1. Glasce Architecture
The glass architecture is shown in Fig. 1-1.
Figure 1-1 Architecture of glass
Figure 1-2 Grace schema diagram in the official open stack document
1) Mirror service components:
Glance-api: is an external API interface that can accept external API mirroring requests.REST Request is mainly used to analyze, distribute, respond to various mirror management, and then through other modules (EG. glance-registry, Store Backend back-end storage interface) to complete the operation of image discovery, acquisition, storage, etc.The default binding port is 9292.
Glance provides the REST API to support the following mirroring operations: query, register, upload, get, delete, access rights management
glance-registry: Used to store, process, and obtain Image Metadata.Image Metadata REST Request is responded to from glance-api, and then interacts with MySQL to store, process, and retrieve Image Metadate.The default binding port is 9191.
_glance-db: Supported by MySQL in Openstack for storing Image Metadata.
Image Metadate: Refers to the storage of MySQL Database by glance-registry; image chunk data is stored in and obtained from various backend store s by glance-store.
Glance Store: Used to store mirror files.Contact the glance-api through the Store Backend backend storage interface.Through this interface, glances can get a mirror file from the Image Store and hand it over to Nova to create a virtual machine.
_Glance supports multiple Imange Store scenarios through Store Adapter
Support swift, file system, s3, sheepdog, rbd, cinder, etc.
2)image has access to:
public: Can be used by all tenant s.
private Private / Projects: Can only be used by tenant where image owner is located.
Shared: A non-shared image can be shared to another tenant through member-* operations.
Protected: The image of protected cannot be deleted.
3) The various states of the image
queued: There is no image data uploaded, only metadata in db.
Save: uploading image data
active: normal state
deleted/pending_delete: deleted/pending delete
killed:image metadata incorrect, waiting to be deleted.
2. Image formats supported by Glance
raw - Unstructured Mirror Format
_vhd - A universal virtual machine disk format for Vmware, Xen, Microsoft Virtual PC/Virtual Server/Hyper-V, VirtualBox, etc.
_vmdk-Vmware's virtual machine disk format, also supports multiple Hypervisor s
_vdi-Virtual Box, QEMU, etc. Supported Virtual Machine Disk Formats
_qcow2 - A disk format that supports QEMU and can be dynamically extended
_aki-Amazon Kernel Mirror
_ari-Amazon Ramdisk mirror
_ami-Amazon Virtual Machine Mirroring
3. Common interview questions
1) openstack docks ceph cluster, which format does image use?
A: Use the raw format.
2) The difference between raw and qcow 2:
A:
(1) Differences in space occupancy, such as 20G specified space, 20G for raw, and 5G for qcow2, which is used to save space;
(2) If you use the raw format with ceph, it is more compatible with the raw format, even if you specify the qcow2 format, the back end will be converted to the raw format first.
4. Working process of glance components
5. Actual warfare: glass's manual build
5.1. Installation Configuration of Control Nodes
(1) Create a glass database:
[root@controller ~]# mysql -uroot -popenstack <<EOF create database glance; GRANT ALL PRIVILEGES ON glance.* TO 'glance'@'localhost' IDENTIFIED BY 'openstack'; GRANT ALL PRIVILEGES ON glance.* TO 'glance'@'%' IDENTIFIED BY 'openstack'; EOF
(2) Create a glance user and add an administrator role to the service project
[root@controller ~]# source admin_openrc
//To execute this sentence separately, enter the password of the glance user:
[root@controller ~]# openstack user create --domain default --password-prompt glance
User Password:
Repeat User Password:
+---------------------+----------------------------------+
| Field | Value |
+---------------------+----------------------------------+
| domain_id | default |
| enabled | True |
| id | cd90f56cf9bc4c8f8a01f88c5c179762 |
| name | glance |
| options | {} |
| password_expires_at | None |
+---------------------+----------------------------------+
[root@controller ~]# openstack role add --project service --user glance admin(3) Create glance services and ports
