Openstack에서 instance를 배포하기 위한 OS 이미지를 관리하는 component이다.
주로 배포할 이미지를 업로드하여 운영/관리를 하지만 Snapshot을 통하여 운영중인 Instance를 백업(?)도 관리하는 서비스이다.
아래 환경 변수를 사전 반영하고 설치를 진행한다.
- DB_USER="root"
- DB_PASSWD="root.123"
1) DB 생성
## DB 생성 전 확인 : DB가 생성되어 있는지 확인한다.
[root@controller ~]# mysql -u${DB_USER} -p${DB_PASSWD} -e " show databases;"
+--------------------+
| Database |
+--------------------+
| information_schema |
| keystone |
| mysql |
| performance_schema |
+--------------------+
## DB 생성
[root@controller ~]# mysql -u${DB_USER} -p${DB_PASSWD} -e "create database glance;"
## DB 생성 후 확인
[root@controller ~]# mysql -u${DB_USER} -p${DB_PASSWD} -e "show databases;"
+--------------------+
| Database |
+--------------------+
| glance |
| information_schema |
| keystone |
| mysql |
| performance_schema |
+--------------------+
2) DB권한 설정
## DB권한 설정 전 확인
[root@controller ~]# mysql -u${DB_USER} -p${DB_PASSWD} mysql -e "select Host,User,PASSWORD from user where User='glance';"
## DB권한 설정
[root@controller ~]# mysql -u${DB_USER} -p${DB_PASSWD} -e "GRANT ALL PRIVILEGES ON glance.* TO 'glance'@'localhost' IDENTIFIED BY 'glance.123';"
[root@controller ~]# mysql -u${DB_USER} -p${DB_PASSWD} -e "GRANT ALL PRIVILEGES ON glance.* TO 'glance'@'%' IDENTIFIED BY 'glance.123';"
## DB 권한 설정 후 확인
[root@controller ~]# mysql -u${DB_USER} -p${DB_PASSWD} mysql -e "select Host,User,PASSWORD from user where User='glance';"
+-----------+--------+-------------------------------------------+
| Host | User | PASSWORD |
+-----------+--------+-------------------------------------------+
| localhost | glance | *4BAFE6CCD7F7AFF332BA9CD6517CD465F8123222 |
| % | glance | *4BAFE6CCD7F7AFF332BA9CD6517CD465F8123222 |
+-----------+--------+-------------------------------------------+
** ) Openstack CLI를 사용하기전에 admin환경 변수 파일을 적용을 하거나 아래 환경 변수를 설정한다.
### Admin 환경 변수
export OS_USERNAME=admin
export OS_PASSWORD=admin.123
export OS_PROJECT_NAME=admin
export OS_USER_DOMAIN_NAME=Default
export OS_PROJECT_DOMAIN_NAME=Default
export OS_AUTH_URL=http://controller:5000/v3
export OS_IDENTITY_API_VERSION=3
export OS_IMAGE_API_VERSION=2
#또는 환경변수 파일 Loading
root # source admin-openrc
3) Openstack service User 생성 및 Role권한 추가
## Service User 생성
[root@controller ~] (admin-openrc):~# openstack user create --domain default --password glance.123 glance
+---------------------+----------------------------------+
| Field | Value |
+---------------------+----------------------------------+
| domain_id | default |
| enabled | True |
| id | 754789c331a44b0e82997bf4e34aff4c |
| name | glance |
| options | {} |
| password_expires_at | None |
+---------------------+----------------------------------+
## Role(권한)추가
[root@controller ~] (admin-openrc):~# openstack role add --project service --user glance admin
4) Openstack service 생성
[root@controller ~] (admin-openrc):~# openstack service create --name glance --description "OpenStack Image" image
+-------------+----------------------------------+
| Field | Value |
+-------------+----------------------------------+
| description | OpenStack Image |
| enabled | True |
| id | efa6a045319947e797f2b9d6b2a8fed2 |
| name | glance |
| type | image |
+-------------+----------------------------------+
5) Endpoint 생성
[root@controller ~] (admin-openrc):~# openstack endpoint create --region RegionOne image public http://controller:9292
+--------------+----------------------------------+
