高可用OpenStack(Queen版)集群
5.Glance集群
源自于网络-snowchuai汇总、整理
参考文档:
- Install-guide:https://docs.openstack.org/install-guide/
- OpenStack High Availability Guide:https://docs.openstack.org/ha-guide/index.html
- 理解Pacemaker:http://www.cnblogs.com/sammyliu/p/5025362.html
- Ceph: http://docs.ceph.com/docs/master/start/intro/
九.Glance集群
1. 创建glance数据库
xxxxxxxxxx# 在任意控制节点创建数据库,后台数据自动同步,以controller01节点为例[root@controller01 ~]# mysql -u root -pmysql_passMariaDB [(none)]> CREATE DATABASE glance;MariaDB [(none)]> GRANT ALL PRIVILEGES ON glance.* TO 'glance'@'localhost' IDENTIFIED BY 'glance_dbpass';MariaDB [(none)]> GRANT ALL PRIVILEGES ON glance.* TO 'glance'@'%' IDENTIFIED BY 'glance_dbpass';MariaDB [(none)]> flush privileges;MariaDB [(none)]> exit;
2. 创建glance-api
xxxxxxxxxx# 在任意控制节点操作,以controller01节点为例;# 调用keystone服务需要认证信息,加载环境变量脚本即可[root@controller01 ~]# . admin-openrc
1)创建service项目
xxxxxxxxxx# 创建1个project,glance/nova/neutron等服务加入到此project;# service项目在”default” domain中[root@controller01 ~]# openstack project create --domain default --description "Service Project" service
2)创建glance用户
xxxxxxxxxx# glance用户在”default” domain中[root@controller01 ~]# openstack user create --domain default --password=glance_pass glance
3)glance用户赋权
xxxxxxxxxx# 为glance用户赋予admin权限[root@controller01 ~]# openstack role add --project service --user glance admin
4)创建glance服务实体
xxxxxxxxxx# 服务实体类型”image”[root@controller01 ~]# openstack service create --name glance --description "OpenStack Image" image
5)创建glance-api
xxxxxxxxxx# 注意--region与初始化admin用户时生成的region一致;# api地址统一采用vip,如果public/internal/admin分别使用不同的vip,请注意区分;# 服务类型为image;# public api[root@controller01 ~]# openstack endpoint create --region RegionTest image public http://controller:9292
xxxxxxxxxx# internal api[root@controller01 ~]# openstack endpoint create --region RegionTest image internal http://controller:9292
xxxxxxxxxx# admin api[root@controller01 ~]# openstack endpoint create --region RegionTest image admin http://controller:9292
3. 安装glance
xxxxxxxxxx# 在全部控制节点安装glance,以controller01节点为例[root@controller01 ~]# yum install openstack-glance python-glance python-glanceclient -y
4. 配置glance-api.conf
xxxxxxxxxx# 在全部控制节点操作,以controller01节点为例;# 注意”bind_host”参数,根据节点修改;# 注意glance-api.conf文件的权限:root:glance[root@controller01 ~]# cp /etc/glance/glance-api.conf /etc/glance/glance-api.conf.bak[root@controller01 ~]# egrep -v "^$|^#" /etc/glance/glance-api.conf[DEFAULT]enable_v1_api = falsebind_host = 172.30.200.31[cors][database]connection = mysql+pymysql://glance:glance_dbpass@controller/glance[glance_store]stores = file,httpdefault_store = filefilesystem_store_datadir = /var/lib/glance/images/[image_format][keystone_authtoken]auth_uri = http://controller:5000auth_url = http://controller:35357memcached_servers = controller01:11211,controller02:11211,controller03:11211auth_type = passwordproject_domain_name = defaultuser_domain_name = defaultproject_name = serviceusername = glancepassword = glance_pass[matchmaker_redis][oslo_concurrency][oslo_messaging_amqp][oslo_messaging_kafka][oslo_messaging_notifications][oslo_messaging_rabbit][oslo_messaging_zmq][oslo_middleware][oslo_policy][paste_deploy]flavor = keystone[profiler][store_type_location_strategy][task][taskflow_executor]# 创建镜像存储目录并赋权限;# /var/lib/glance/images是默认的存储目录[root@controller01 ~]# mkdir -p /var/lib/glance/images[root@controller01 ~]# chown glance:nobody /var/lib/glance/images