[root@controller ~]# openstack service create --name glance --description "OpenStack Image" image +-------------+----------------------------------+ | Field | Value | +-------------+----------------------------------+ | description | OpenStack Image | | enabled | True | | id | ad61f9ee483e4bea9cb374796f097dd3 | | name | glance | | type | image | +-------------+----------------------------------+ [root@controller ~]# openstack endpoint create --region RegionOne image public http://controller:9292 +--------------+----------------------------------+ | Field | Value | +--------------+----------------------------------+ | enabled | True | | id | b781cb1117f040f1a18615b649fb5388 | | interface | public | | region | RegionOne | | region_id | RegionOne | | service_id | ad61f9ee483e4bea9cb374796f097dd3 | | service_name | glance | | service_type | image | | url | http://controller:9292 | +--------------+----------------------------------+ [root@controller ~]# openstack endpoint create --region RegionOne image internal http://controller:9292 +--------------+----------------------------------+ | Field | Value | +--------------+----------------------------------+ | enabled | True | | id | 129da42ca64c4cfb821afcf3c2e81dfd | | interface | internal | | region | RegionOne | | region_id | RegionOne | | service_id | ad61f9ee483e4bea9cb374796f097dd3 | | service_name | glance | | service_type | image | | url | http://controller:9292 | +--------------+----------------------------------+ [root@controller ~]# openstack endpoint create --region RegionOne image admin http://controller:9292 +--------------+----------------------------------+ | Field | Value | +--------------+----------------------------------+ | enabled | True | | id | 9fc675719b1d49a48851abeee9f2622c | | interface | admin | | region | RegionOne | | region_id | RegionOne | | service_id | ad61f9ee483e4bea9cb374796f097dd3 | | service_name | glance | | service_type | image | | url | http://controller:9292 | +--------------+----------------------------------+ [root@controller ~]# openstack endpoint list ---------+-----------+-----------------------------+ | ID | Region | Service Name | Service Type | Enabled | Interface | URL | ---------+-----------+-----------------------------+ | 01ccfab5acb0407888620ca056f93dfe | RegionOne | keystone | identity | True | admin | http://controller:35357/v3/ | | 129da42ca64c4cfb821afcf3c2e81dfd | RegionOne | glance | image | True | internal | http://controller:9292 | | 4c2bd465260043039bcf7bf78776dd6b | RegionOne | keystone | identity | True | internal | http://controller:5000/v3/ | | 9cd64dded6014abea4936800d3fd614c | RegionOne | glance | image | True | public | http://controller:9292 | | 9fc675719b1d49a48851abeee9f2622c | RegionOne | glance | image | True | admin | http://controller:9292 | | bdc34c7c99bb432eb13fa83a45d0065e | RegionOne | keystone | identity | True | public | http://controller:5000/v3/ | +----------------------------------+-----------+--------------+--------------+---------+-----------+-----------------------------+ //Action Delete endpoint Command [root@controller ~]# openstack endpoint delete IDNAME
(4) Control node installs packages and configures
[root@controller ~]# yum -y install openstack-glance [root@controller ~]# vim /etc/glance/glance-api.conf [database] connection = mysql+pymysql://glance:openstack@controller/glance [keystone_authtoken] auth_uri = http://controller:5000 internal port auth_url = http://controller:35357 Administrator Port memcached_servers = controller:11211 auth_type = password project_domain_name = default user_domain_name = default project_name = service username = glance password = openstack [paste_deploy] (Turn on the following configuration) flavor = keystone [glance_store] (Turn on the following configuration) stores = file,http default_store = file filesystem_store_datadir = /var/lib/glance/images/ [root@controller ~]# egrep -v "^#|^$" /etc/glance/glance-api.conf [root@controller ~]# vim /etc/glance/glance-registry.conf [database] connection = mysql+pymysql://glance:openstack@controller/glance [keystone_authtoken] auth_uri = http://controller:5000 auth_url = http://controller:35357 memcached_servers = controller:11211 auth_type = password project_domain_name = default user_domain_name = default project_name = service username = glance password = openstack [paste_deploy] flavor = keystone [root@controller ~]# egrep -v "^#|^$" /etc/glance/glance-registry.conf
(5) Initialize the database table structure
