IT/Openstack

[Openstack - Train] Centos에 설치하기(3) - Glance (Image service)

louky 2019. 11. 4. 12:52
반응형

Openstack에서  instance를  배포하기 위한 OS 이미지를 관리하는 component이다. 

주로 배포할 이미지를 업로드하여 운영/관리를 하지만 Snapshot을 통하여 운영중인 Instance를 백업(?)도 관리하는  서비스이다. 

 

아래 환경 변수를 사전 반영하고 설치를 진행한다. 

  • DB_USER="root"
  • DB_PASSWD="root.123"

 

 

1) DB 생성 

## DB 생성 전 확인  : DB가 생성되어 있는지 확인한다. 
[root@controller ~]# mysql -u${DB_USER} -p${DB_PASSWD} -e " show databases;"
+--------------------+
| Database           |
+--------------------+
| information_schema |
| keystone           |
| mysql              |
| performance_schema |
+--------------------+

## DB 생성
[root@controller ~]# mysql -u${DB_USER} -p${DB_PASSWD} -e "create database glance;"


## DB 생성 후 확인 
[root@controller ~]# mysql -u${DB_USER} -p${DB_PASSWD} -e "show databases;"
+--------------------+
| Database           |
+--------------------+
| glance             |
| information_schema |
| keystone           |
| mysql              |
| performance_schema |
+--------------------+

 

2) DB권한 설정

## DB권한 설정 전 확인
[root@controller ~]# mysql -u${DB_USER} -p${DB_PASSWD} mysql -e "select Host,User,PASSWORD from user where User='glance';"

## DB권한 설정 
[root@controller ~]# mysql -u${DB_USER} -p${DB_PASSWD} -e "GRANT ALL PRIVILEGES ON glance.* TO 'glance'@'localhost' IDENTIFIED BY 'glance.123';"
[root@controller ~]# mysql -u${DB_USER} -p${DB_PASSWD} -e "GRANT ALL PRIVILEGES ON glance.* TO 'glance'@'%' IDENTIFIED BY 'glance.123';"

## DB 권한 설정 후 확인 
[root@controller ~]# mysql -u${DB_USER} -p${DB_PASSWD} mysql -e "select Host,User,PASSWORD from user where User='glance';"
+-----------+--------+-------------------------------------------+
| Host      | User   | PASSWORD                                  |
+-----------+--------+-------------------------------------------+
| localhost | glance | *4BAFE6CCD7F7AFF332BA9CD6517CD465F8123222 |
| %         | glance | *4BAFE6CCD7F7AFF332BA9CD6517CD465F8123222 |
+-----------+--------+-------------------------------------------+

 

** )  Openstack  CLI를 사용하기전에 admin환경 변수 파일을 적용을 하거나 아래 환경 변수를 설정한다. 

### Admin  환경 변수 

export OS_USERNAME=admin
export OS_PASSWORD=admin.123
export OS_PROJECT_NAME=admin
export OS_USER_DOMAIN_NAME=Default
export OS_PROJECT_DOMAIN_NAME=Default
export OS_AUTH_URL=http://controller:5000/v3
export OS_IDENTITY_API_VERSION=3
export OS_IMAGE_API_VERSION=2


#또는 환경변수 파일 Loading

root # source admin-openrc

 

 

3) Openstack service User 생성 및 Role권한 추가 

## Service User 생성 
[root@controller ~] (admin-openrc):~# openstack user create --domain default --password glance.123 glance
+---------------------+----------------------------------+
| Field               | Value                            |
+---------------------+----------------------------------+
| domain_id           | default                          |
| enabled             | True                             |
| id                  | 754789c331a44b0e82997bf4e34aff4c |
| name                | glance                           |
| options             | {}                               |
| password_expires_at | None                             |
+---------------------+----------------------------------+


## Role(권한)추가 
[root@controller ~] (admin-openrc):~# openstack role add --project service --user glance admin

4) Openstack service 생성

[root@controller ~] (admin-openrc):~# openstack service create --name glance --description "OpenStack Image" image
+-------------+----------------------------------+
| Field       | Value                            |
+-------------+----------------------------------+
| description | OpenStack Image                  |
| enabled     | True                             |
| id          | efa6a045319947e797f2b9d6b2a8fed2 |
| name        | glance                           |
| type        | image                            |
+-------------+----------------------------------+

