OpenStack Ussuri : Glance
OpenStack Ussuri : Glance
-----------------------
| [ Controller Node ] |
| |
| MariaDB RabbitMQ |
| Memcached Keystone |
| httpd Glance |
----------------------- OpenStack Ussuri : Glance
- Glance는 OpenStack에서 이미지 생성에 필요한 Iamge 관리 서비스를 구성하고 있습니다.
- Glance에 자세한 설명은 Glance를 참조해주세요.
Glance service 및 User 생성
$ contoller ~(keystone)> openstack user create --domain default --project service --password qwer1234 glance
+---------------------+----------------------------------+
| Field | Value |
+---------------------+----------------------------------+
| default_project_id | 7c10c02365be496fb47f12bfd40fe4a7 |
| domain_id | default |
| enabled | True |
| id | 03f5b16a7be84cb688617d1943c8fe8c |
| name | glance |
| options | {} |
| password_expires_at | None |
+---------------------+----------------------------------+
$ contoller ~(keystone)> openstack role add --project service --user glance admin
$ contoller ~(keystone)> openstack service create --name glance --description "OpenStack Image service" image
+-------------+----------------------------------+
| Field | Value |
+-------------+----------------------------------+
| description | OpenStack Image service |
| enabled | True |
| id | af365771c17a4a25ae1d0c659e2dc0eb |
| name | glance |
| type | image |
+-------------+----------------------------------+
$ contoller ~(keystone)> openstack endpoint create --region RegionOne image public http://controller:9292
+--------------+----------------------------------+
| Field | Value |
+--------------+----------------------------------+
| enabled | True |
| id | cc65faecd7b042ffafd0f262cd7547df |
| interface | public |
| region | RegionOne |
| region_id | RegionOne |
| service_id | af365771c17a4a25ae1d0c659e2dc0eb |
| service_name | glance |
| service_type | image |
| url | http://controller:9292 |
+--------------+----------------------------------+
$ contoller ~(keystone)> openstack endpoint create --region RegionOne image internal http://controller:9292
+--------------+----------------------------------+
| Field | Value |
+--------------+----------------------------------+
| enabled | True |
| id | ea41c7b17c844e658ac83c547eddcf6d |
| interface | internal |
| region | RegionOne |
| region_id | RegionOne |
| service_id | af365771c17a4a25ae1d0c659e2dc0eb |
| service_name | glance |
| service_type | image |
| url | http://controller:9292 |
+--------------+----------------------------------+
$ contoller ~(keystone)> openstack endpoint create --region RegionOne image admin http://controller:9292
+--------------+----------------------------------+
| Field | Value |
+--------------+----------------------------------+
| enabled | True |
| id | 1393a64ef0ec428ba437602ac5b390f6 |
| interface | admin |
| region | RegionOne |
| region_id | RegionOne |
| service_id | af365771c17a4a25ae1d0c659e2dc0eb |
| service_name | glance |
| service_type | image |
| url | http://controller:9292 |
+--------------+----------------------------------+
Glance 유저의 DB를 생성합니다.
$ controller> mysql -u root -p
$ MariaDB> create database glance;
$ MariaDB> grant all privileges on glance.* to glance@'localhost' identified by 'qwer1234';
$ MariaDB> grant all privileges on glance.* to glance@'%' identified by 'qwer1234';
$ MariaDB> flush privileges;
$ MariaDB> exit;
Glance 설치
$ controller> dnf --enablerepo=centos-openstack-ussuri,powertools,epel -y install openstack-glance
# Glacne 및 관련 모듈을 설치합니다.
$ controller> vi /etc/glance/glance-api.conf
[DEFAULT]
bind_host = 0.0.0.0
[glance_store]
stores = file,http
default_store = file
filesystem_store_datadir = /var/lib/glance/images/
[database]
connection = mysql+pymysql://glance:qwer1234@controller/glance
[keystone_authtoken]
www_authenticate_uri = http://controller:5000
auth_url = http://controller:5000
memcached_servers = controller:11211
auth_type = password
project_domain_name = default
user_domain_name = default
project_name = service
username = glance
password = qwer1234
[paste_deploy]
