OpenStack-Queens详细安装部署(四)Glance集群

  • A+
所属分类:OpenStack

Glance集群

1. 创建glance数据库 (任意controller节点操作)

# 在任意控制节点创建数据库,后台数据自动同步,以controller1节点为例
[root@DT_Node-172_17_7_1 ~]# mysql -uroot -pYTI1MTg4NGZiMGEzZTZmYTEw -hcontroller 
MariaDB [(none)]> CREATE DATABASE glance;
MariaDB [(none)]> GRANT ALL PRIVILEGES ON glance.* TO 'glance'@'localhost' IDENTIFIED BY 'ZmI1YzQyZmZjZTIwYjkwYmRl';
MariaDB [(none)]> GRANT ALL PRIVILEGES ON glance.* TO 'glance'@'%' IDENTIFIED BY 'ZmI1YzQyZmZjZTIwYjkwYmRl';
MariaDB [(none)]> FLUSH PRIVILEGES;
MariaDB [(none)]> \q
Bye
[root@DT_Node-172_17_7_1 ~]#

2. 创建glance-api (任意controller节点操作)

# 在任意控制节点操作,以controller1节点为例;
# 调用keystone服务需要认证信息,加载环境变量脚本即可
[root@DT_Node-172_17_7_1 ~]# . keystone_admin 
1)创建service项目
# 创建1个project,glance/nova/neutron等服务加入到此project;
# service项目在”default” domain中
[openstack-admin]-[root@DT_Node-172_17_7_1 ~]# openstack project create --domain default --description "Service Project" service

OpenStack-Queens详细安装部署(四)Glance集群

2)创建glance用户

# glance用户在”default” domain中
[openstack-admin]-[root@DT_Node-172_17_7_1 ~]# openstack user create --domain default --password=NmRhNzdiMjk1MTkzOWVlMWQ4 glance

OpenStack-Queens详细安装部署(四)Glance集群

3)glance用户赋权

# 为glance用户赋予admin权限
[openstack-admin]-[root@DT_Node-172_17_7_1 ~]# openstack role add --project service --user glance admin

4)创建glance服务实体

# 服务实体类型”image”
[openstack-admin]-[root@DT_Node-172_17_7_1 ~]# openstack service create --name glance --description "OpenStack Image" image

OpenStack-Queens详细安装部署(四)Glance集群

5)创建glance-api

# 注意--region与初始化admin用户时生成的region一致;
# api地址统一采用vip,如果public/internal/admin分别使用不同的vip,请注意区分;
# 服务类型为image;
# public api
[openstack-admin]-[root@DT_Node-172_17_7_1 ~]# openstack endpoint create --region RegionTest image public http://controller:9292

# internal api
[openstack-admin]-[root@DT_Node-172_17_7_1 ~]# openstack endpoint create --region RegionTest image internal http://controller:9292

# admin api
[openstack-admin]-[root@DT_Node-172_17_7_1 ~]# openstack endpoint create --region RegionTest image admin http://controller:9292

OpenStack-Queens详细安装部署(四)Glance集群

3. 安装glance (所有controller节点操作)

[root@DT_Node-172_17_7_1 ~]# yum install openstack-glance python-glance python-glanceclient -y

4. 配置glance-api.conf (所有controller节点操作)

# 注意”bind_host”参数,根据节点修改;
# 注意glance-api.conf文件的权限:root:glance
[root@DT_Node-172_17_7_1 ~]# cp /etc/glance/glance-api.conf{,_original}
[root@DT_Node-172_17_7_1 ~]# egrep -v "^$|^#" /etc/glance/glance-api.conf
[DEFAULT]
enable_v1_api = false
bind_host = 172.17.7.1
[cors]
[database]
connection = mysql+pymysql://glance:ZmI1YzQyZmZjZTIwYjkwYmRl@controller/glance
[glance_store]
stores = file,http
default_store = file
filesystem_store_datadir = /var/lib/glance/images/
[image_format]
[keystone_authtoken]
auth_uri = http://controller:5000
auth_url = http://controller:35357
memcached_servers = controller1:11211,controller2:11211,controller3:11211
auth_type = password
project_domain_name = default
user_domain_name = default
project_name = service
username = glance
password = NmRhNzdiMjk1MTkzOWVlMWQ4
[matchmaker_redis]
[oslo_concurrency]
[oslo_messaging_amqp]
[oslo_messaging_kafka]
[oslo_messaging_notifications]
[oslo_messaging_rabbit]
[oslo_messaging_zmq]
[oslo_middleware]
[oslo_policy]
[paste_deploy]
flavor = keystone
[profiler]
[store_type_location_strategy]
[task]
[taskflow_executor]
[root@DT_Node-172_17_7_10 ~]#

# 创建镜像存储目录并赋权限;
# /var/lib/glance/images是默认的存储目录
[root@DT_Node-172_17_7_1 ~]# mkdir -p /var/lib/glance/images
[root@DT_Node-172_17_7_1 ~]# chown glance:nobody /var/lib/glance/images

5. 配置glance-registry.conf(optional)(所有controller节点操作)

