afdb401b9f39fb36af90db06 | keystone | identity |
+----------------------------------+----------+----------+
[root@ct ~]#2.2 创建镜像服务API端点
[root@ct ~]# openstack endpoint create --region RegionOne image public http://ct:9292
+--------------+----------------------------------+
| Field | Value |
+--------------+----------------------------------+
| enabled | True |
| id | 62c305879da1447391bb94a2ec816a26 |
| interface | public |
| region | RegionOne |
| region_id | RegionOne |
| service_id | 7504ed8e58994340b85307ba66addf51 |
| service_name | glance |
| service_type | image |
| url | http://ct:9292 |
+--------------+----------------------------------+
[root@ct ~]# openstack endpoint create --region RegionOne image internal http://ct:9292
+--------------+----------------------------------+
| Field | Value |
+--------------+----------------------------------+
| enabled | True |
| id | 87715cc052c14c258ebbf25cb23da445 |
| interface | internal |
| region | RegionOne |
| region_id | RegionOne |
| service_id | 7504ed8e58994340b85307ba66addf51 |
| service_name | glance |
| service_type | image |
| url | http://ct:9292 |
+--------------+----------------------------------+
[root@ct ~]# openstack endpoint create --region RegionOne image admin http://ct:9292
+--------------+----------------------------------+
| Field | Value |
+--------------+----------------------------------+
| enabled | True |
| id | 3a72c904739843a985b2461cdf9f92ea |
| interface | admin |
| region | RegionOne |
| region_id | RegionOne |
| service_id | 7504ed8e58994340b85307ba66addf51 |
| service_name | glance |
| service_type | image |
| url | http://ct:9292 |
+--------------+----------------------------------+3、安装OpenStack-glance 软件包
[root@ct ~]# yum -y install openstack-glance
已加载插件:fastestmirror
Loading mirror speeds from cached hostfile
* base: mirrors.ustc.edu.cn
* centos-ceph-nautilus: mirrors.ustc.edu.cn
* centos-nfs-ganesha28: mirrors.ustc.edu.cn
* centos-openstack-train: mirrors.ustc.edu.cn
* centos-qemu-ev: mirrors.ustc.edu.cn
* extras: mirrors.ustc.edu.cn
* updates: mirrors.cn99.com
软件包 1:openstack-glance-19.0.4-1.el7.noarch 已安装并且是最新版本
无须任何处理
[root@ct ~]#3.1 添加galance-api.conf 配置
[root@ct ~]# cp -a /etc/glance/glance-api.conf{,.bak} //备份
[root@ct ~]# grep -Ev '^$|#' /etc/glance/glance-api.conf.bak > /etc/glance/glance-api.conf //过滤注释信息
[root@ct ~]# openstack-config --set /etc/glance/glance-api.conf database connection mysql+pymysql://glance:GLANCE_DBPASS@ct/glance
[root@ct ~]# openstack-config --set /etc/glance/glance-api.conf keystone_authtoken auth_url http://ct:5000
[root@ct ~]# openstack-config --set /etc/glance/glance-api.conf keystone_authtoken memcached_servers ct:11211
[root@ct ~]# openstack-config --set /etc/glance/glance-api.conf keystone_authtoken auth_type password
[root@ct ~]# openstack-config --set /etc/glance/glance-api.conf keystone_authtoken project_domain_name Default
[root@ct ~]# openstack-config --set /etc/glance/glance-api.conf keystone_authtoken user_domain_name Default
[root@ct ~]# openstack-config --set /etc/glance/glance-api.conf keystone_authtoken project_name service
[root@ct ~]# openstack-config --set /etc/glance/glance-api.conf keystone_authtoken username glance
[root@ct ~]# openstack-config --set /etc/glance/glance-api.conf keystone_authtoken password GLANCE_PASS
[root@ct ~]# openstack-config --set /etc/glance/glance-api.conf paste_deploy flavor keystone
[root@ct ~]# openstack-config --set /etc/glance/glance-api.conf glance_store stores file,http
[root@ct ~]# openstack-config --set /etc/glance/glance-api.conf glance_store default_store file
[root@ct ~]# openstack-config --set /etc/glance/glance-api.conf glance_store filesystem_store_datadir /var/lib/glance/images/
[root@ct ~]# cat /etc/glance/glance-api.conf
[DEFAULT]
[cinder]
[cors]
[database]
connection = mysql+pymysql://glance:GLANCE_DBPASS@ct/glance
[file]
[glance.store.http.store]
[glance.store.rbd.store]
[glance.store.sheepdog.store]
[glance.store.swift.store]
[glance.store.vmware_datastore.store]
[glance_store]
stores = file,http
default_store = file
filesystem_store_datadir = /var/lib/glance/images/
[image_format]
[keystone_authtoken]
www_authenticate_uri = http://ct:5000
auth_url = http://ct:5000
memcached_servers = ct:11211
auth_type = password
project_domain_name = Default
user_domain_name = Default
project_name = service
username = glance
password = GLANCE_PASS
[oslo_concurrency]
[oslo_messaging_amqp]
[oslo_messaging_kafka]
[oslo_messaging_notifications]
[oslo_messaging_rabbit]
[oslo_middleware]
[oslo_policy]
[paste_deploy]
flavor = keystone
[profiler]
[store_type_location_strategy]
[task]
[taskflow_executor]3.2 修改glance-registry.conf配置文件
[root@ct ~]# cp -a /etc/glance/glance-registry.conf{,.bak} //备份
[root@ct ~]# grep -Ev '^$|#' /etc/glance/glance-registry.conf.bak > /etc/glance/glance-registry.conf //过滤注释信息
[root@ct ~]# openstack-config --set /etc/glance/glance-registry.conf database connection mysql+pymysql://glance:GLANCE_DBPASS@t/glance
[root@ct ~]# openstack-config --set /etc/glance/glance-registry.conf keystone_authtoken www_authenticate_uri http://ct:5000
[root@ct ~]# openstack-config --set /etc/glance/glance-registry.conf keystone_authtoken auth_url http://ct:5000
[root@ct ~]# openstack-config --set /etc/glance/glance-registry.conf keystone_authtoken memcached_servers ct:11211
[root@ct ~]# openstack-config --set /etc/glance/glance-registry.conf keystone_authtoken auth_type password
[root@ct ~]# openstack-config --set /etc/glance/glance-registry.conf keystone_authtoken project_domain_name Default
[root@ct ~]# openstack-config --set /etc/glance/glance-registry.conf keystone_authtoken user_domain_name Default
[root@ct ~]# openstack-config --set /etc/glance/glance-registry.conf keystone_authtoken project_name service
[root@ct ~]# openstack-config --set /etc/glance/glance-registry.conf keystone_authtoken username glance
[root@ct ~]# openstack-config --set /etc/glance/glance-registry.conf keystone_authtoken password GLANCE_PASS
[root@ct ~]# openstack-config --set /etc/glance/glance-registry.conf paste_deploy flavor keystone
[root@ct ~]# cat /etc/glance/glance-registry.conf
[DEFAULT]
[database]
connection = mysql+pymysql://glance:GLANCE_DBPASS@t/glance
[keystone_authtoken]
www_authenticate_uri = http://ct:5000
auth_url = http://ct:5000
memcached_servers = ct:11211
auth_type = password
project_domain_name = Default
user_domain_name = Default
project_name = service
username = glance
password = GLANCE_PASS
[oslo_messaging_amqp]
[oslo_messaging_kafka]
[oslo_messaging_notifications]
[oslo_messaging_rabbit]
[oslo_policy]
[paste_deploy]
flavor = keystone
[profiler]4、初始化数据库
[root@ct ~]# su -s /bin/sh -c "glance-manage db_sync" glance
INFO [alembic.runtime.migration] Context impl MySQLImpl.
INFO [alembic.runtime.migration] Will assume non-transactional DDL.
/usr/lib/python2.7/site-packages/pymysql/cursors.py:170: Warning: (1280, u"Name 'alembic_version_pkc' ignored for PRIMARY key.")
result = self._query(query)
INFO [alembic.runtime.migration] Running upgrade -> liberty, liberty initial
INFO [alembic.runtime.migration] Running upgrade liberty -> mitaka01, add index on created_at and updated_at columns of 'images' table
INFO [alembic.runtime.migration] Running upgrade mitaka01 -> mitaka02, update metadef os_nova_server
INFO [alembic.runtime.migration] Running upgrade mitaka02 -> ocata_expand01, add visibility to images
INFO [alembic.runtime.migration] Running upgrade ocata_expand01 -> pike_expand01, empty expand for symmetry with pike_contract01
INFO [alembic.runtime.migration] Running upgrade pike_expand01 -> queens_expand01
INFO [alembic.runtime.migration] Running upgrade queens_expand01 -> rocky_expand01, add os_hidden column to images table
INFO [alembic.runtime.migration] Running upgrade rocky_expand01 -> rocky_expand02, add os_hash_algo and os_hash_value columns to images table
INFO [alembic.runtime.migration] Running upgrade rocky_expand02 -> train_expand01, empty expand for symmetry with train_contract01
INFO [alembic.runtime.migration] Context impl MySQLImpl.
