Glance 설치
페이지 정보
작성자 IaaSM 작성일 21-01-20 10:58 조회 9,021 댓글 0본문
Glance란?
오픈스택은 Nova를 사용하여 인스턴스를 쉽게 만들 수 있으며,
Nova는 다양한 하이퍼바이저를 지원합니다.
결국 하이퍼바이저 위에 가상머신을생성하는데, 이때 생성될 사상머신의
사용될 운영체제를 관리하고, 보관 및 관리하는 서비스 입니다.
- glance 사용자는 glance-api를 통해 이미지 등록,삭제, 관리
- glance-api는 glance-registry와 glance database에서 관리
- 이미지 등록 시 glance-registry를 통해 glance-database에 저장
- 등록된 이미지를 사용할 때는 glance-database에서 사용요청
구성방법
- 해당 구성은 테스트 서버에서 구성한 내용입니다
1. Glance service 및 User 생성
----------------------------------------------------------------------------------------------------------------------------------------------
- 설치 환경 Openstack Ussuri / CentOS 8.2
# openstack user create --domain default --project service --password 111111 glance
+------------------------------+---------------------------------------------------+
| Field | Value |
+------------------------------+---------------------------------------------------+
| default_project_id | 08218a458b224d49b23f68befab3d325 |
| domain_id | default |
| enabled | True |
| id | 872a92fb647546dab59cb26b3be448da |
| name | glance |
| options | {} |
| password_expires_at | None |
+------------------------------+---------------------------------------------------+
# openstack role add --project service --user glance admin
# openstack service create --name glance --description "OpenStack Image service" image
+-------------------+---------------------------------------------------+
| Field | Value |
+-------------------+---------------------------------------------------+
| description | OpenStack Image service |
| enabled | True |
| id | 1ce3b98891804d6ea26653778640a08c |
| name | glance |
| type | image |
+-------------------+---------------------------------------------------+
# openstack endpoint create --region RegionOne image public http://controller:9292
+-------------------+---------------------------------------------------+
| Field | Value |
+-------------------+---------------------------------------------------+
| enabled | True |
| id | 61103eb912e84eca896cf82ec4aee8d0 |
| interface | public |
| region | RegionOne |
| region_id | RegionOne |
| service_id | 1ce3b98891804d6ea26653778640a08c |
| service_name | glance |
| service_type | image |
| url | http://controller:9292 |
+-------------------+---------------------------------------------------+
# openstack endpoint create --region RegionOne image internal http://controller:9292
+-------------------+---------------------------------------------------+
| Field | Value |
+-------------------+---------------------------------------------------+
| enabled | True |
| id | 98dc8602b1a24cd8be35736243ac72b3 |
| interface | internal |
| region | RegionOne |
| region_id | RegionOne |
| service_id | 1ce3b98891804d6ea26653778640a08c |
| service_name | glance |
| service_type | image |
| url | http://controller:9292 |
+-------------------+---------------------------------------------------+
# openstack endpoint create --region RegionOne image admin http://controller:9292
+-------------------+---------------------------------------------------+
| Field | Value |
+-------------------+---------------------------------------------------+
| enabled | True |
| id | c142dfa86acc40608ab9d7661d0b04f3 |
| interface | admin |
| region | RegionOne |
| region_id | RegionOne |
| service_id | 1ce3b98891804d6ea26653778640a08c |
| service_name | glance |
| service_type | image |
| url | http://controller:9292 |
+-------------------+---------------------------------------------------+
2. Glance User의 DB를 생성
# mysql -u root -p
# create database glance;
# grant all privileges on glance.* to glance@'localhost' identified by '111111';
# grant all privileges on glance.* to glance@'%' identified by '111111';
# flush privileges;
# exit;
3. Glance 설치
# dnf --enablerepo=centos-openstack-ussuri,powertools,epel -y install openstack-glance
# vi /etc/glance/glance-api.conf
[DEFAULT]
bind_host = 0.0.0.0
[glance_store]
stores = file,http
default_store = file
filesystem_store_datadir = /var/lib/glance/images/
[database]
connection = mysql+pymysql://glance:111111@controller/glance
[keystone_authtoken]
www_authenticate_uri = http://controller:5000
auth_url = http://controller:5000
memcached_servers = controller:11211
auth_type = password
project_domain_name = default
user_domain_name = default
project_name = service
username = glance
password = 111111
[paste_deploy]
flavor = keystone
- Glance 파일을 수정합니다
# su -s /bin/bash glance -c "glance-manage db_sync"
# systemctl enable --now openstack-glance-api
- Glance DB를 임포트 시킨후 서비스를 등록합니다.
# setsebool -P glance_api_can_network on
# vi glanceapi.te
module glanceapi 1.0;
require {
type glance_api_t;
type httpd_config_t;
type iscsid_exec_t;
class dir search;
class file { getattr open read };
}
#============= glance_api_t ==============
allow glance_api_t httpd_config_t:dir search;
allow glance_api_t iscsid_exec_t:file { getattr open read };
# checkmodule -m -M -o glanceapi.mod glanceapi.te
# semodule_package --outfile glanceapi.pp --module glanceapi.mod
# semodule -i glanceapi.pp
# firewall-cmd --add-port=9292/tcp --permanent
# firewall-cmd --reload
4. Glance Image 생성
# mkdir -p /var/kvm/images
# wget http://download.cirros-cloud.net/0.5.1/cirros-0.5.1-x86_64-disk.img
- 이미지를 다운받습니다.
# openstack image create "cirros" --file cirros-0.5.1-x86_64-disk.img --disk-format qcow2
# openstack image list
+---------------------------------------------------+-------------------+--------+
| ID | Name | Status |
+---------------------------------------------------+-------------------+--------+
| 1b00e917-eb52-4bce-99c4-340892769391 | cirros | active |
+---------------------------------------------------+-------------------+--------+
오픈스택은 Nova를 사용하여 인스턴스를 쉽게 만들 수 있으며,
Nova는 다양한 하이퍼바이저를 지원합니다.
결국 하이퍼바이저 위에 가상머신을생성하는데, 이때 생성될 사상머신의
사용될 운영체제를 관리하고, 보관 및 관리하는 서비스 입니다.
- glance 사용자는 glance-api를 통해 이미지 등록,삭제, 관리
- glance-api는 glance-registry와 glance database에서 관리
- 이미지 등록 시 glance-registry를 통해 glance-database에 저장
- 등록된 이미지를 사용할 때는 glance-database에서 사용요청
구성방법
- 해당 구성은 테스트 서버에서 구성한 내용입니다
1. Glance service 및 User 생성
----------------------------------------------------------------------------------------------------------------------------------------------
- 설치 환경 Openstack Ussuri / CentOS 8.2
# openstack user create --domain default --project service --password 111111 glance
+------------------------------+---------------------------------------------------+
| Field | Value |
+------------------------------+---------------------------------------------------+
| default_project_id | 08218a458b224d49b23f68befab3d325 |
| domain_id | default |
| enabled | True |
| id | 872a92fb647546dab59cb26b3be448da |
| name | glance |
| options | {} |
| password_expires_at | None |
+------------------------------+---------------------------------------------------+
# openstack role add --project service --user glance admin
# openstack service create --name glance --description "OpenStack Image service" image
+-------------------+---------------------------------------------------+
| Field | Value |
+-------------------+---------------------------------------------------+
| description | OpenStack Image service |
| enabled | True |
| id | 1ce3b98891804d6ea26653778640a08c |
| name | glance |
| type | image |
+-------------------+---------------------------------------------------+
# openstack endpoint create --region RegionOne image public http://controller:9292
+-------------------+---------------------------------------------------+
| Field | Value |
+-------------------+---------------------------------------------------+
| enabled | True |
| id | 61103eb912e84eca896cf82ec4aee8d0 |
| interface | public |
| region | RegionOne |
| region_id | RegionOne |
| service_id | 1ce3b98891804d6ea26653778640a08c |
| service_name | glance |
| service_type | image |
| url | http://controller:9292 |
+-------------------+---------------------------------------------------+