| Field | Value |
+--------------+----------------------------------+
| enabled | True |
| id | 417ebac027944149ba6a8997a6dc2c38 |
| interface | public |
| region | RegionOne |
| region_id | RegionOne |
| service_id | efa6a045319947e797f2b9d6b2a8fed2 |
| service_name | glance |
| service_type | image |
| url | http://controller:9292 |
+--------------+----------------------------------+
[root@controller ~] (admin-openrc):~# openstack endpoint create --region RegionOne image internal http://controller:9292
+--------------+----------------------------------+
| Field | Value |
+--------------+----------------------------------+
| enabled | True |
| id | e08ab1a0ca1740c098eec7190a8eabdf |
| interface | internal |
| region | RegionOne |
| region_id | RegionOne |
| service_id | efa6a045319947e797f2b9d6b2a8fed2 |
| service_name | glance |
| service_type | image |
| url | http://controller:9292 |
+--------------+----------------------------------+
[root@controller ~] (admin-openrc):~# openstack endpoint create --region RegionOne image admin http://controller:9292
+--------------+----------------------------------+
| Field | Value |
+--------------+----------------------------------+
| enabled | True |
| id | 4993862cf7fc474dac88a85872b220a5 |
| interface | admin |
| region | RegionOne |
| region_id | RegionOne |
| service_id | efa6a045319947e797f2b9d6b2a8fed2 |
| service_name | glance |
| service_type | image |
| url | http://controller:9292 |
+--------------+----------------------------------+
6) PKG 설치
[root@controller ~] (admin-openrc):~# yum install -y openstack-glance
7) config 원본 백업 및 권한 설정
필장의 원본파일을 파일이름을 변경하고 주석된 부분을 제외한다음에 필요한 필드만 수정하여 사용한다.
원치 않을 경우 이부분을 생략해도 된다.
[root@controller ~]# mv /etc/glance/glance-api.conf /etc/glance/glance-api.conf.orig
## 주석 부분을 제외한 나머지 부분을 config 파일로 생성
[root@controller ~]# cat /etc/glance/glance-api.conf.orig | grep -Ev "^#|^$" | sed -e "s/^\[/\n\[/g" > /etc/glance/glance-api.conf
## 기존 원본파일으리 권한 확인
[root@controller ~]# ls -al /etc/glance/glance-api.conf.orig
-rw-r----- 1 root glance 192260 10월 16 21:37 /etc/glance/glance-api.conf.orig
## 권한 설정 (이전과 동일한 권한으로 설정)
[root@controller ~]# chown root.glance /etc/glance/glance-api.conf
[root@controller ~]# chmod 640 /etc/glance/glance-api.conf
**여기서는 Glance image가 저장되는 directory를 변경하여 설정한였다.
- Default PATH: /var/lib/glance/images
- New Glance save PATH : /openstack_data/glance/images
8) config 수정
[root@controller ~]# cat /etc/glance/glance-api.conf
[DEFAULT]
[cinder]
[cors]
[database]
connection = mysql+pymysql://glance:glance.123@controller/glance
## ~(중간 생략)
[glance_store]
stores = file,http
default_store = file
#filesystem_store_datadir = /var/lib/glance/images/ ##Default PATH
filesystem_store_datadir = /openstack_data/glance/images/ ##변경한 PATH
[image_format]
[keystone_authtoken]
www_authenticate_uri = http://controller:5000
auth_url = http://controller:5000
memcached_servers = controller:11211
auth_type = password
project_domain_name = Default
user_domain_name = Default
project_name = service
username = glance
password = glance.123
#~(중간 생략)
[paste_deploy]
flavor = keystone
[profiler]
[store_type_location_strategy]
[task]
[taskflow_executor]
9) Glnace DB내 Table 생성
[root@controller ~]# su -s /bin/sh -c "glance-manage db_sync" glance
INFO [alembic.runtime.migration] Context impl MySQLImpl.
INFO [alembic.runtime.migration] Will assume non-transactional DDL.