5) Endpoint 생성 

[root@controller ~] (admin-openrc):~# openstack endpoint create --region RegionOne  image public   http://controller:9292
+--------------+----------------------------------+
| Field        | Value                            |
+--------------+----------------------------------+
| enabled      | True                             |
| id           | 417ebac027944149ba6a8997a6dc2c38 |
| interface    | public                           |
| region       | RegionOne                        |
| region_id    | RegionOne                        |
| service_id   | efa6a045319947e797f2b9d6b2a8fed2 |
| service_name | glance                           |
| service_type | image                            |
| url          | http://controller:9292         |
+--------------+----------------------------------+
[root@controller ~] (admin-openrc):~# openstack endpoint create --region RegionOne  image internal http://controller:9292
+--------------+----------------------------------+
| Field        | Value                            |
+--------------+----------------------------------+
| enabled      | True                             |
| id           | e08ab1a0ca1740c098eec7190a8eabdf |
| interface    | internal                         |
| region       | RegionOne                        |
| region_id    | RegionOne                        |
| service_id   | efa6a045319947e797f2b9d6b2a8fed2 |
| service_name | glance                           |
| service_type | image                            |
| url          | http://controller:9292         |
+--------------+----------------------------------+
[root@controller ~] (admin-openrc):~# openstack endpoint create --region RegionOne  image admin    http://controller:9292
+--------------+----------------------------------+
| Field        | Value                            |
+--------------+----------------------------------+
| enabled      | True                             |
| id           | 4993862cf7fc474dac88a85872b220a5 |
| interface    | admin                            |
| region       | RegionOne                        |
| region_id    | RegionOne                        |
| service_id   | efa6a045319947e797f2b9d6b2a8fed2 |
| service_name | glance                           |
| service_type | image                            |
| url          | http://controller:9292         |
+--------------+----------------------------------+

6) PKG 설치 

[root@controller ~] (admin-openrc):~# yum install -y openstack-glance

7) config 원본 백업  및 권한 설정

필장의 원본파일을 파일이름을 변경하고 주석된 부분을 제외한다음에 필요한 필드만 수정하여 사용한다. 

원치 않을 경우 이부분을 생략해도 된다. 

[root@controller ~]# mv /etc/glance/glance-api.conf  /etc/glance/glance-api.conf.orig

 

## 주석 부분을 제외한 나머지 부분을 config 파일로 생성
[root@controller ~]# cat /etc/glance/glance-api.conf.orig | grep -Ev "^#|^$" | sed -e "s/^\[/\n\[/g" > /etc/glance/glance-api.conf

## 기존 원본파일으리 권한 확인
[root@controller ~]# ls -al /etc/glance/glance-api.conf.orig
-rw-r----- 1 root glance 192260 10월 16 21:37 /etc/glance/glance-api.conf.orig

## 권한 설정 (이전과 동일한 권한으로 설정)
[root@controller ~]# chown root.glance /etc/glance/glance-api.conf
[root@controller ~]# chmod 640 /etc/glance/glance-api.conf

 

**여기서는 Glance image가 저장되는 directory를 변경하여 설정한였다. 

  • Default PATH: /var/lib/glance/images
  • New Glance save PATH :  /openstack_data/glance/images

 

8) config 수정 

[root@controller ~]# cat /etc/glance/glance-api.conf
[DEFAULT]

[cinder]

[cors]

[database]
connection = mysql+pymysql://glance:glance.123@controller/glance

## ~(중간 생략)

[glance_store]
stores = file,http
default_store = file
#filesystem_store_datadir = /var/lib/glance/images/    ##Default PATH
filesystem_store_datadir = /openstack_data/glance/images/     ##변경한 PATH

[image_format]

[keystone_authtoken]
www_authenticate_uri  = http://controller:5000
auth_url = http://controller:5000
memcached_servers = controller:11211
auth_type = password
project_domain_name = Default
user_domain_name = Default
project_name = service
username = glance
password = glance.123

#~(중간 생략)

[paste_deploy]
flavor = keystone

[profiler]

[store_type_location_strategy]

[task]

[taskflow_executor]

 

 

