ria 认证 su - -a 属性 端口 开机 更改 created
Glance 的概述
Glance 是为虚拟机的创建提供镜像的服务,我们基于 Openstack 是构建基本的 IaaS 平台对外提供虚拟机,而虚拟机在创建时必须为选择需要安装的操作系统,Glance 服务就是为该选择提供不同的操作系统镜像.
Glance 的组件
Glance-API
主要用来响应各种 REST 请求然后通过其它模块(主要是 glance-registry 组件和后端存储接口)完成镜像的上传,删除,查询等操作.可以简单的再分为两部分:一层中间件,它主要是做一些对请求的解析工作(如分析出版本号), 另外一部分提供实际的服务(如与镜像上传下载的后端存储接 ××× 互).默认绑定端口是 9292.
Glance-Registry
镜像注册服务用于提供镜像元数据的 REST 接口.主要工作是存储或者获取镜像的元数据,与 MySQL 数据库进行交互.也可以简单的再细分为两部分,API 和具体的 Server.元数据是指镜像相关的一些信息(如 id,size, status,location,checksum,min_disk,min_ram,owner 等)真正的镜像数据保存在实际所使用的后端存储里(如 Swift,S3,Filesystem 等).默认绑定的端口是 9191.
Image Store
严格来说 Image Store 不属于 Glance 的组件,这里把它单独分出来只是为了方便理解,它只是一个接口层,提供镜像存储和查询的接口.具体的实现则需要外部存储(Swift,S3)的支持.
Glance 的工作流程
Glance 安装配置
Glance 的安装
创建一个数据库,服务凭证和 API 端点
MariaDB [(none)]> create database glance;
Query OK, 1 row affected (0.00 sec)
MariaDB [(none)]> show databases;
+--------------------+
| Database |
+--------------------+
| glance |
| information_schema |
| keystone |
| mysql |
| performance_schema |
+--------------------+
5 rows in set (0.00 sec)
MariaDB [(none)]> grant all on glance.* to 'glance'@'localhost' identified by 'glance';
Query OK, 0 rows affected (0.00 sec)
MariaDB [(none)]> grant all on glance.* to 'glance'@'%' identified by 'glance';
Query OK, 0 rows affected (0.00 sec)
MariaDB [(none)]> exit
Bye
获得 admin 凭证来获取只有管理员能执行的命令的访问权限
[root@linux - node1~]#source admin - openrc
要创建服务证书,完成这些步骤
创建 glance 用户
[root@linux-node1 ~]# openstack user create --domain default --password-prompt glance
User Password:
Repeat User Password:
+---------------------+----------------------------------+
| Field | Value |
+---------------------+----------------------------------+
| domain_id | default |
| enabled | True |
| id | bd7a2a0f75384a33a4abb349c6840bc8 |
| name | glance |
| password_expires_at | None |
+---------------------+----------------------------------+
添加 admin 角色到 glance 用户和 service 项目上
[root@linux - node1~]#openstack role add--project service--user glance admin
创建 glance 服务实体
[root@linux-node1 ~]# openstack service create --name glance --description "OpenStack Image" image
+-------------+----------------------------------+
| Field | Value |
+-------------+----------------------------------+
| description | OpenStack Image |
| enabled | True |
| id | 8188d497252d44f59cb2e8e0c4017055 |
| name | glance |
| type | image |
+-------------+----------------------------------+
创建镜像服务的 API 端点
[root@linux-node1 ~]# openstack endpoint create --region RegionOne image public http://192.168.56.11:9292
+--------------+----------------------------------+
| Field | Value |
+--------------+----------------------------------+
| enabled | True |
| id | d52e57b312ab4fadb2f84222660f01a8 |
| interface | public |
| region | RegionOne |
| region_id | RegionOne |
| service_id | 8188d497252d44f59cb2e8e0c4017055 |
| service_name | glance |
| service_type | image |
| url | http://192.168.56.11:9292 |
+--------------+----------------------------------+
[root@linux-node1 ~]# openstack endpoint create --region RegionOne image internal http://192.168.56.11:9292
+--------------+----------------------------------+
| Field | Value |
+--------------+----------------------------------+
| enabled | True |
| id | f44c4a6fb1d64140bded5f220cbad948 |
| interface | internal |
| region | RegionOne |
| region_id | RegionOne |
| service_id | 8188d497252d44f59cb2e8e0c4017055 |
| service_name | glance |
| service_type | image |
| url | http://192.168.56.11:9292 |
+--------------+----------------------------------+
[root@linux-node1 ~]# openstack endpoint create --region RegionOne image admin http://192.168.56.11:9292
+--------------+----------------------------------+
| Field | Value |
+--------------+----------------------------------+
| enabled | True |
| id | f1b9538274f54cae8b0349bfbf17dca0 |
| interface | admin |
| region | RegionOne |
| region_id | RegionOne |
| service_id | 8188d497252d44f59cb2e8e0c4017055 |
| service_name | glance |
| service_type | image |
| url | http://192.168.56.11:9292 |
+--------------+----------------------------------+
安装 Glance 相关软件包
[root@linux-node1 ~]# yum -y install openstack-glance
[root@linux-node1 ~]# rpm -qa openstack-glance
openstack-glance-13.0.0-1.el7.noarch
Glance 的配置
编辑 / etc/glance/glance-api.conf 文件,并完成如下更改
[root@linux-node1 ~]# cp -a /etc/glance/glance-api.conf /etc/glance/glance-api.conf_$(date +%F)
[root@linux-node1 ~]# vim /etc/glance/glance-api.conf
在 [database] 部分,配置数据库访问
[database]
......
