中小企业openstack私有云布署实践【9.1 Glance镜像管理（科兴环境）】

首先登录kxcontroller1创建kx_glance数据库，并赋于远程和本地访问的权限。

mysql -u root -p

CREATE DATABASE kx_glance;

GRANT ALL PRIVILEGES ON kx_glance.* TO ‘glance‘@‘localhost‘ IDENTIFIED BY ‘venic8888‘;

GRANT ALL PRIVILEGES ON kx_glance.* TO ‘glance‘@‘%‘ IDENTIFIED BY ‘venic8888‘;

flush PRIVILEGES;

二、身份认证调用创建

只在kxcontroller1一台上执行即可

source admin-openrc.sh

创建glance用户的密码,我统一配glance

openstack user create --domain default --password-prompt glance

User Password:

Repeat User Password:

+-----------+----------------------------------+

| Field | Value |

+-----------+----------------------------------+

| domain_id | default |

| enabled | True |

| id | e38230eeff474607805b596c91fa15d9 |

| name | glance |

+-----------+----------------------------------+

openstack role add --project service --user glance admin

openstack service create --name glance --description "OpenStack Image service" image

+-------------+----------------------------------+

| Field | Value |

+-------------+----------------------------------+

| description | OpenStack Image service |

| enabled | True |

| id | 8c2c7f1b9b5049ea9e63757b5533e6d2 |

| name | glance |

| type | image |

+-------------+----------------------------------+

openstack endpoint create --region RegionTwo image public http://kxcontroller:9292

+--------------+----------------------------------+

| Field | Value |

+--------------+----------------------------------+

| enabled | True |

| id | 340be3625e9b4239a6415d034e98aace |

| interface | public |

| region | RegionTwo |

| region_id | RegionTwo |

| service_id | 8c2c7f1b9b5049ea9e63757b5533e6d2 |

| service_name | glance |

| service_type | image |

| url | http://kxcontroller:9292 |

+--------------+----------------------------------+

openstack endpoint create --region RegionTwo image internal http://controller:9292

+--------------+----------------------------------+

| Field | Value |

+--------------+----------------------------------+

| enabled | True |

| id | a6e4b153c2ae4c919eccfdbb7dceb5d2 |

| interface | internal |

| region | RegionTwo |

| region_id | RegionTwo |

| service_id | 8c2c7f1b9b5049ea9e63757b5533e6d2 |

| service_name | glance |

| service_type | image |

| url | http://kxcontroller:9292 |

+--------------+----------------------------------+

openstack endpoint create --region RegionTwo image admin http://kxcontroller:9292

+--------------+----------------------------------+

| Field | Value |

+--------------+----------------------------------+

| enabled | True |

| id | 0c37ed58103f4300a84ff125a539032d |

| interface | admin |

| region | RegionTwo |

| region_id | RegionTwo |

| service_id | 8c2c7f1b9b5049ea9e63757b5533e6d2 |

| service_name | glance |

| service_type | image |

| url | http://kxcontroller:9292 |

+--------------+----------------------------------+

三、下载安装glance组件

2台kxcontroller同时下载

yum install openstack-glance python-glance python-glanceclient -y

controller修改配置api文件

在kxcontroller1上

[[email protected] ~]# vi /etc/glance/glance-api.conf

[DEFAULT]

notification_driver = noop

verbose = True

rpc_backend = rabbit

bind_host = 10.120.42.1

bind_port = 9292

registry_host=10.120.42.10

registry_port=9191

[database]

connection = mysql://glance:[email protected]/kx_glance

[keystone_authtoken]

auth_uri = http://kxcontroller:5000

auth_url = http://kxcontroller:35357

auth_plugin = password

project_domain_id = default

user_domain_id = default

project_name = service

username = glance

password = glance

[paste_deploy]

flavor = keystone

[glance_store]

default_store = file

filesystem_store_datadir = /home/local/glance/images/

在kxcontroller2上

[[email protected] ~]# vi /etc/glance/glance-api.conf

[DEFAULT]

notification_driver = noop

verbose = True

rpc_backend = rabbit

bind_host = 10.120.42.2

bind_port = 9292

registry_host=10.120.42.10

registry_port=9191

[database]

connection = mysql://glance:[email protected]/kx_glance

[keystone_authtoken]