 9) Glnace DB내 Table 생성 

[root@controller ~]# su -s /bin/sh -c "glance-manage db_sync" glance
INFO  [alembic.runtime.migration] Context impl MySQLImpl.
INFO  [alembic.runtime.migration] Will assume non-transactional DDL.
INFO  [alembic.runtime.migration] Running upgrade  -> liberty, liberty initial
INFO  [alembic.runtime.migration] Running upgrade liberty -> mitaka01, add index on created_at and updated_at columns of 'images' table
INFO  [alembic.runtime.migration] Running upgrade mitaka01 -> mitaka02, update metadef os_nova_server
INFO  [alembic.runtime.migration] Running upgrade mitaka02 -> ocata_expand01, add visibility to images
INFO  [alembic.runtime.migration] Running upgrade ocata_expand01 -> pike_expand01, empty expand for symmetry with pike_contract01
INFO  [alembic.runtime.migration] Running upgrade pike_expand01 -> queens_expand01
INFO  [alembic.runtime.migration] Running upgrade queens_expand01 -> rocky_expand01, add os_hidden column to images table
INFO  [alembic.runtime.migration] Running upgrade rocky_expand01 -> rocky_expand02, add os_hash_algo and os_hash_value columns to images table
INFO  [alembic.runtime.migration] Running upgrade rocky_expand02 -> train_expand01, empty expand for symmetry with train_contract01
INFO  [alembic.runtime.migration] Context impl MySQLImpl.
INFO  [alembic.runtime.migration] Will assume non-transactional DDL.
Upgraded database to: train_expand01, current revision(s): train_expand01
INFO  [alembic.runtime.migration] Context impl MySQLImpl.
INFO  [alembic.runtime.migration] Will assume non-transactional DDL.
INFO  [alembic.runtime.migration] Context impl MySQLImpl.
INFO  [alembic.runtime.migration] Will assume non-transactional DDL.
Database migration is up to date. No migration needed.
INFO  [alembic.runtime.migration] Context impl MySQLImpl.
INFO  [alembic.runtime.migration] Will assume non-transactional DDL.
INFO  [alembic.runtime.migration] Context impl MySQLImpl.
INFO  [alembic.runtime.migration] Will assume non-transactional DDL.
INFO  [alembic.runtime.migration] Running upgrade mitaka02 -> ocata_contract01, remove is_public from images
INFO  [alembic.runtime.migration] Running upgrade ocata_contract01 -> pike_contract01, drop glare artifacts tables
INFO  [alembic.runtime.migration] Running upgrade pike_contract01 -> queens_contract01
INFO  [alembic.runtime.migration] Running upgrade queens_contract01 -> rocky_contract01
INFO  [alembic.runtime.migration] Running upgrade rocky_contract01 -> rocky_contract02
INFO  [alembic.runtime.migration] Running upgrade rocky_contract02 -> train_contract01
INFO  [alembic.runtime.migration] Context impl MySQLImpl.
INFO  [alembic.runtime.migration] Will assume non-transactional DDL.
Upgraded database to: train_contract01, current revision(s): train_contract01
INFO  [alembic.runtime.migration] Context impl MySQLImpl.
INFO  [alembic.runtime.migration] Will assume non-transactional DDL.
Database is synced successfully.

 

 

 

  • DB내 table생성시 오류  조치
    "

glance [-] Unhandled error: OperationalError: (pymysql.err.OperationalError) (1045, u"Access denied for user 'glance'@'controller' (using password: YES)") (Background on this error at: http://sqlalche.me/e/e3q8)" 일 경우 DB접속이 불가능한 사유로 Glance로 로그인시 정상적으로 로그인이 되는지 확인한다. 

 

 

 

10) Glance daemon실행 

## 시스템 리붓후 자동으로 시작되도록 설정
[root@controller ~]# systemctl enable openstack-glance-api.service
Created symlink from /etc/systemd/system/multi-user.target.wants/openstack-glance-api.service to /usr/lib/systemd/system/openstack-glance-api.service.