1748 connection = mysql+pymysql://glance:glance@192.168.56.11/glance
在
[keystone_authtoken]
和 [paste_deploy] 部分,配置认证服务访问
[keystone_authtoken]
......
3179 auth_uri = http://192.168.56.11:5000
3180 auth_url = http://192.168.56.11:35357
3181 memcached_servers = 192.168.56.11:11211
3182 auth_type = password
3183 project_domain_name = Default
3184 user_domain_name = Default
3185 project_name = service
3186 username = glance
3187 password = glance
[paste_deploy]
......
3990 flavor = keystone
在 [glance_store] 部分,配置本地文件系统存储和镜像文件位置
[glance_store]
......
1864 stores = file,http
1896 default_store = file
2196 filesystem_store_datadir = /var/lib/glance/images
编辑 / etc/glance/glance-registry.conf 文件,并完成如下更改
[root@linux-node1 ~]# cp -a /etc/glance/glance-registry.conf /etc/glance/glance-registry.conf_$(date +%F)
[root@linux-node1 ~]# vim /etc/glance/glance-registry.conf
在 [database] 部分,配置数据库访问
[database]
......
1038 connection = mysql+pymysql://glance:glance@192.168.56.11/glance
在
[keystone_authtoken]
和 [paste_deploy] 部分,配置认证服务访问
[keystone_authtoken]
......
1128 auth_uri = http://192.168.56.11:5000
1129 auth_url = http://192.168.56.11:35357
1130 memcached_servers = 192.168.56.11:11211
1131 auth_type = password
1132 project_domain_name = Default
1133 user_domain_name = Default
1134 project_name = service
1135 username = glance
1136 password = glance
[paste_deploy]
......
1910 flavor = keystone
写入镜像服务数据库,可以忽略警告信息
[root@linux-node1 ~]# su -s /bin/sh -c "glance-manage db_sync" glance
[root@linux-node1 ~]# mysql -uglance -pglance -e "use glance;show tables;"
启动镜像服务 glance-api,glance-registry,并配置为开机自启
[root@linux-node1 ~]# systemctl enable openstack-glance-api.service
[root@linux-node1 ~]# systemctl start openstack-glance-api.service
[root@linux-node1 ~]# systemctl status openstack-glance-api.service
[root@linux-node1 ~]# systemctl enable openstack-glance-registry.service
[root@linux-node1 ~]# systemctl start openstack-glance-registry.service
[root@linux-node1 ~]# systemctl status openstack-glance-registry.service
Glance 验证操作
使用 CirrOS 对镜像服务进行验证,CirrOS 是一个小型的 Linux 镜像可以用来帮助你进行 Openstack 部署测试.
获得 admin 凭证来获取只有管理员能执行的命令的访问权限
[root@linux - node1~]#source admin - openrc
下载 CirrOS 源镜像
[root@linux-node1 ~]# wget http://download.cirros-cloud.net/0.3.4/cirros-0.3.4-x86_64-disk.img
[root@linux-node1 ~]# ls -l cirros-0.3.4-x86_64-disk.img
-rw-r--r-- 1 root root 13287936 May 8 2015 cirros-0.3.4-x86_64-disk.img
使用 qcow2 磁盘格式,bare 容器格式上传镜像到镜像服务并设置公共可见,这样所有的项目都可以访问它
[root@linux-node1 ~]# openstack image create "cirros" --file cirros-0.3.4-x86_64-disk.img --disk-format qcow2 --container-format bare --public
+------------------+------------------------------------------------------+
| Field | Value |
+------------------+------------------------------------------------------+
| checksum | ee1eca47dc88f4879d8a229cc70a07c6 |
| container_format | bare |
| created_at | 2018-01-15T07:07:12Z |
| disk_format | qcow2 |
| file | /v2/images/b4223969-0add-4641-8317-18e2b1d25b54/file |
| id | b4223969-0add-4641-8317-18e2b1d25b54 |
| min_disk | 0 |
| min_ram | 0 |
| name | cirros |
| owner | 71c9b608e79546f4b90f710fea475de3 |
| protected | False |
| schema | /v2/schemas/image |
| size | 13287936 |
| status | active |
| tags | |
| updated_at | 2018-01-15T07:07:13Z |
| virtual_size | None |
| visibility | public |
+------------------+------------------------------------------------------+
确认镜像的上传并验证属性
[root@linux-node1 ~]# openstack image list
+--------------------------------------+--------+--------+
| ID | Name | Status |
+--------------------------------------+--------+--------+
| b4223969-0add-4641-8317-18e2b1d25b54 | cirros | active |
+--------------------------------------+--------+--------+
Openstack 之路(三)镜像服务 Glance
来源: http://www.bubuko.com/infodetail-2466171.html