构建OpenStack私有云--第二步:配置Glance服务
雷方伟
1. 创建Glance数据库
步骤:先创建名为glance的数据库,然后创建glance用户,然后把其密码也设为glance,然后给本机、和所有登录到这台节点上的都可以有这样一个权限。然后创建服务实体,然后给它建立endpoint,然后再去安装相关包。然后把服务启动并设置开机启动,然后可能会有一个验证。大部分的步骤都是差不多这样的
[root@openstack-controller ~]# mysql -u root -p205247
Welcome to the MariaDB monitor. Commands end with ; or \g.
Your MariaDB connection id is 21
Server version: 10.1.20-MariaDB MariaDB Server
Copyright (c) 2000, 2016, Oracle, MariaDB Corporation Ab and others.
Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.
MariaDB [(none)]> CREATE DATABASE glance;
Query OK, 1 row affected (0.00 sec)
MariaDB [(none)]> GRANT ALL PRIVILEGES ON glance.* TO 'glance'@'localhost' \
-> IDENTIFIED BY 'glance';
Query OK, 0 rows affected (0.00 sec)
MariaDB [(none)]> GRANT ALL PRIVILEGES ON glance.* TO 'glance'@'%' \
-> IDENTIFIED BY 'glance';
Query OK, 0 rows affected (0.00 sec)
2. 创建Glance相关用户与授权
接下来切换到admin用户以便能够得到权限,去创建glance用户(创建用户必须有管理员权限)
MariaDB [(none)]> exit
Bye
# 这样就相当于切换到admin用户了
# 这是因为.admin.openstack中声明了这些变量,如用户是admin,密码是admin等
[root@openstack-controller ~]# source ~/.admin.openstack;
# 然后创建用户
[root@openstack-controller ~]# openstack user create --domain default --password-prompt glance;
User Password:
Repeat User Password:
+---------------------+----------------------------------+
| Field | Value |
+---------------------+----------------------------------+
| domain_id | default |
| enabled | True |
| id | e5378f5305814186a9f2fb90844e0cef |
| name | glance |
| options | {} |
| password_expires_at | None |
+---------------------+----------------------------------+
用户创建完之后需要授权:在project名称为service的项目下,找到user名称为glance的用户,然后把他提拔为超级管理员admin
[root@openstack-controller ~]# openstack role add --project service --user glance admin;
3. 创建Glance服务及为其创建image服务API端点(endpoints)
接下来创建glance实体(也就是创建一个服务,然后把它发布出去,这需要一个地址,即endpoint)
[root@openstack-controller ~]# openstack service create --name glance \
> --description "OpenStack Image" image;
+-------------+----------------------------------+
| Field | Value |
+-------------+----------------------------------+
| description | OpenStack Image |
| enabled | True |
| id | 5cf14148d06744f2a34b125d26f5775d |
| name | glance |
| type | image |
+-------------+----------------------------------+
# 接下来看一下都有哪些服务
[root@openstack-controller ~]# openstack service list
+----------------------------------+----------+----------+
| ID | Name | Type |
+----------------------------------+----------+----------+
| 21ed060f01e34f4d91f39c9f802a004c | keystone | identity |
| 5cf14148d06744f2a34b125d26f5775d | glance | image |
+----------------------------------+----------+----------+
# 可知有上一步创建的keystone,类型是identity;和刚刚创建的glance,类型是image
现在这样一个实体已经存在了,接着我们需要给它做个包装,即给它一个URL.
endpoint在OpenStack上有三种,即public、internal、admin。其中internal和admin都使用同一个地址,public是外网访问的,地址设为controller的外网地址。
[root@openstack-controller ~]# openstack endpoint create --region RegionOne \
> image public http://192.168.245.137:9292
+--------------+----------------------------------+
| Field | Value |
+--------------+----------------------------------+
| enabled | True |
| id | d867ed428e5148e7a03189e15faf2e0e |
| interface | public |
| region | RegionOne |
| region_id | RegionOne |
| service_id | 5cf14148d06744f2a34b125d26f5775d |
| service_name | glance |
| service_type | image |
| url | http://192.168.245.137:9292 |
[root@openstack-controller ~]# openstack endpoint create --region RegionOne \
> image internal http://controller:9292
+--------------+----------------------------------+
| Field | Value |
+--------------+----------------------------------+
| enabled | True |
| id | 864de1b861114cf8a0642f7fc4cc4d87 |
| interface | internal |
| region | RegionOne |
| region_id | RegionOne |
| service_id | 5cf14148d06744f2a34b125d26f5775d |
| service_name | glance |
| service_type | image |
| url | http://controller:9292 |
+--------------+----------------------------------+
[root@openstack-controller ~]# openstack endpoint create --region RegionOne \
> image admin http://controller:9292
+--------------+----------------------------------+
| Field | Value |
+--------------+----------------------------------+
| enabled | True |
| id | 060ede2261f24df39b2fb8eefb2629f1 |
| interface | admin |
| region | RegionOne |
| region_id | RegionOne |
| service_id | 5cf14148d06744f2a34b125d26f5775d |
| service_name | glance |
| service_type | image |
| url | http://controller:9292 |
+--------------+----------------------------------+
到目前为止应该有6个endpoint(之前Keystone的三个+Glance的三个),Glance的监听地址是在9292端口上
[root@openstack-controller ~]# openstack endpoint list
+----------------------------------+-----------+--------------+--------------+---------+-----------+---------------------------------+
| ID | Region | Service Name | Service Type | Enabled | Interface | URL |
+----------------------------------+-----------+--------------+--------------+---------+-----------+---------------------------------+
| 060ede2261f24df39b2fb8eefb2629f1 | RegionOne | glance | image | True | admin | http://controller:9292 |
| 1699a85395854743b1ec331992932dee | RegionOne | keystone | identity | True | admin | http://controller:5000/v3/ |
| 864de1b861114cf8a0642f7fc4cc4d87 | RegionOne | glance | image | True | internal | http://controller:9292 |
| b066a8e4463f4d3eb483edc58ad95b78 | RegionOne | keystone | identity | True | internal | http://controller:5000/v3/ |
| bb6cfcbc8cd947a8a26cc6c86a69f3a2 | RegionOne | keystone | identity | True | public | http://192.168.245.137:5000/v3/ |
| d867ed428e5148e7a03189e15faf2e0e | RegionOne | glance | image | True | public | http://192.168.245.137:9292 |
+----------------------------------+-----------+--------------+--------------+---------+-----------+---------------------------------+
4. 安装配置Glance服务
1)安装Glance服务
[root@openstack-controller ~]# yum install openstack-glance -y
2)修改并配置/etc/glance/glance-api.conf文件:
找到[database],添加一行;找到[keystone authtoken],添加多行;找到[paste_deploy],添加一行;找到[glance_store],添加多行
[root@openstack-controller ~]# cp /etc/glance/glance-api.conf{,.init.bak}
[root@openstack-controller ~]# vim /etc/glance/glance-api.conf
[database]
connection = mysql+pymysql://glance:glance@controller/glance
[keystone_authtoken]
www_authenticate_uri = http://controller:5000
auth_url = http://controller:5000
memcached_servers = controller:11211
auth_type = password
project_domain_name = Default
user_domain_name = Default
project_name = service
username = glance
password = glance
[paste_deploy]
flavor = keystone
[glance_store]
stores = file,http
default_store = file
filesystem_store_datadir = /var/lib/glance/images/
3)修改并配置/etc/glance/glance-registry.conf文件
[root@openstack-controller ~]# cp /etc/glance/glance-registry.conf{,.init.bak}
[root@openstack-controller ~]# vim /etc/glance/glance-registry.conf
[database]
connection = mysql+pymysql://glance:glance@controller/glance
[keystone_authtoken]
www_authenticate_uri = http://controller:5000
auth_url = http://controller:5000
memcached_servers = controller:11211
auth_type = password
project_domain_name = Default
user_domain_name = Default
project_name = service
username = glance
password = glance
[paste_deploy]
flavor = keystone
4)初始化Glance数据库
# 以glance用户执行这条命令
[root@openstack-controller ~]# su -s /bin/sh -c "glance-manage db_sync" glance
这时候我们可以看一下数据库里有哪些东西
[root@openstack-controller ~]# mysql -u root -p
Enter password:
Welcome to the MariaDB monitor. Commands end with ; or \g.