INFO [alembic.runtime.migration] Will assume non-transactional DDL.
Upgraded database to: train_expand01, current revision(s): train_expand01
INFO [alembic.runtime.migration] Context impl MySQLImpl.
INFO [alembic.runtime.migration] Will assume non-transactional DDL.
INFO [alembic.runtime.migration] Context impl MySQLImpl.
INFO [alembic.runtime.migration] Will assume non-transactional DDL.
Database migration is up to date. No migration needed.
INFO [alembic.runtime.migration] Context impl MySQLImpl.
INFO [alembic.runtime.migration] Will assume non-transactional DDL.
INFO [alembic.runtime.migration] Context impl MySQLImpl.
INFO [alembic.runtime.migration] Will assume non-transactional DDL.
INFO [alembic.runtime.migration] Running upgrade mitaka02 -> ocata_contract01, remove is_public from images
INFO [alembic.runtime.migration] Running upgrade ocata_contract01 -> pike_contract01, drop glare artifacts tables
INFO [alembic.runtime.migration] Running upgrade pike_contract01 -> queens_contract01
INFO [alembic.runtime.migration] Running upgrade queens_contract01 -> rocky_contract01
INFO [alembic.runtime.migration] Running upgrade rocky_contract01 -> rocky_contract02
INFO [alembic.runtime.migration] Running upgrade rocky_contract02 -> train_contract01
INFO [alembic.runtime.migration] Context impl MySQLImpl.
INFO [alembic.runtime.migration] Will assume non-transactional DDL.
Upgraded database to: train_contract01, current revision(s): train_contract01
INFO [alembic.runtime.migration] Context impl MySQLImpl.
INFO [alembic.runtime.migration] Will assume non-transactional DDL.
Database is synced successfully.
[root@ct ~]#5、开启glance服务
[root@ct ~]# systemctl enable openstack-glance-api.service
Created symlink from /etc/systemd/system/multi-user.target.wants/openstack-glance-api.service to /usr/lib/systemd/system/openstack-glance-api.service.
[root@ct ~]# systemctl start openstack-glance-api.service
[root@ct ~]# netstat -anpt | grep 9292
tcp 0 0 0.0.0.0:9292 0.0.0.0:* LISTEN 35076/python2
[root@ct ~]#6、赋予glance服务权限
[root@ct ~]# chown -hR glance:glance /var/lib/glance/
[root@ct ~]# ll /var/lib/glance/
总用量 0
drwxr-x---. 2 glance glance 6 8月 26 16:16 images
[root@ct ~]#7、镜像导入
[root@ct ~]# openstack image create --file cirros-0.3.5-x86_64-disk.img --disk-format qcow2 --container-format bare --public cirros
+------------------+--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
| Field | Value |
+------------------+--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
| checksum | f8ab98ff5e73ebab884d80c9dc9c7290 |
| container_format | bare |
| created_at | 2021-08-26T08:23:14Z |
| disk_format | qcow2 |
| file | /v2/images/bbdc00d8-e2ea-4d44-8aae-47aa80c6322f/file |
| id | bbdc00d8-e2ea-4d44-8aae-47aa80c6322f |
| min_disk | 0 |
| min_ram | 0 |
| name | cirros |
| owner | 06bda3fc6abd44b186f168002107c832 |
| properties | os_hash_algo='sha512', os_hash_value='f0fd1b50420dce4ca382ccfbb528eef3a38bbeff00b54e95e3876b9bafe7ed2d6f919ca35d9046d437c6d2d8698b1174a335fbd66035bb3edc525d2cdb187232', os_hidden='False' |
| protected | False |
| schema | /v2/schemas/image |
| size | 13267968 |
| status | active |
| tags | |
| updated_at | 2021-08-26T08:23:14Z |
| virtual_size | None |
| visibility | public |
+------------------+--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
[root@ct ~]#8、查看镜像
[root@ct ~]# openstack image list
+--------------------------------------+--------+--------+
| ID | Name | Status |
+--------------------------------------+--------+--------+
| bbdc00d8-e2ea-4d44-8aae-47aa80c6322f | cirros | active |
+--------------------------------------+--------+--------+
[root@ct ~]# glance image-list
+--------------------------------------+--------+
| ID | Name |
+--------------------------------------+--------+
| bbdc00d8-e2ea-4d44-8aae-47aa80c6322f | cirros |
+--------------------------------------+--------+
[root@ct ~]#
本文章为转载内容,我们尊重原作者对文章享有的著作权。如有内容错误或侵权问题,欢迎原作者联系我们进行内容更正或删除文章。
