官术网_书友最值得收藏!

首頁 >

Production Ready OpenStack:Recipes for Successful Environments

Installing Glance – images service

Glance images service provides services that allow us to store and retrieve operating system disk images to launch instances from. In our example, environment Glance service is installed on the controller node. Glance service consists of two services: Glance API, which is responsible for all API interactions, and glance-registry, which manages image database registry. Each has a configuration file under /etc/glance/.

Getting ready

Before configuring Glance, we need to create a database for it and grant the needed database credentials. We need to create user account for Glance in the Keystone user registry for Glance to be able to authenticate against Keystone. Finally, we will need to open appropriate firewall ports.

Create database

Use MySQL command with root a account to create the Glance database:

[root@controller ~(keystone_admin)]# mysql -u root -p
  1. Create Glance database: 
    MariaDB [(none)]> CREATE DATABASE glance_db;
  2. Create Glance database user account and grant access permissions, where my_glance_db_password is your password: 
    MariaDB [(none)]> GRANT ALL ON glance_db.* TO 
'glance_db_user'@'%' IDENTIFIED BY 'my_glance_db_password';
MariaDB [(none)]> GRANT ALL ON glance.* TO 'glance_db'@'localhost' IDENTIFIED BY 'my_glance_db_password';
  3. Flush all changes: 
    MariaDB [(none)]> FLUSH PRIVILEGES;
  4. At this point, we can quit the MariaDB client: 
    MariaDB [(none)]> quit
  5. Create Glance tables: 
    [root@controller glance(keystone_admin)]# glance-manage db_sync

Create Glance service credentials and endpoint in Keystone

Gain Keystone admin privileges to create Glance service account in Keystone:

[root@controller ~]# source keystonerc_admin
  1. Create a Keystone user account for Glance: 
    [root@controller ~(keystone_admin)]# keystone user-create --name glance --pass glance_password
  2. Add an admin role to the glance user and services tenants: 
    [root@controller ~(keystone_admin)]# keystone user-role-add --user glance --role admin --tenant services
  3. Create a glance service: 
    [root@controller ~(keystone_admin)]# keystone service-create --name glance --type image --description "Glance Image Service"
  4. Create an endpoint for glance service: 
    [root@controller ~(keystone_admin)]# keystone endpoint-create --service glance --publicurl "http://10.10.0.1:9292" --adminurl "http://10.10.0.1:9292" --internalurl "http://10.10.0.1:9292"

Open service firewall ports

  1. Set Glance to use port 9292, edit /etc/glance/glance-api.conf with following lines: 
    bind_host = 10.10.0.1
bind_port = 9292
  2. Add a firewall rule: 
    [root@controller ~(keystone_admin)]# firewall-cmd --permanent --add-port=9292/tcp

Install service packages

Install Glance service packages using yum command:

[root@controller ~]# yum install -y openstack-glance

Service configuration

At this point, all prerequisites for Glance should be ready and we can go ahead and configure Glance. We need to set its database connection, configure Glance to use RabbitMQ, and configure Glances authentication strategy to use Keystone.

How to do it...

Follow these steps to configure Glance image service:

Configure database connection

  1. Set the connection string for glance-api: 
    [root@controller ~(keystone_admin)]# openstack-config --set /etc/glance/glance-api.conf DEFAULT sql_connection mysql://glance_db_user:glance_db_password@10.10.0.1/glance_db
  2. Set connection string for glance-registry: 
    [root@el7-icehouse-controller ~(keystone_admin)]# openstack-config --set /etc/glance/glance-registry.conf DEFAULT sql_connection mysql://glance_db_user:glance_db_password@10.10.0.1/glance_db
  3. Configure the message broker using openstack-config command: 
    # openstack-config --set /etc/glance/glance-api.conf DEFAULT \rpc_backend rabbit
# openstack-config --set /etc/glance/glance-api.conf DEFAULT \rabbit_host 10.10.0.1
# openstack-config --set /etc/glance/glance-api.conf DEFAULT \rabbit_userid guest
# openstack-config --set /etc/glance/glance-api.conf DEFAULT \rabbit_password guest_password

Configure Glance service

  1. Configure Glance to use Keystone as an authentication method: 
    [root@controller ~(keystone_admin)]# openstack-config --set /etc/glance/glance-api.conf paste_deploy flavor keystone
[root@controller ~(keystone_admin)]# openstack-config --set /etc/glance/glance-api.conf keystone_authtoken auth_host 10.10.0.1
[root@controller ~(keystone_admin)]# openstack-config --set /etc/glance/glance-api.conf keystone_authtoken auth_port 35357
[root@controller ~(keystone_admin)]# openstack-config --set /etc/glance/glance-api.conf keystone_authtoken auth_protocol http
[root@controller ~(keystone_admin)]# openstack-config --set /etc/glance/glance-api.conf keystone_authtoken admin_tenant_name services
[root@controller ~(keystone_admin)]# openstack-config --set /etc/glance/glance-api.conf keystone_authtoken admin_user glance
[root@controller ~(keystone_admin)]# openstack-config --set /etc/glance/glance-api.conf keystone_authtoken admin_password glance_password
  2. Now configure glance-registry to use Keystone for authentication: 
    [root@controller ~(keystone_admin)]# openstack-config --set /etc/glance/glance-registry.conf paste_deploy flavor keystone
[root@controller ~(keystone_admin)]# openstack-config --set /etc/glance/glance-registry.conf keystone_authtoken auth_host 192.168.200.258
[root@controller ~(keystone_admin)]# openstack-config --set /etc/glance/glance-registry.conf keystone_authtoken auth_port 35357 
[root@controller ~(keystone_admin)]# openstack-config --set /etc/glance/glance-registry.conf keystone_authtoken auth_protocol http
[root@controller ~(keystone_admin)]# openstack-config --set /etc/glance/glance-registry.conf keystone_authtoken admin_tenant_name services
[root@controller ~(keystone_admin)]# openstack-config --set /etc/glance/glance-registry.conf keystone_authtoken admin_user glance
[root@controller ~(keystone_admin)]# openstack-config --set /etc/glance/glance-registry.conf keystone_authtoken admin_password password

    Note

    By default, Glance will store images as files in a local directory /var/lib/glance/images/, so this configuration is not needed at this point.

  3. Start and enable the service: 
    [root@controller ~]# systemctl start openstack-glance-api
[root@controller ~]# systemctl start openstack-glance-registry

There's more…

If the installation and configuration was successful, we can upload our fist image to Glance registry. CirrOS Linux image is a good candidate as it is extremely small in size and functional enough to test most OpenStack's functionalities.

Verify successful installation

If glance was successfully installed and configured, we may upload our fist image.

  1. First, download a CirrOS image to the controller node: 
    [root@controller glance(keystone_admin)]# wget http://download.cirros-cloud.net/0.3.4/cirros-0.3.4-x86_64-disk.img
Then, upload the image to Glance registry using glance image-create command:
[root@controller glance(keystone_admin)]# glance image-create--name="cirros-0.3.2-x86_64" --disk-format=qcow2 --container-format=bare --is-public=true -–file cirros-0.3.2-x86_64-disk.img
  2. List all glance images using glance image-list command: 
    [root@controller glance(keystone_admin)]# glance image-list
If the upload of the image was successful, the Cirros image will appear in the list.
主站蜘蛛池模板: 唐河县| 云南省| 金塔县| 巨鹿县| 朝阳市| 滦平县| 密山市| 锡林浩特市| 合肥市| 呼玛县| 泗阳县| 双辽市| 山东| 新闻| 吉隆县| 新泰市| 朝阳县| 会同县| 乌拉特中旗| 虹口区| 墨玉县| 陆河县| 周宁县| 吉林省| 常德市| 达孜县| 方山县| 渭南市| 呼和浩特市| 徐汇区| 郓城县| 湖南省| 灵宝市| 秭归县| 凌云县| 宿州市| 蒙山县| 象州县| 石楼县| 临汾市| 巴彦淖尔市|