INFO [alembic.runtime.migration] Running upgrade -> liberty, liberty initial
INFO [alembic.runtime.migration] Running upgrade liberty -> mitaka01, add index on created_at and updated_at columns of 'images' table
INFO [alembic.runtime.migration] Running upgrade mitaka01 -> mitaka02, update metadef os_nova_server
INFO [alembic.runtime.migration] Running upgrade mitaka02 -> ocata_expand01, add visibility to images
INFO [alembic.runtime.migration] Running upgrade ocata_expand01 -> pike_expand01, empty expand for symmetry with pike_contract01
INFO [alembic.runtime.migration] Running upgrade pike_expand01 -> queens_expand01
INFO [alembic.runtime.migration] Running upgrade queens_expand01 -> rocky_expand01, add os_hidden column to images table
INFO [alembic.runtime.migration] Running upgrade rocky_expand01 -> rocky_expand02, add os_hash_algo and os_hash_value columns to images table
INFO [alembic.runtime.migration] Running upgrade rocky_expand02 -> train_expand01, empty expand for symmetry with train_contract01
INFO [alembic.runtime.migration] Context impl MySQLImpl.
INFO [alembic.runtime.migration] Will assume non-transactional DDL.
Upgraded database to: train_expand01, current revision(s): train_expand01
INFO [alembic.runtime.migration] Context impl MySQLImpl.
INFO [alembic.runtime.migration] Will assume non-transactional DDL.
INFO [alembic.runtime.migration] Context impl MySQLImpl.
INFO [alembic.runtime.migration] Will assume non-transactional DDL.
Database migration is up to date. No migration needed.
INFO [alembic.runtime.migration] Context impl MySQLImpl.
INFO [alembic.runtime.migration] Will assume non-transactional DDL.
INFO [alembic.runtime.migration] Context impl MySQLImpl.
INFO [alembic.runtime.migration] Will assume non-transactional DDL.
INFO [alembic.runtime.migration] Running upgrade mitaka02 -> ocata_contract01, remove is_public from images
INFO [alembic.runtime.migration] Running upgrade ocata_contract01 -> pike_contract01, drop glare artifacts tables
INFO [alembic.runtime.migration] Running upgrade pike_contract01 -> queens_contract01
INFO [alembic.runtime.migration] Running upgrade queens_contract01 -> rocky_contract01
INFO [alembic.runtime.migration] Running upgrade rocky_contract01 -> rocky_contract02
INFO [alembic.runtime.migration] Running upgrade rocky_contract02 -> train_contract01
INFO [alembic.runtime.migration] Context impl MySQLImpl.
INFO [alembic.runtime.migration] Will assume non-transactional DDL.
Upgraded database to: train_contract01, current revision(s): train_contract01
INFO [alembic.runtime.migration] Context impl MySQLImpl.
INFO [alembic.runtime.migration] Will assume non-transactional DDL.
Database is synced successfully.
- DB내 table생성시 오류 조치
"
glance [-] Unhandled error: OperationalError: (pymysql.err.OperationalError) (1045, u"Access denied for user 'glance'@'controller' (using password: YES)") (Background on this error at: http://sqlalche.me/e/e3q8)" 일 경우 DB접속이 불가능한 사유로 Glance로 로그인시 정상적으로 로그인이 되는지 확인한다.
10) Glance daemon실행
## 시스템 리붓후 자동으로 시작되도록 설정
[root@controller ~]# systemctl enable openstack-glance-api.service
Created symlink from /etc/systemd/system/multi-user.target.wants/openstack-glance-api.service to /usr/lib/systemd/system/openstack-glance-api.service.
## Daemon 시작(또는 재시작)
[root@controller ~]# systemctl start openstack-glance-api.service
## Daemon동작상태 확인
[root@controller ~]# systemctl status openstack-glance-api.service
● openstack-glance-api.service - OpenStack Image Service (code-named Glance) API server
Loaded: loaded (/usr/lib/systemd/system/openstack-glance-api.service; enabled; vendor preset: disabled)
Active: active (running) since 월 2019-11-04 12:30:05 KST; 58s ago
Main PID: 29665 (glance-api)
CGroup: /system.slice/openstack-glance-api.service
├─29665 /usr/bin/python2 /usr/bin/glance-api
├─29677 /usr/bin/python2 /usr/bin/glance-api
├─29678 /usr/bin/python2 /usr/bin/glance-api
├─29679 /usr/bin/python2 /usr/bin/glance-api
├─29680 /usr/bin/python2 /usr/bin/glance-api
├─29681 /usr/bin/python2 /usr/bin/glance-api
├─29682 /usr/bin/python2 /usr/bin/glance-api
├─29683 /usr/bin/python2 /usr/bin/glance-api
└─29684 /usr/bin/python2 /usr/bin/glance-api
11월 04 12:30:05 controller systemd[1]: Started OpenStack Image Service (code-named Glance) API server.
11월 04 12:30:06 controller glance-api[29665]: /usr/lib/python2.7/site-packages/paste/deploy/loadwsgi.py:22: PkgResourcesDeprecationWarning: Parameters to load are deprecated. Call .resolve an...re separately.
11월 04 12:30:06 controller glance-api[29665]: return pkg_resources.EntryPoint.parse("x=" + s).load(False)
Hint: Some lines were ellipsized, use -l to show in full.
11) 확인
## openstack admin 환경변수 loading
[root@controller ~]# source admin-openrc
##외부사이트에서 test용 이미지 다운로드
[root@controller ~] (admin-openrc):~# wget http://download.cirros-cloud.net/0.4.0/cirros-0.4.0-x86_64-disk.img
--2019-11-04 12:36:35-- http://download.cirros-cloud.net/0.4.0/cirros-0.4.0-x86_64-disk.img
Resolving download.cirros-cloud.net (download.cirros-cloud.net)... 64.90.42.85, 2607:f298:6:a036::bd6:a72a
Connecting to download.cirros-cloud.net (download.cirros-cloud.net)|64.90.42.85|:80... connected.
HTTP request sent, awaiting response... 200 OK
Length: 12716032 (12M)
Saving to: ‘cirros-0.4.0-x86_64-disk.img’
100%[===========================================================================================================================================================================>] 12,716,032 4.77MB/s in 2.5s
2019-11-04 12:36:53 (4.77 MB/s) - ‘cirros-0.4.0-x86_64-disk.img’ saved [12716032/12716032]
## 다운로드된 테스트 이미지 업로드
[root@controller ~] (admin-openrc):~# glance image-create --name "cirros" --file cirros-0.4.0-x86_64-disk.img --disk-format qcow2 --container-format bare --progress
[=============================>] 100%
+------------------+----------------------------------------------------------------------------------+
| Property | Value |
+------------------+----------------------------------------------------------------------------------+
| checksum | 443b7623e27ecf03dc9e01ee93f67afe |
| container_format | bare |
| created_at | 2019-11-04T03:38:54Z |
| disk_format | qcow2 |
| id | 62a91854-3f0a-4450-abbd-9a614a3474cf |
| min_disk | 0 |
| min_ram | 0 |
| name | cirros |
| os_hash_algo | sha512 |
| os_hash_value | 6513f21e44aa3da349f248188a44bc304a3653a04122d8fb4535423c8e1d14cd6a153f735bb0982e |
| | 2161b5b5186106570c17a9e58b64dd39390617cd5a350f78 |
| os_hidden | False |
| owner | b299ad398d134dbc8e9436215e968e0a |
| protected | False |
| size | 12716032 |
| status | active |
| tags | [] |
| updated_at | 2019-11-04T03:38:55Z |
| virtual_size | Not available |
| visibility | shared |
+------------------+----------------------------------------------------------------------------------+
## 업로드 된 이미지 확인
[root@controller ~] (admin-openrc):~# glance image-list
+--------------------------------------+--------+
| ID | Name |
+--------------------------------------+--------+
| 62a91854-3f0a-4450-abbd-9a614a3474cf | cirros |
+--------------------------------------+--------+
[root@controller ~] (admin-openrc):~#
'IT > Openstack' 카테고리의 다른 글
[Openstack - Train] Centos에 설치하기(5) - nova (0) | 2019.11.04 |
---|---|
[Openstack - Train] Centos에 설치하기(4) - Placement (0) | 2019.11.04 |
[Openstack - Train] Centos에 설치하기(2) - Keystone (0) | 2019.11.01 |
[Openstack - Train] Centos에 설치하기(1) - etcd설정 (0) | 2019.10.31 |
[Openstack - Train] Centos에 설치하기(1) - Memcached 설정 (0) | 2019.10.31 |