Glance的概述

Glance是为虚拟机的创建提供镜像的服务，我们基于Openstack是构建基本的IaaS平台对外提供虚拟机，而虚拟机在创建时必须为选择需要安装的操作系统，Glance服务就是为该选择提供不同的操作系统镜像。

Glance的组件

Glance-API

主要用来响应各种REST请求然后通过其它模块（主要是glance-registry组件和后端存储接口）完成镜像的上传、删除、查询等操作。可以简单的再分为两部分：一层中间件，它主要是做一些对请求的解析工作（如分析出版本号），另外一部分提供实际的服务（如与镜像上传下载的后端存储接口交互）。默认绑定端口是9292。

Glance-Registry

镜像注册服务用于提供镜像元数据的REST接口。主要工作是存储或者获取镜像的元数据，与MySQL数据库进行交互。也可以简单的再细分为两部分，API和具体的Server。元数据是指镜像相关的一些信息（如id，size， status，location，checksum，min_disk，min_ram，owner等）真正的镜像数据保存在实际所使用的后端存储里（如Swift，S3，Filesystem等）。默认绑定的端口是9191。

Image Store

严格来说Image Store不属于Glance的组件，这里把它单独分出来只是为了方便理解，它只是一个接口层，提供镜像存储和查询的接口。具体的实现则需要外部存储（Swift，S3）的支持。

部署glance

创建数据库

[root@controller01 ~]# mysql -u root -p123456
Welcome to the MariaDB monitor.  Commands end with ; or \g.
Your MariaDB connection id is 47
Server version: 10.2.29-MariaDB-log MariaDB Server

Copyright (c) 2000, 2018, Oracle, MariaDB Corporation Ab and others.

Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.

MariaDB [(none)]> CREATE DATABASE glance;
Query OK, 1 row affected (0.00 sec)

MariaDB [(none)]>  GRANT ALL PRIVILEGES ON glance.* TO 'glance'@'localhost' IDENTIFIED BY '123456';       
Query OK, 0 rows affected (0.01 sec)

MariaDB [(none)]> GRANT ALL PRIVILEGES ON glance.* TO 'glance'@'%' IDENTIFIED BY '123456';       
Query OK, 0 rows affected (0.00 sec)

MariaDB [(none)]> flush privileges;
Query OK, 0 rows affected (0.00 sec)

MariaDB [(none)]>  exit;
Bye

创建glance-api

创建service项目

#创建service项目
#创建1个project，glance/nova/neutron等服务加入到此project；
# service项目在”Default” domain中
[root@controller01 ~]# openstack project create --domain Default --description "Service Project" service
+-------------+----------------------------------+
| Field       | Value                            |
+-------------+----------------------------------+
| description | Service Project                  |
| domain_id   | default                          |
| enabled     | True                             |
| id          | 327a7a4e418140108a8b4fed767e9ffe |
| is_domain   | False                            |
| name        | service                          |
| parent_id   | default                          |
| tags        | []                               |
+-------------+----------------------------------+

创建glance用户

[root@controller01 ~]# openstack user create --domain Default --password-prompt glance 
User Password:
Repeat User Password:
+---------------------+----------------------------------+
| Field               | Value                            |
+---------------------+----------------------------------+
| domain_id           | default                          |
| enabled             | True                             |
| id                  | 2d1a3f9658474db795a7f8834a83a16f |
| name                | glance                           |
| options             | {}                               |
| password_expires_at | None                             |
+---------------------+----------------------------------+

# 为glance用户赋予admin权限
[root@controller01 ~]# openstack role add --project service --user glance admin

# 服务实体类型”image”
[root@controller01 ~]# openstack service create --name glance --description "OpenStack Image" image
+-------------+----------------------------------+
| Field       | Value                            |
+-------------+----------------------------------+
| description | OpenStack Image                  |
| enabled     | True                             |
| id          | c28d6edb3ea04e11add10d410bfca9b9 |
| name        | glance                           |
| type        | image                            |
+-------------+----------------------------------+

# 注意--region与初始化admin用户时生成的region一致；
# api地址统一采用vip，如果public/internal/admin分别使用不同的vip，请注意区分；如果没vip，写单个控制节点的
# 服务类型为image；
# public api
[root@controller01 ~]# openstack endpoint create --region RegionOne image public http://controller01:9292
+--------------+----------------------------------+
| Field        | Value                            |
+--------------+----------------------------------+
| enabled      | True                             |
| id           | f07aab17f01c4d3b8c82e229835fee7f |
| interface    | public                           |
| region       | RegionOne                        |
| region_id    | RegionOne                        |
| service_id   | c28d6edb3ea04e11add10d410bfca9b9 |
| service_name | glance                           |
| service_type | image                            |
| url          | http://controller01:9292         |
+--------------+----------------------------------+

# internal api
[root@controller01 ~]# openstack endpoint create --region RegionOne image internal http://controller01:9292
+--------------+----------------------------------+
| Field        | Value                            |
+--------------+----------------------------------+
| enabled      | True                             |
| id           | 45fd0b57fda148bcbb112a7be056e73a |
| interface    | internal                         |
| region       | RegionOne                        |
| region_id    | RegionOne                        |
| service_id   | c28d6edb3ea04e11add10d410bfca9b9 |
| service_name | glance                           |
| service_type | image                            |
| url          | http://controller01:9292         |
+--------------+----------------------------------+

# admin api
[root@controller01 ~]# openstack endpoint create --region RegionOne image admin http://controller01:9292
+--------------+----------------------------------+
| Field        | Value                            |
+--------------+----------------------------------+
| enabled      | True                             |
| id           | 0278bf6855614b159ed7d7eeaecd0639 |
| interface    | admin                            |
| region       | RegionOne                        |
| region_id    | RegionOne                        |
| service_id   | c28d6edb3ea04e11add10d410bfca9b9 |
| service_name | glance                           |
| service_type | image                            |
| url          | http://controller01:9292         |
+--------------+----------------------------------+

安装glance

1 2	# 在全部控制节点安装glance，以controller01节点为例 [root@controller01 ~]# yum install openstack-glance python-glance python-glanceclient -y

配置glance-api.conf

# 在全部控制节点操作，以controller01节点为例；
# 注意”bind_host”参数，根据节点修改；
# 注意glance-api.conf文件的权限：root:glance
[root@controller01 ~]# cp /etc/glance/glance-api.conf /etc/glance/glance-api.conf.bak
[root@controller01 ~]# egrep -v "^$|^#" /etc/glance/glance-api.conf
[DEFAULT]
ble_v1_api = false
bind_host = 192.168.182.131
[cors]
[database]
connection = mysql+pymysql://glance:123456@controller01/glance
[glance_store]
stores = file,http
default_store = file
filesystem_store_datadir = /var/lib/glance/images/
[image_format]
[keystone_authtoken]
auth_url = http://controller01:5000
memcached_servers = controller01:11211,controller02:11211
auth_type = password
project_domain_name = default
user_domain_name = default
project_name = service
username = glance
password = 123456
[matchmaker_redis]
[oslo_concurrency]
[oslo_messaging_amqp]
[oslo_messaging_kafka]
[oslo_messaging_notifications]
[oslo_messaging_rabbit]
[oslo_messaging_zmq]
[oslo_middleware]
[oslo_policy]
[paste_deploy]
flavor = keystone
[profiler]
[store_type_location_strategy]
[task]
[taskflow_executor]

# 创建镜像存储目录并赋权限；
# /var/lib/glance/images是默认的存储目录
[root@controller01 ~]# mkdir -p /var/lib/glance/images
[root@controller01 ~]# chown glance:nobody /var/lib/glance/images

 #注意

Queens版本中已弃用Glance Registry Service及其API，并且将遵循OpenStack标准弃用策略在“ S”开发周期开始时将其删除。

有关更多信息，请参见Glance规范文档实际上不推荐使用Glance注册表。

同步glance数据库

# 任意控制节点操作；
# 忽略输出的“deprecated”信息
[root@controller01 ~]# su -s /bin/sh -c "glance-manage db_sync" glance
[root@controller01 glance]# su -s /bin/sh -c "glance-manage db_sync" glance
/usr/lib/python2.7/site-packages/oslo_db/sqlalchemy/enginefacade.py:1352: OsloDBDeprecationWarning: EngineFacade is deprecated; please use oslo_db.sqlalchemy.enginefacade
  expire_on_commit=expire_on_commit, _conf=conf)
INFO  [alembic.runtime.migration] Context impl MySQLImpl.
INFO  [alembic.runtime.migration] Will assume non-transactional DDL.
INFO  [alembic.runtime.migration] Running upgrade  -> liberty, liberty initial
INFO  [alembic.runtime.migration] Running upgrade liberty -> mitaka01, add index on created_at and updated_at columns of 'images' table
INFO  [alembic.runtime.migration] Running upgrade mitaka01 -> mitaka02, update metadef os_nova_server
INFO  [alembic.runtime.migration] Running upgrade mitaka02 -> ocata_expand01, add visibility to images
INFO  [alembic.runtime.migration] Running upgrade ocata_expand01 -> pike_expand01, empty expand for symmetry with pike_contract01
INFO  [alembic.runtime.migration] Running upgrade pike_expand01 -> queens_expand01
INFO  [alembic.runtime.migration] Running upgrade queens_expand01 -> rocky_expand01, add os_hidden column to images table
INFO  [alembic.runtime.migration] Running upgrade rocky_expand01 -> rocky_expand02, add os_hash_algo and os_hash_value columns to images table
INFO  [alembic.runtime.migration] Context impl MySQLImpl.
INFO  [alembic.runtime.migration] Will assume non-transactional DDL.
Upgraded database to: rocky_expand02, current revision(s): rocky_expand02
INFO  [alembic.runtime.migration] Context impl MySQLImpl.
INFO  [alembic.runtime.migration] Will assume non-transactional DDL.
INFO  [alembic.runtime.migration] Context impl MySQLImpl.
INFO  [alembic.runtime.migration] Will assume non-transactional DDL.
Database migration is up to date. No migration needed.
INFO  [alembic.runtime.migration] Context impl MySQLImpl.
INFO  [alembic.runtime.migration] Will assume non-transactional DDL.
INFO  [alembic.runtime.migration] Context impl MySQLImpl.
INFO  [alembic.runtime.migration] Will assume non-transactional DDL.
INFO  [alembic.runtime.migration] Running upgrade mitaka02 -> ocata_contract01, remove is_public from images
INFO  [alembic.runtime.migration] Running upgrade ocata_contract01 -> pike_contract01, drop glare artifacts tables
INFO  [alembic.runtime.migration] Running upgrade pike_contract01 -> queens_contract01
INFO  [alembic.runtime.migration] Running upgrade queens_contract01 -> rocky_contract01
INFO  [alembic.runtime.migration] Running upgrade rocky_contract01 -> rocky_contract02
INFO  [alembic.runtime.migration] Context impl MySQLImpl.
INFO  [alembic.runtime.migration] Will assume non-transactional DDL.
Upgraded database to: rocky_contract02, current revision(s): rocky_contract02
INFO  [alembic.runtime.migration] Context impl MySQLImpl.
INFO  [alembic.runtime.migration] Will assume non-transactional DDL.
Database is synced successfully.

#　查看验证
[root@controller01 ~]# mysql -h controller01 -uglance -p123456 -e "use glance;show tables;"
+----------------------------------+
| Tables_in_glance                 |
+----------------------------------+
| alembic_version                  |
| image_locations                  |
| image_members                    |
| image_properties                 |
| image_tags                       |
| images                           |
| metadef_namespace_resource_types |
| metadef_namespaces               |
| metadef_objects                  |
| metadef_properties               |
| metadef_resource_types           |
| metadef_tags                     |
| migrate_version                  |
| task_info                        |
| tasks                            |
+----------------------------------+

启动服务

1
2
3

# 在全部控制节点操作，以controller01节点为例；
# systemctl enable openstack-glance-api.service 
# systemctl start openstack-glance-api.service