auth_uri = http://kxcontroller:5000

auth_url = http://kxcontroller:35357

auth_plugin = password

project_domain_id = default

user_domain_id = default

project_name = service

username = glance

password = glance

[paste_deploy]

flavor = keystone

[glance_store]

default_store = file

filesystem_store_datadir = /home/local/glance/images/

配置完成后，两台kxcontroller需要创建目录

mkdir -p /home/local/glance/images/

chown -R glance:glance /home/local/glance

两台kxcontroller修改配置registry文件

在kxcontroller1上

vi /etc/glance/glance-registry.conf

[DEFAULT]

notification_driver = noop

verbose = True

rpc_backend = rabbit

bind_host = 10.120.42.1

bind_port = 9191

[database]

connection = mysql://glance:[email protected]/kx_glance

[keystone_authtoken]

auth_uri = http://kxcontroller:5000

auth_url = http://kxcontroller:35357

auth_plugin = password

project_domain_id = default

user_domain_id = default

project_name = service

username = glance

password = glance

[paste_deploy]

flavor = keystone

在kxcontroller2上

vi /etc/glance/glance-registry.conf

[DEFAULT]

notification_driver = noop

verbose = True

rpc_backend = rabbit

bind_host = 10.120.42.2

bind_port = 9191

[database]

connection = mysql://glance:[email protected]/kx_glance

[keystone_authtoken]

auth_uri = http://kxcontroller:5000

auth_url = http://kxcontroller:35357

auth_plugin = password

project_domain_id = default

user_domain_id = default

project_name = service

username = glance

password = glance

[paste_deploy]

flavor = keystone

其中一台kxcontroller同步数据库

su -s /bin/sh -c "glance-manage db_sync" glance

2台kxcontroller都启动服务，加入开机自启

# systemctl enable openstack-glance-api.service openstack-glance-registry.service

# systemctl start openstack-glance-api.service openstack-glance-registry.service

注意点:

验证，查看haproxy工作是否正常，是否变绿色。

在其中带有VIP的controller上创建一个镜像，介时镜像包会放置在VIP的kxcontroller的/home/local/glance/images/下，另外1台没有。后续我们可以使用文件Rsync同步功能将他们同步

添加环境变量配置文件，2台都要加

cd /root/

echo "export OS_IMAGE_API_VERSION=2" | tee -a admin-openrc.sh demo-openrc.sh

source admin-openrc.sh

wget http://download.cirros-cloud.net/0.3.4/cirros-0.3.4-x86_64-disk.img

glance image-create --name "cirros" \

--file cirros-0.3.4-x86_64-disk.img \

--disk-format qcow2 --container-format bare \

--visibility public --progress

[=============================>] 100%

+------------------+--------------------------------------+

| Property | Value |

+------------------+--------------------------------------+

| checksum | 133eae9fb1c98f45894a4e60d8736619 |

| container_format | bare |

| created_at | 2015-03-26T16:52:10Z |

| disk_format | qcow2 |

| id | 38047887-61a7-41ea-9b49-27987d5e8bb9 |

| min_disk | 0 |

| min_ram | 0 |

| name | cirros |

| owner | ae7a98326b9c455588edd2656d723b9d |

| protected | False |

| size | 13200896 |

| status | active |

| tags | [] |

| updated_at | 2015-03-26T16:52:10Z |

| virtual_size | None |

| visibility | public |

+------------------+--------------------------------------+

验证镜像文件是否存在，以备后续调用

glance image-list

时间： 2025-01-13 08:44:06

中小企业openstack私有云布署实践【9.1 Glance镜像管理（科兴环境）】的相关文章

中小企业openstack私有云布署实践【7.2 keystone + memcache (办公网环境）】

首先登录controller1创建keystone数据库,并赋于远程和本地访问的权限. mysql -u root -p CREATE DATABASE keystone; GRANT ALL PRIVILEGES ON keystone.* TO 'keystone'@'localhost' IDENTIFIED BY 'venic8888'; GRANT ALL PRIVILEGES ON keystone.* TO 'keystone'@'%' IDENTIFIED BY 'veni