flavor = keystone
# glacne 파일을 수정합니다.
$ controller> su -s /bin/bash glance -c "glance-manage db_sync"
$ controller> systemctl enable --now openstack-glance-api
# Glance DB를 임포트 시킨후 서비스를 등록합니다.$ controller> setsebool -P glance_api_can_network on
$ controller> vi glanceapi.te
module glanceapi 1.0;
require {
type glance_api_t;
type httpd_config_t;
type iscsid_exec_t;
class dir search;
class file { getattr open read };
}
#============= glance_api_t ==============
allow glance_api_t httpd_config_t:dir search;
allow glance_api_t iscsid_exec_t:file { getattr open read };
$ controller> checkmodule -m -M -o glanceapi.mod glanceapi.te
$ controller> semodule_package --outfile glanceapi.pp --module glanceapi.mod
$ controller> semodule -i glanceapi.pp
$ controller> firewall-cmd --add-port=9292/tcp --permanent
$ controller> firewall-cmd --reload
Glance Image 생성
$ controller ~(keystone)> mkdir -p /var/kvm/images
$ controller ~(keystone)> wget http://download.cirros-cloud.net/0.5.1/cirros-0.5.1-x86_64-disk.img
# 이미지를 다운받습니다.
$ controller ~(keystone)> openstack image create "cirros" --file cirros-0.5.1-x86_64-disk.img --disk-format qcow2
+------------------+------------------------------------------------------------ -------------------------------------------------------------------------------- -------------------------------------------------------------------------------- -------------------------------------------------------------------------------- -------------------------------------------------------------------------------- -------------------------------------------------------------------------------- -+
| Field | Value |
+------------------+------------------------------------------------------------ -------------------------------------------------------------------------------- -------------------------------------------------------------------------------- -------------------------------------------------------------------------------- -------------------------------------------------------------------------------- -------------------------------------------------------------------------------- -+
| checksum | 1d3062cd89af34e419f7100277f38b2b |
| container_format | bare |
| created_at | 2020-08-06T11:08:39Z |
| disk_format | qcow2 |
| file | /v2/images/dc7c2474-8ec9-4f74-a1c3-7cf6a9ad3d16/file |
| id | dc7c2474-8ec9-4f74-a1c3-7cf6a9ad3d16 |
| min_disk | 0 |
| min_ram | 0 |
| name | Cirros |
| owner | c76211c24a1f460ca67274d655d46725 |
| properties | os_hash_algo='sha512', os_hash_value='553d220ed58cfee7dafe0 03c446a9f197ab5edf8ffc09396c74187cf83873c877e7ae041cb80f3b91489acf687183adcd689b 53b38e3ddd22e627e7f98a09c46', os_hidden='False', owner_specified.openstack.md5=' 1d3062cd89af34e419f7100277f38b2b', owner_specified.openstack.object='images/Cirr os', owner_specified.openstack.sha256='c4110030e2edf06db87f5b6e4efc27300977683d5 3f040996d15dcc0ad49bb5a', self='/v2/images/dc7c2474-8ec9-4f74-a1c3-7cf6a9ad3d16' |
| protected | False |
| schema | /v2/schemas/image |
| size | 16338944 |
| status | active |
| tags | |
| updated_at | 2020-08-06T11:08:39Z |
| visibility | shared |
+------------------+------------------------------------------------------------ -------------------------------------------------------------------------------- -------------------------------------------------------------------------------- -------------------------------------------------------------------------------- -------------------------------------------------------------------------------- -------------------------------------------------------------------------------- -+
# 이미지를 등록합니다.
$ controller ~(keystone)> openstack image list
+--------------------------------------+--------+--------+
| ID | Name | Status |
+--------------------------------------+--------+--------+
| dc7c2474-8ec9-4f74-a1c3-7cf6a9ad3d16 | Cirros | active |
+--------------------------------------+--------+--------+
# 이미지를 확인합니다.
마지막 수정일자