# openstack endpoint create --region RegionOne image internal http://controller:9292
+-------------------+---------------------------------------------------+
| Field | Value |
+-------------------+---------------------------------------------------+
| enabled | True |
| id | 98dc8602b1a24cd8be35736243ac72b3 |
| interface | internal |
| region | RegionOne |
| region_id | RegionOne |
| service_id | 1ce3b98891804d6ea26653778640a08c |
| service_name | glance |
| service_type | image |
| url | http://controller:9292 |
+-------------------+---------------------------------------------------+
# openstack endpoint create --region RegionOne image admin http://controller:9292
+-------------------+---------------------------------------------------+
| Field | Value |
+-------------------+---------------------------------------------------+
| enabled | True |
| id | c142dfa86acc40608ab9d7661d0b04f3 |
| interface | admin |
| region | RegionOne |
| region_id | RegionOne |
| service_id | 1ce3b98891804d6ea26653778640a08c |
| service_name | glance |
| service_type | image |
| url | http://controller:9292 |
+-------------------+---------------------------------------------------+
2. Glance User의 DB를 생성
# mysql -u root -p
# create database glance;
# grant all privileges on glance.* to glance@'localhost' identified by '111111';
# grant all privileges on glance.* to glance@'%' identified by '111111';
# flush privileges;
# exit;
3. Glance 설치
# dnf --enablerepo=centos-openstack-ussuri,powertools,epel -y install openstack-glance
# vi /etc/glance/glance-api.conf
[DEFAULT]
bind_host = 0.0.0.0
[glance_store]
stores = file,http
default_store = file
filesystem_store_datadir = /var/lib/glance/images/
[database]
connection = mysql+pymysql://glance:111111@controller/glance
[keystone_authtoken]
www_authenticate_uri = http://controller:5000
auth_url = http://controller:5000
memcached_servers = controller:11211
auth_type = password
project_domain_name = default
user_domain_name = default
project_name = service
username = glance
password = 111111
[paste_deploy]
flavor = keystone
- Glance 파일을 수정합니다
# su -s /bin/bash glance -c "glance-manage db_sync"
# systemctl enable --now openstack-glance-api
- Glance DB를 임포트 시킨후 서비스를 등록합니다.
# setsebool -P glance_api_can_network on
# vi glanceapi.te
module glanceapi 1.0;
require {
type glance_api_t;
type httpd_config_t;
type iscsid_exec_t;
class dir search;
class file { getattr open read };
}
#============= glance_api_t ==============
allow glance_api_t httpd_config_t:dir search;
allow glance_api_t iscsid_exec_t:file { getattr open read };
# checkmodule -m -M -o glanceapi.mod glanceapi.te
# semodule_package --outfile glanceapi.pp --module glanceapi.mod
# semodule -i glanceapi.pp
# firewall-cmd --add-port=9292/tcp --permanent
# firewall-cmd --reload
4. Glance Image 생성
# mkdir -p /var/kvm/images
# wget http://download.cirros-cloud.net/0.5.1/cirros-0.5.1-x86_64-disk.img
- 이미지를 다운받습니다.
# openstack image create "cirros" --file cirros-0.5.1-x86_64-disk.img --disk-format qcow2
# openstack image list
+---------------------------------------------------+-------------------+--------+
| ID | Name | Status |
+---------------------------------------------------+-------------------+--------+
| 1b00e917-eb52-4bce-99c4-340892769391 | cirros | active |
+---------------------------------------------------+-------------------+--------+
댓글목록 0
등록된 댓글이 없습니다.