## Daemon 시작(또는 재시작)
[root@controller ~]# systemctl start openstack-glance-api.service


##  Daemon동작상태 확인 
[root@controller ~]# systemctl status openstack-glance-api.service
● openstack-glance-api.service - OpenStack Image Service (code-named Glance) API server
   Loaded: loaded (/usr/lib/systemd/system/openstack-glance-api.service; enabled; vendor preset: disabled)
   Active: active (running) since 월 2019-11-04 12:30:05 KST; 58s ago
 Main PID: 29665 (glance-api)
   CGroup: /system.slice/openstack-glance-api.service
           ├─29665 /usr/bin/python2 /usr/bin/glance-api
           ├─29677 /usr/bin/python2 /usr/bin/glance-api
           ├─29678 /usr/bin/python2 /usr/bin/glance-api
           ├─29679 /usr/bin/python2 /usr/bin/glance-api
           ├─29680 /usr/bin/python2 /usr/bin/glance-api
           ├─29681 /usr/bin/python2 /usr/bin/glance-api
           ├─29682 /usr/bin/python2 /usr/bin/glance-api
           ├─29683 /usr/bin/python2 /usr/bin/glance-api
           └─29684 /usr/bin/python2 /usr/bin/glance-api

11월 04 12:30:05 controller systemd[1]: Started OpenStack Image Service (code-named Glance) API server.
11월 04 12:30:06 controller glance-api[29665]: /usr/lib/python2.7/site-packages/paste/deploy/loadwsgi.py:22: PkgResourcesDeprecationWarning: Parameters to load are deprecated.  Call .resolve an...re separately.
11월 04 12:30:06 controller glance-api[29665]: return pkg_resources.EntryPoint.parse("x=" + s).load(False)
Hint: Some lines were ellipsized, use -l to show in full.

 


11) 확인

## openstack admin 환경변수 loading
[root@controller ~]# source admin-openrc

##외부사이트에서 test용 이미지  다운로드
[root@controller ~] (admin-openrc):~# wget http://download.cirros-cloud.net/0.4.0/cirros-0.4.0-x86_64-disk.img
--2019-11-04 12:36:35--  http://download.cirros-cloud.net/0.4.0/cirros-0.4.0-x86_64-disk.img
Resolving download.cirros-cloud.net (download.cirros-cloud.net)... 64.90.42.85, 2607:f298:6:a036::bd6:a72a
Connecting to download.cirros-cloud.net (download.cirros-cloud.net)|64.90.42.85|:80... connected.
HTTP request sent, awaiting response... 200 OK
Length: 12716032 (12M)
Saving to: ‘cirros-0.4.0-x86_64-disk.img’

100%[===========================================================================================================================================================================>] 12,716,032  4.77MB/s   in 2.5s

2019-11-04 12:36:53 (4.77 MB/s) - ‘cirros-0.4.0-x86_64-disk.img’ saved [12716032/12716032]


## 다운로드된 테스트 이미지 업로드 
[root@controller ~] (admin-openrc):~# glance image-create --name "cirros"   --file cirros-0.4.0-x86_64-disk.img   --disk-format qcow2 --container-format bare  --progress
[=============================>] 100%
+------------------+----------------------------------------------------------------------------------+
| Property         | Value                                                                            |
+------------------+----------------------------------------------------------------------------------+
| checksum         | 443b7623e27ecf03dc9e01ee93f67afe                                                 |
| container_format | bare                                                                             |
| created_at       | 2019-11-04T03:38:54Z                                                             |
| disk_format      | qcow2                                                                            |
| id               | 62a91854-3f0a-4450-abbd-9a614a3474cf                                             |
| min_disk         | 0                                                                                |
| min_ram          | 0                                                                                |
| name             | cirros                                                                           |
| os_hash_algo     | sha512                                                                           |
| os_hash_value    | 6513f21e44aa3da349f248188a44bc304a3653a04122d8fb4535423c8e1d14cd6a153f735bb0982e |
|                  | 2161b5b5186106570c17a9e58b64dd39390617cd5a350f78                                 |
| os_hidden        | False                                                                            |
| owner            | b299ad398d134dbc8e9436215e968e0a                                                 |
| protected        | False                                                                            |
| size             | 12716032                                                                         |
| status           | active                                                                           |
| tags             | []                                                                               |
| updated_at       | 2019-11-04T03:38:55Z                                                             |
| virtual_size     | Not available                                                                    |
| visibility       | shared                                                                           |
+------------------+----------------------------------------------------------------------------------+


## 업로드 된 이미지 확인
[root@controller ~] (admin-openrc):~# glance image-list
+--------------------------------------+--------+
| ID                                   | Name   |
+--------------------------------------+--------+
| 62a91854-3f0a-4450-abbd-9a614a3474cf | cirros |
+--------------------------------------+--------+
[root@controller ~] (admin-openrc):~#

 

반응형