Your MariaDB connection id is 29
Server version: 10.1.20-MariaDB MariaDB Server
Copyright (c) 2000, 2016, Oracle, MariaDB Corporation Ab and others.
Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.
MariaDB [(none)]> show databases;
+--------------------+
| Database |
+--------------------+
| glance |
| information_schema |
| keystone |
| mysql |
| performance_schema |
+--------------------+
5 rows in set (0.00 sec)
MariaDB [(none)]> use glance;
Reading table information for completion of table and column names
You can turn off this feature to get a quicker startup with -A
Database changed
# 看一下glance数据库都有哪些表
# 这些表就记录了一个glance服务需要记录哪些字段
MariaDB [glance]> show tables;
+----------------------------------+
| Tables_in_glance |
+----------------------------------+
| alembic_version |
| image_locations |
| image_members |
| image_properties |
| image_tags |
| images |
| metadef_namespace_resource_types |
| metadef_namespaces |
| metadef_objects |
| metadef_properties |
| metadef_resource_types |
| metadef_tags |
| migrate_version |
| task_info |
| tasks |
+----------------------------------+
15 rows in set (0.00 sec)
5. 启动Glance服务并设置开机启动
[root@openstack-controller ~]# systemctl enable openstack-glance-api.service \
> openstack-glance-registry.service
Created symlink from /etc/systemd/system/multi-user.target.wants/openstack-glance-api.service to /usr/lib/systemd/system/openstack-glance-api.service.
Created symlink from /etc/systemd/system/multi-user.target.wants/openstack-glance-registry.service to /usr/lib/systemd/system/openstack-glance-registry.service.
[root@openstack-controller ~]# systemctl start openstack-glance-api.service \
> openstack-glance-registry.service
[root@openstack-controller ~]# systemctl status openstack-glance-api.service \
> openstack-glance-registry.service
● openstack-glance-api.service - OpenStack Image Service (code-named Glance) API server
Loaded: loaded (/usr/lib/systemd/system/openstack-glance-api.service; enabled; vendor preset: disabled)
Active: active (running) since Mon 2022-04-11 20:33:52 EDT; 24s ago
Main PID: 76349 (glance-api)
CGroup: /system.slice/openstack-glance-api.service
├─76349 /usr/bin/python2 /usr/bin/glance-api
├─76376 /usr/bin/python2 /usr/bin/glance-api
├─76378 /usr/bin/python2 /usr/bin/glance-api
├─76379 /usr/bin/python2 /usr/bin/glance-api
├─76381 /usr/bin/python2 /usr/bin/glance-api
├─76382 /usr/bin/python2 /usr/bin/glance-api
├─76383 /usr/bin/python2 /usr/bin/glance-api
├─76385 /usr/bin/python2 /usr/bin/glance-api
└─76387 /usr/bin/python2 /usr/bin/glance-api
Apr 11 20:33:53 openstack-controller glance-api[76349]: /usr/lib/python2.7/site-packages/paste/deploy...y.
Apr 11 20:33:53 openstack-controller glance-api[76349]: return pkg_resources.EntryPoint.parse("x=" + ...e)
Apr 11 20:33:53 openstack-controller glance-api[76349]: /usr/lib/python2.7/site-packages/paste/deploy...y.
Apr 11 20:33:53 openstack-controller glance-api[76349]: return pkg_resources.EntryPoint.parse("x=" + ...e)
Apr 11 20:33:54 openstack-controller glance-api[76349]: /usr/lib/python2.7/site-packages/paste/deploy...y.
Apr 11 20:33:54 openstack-controller glance-api[76349]: return pkg_resources.EntryPoint.parse("x=" + ...e)
Apr 11 20:33:54 openstack-controller glance-api[76349]: /usr/lib/python2.7/site-packages/paste/deploy...y.
Apr 11 20:33:54 openstack-controller glance-api[76349]: return pkg_resources.EntryPoint.parse("x=" + ...e)
Apr 11 20:33:54 openstack-controller glance-api[76349]: /usr/lib/python2.7/site-packages/paste/deploy...er
Apr 11 20:33:54 openstack-controller glance-api[76349]: val = callable(*args, **kw)
● openstack-glance-registry.service - OpenStack Image Service (code-named Glance) Registry server
Loaded: loaded (/usr/lib/systemd/system/openstack-glance-registry.service; enabled; vendor preset: disabled)
Active: active (running) since Mon 2022-04-11 20:33:52 EDT; 24s ago
Main PID: 76350 (glance-registry)
CGroup: /system.slice/openstack-glance-registry.service
├─76350 /usr/bin/python2 /usr/bin/glance-registry
├─76373 /usr/bin/python2 /usr/bin/glance-registry
├─76374 /usr/bin/python2 /usr/bin/glance-registry
├─76375 /usr/bin/python2 /usr/bin/glance-registry
├─76377 /usr/bin/python2 /usr/bin/glance-registry
├─76380 /usr/bin/python2 /usr/bin/glance-registry
├─76384 /usr/bin/python2 /usr/bin/glance-registry
├─76386 /usr/bin/python2 /usr/bin/glance-registry
└─76388 /usr/bin/python2 /usr/bin/glance-registry
Apr 11 20:33:53 openstack-controller glance-registry[76350]: /usr/lib/python2.7/site-packages/paste/d...y.
Apr 11 20:33:53 openstack-controller glance-registry[76350]: return pkg_resources.EntryPoint.parse("x...e)
Apr 11 20:33:53 openstack-controller glance-registry[76350]: /usr/lib/python2.7/site-packages/paste/d...y.
Apr 11 20:33:53 openstack-controller glance-registry[76350]: return pkg_resources.EntryPoint.parse("x...e)
Apr 11 20:33:54 openstack-controller glance-registry[76350]: /usr/lib/python2.7/site-packages/paste/d...y.
Apr 11 20:33:54 openstack-controller glance-registry[76350]: return pkg_resources.EntryPoint.parse("x...e)
Apr 11 20:33:54 openstack-controller glance-registry[76350]: /usr/lib/python2.7/site-packages/glance/...l.
Apr 11 20:33:54 openstack-controller glance-registry[76350]: debtcollector.deprecate("Glance Registry... "
Apr 11 20:33:54 openstack-controller glance-registry[76350]: /usr/lib/python2.7/site-packages/paste/d...er
Apr 11 20:33:54 openstack-controller glance-registry[76350]: val = callable(*args, **kw)
Hint: Some lines were ellipsized, use -l to show in full.
6. 验证操作
1)读取admin用户权限
[root@openstack-controller ~]# source ~/.admin.openstack
2)下载测试镜像文件cirros
[root@openstack-controller ~]# wget http://download.cirros-cloud.net/0.4.0/cirros-0.4.0-x86_64-disk.img
[root@openstack-controller ~]# ls
anaconda-ks.cfg cirros-0.4.0-x86_64-disk.img python2-qpid-proton-0.22.0-1.el7.x86_64.rpm
3)将本地镜像文件上传到glace image服务中
[root@openstack-controller ~]# openstack image create "cirros" \
> --file cirros-0.4.0-x86_64-disk.img \
> --disk-format qcow2 --container-format bare \
> --public
+------------------+--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
| Field | Value |
+------------------+--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
| checksum | 443b7623e27ecf03dc9e01ee93f67afe |
| container_format | bare |
| created_at | 2022-04-12T01:12:36Z |
| disk_format | qcow2 |
| file | /v2/images/06ffc39a-049e-4122-9608-5ae740f58088/file |
| id | 06ffc39a-049e-4122-9608-5ae740f58088 |
| min_disk | 0 |
| min_ram | 0 |
| name | cirros |
| owner | 7d3b70fafbfe4391ab3b305f378c8911 |
| properties | os_hash_algo='sha512', os_hash_value='6513f21e44aa3da349f248188a44bc304a3653a04122d8fb4535423c8e1d14cd6a153f735bb0982e2161b5b5186106570c17a9e58b64dd39390617cd5a350f78', os_hidden='False' |
| protected | False |
| schema | /v2/schemas/image |
| size | 12716032 |
| status | active |
| tags | |
| updated_at | 2022-04-12T01:12:37Z |
| virtual_size | None |
| visibility | public |
+------------------+--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
4)查看镜像有效性
[root@openstack-controller ~]# openstack image list
+--------------------------------------+--------+--------+
| ID | Name | Status |
+--------------------------------------+--------+--------+
| 06ffc39a-049e-4122-9608-5ae740f58088 | cirros | active |
+--------------------------------------+--------+--------+
类似资料: