② OpenStack高可用集羣部署方案(train版)—Glance

十一、Glance集羣部署

https://docs.openstack.org/glance/train/install/install-rdo.html

Glance 具體功能如下：

• 提供 RESTful API 讓用戶能夠查詢和獲取鏡像的元數據和鏡像本身；
• 支持多種方式存儲鏡像，包括普通的文件系統、Swift、Ceph 等；
• 對實例執行快照創建新的鏡像。

1. 創建glance數據庫

在任意控制節點創建數據庫，數據庫自動同步，以controller01節點爲例；

mysql -u root -p
CREATE DATABASE glance;
GRANT ALL PRIVILEGES ON glance.* TO 'glance'@'localhost' IDENTIFIED BY 'Zxzn@2020';
GRANT ALL PRIVILEGES ON glance.* TO 'glance'@'%' IDENTIFIED BY 'Zxzn@2020';
flush privileges;

2. 創建glance-api相關服務憑證

在任意控制節點創建數據庫，以controller01節點爲例；

source admin-openrc
#創建service項目
openstack project create --domain default --description "Service Project" service

#創建glance用戶
openstack user create --domain default --password Zxzn@2020 glance

#將管理員admin用戶添加到glance用戶和項目中
openstack role add --project service --user glance admin

#創建glance服務實體
openstack service create --name glance --description "OpenStack Image" image

#創建glance-api;9293端口爲haproxy的glance_api_cluster監聽端口
openstack endpoint create --region RegionOne image public http://10.15.253.88:9293
openstack endpoint create --region RegionOne image internal http://10.15.253.88:9293
openstack endpoint create --region RegionOne image admin http://10.15.253.88:9293

#查看創建之後的api;
openstack endpoint list

3. 部署與配置glance

3.1 安裝glance

在全部控制節點安裝glance，以controller01節點爲例

yum install openstack-glance python3-glance python3-glanceclient -y

#備份Keystone配置文件
cp /etc/glance/glance-api.conf{,.bak}
egrep -v '^$|^#' /etc/glance/glance-api.conf.bak >/etc/glance/glance-api.conf

3.2 配置glance-api.conf

openstack-config --set /etc/glance/glance-api.conf DEFAULT bind_host 10.15.253.88
openstack-config --set /etc/glance/glance-api.conf database connection  mysql+pymysql://glance:Zxzn@[email protected]/glance
openstack-config --set /etc/glance/glance-api.conf glance_store stores file,http
openstack-config --set /etc/glance/glance-api.conf glance_store default_store file
openstack-config --set /etc/glance/glance-api.conf glance_store filesystem_store_datadir /var/lib/glance/images/
openstack-config --set /etc/glance/glance-api.conf keystone_authtoken www_authenticate_uri   http://10.15.253.88:5000
openstack-config --set /etc/glance/glance-api.conf keystone_authtoken auth_url  http://10.15.253.88:5000
openstack-config --set /etc/glance/glance-api.conf keystone_authtoken memcached_servers controller01:11211,controller02:11211,controller03:11211
openstack-config --set /etc/glance/glance-api.conf keystone_authtoken auth_type password
openstack-config --set /etc/glance/glance-api.conf keystone_authtoken project_domain_name Default
openstack-config --set /etc/glance/glance-api.conf keystone_authtoken user_domain_name Default
openstack-config --set /etc/glance/glance-api.conf keystone_authtoken project_name  service
openstack-config --set /etc/glance/glance-api.conf keystone_authtoken username glance
openstack-config --set /etc/glance/glance-api.conf keystone_authtoken password Zxzn@2020
openstack-config --set /etc/glance/glance-api.conf paste_deploy flavor keystone

將配置文件拷貝到另外兩個節點：

scp -rp /etc/glance/glance-api.conf controller02:/etc/glance/glance-api.conf
scp -rp /etc/glance/glance-api.conf controller03:/etc/glance/glance-api.conf

創建鏡像存儲目錄並賦權限；在全部控制節點創建

/var/lib/glance/images是默認的存儲目錄

mkdir /var/lib/glance/images/
chown glance:nobody /var/lib/glance/images

3.3 同步glance數據庫

任意控制節點操作；同步寫入鏡像數據庫;忽略輸出內容

su -s /bin/sh -c "glance-manage db_sync" glance

驗證glance數據庫是否正常寫入

[root@controller01 ~]# mysql -uglance -pZxzn@2020 -e "use glance;show tables;"
+----------------------------------+
| Tables_in_glance                 |
+----------------------------------+
| alembic_version                  |
| image_locations                  |
| image_members                    |
| image_properties                 |
| image_tags                       |
| images                           |
| metadef_namespace_resource_types |
| metadef_namespaces               |
| metadef_objects                  |
| metadef_properties               |
| metadef_resource_types           |
| metadef_tags                     |
| migrate_version                  |
| task_info                        |
| tasks                            |
+----------------------------------+

3.4 啓動服務

全部控制節點；

systemctl enable openstack-glance-api.service
systemctl restart openstack-glance-api.service
systemctl status openstack-glance-api.service

[root@controller01 ~]# lsof -i:9292 
COMMAND      PID   USER   FD   TYPE  DEVICE SIZE/OFF NODE NAME
glance-ap 814182 glance    3u  IPv4 8097519      0t0  TCP myvip:armtechdaemon (LISTEN)
glance-ap 814202 glance    3u  IPv4 8097519      0t0  TCP myvip:armtechdaemon (LISTEN)
glance-ap 814203 glance    3u  IPv4 8097519      0t0  TCP myvip:armtechdaemon (LISTEN)

3.5 下載cirros鏡像驗證glance服務

在任意控制節點上;下載cirros鏡像；格式指定爲qcow2，bare；設置public權限；

鏡像生成後，在指定的存儲目錄下生成以鏡像id命名的鏡像文件

source admin-openrc
wget -c http://download.cirros-cloud.net/0.5.1/cirros-0.5.1-x86_64-disk.img

openstack image create --file ~/cirros-0.5.1-x86_64-disk.img --disk-format qcow2 --container-format bare --public cirros-qcow2

[root@controller01 ~]# openstack image list
+--------------------------------------+--------------+--------+
| ID                                   | Name         | Status |
+--------------------------------------+--------------+--------+
| e9ab1659-63ce-4417-877c-8de297488bae | cirros-qcow2 | active |
+--------------------------------------+--------------+--------+

3.6 添加pcs資源

在任意控制節點操作；添加資源openstack-glance-api；

[root@controller01 ~]# pcs resource create openstack-glance-api systemd:openstack-glance-api clone interleave=true

[root@controller01 ~]# pcs resource
  * vip (ocf::heartbeat:IPaddr2):   Started controller03
  * Clone Set: openstack-keystone-clone [openstack-keystone]:
    * Started: [ controller01 controller02 controller03 ]
  * Clone Set: lb-haproxy-clone [lb-haproxy]:
    * Started: [ controller03 ]
    * Stopped: [ controller01 controller02 ]
  * Clone Set: openstack-glance-api-clone [openstack-glance-api]:   #glance
    * Started: [ controller01 controller02 controller03 ]