十一、Glance集羣部署
https://docs.openstack.org/glance/train/install/install-rdo.html
Glance 具體功能如下:
- 提供 RESTful API 讓用戶能夠查詢和獲取鏡像的元數據和鏡像本身;
- 支持多種方式存儲鏡像,包括普通的文件系統、Swift、Ceph 等;
- 對實例執行快照創建新的鏡像。
1. 創建glance數據庫
在任意控制節點創建數據庫,數據庫自動同步,以controller01節點爲例;
mysql -u root -p
CREATE DATABASE glance;
GRANT ALL PRIVILEGES ON glance.* TO 'glance'@'localhost' IDENTIFIED BY 'Zxzn@2020';
GRANT ALL PRIVILEGES ON glance.* TO 'glance'@'%' IDENTIFIED BY 'Zxzn@2020';
flush privileges;
2. 創建glance-api相關服務憑證
在任意控制節點創建數據庫,以controller01節點爲例;
source admin-openrc
#創建service項目
openstack project create --domain default --description "Service Project" service
#創建glance用戶
openstack user create --domain default --password Zxzn@2020 glance
#將管理員admin用戶添加到glance用戶和項目中
openstack role add --project service --user glance admin
#創建glance服務實體
openstack service create --name glance --description "OpenStack Image" image
#創建glance-api;9293端口爲haproxy的glance_api_cluster監聽端口
openstack endpoint create --region RegionOne image public http://10.15.253.88:9293
openstack endpoint create --region RegionOne image internal http://10.15.253.88:9293
openstack endpoint create --region RegionOne image admin http://10.15.253.88:9293
#查看創建之後的api;
openstack endpoint list
3. 部署與配置glance
3.1 安裝glance
在全部控制節點安裝glance,以controller01節點爲例
yum install openstack-glance python3-glance python3-glanceclient -y
#備份Keystone配置文件
cp /etc/glance/glance-api.conf{,.bak}
egrep -v '^$|^#' /etc/glance/glance-api.conf.bak >/etc/glance/glance-api.conf
3.2 配置glance-api.conf
openstack-config --set /etc/glance/glance-api.conf DEFAULT bind_host 10.15.253.88
openstack-config --set /etc/glance/glance-api.conf database connection mysql+pymysql://glance:Zxzn@[email protected]/glance
openstack-config --set /etc/glance/glance-api.conf glance_store stores file,http
openstack-config --set /etc/glance/glance-api.conf glance_store default_store file
openstack-config --set /etc/glance/glance-api.conf glance_store filesystem_store_datadir /var/lib/glance/images/
openstack-config --set /etc/glance/glance-api.conf keystone_authtoken www_authenticate_uri http://10.15.253.88:5000
openstack-config --set /etc/glance/glance-api.conf keystone_authtoken auth_url http://10.15.253.88:5000
openstack-config --set /etc/glance/glance-api.conf keystone_authtoken memcached_servers controller01:11211,controller02:11211,controller03:11211
openstack-config --set /etc/glance/glance-api.conf keystone_authtoken auth_type password
openstack-config --set /etc/glance/glance-api.conf keystone_authtoken project_domain_name Default
openstack-config --set /etc/glance/glance-api.conf keystone_authtoken user_domain_name Default
openstack-config --set /etc/glance/glance-api.conf keystone_authtoken project_name service
openstack-config --set /etc/glance/glance-api.conf keystone_authtoken username glance
openstack-config --set /etc/glance/glance-api.conf keystone_authtoken password Zxzn@2020
openstack-config --set /etc/glance/glance-api.conf paste_deploy flavor keystone
將配置文件拷貝到另外兩個節點:
scp -rp /etc/glance/glance-api.conf controller02:/etc/glance/glance-api.conf
scp -rp /etc/glance/glance-api.conf controller03:/etc/glance/glance-api.conf
創建鏡像存儲目錄並賦權限;在全部控制節點創建
/var/lib/glance/images
是默認的存儲目錄
mkdir /var/lib/glance/images/
chown glance:nobody /var/lib/glance/images
3.3 同步glance數據庫
任意控制節點操作;同步寫入鏡像數據庫;忽略輸出內容
su -s /bin/sh -c "glance-manage db_sync" glance
驗證glance數據庫是否正常寫入
[root@controller01 ~]# mysql -uglance -pZxzn@2020 -e "use glance;show tables;"
+----------------------------------+
| Tables_in_glance |
+----------------------------------+
| alembic_version |
| image_locations |
| image_members |
| image_properties |
| image_tags |
| images |
| metadef_namespace_resource_types |
| metadef_namespaces |
| metadef_objects |
| metadef_properties |
| metadef_resource_types |
| metadef_tags |
| migrate_version |
| task_info |
| tasks |
+----------------------------------+
3.4 啓動服務
全部控制節點;
systemctl enable openstack-glance-api.service
systemctl restart openstack-glance-api.service
systemctl status openstack-glance-api.service
[root@controller01 ~]# lsof -i:9292
COMMAND PID USER FD TYPE DEVICE SIZE/OFF NODE NAME
glance-ap 814182 glance 3u IPv4 8097519 0t0 TCP myvip:armtechdaemon (LISTEN)
glance-ap 814202 glance 3u IPv4 8097519 0t0 TCP myvip:armtechdaemon (LISTEN)
glance-ap 814203 glance 3u IPv4 8097519 0t0 TCP myvip:armtechdaemon (LISTEN)
3.5 下載cirros鏡像驗證glance服務
在任意控制節點上;下載cirros鏡像;格式指定爲qcow2,bare;設置public權限;
鏡像生成後,在指定的存儲目錄下生成以鏡像id命名的鏡像文件
source admin-openrc
wget -c http://download.cirros-cloud.net/0.5.1/cirros-0.5.1-x86_64-disk.img
openstack image create --file ~/cirros-0.5.1-x86_64-disk.img --disk-format qcow2 --container-format bare --public cirros-qcow2
[root@controller01 ~]# openstack image list
+--------------------------------------+--------------+--------+
| ID | Name | Status |
+--------------------------------------+--------------+--------+
| e9ab1659-63ce-4417-877c-8de297488bae | cirros-qcow2 | active |
+--------------------------------------+--------------+--------+
3.6 添加pcs資源
在任意控制節點操作;添加資源openstack-glance-api
;
[root@controller01 ~]# pcs resource create openstack-glance-api systemd:openstack-glance-api clone interleave=true
[root@controller01 ~]# pcs resource
* vip (ocf::heartbeat:IPaddr2): Started controller03
* Clone Set: openstack-keystone-clone [openstack-keystone]:
* Started: [ controller01 controller02 controller03 ]
* Clone Set: lb-haproxy-clone [lb-haproxy]:
* Started: [ controller03 ]
* Stopped: [ controller01 controller02 ]
* Clone Set: openstack-glance-api-clone [openstack-glance-api]: #glance
* Started: [ controller01 controller02 controller03 ]