中小企业openstack私有云布署实践【12.2 网络Neutron-controller节点配置（办公网环境）】

网络这一块推荐使用的是 Neutron--LinuxBirdge的Ha高可用,此高可用方案对Public作用不是很大,Public只用到DHCP,而Private则会用到L3 Agent,则此方案是有用的,但要关掉和牺牲一个L3 population的特性--抑制ARP报文广播.原因在下文的配置文件有说明,并因我们布的是私有云,不像公有云的多租户private网络数量之大,这个特性牺牲在中小私有云是可接受的. 一.首先登录controller1创建neutron数据库,并赋于远程和本地访问的权限

中小企业openstack私有云布署实践【9.3 主从controller单向同步glance-image目录】

采用Rysnc单向同步,而不用双方实时同步,原因是在历史的运行过程中,我们发现,有些镜像包太大,当在主用的glance将镜像保存时,并不是一时半会就把镜像保存好,当主用在保存时,备用节点又在实时同步那个正常拷贝保存状态中的不完整主用文件,因此我们会看到在备节点上,它删了又拷的方式,非常损耗机器的硬盘. 所以我们采用Rysnc单向同步, 做这一步时,我已布署好了之前的集群.下面的示例是以办公网测试环境为例,科兴的雷同,只是IP和主机名不同而已使用root用户运行源服务器controller2的进

中小企业openstack私有云布署实践【1 网络拓扑说明】

图1说明:办公网的openstack使用2台交换机,10.40.40.2是24口 10.40.40.6是48口,管理网段接10.40.40.2VLAN1002 虚拟机的public网段接10.40.40.6的VLAN1100 .因为10.40.40.6可以支持一个接口配置多个网段,而另一台交换机不支持也是为了将来可以方便横向扩展. 图2图3说明:科兴交换机是复用之前的6台交换机,两两做堆叠,并且使用trunk打通VLAN,这个配置VLAN 42 和VLAN 1200 VLAN 42

中小企业openstack私有云布署实践【16.3 Windows Server2008 R2 只有C盘分区镜像制作】

之所以要只有C盘分区镜像,是因为在创建VM或者调整云主机的硬盘大小时,它能自动扩容.无需人工介入参考http://www.iyunv.com/thread-45149-1-1.html的灵感在原来的物理机10.40.41.1的CentOS 6.7上制作镜像. 宿主机坱要安装KVM相关软件: yum groupinstall Virtualization "Virtualization Client" -y yum install libvirt libguestfs-tools q

中小企业openstack私有云布署实践【15 创建租户网络+实例】

这里以办公网测试环境为例, (一)创建租户demo的网络使用admin用户 source admin-openrc.sh 创建public公网 neutron net-create 1040100 --shared --provider:physical_network public --provider:network_type flat --router:external 声明public网段DHCP等信息 neutron subnet-create 1040100 10.40.100

中小企业openstack私有云布署实践【11.3 计算nova - compute节点-nova用户免密登录（用于云主机冷迁移+扩展云主机大小）】

云主机迁移+扩展云主机大小 ,官方说它依赖nova用户之间的免密登录.确保每个resion区域的compute节点服务器他们可以相互SSH免密 compute1-7 他们相互SSH免密 kxcompute1-9 他们相互SSH免密 1.注意!是每台机器上的nova用户向另一台机器的nova用户的免密登录每台compute节点修改ssh配置,目的是为了不让其提示输入yes保存密钥 vi /etc/ssh/ssh_config 尾部添加 StrictHostKeyChecking no

中小企业openstack私有云布署实践【13.2 网络Neutron-compute节点配置（办公网环境）】

所有compute节点下载安装组件 # yum install openstack-neutron openstack-neutron-linuxbridge ebtables ipset -y 修改新增内核参数: vi /etc/sysctl.conf net.ipv4.conf.default.rp_filter=0 net.ipv4.conf.all.rp_filter=0 net.bridge.bridge-nf-call-iptables=1 net.bridge.bridge-nf

中小企业openstack私有云布署实践【16.2 Ubuntu1404 只有根分区镜像制作】

之所以要只有根分区镜像,是因为在创建VM或者调整云主机的硬盘大小时,它能自动扩容.无需人工介入在原来的物理机10.40.41.1的CentOS 6.7上制作镜像. 宿主机坱要安装KVM相关软件: yum groupinstall Virtualization "Virtualization Client" -y yum install libvirt libguestfs-tools qemu virt-manager virt-viewer qemu-kvm virt-instal