5. 配置glance-registry.conf(optional)
xxxxxxxxxx# 官方文档指出:glance-registry服务与其api在Q版已经弃用,并且在S版时完全删除,本章节可忽略;# 在全部控制节点操作,以controller01节点为例;# 注意”bind_host”参数,根据节点修改;# 注意glance-registry.conf文件的权限:root:glance[root@controller01 ~]# cp /etc/glance/glance-registry.conf /etc/glance/glance-registry.conf.bak[root@controller01 ~]# egrep -v "^$|^#" /etc/glance/glance-registry.conf[DEFAULT]bind_host = 172.30.200.31[database]connection = mysql+pymysql://glance:glance_dbpass@controller/glance[keystone_authtoken]auth_uri = http://controller:5000auth_url = http://controller:35357memcached_servers = controller01:11211,controller02:11211,controller03:11211auth_type = passwordproject_domain_name = defaultuser_domain_name = defaultproject_name = serviceusername = glancepassword = glance_pass[matchmaker_redis][oslo_messaging_amqp][oslo_messaging_kafka][oslo_messaging_notifications][oslo_messaging_rabbit][oslo_messaging_zmq][oslo_policy][paste_deploy]flavor = keystone[profiler]
6. 同步glance数据库
xxxxxxxxxx# 任意控制节点操作;# 忽略输出的“deprecated”信息[root@controller01 ~]# su -s /bin/sh -c "glance-manage db_sync" glance
xxxxxxxxxx# 查看验证[root@controller01 ~]# mysql -h controller01 -uglance -pglance_dbpass -e "use glance;show tables;"
7. 启动服务
xxxxxxxxxx# 在全部控制节点操作,以controller01节点为例;# glance-registry在Q版已弃用;[root@controller01 ~]# systemctl enable openstack-glance-api.service openstack-glance-registry.service[root@controller01 ~]# systemctl restart openstack-glance-api.service openstack-glance-registry.service# 查看服务状态[root@controller01 ~]# systemctl status openstack-glance-api.service openstack-glance-registry.service# 查看端口[root@controller01 ~]# netstat -tunlp | grep python2
8. 验证
在不启用ceph存储时,通常采用nfs共享存储做image的后端存储,如可将controller01节点的本地存储做共享,controller02/03节点远端挂载即可。
这里后续使用ceph存储,暂时使用本地验证,以controller01节点为例。
1)下载镜像
xxxxxxxxxx[root@controller01 ~]# wget http://download.cirros-cloud.net/0.3.5/cirros-0.3.5-x86_64-disk.img
2)上传镜像
xxxxxxxxxx[root@controller01 ~]# . admin-openrc# “上传”指将已下载的原始镜像经过一定的格式转换上传到image服务;# 格式指定为qcow2,bare;设置public权限;# 镜像生成后,在指定的存储目录下生成以镜像id命名的镜像文件[root@controller01 ~]# openstack image create "cirros-qcow2" \--file ~/cirros-0.3.5-x86_64-disk.img \--disk-format qcow2 --container-format bare \--public
3)查看镜像
xxxxxxxxxx[root@controller01 ~]# openstack image list
9. 设置pcs资源
xxxxxxxxxx# 在任意控制节点操作;# 添加资源openstack-glance-api与openstack-glance-registry[root@controller01 ~]# pcs resource create openstack-glance-api systemd:openstack-glance-api --clone interleave=true[root@controller01 ~]# pcs resource create openstack-glance-registry systemd:openstack-glance-registry --clone interleave=true# 查看pcs资源[root@controller01 ~]# pcs resource