[root@controller ~]# su -s /bin/sh -c "glance-manage db_sync" glance /usr/lib/python2.7/site-packages/oslo_db/sqlalchemy/enginefacade.py:1336: OsloDBDeprecationWarning: EngineFacade is deprecated; please use oslo_db.sqlalchemy.enginefacade expire_on_commit=expire_on_commit, _conf=conf) INFO [alembic.runtime.migration] Context impl MySQLImpl. INFO [alembic.runtime.migration] Will assume non-transactional DDL. INFO [alembic.runtime.migration] Running upgrade -> liberty, liberty initial INFO [alembic.runtime.migration] Running upgrade liberty -> mitaka01, add index on created_at and updated_at columns of 'images' table INFO [alembic.runtime.migration] Running upgrade mitaka01 -> mitaka02, update metadef os_nova_server INFO [alembic.runtime.migration] Running upgrade mitaka02 -> ocata_expand01, add visibility to images INFO [alembic.runtime.migration] Running upgrade ocata_expand01 -> pike_expand01, empty expand for symmetry with pike_contract01 INFO [alembic.runtime.migration] Running upgrade pike_expand01 -> queens_expand01 INFO [alembic.runtime.migration] Context impl MySQLImpl. INFO [alembic.runtime.migration] Will assume non-transactional DDL. Upgraded database to: queens_expand01, current revision(s): queens_expand01 INFO [alembic.runtime.migration] Context impl MySQLImpl. INFO [alembic.runtime.migration] Will assume non-transactional DDL. INFO [alembic.runtime.migration] Context impl MySQLImpl. INFO [alembic.runtime.migration] Will assume non-transactional DDL. Database migration is up to date. No migration needed. INFO [alembic.runtime.migration] Context impl MySQLImpl. INFO [alembic.runtime.migration] Will assume non-transactional DDL. INFO [alembic.runtime.migration] Context impl MySQLImpl. INFO [alembic.runtime.migration] Will assume non-transactional DDL. INFO [alembic.runtime.migration] Running upgrade mitaka02 -> ocata_contract01, remove is_public from images INFO [alembic.runtime.migration] Running upgrade ocata_contract01 -> pike_contract01, drop glare artifacts tables INFO [alembic.runtime.migration] Running upgrade pike_contract01 -> queens_contract01 INFO [alembic.runtime.migration] Context impl MySQLImpl. INFO [alembic.runtime.migration] Will assume non-transactional DDL. Upgraded database to: queens_contract01, current revision(s): queens_contract01 INFO [alembic.runtime.migration] Context impl MySQLImpl. INFO [alembic.runtime.migration] Will assume non-transactional DDL. Database is synced successfully. [root@controller ~]# mysql -hlocalhost -uglance -popenstack -e "use glance;show tables;"
(6) Service Startup and Set Open Self-Start
[root@controller ~]# systemctl enable openstack-glance-api.service openstack-glance-registry.service [root@controller ~]# systemctl start openstack-glance-api.service openstack-glance-registry.service
5.2. Validation
(1) Enforcement of authorization
[root@controller ~]# source admin_openrc
(2) Download experimental image cirros
[root@controller ~]# wget http://download.cirros-cloud.net/0.3.5/cirros-0.3.5-x86_64-disk.img
(3) Create a mirror:
[root@controller ~]# openstack image create "cirros" --file cirros-0.3.5-x86_64-disk.img --disk-format qcow2 --container-format bare --public +------------------+------------------------------------------------------+ | Field | Value | +------------------+------------------------------------------------------+ | checksum | ee1eca47dc88f4879d8a229cc70a07c6 | | container_format | bare | | created_at | 2020-03-17T14:16:48Z | | disk_format | qcow2 | | file | 2/images/7dfa1f88-6e3a-45aa-90ff-f348e6e399c0/file | | id | 7dfa1f88-6e3a-45aa-90ff-f348e6e399c0 | | min_disk | 0 | | min_ram | 0 | | name | cirros | | owner | db82536ef7124608b3f3931ba4ce9615 | | protected | False | | schema | /v2/schemas/image | | size | 13287936 | | status | active | | tags | | | updated_at | 2020-03-17T14:16:48Z | | virtual_size | None | | visibility | public | +------------------+------------------------------------------------------+ [root@controller ~]# openstack image list +--------------------------------------+--------+--------+ | ID | Name | Status | +--------------------------------------+--------+--------+ | 7dfa1f88-6e3a-45aa-90ff-f348e6e399c0 | cirros | active | +--------------------------------------+--------+--------+
#View mirror file information [root@controller ~]# openstack image show cirros
#Set mirror protected state (not deletable) [root@controller ~]# openstack image set --protected IDNAME #Set mirror unprotected state (deletable) [root@controller ~]# openstack image set --unprotected IDNAME
This completes the installation of Glance. The next section describes the Nova component and its installation process