# 官方文档指出:glance-registry服务与其api在Q版已经弃用,并且在S版时完全删除,本章节可忽略;
# 在全部控制节点操作,以controller01节点为例;
# 注意”bind_host”参数,根据节点修改;
# 注意glance-registry.conf文件的权限:root:glance
[root@DT_Node-172_17_7_1 ~]# cp /etc/glance/glance-registry.conf{,_original}
[root@DT_Node-172_17_7_1 ~]# egrep -v "^$|^#" /etc/glance/glance-registry.conf
[DEFAULT]
bind_host = 172.17.7.1
[database]
connection = mysql+pymysql://glance:ZmI1YzQyZmZjZTIwYjkwYmRl@controller/glance
[keystone_authtoken]
auth_uri = http://controller:5000
auth_url = http://controller:35357
memcached_servers = controller1:11211,controller2:11211,controller3:11211
auth_type = password
project_domain_name = default
user_domain_name = default
project_name = service
username = glance
password = NmRhNzdiMjk1MTkzOWVlMWQ4
[matchmaker_redis]
[oslo_messaging_amqp]
[oslo_messaging_kafka]
[oslo_messaging_notifications]
[oslo_messaging_rabbit]
[oslo_messaging_zmq]
[oslo_policy]
[paste_deploy]
flavor = keystone
[profiler]
[root@DT_Node-172_17_7_1 ~]#

6. 配置HAproxy(所有controller节点操作)

a、配置修改

#加入以下配置
# glance_api服务
 listen glance_api_cluster
  bind 172.17.7.100:9292
  balance  source
  option  tcpka
  option  httpchk
  option  tcplog
  server controller1 172.17.7.1:9292 check inter 2000 rise 2 fall 5
  server controller2 172.17.7.2:9292 check inter 2000 rise 2 fall 5
  server controller3 172.17.7.3:9292 check inter 2000 rise 2 fall 5

# glance_registry服务
 listen glance_registry_cluster
  bind 172.17.7.100:9191
  balance  source
  option  tcpka
  option  tcplog
  server controller1 172.17.7.1:9191 check inter 2000 rise 2 fall 5
  server controller2 172.17.7.2:9191 check inter 2000 rise 2 fall 5
  server controller3 172.17.7.3:9191 check inter 2000 rise 2 fall 5

b、重启HAproxy

[root@DT_Node-172_17_7_2 ~]# systemctl restart haproxy.service 
[root@DT_Node-172_17_7_2 ~]# systemctl status haproxy.service

OpenStack-Queens详细安装部署(四)Glance集群

7. 同步glance数据库 (任意controller节点操作)

# 忽略输出的“deprecated”信息
[root@DT_Node-172_17_7_1 ~]# su -s /bin/sh -c "glance-manage db_sync" glance

OpenStack-Queens详细安装部署(四)Glance集群

# 查看验证
[root@DT_Node-172_17_7_1 ~]# mysql -hcontroller -uglance -pZmI1YzQyZmZjZTIwYjkwYmRl glance -e "show tables;"

OpenStack-Queens详细安装部署(四)Glance集群

8. 启动服务 (所有controller节点操作)

# glance-registry在Q版已弃用;
[root@DT_Node-172_17_7_1 ~]# systemctl enable openstack-glance-api.service openstack-glance-registry.service
[root@DT_Node-172_17_7_1 ~]# systemctl restart openstack-glance-api.service openstack-glance-registry.service
[root@DT_Node-172_17_7_1 ~]# systemctl status openstack-glance-api.service openstack-glance-registry.service 
# 查看端口
[root@DT_Node-172_17_7_1 ~]# ss -tnl| egrep '9191|9292'

OpenStack-Queens详细安装部署(四)Glance集群

9. 验证

在不启用ceph存储时,通常采用nfs共享存储做image的后端存储,如可将controller1节点的本地存储做共享,controller2/3节点远端挂载即可。
这里后续使用ceph存储,暂时使用本地验证,以controller1节点为例。
1)下载镜像

[root@DT_Node-172_17_7_2 ~]# wget http://download.cirros-cloud.net/0.3.5/cirros-0.3.5-x86_64-disk.img

2)上传镜像

[root@DT_Node-172_17_7_1 ~]# . keystone_admin 
# “上传”指将已下载的原始镜像经过一定的格式转换上传到image服务;
# 格式指定为qcow2,bare;设置public权限;
# 镜像生成后,在指定的存储目录下生成以镜像id命名的镜像文件
[openstack-admin]-[root@DT_Node-172_17_7_2 ~]# openstack image create "cirros-qcow2" \
--file ~/cirros-0.3.5-x86_64-disk.img \
--disk-format qcow2 --container-format bare \
--public
[openstack-admin]-[root@DT_Node-172_17_7_2 ~]# 

OpenStack-Queens详细安装部署(四)Glance集群

3)查看镜像

[openstack-admin]-[root@DT_Node-172_17_7_2 ~]# openstack image list

OpenStack-Queens详细安装部署(四)Glance集群

10. 设置pcs资源 (任意controller节点操作)

# 添加资源openstack-glance-api与openstack-glance-registry
[root@DT_Node-172_17_7_1 ~]# pcs resource create openstack-glance-api systemd:openstack-glance-api --clone interleave=true
[root@DT_Node-172_17_7_1 ~]# pcs resource create openstack-glance-registry systemd:openstack-glance-registry --clone interleave=true
# 查看pcs资源
[root@DT_Node-172_17_7_1 ~]# pcs resource

OpenStack-Queens详细安装部署(四)Glance集群

lookback

发表评论

:?: :razz: :sad: :evil: :!: :smile: :oops: :grin: :eek: :shock: :???: :cool: :lol: :mad: :twisted: :roll: :wink: :idea: :arrow: :neutral: :cry: :mrgreen: