高可用OpenStack(Queen版)集群-5.Glance集群
阿新 • • 發佈:2018-06-22
dir username body title memcache AI stat chown _for
參考文檔:
- Install-guide:https://docs.openstack.org/install-guide/
- OpenStack High Availability Guide:https://docs.openstack.org/ha-guide/index.html
- 理解Pacemaker:http://www.cnblogs.com/sammyliu/p/5025362.html
- Ceph: http://docs.ceph.com/docs/master/start/intro/
九.Glance集群
1. 創建glance數據庫
# 在任意控制節點創建數據庫,後臺數據自動同步,以controller01節點為例[root@controller01 ~]# mysql -u root -pmysql_pass MariaDB [(none)]> CREATE DATABASE glance; MariaDB [(none)]> GRANT ALL PRIVILEGES ON glance.* TO ‘glance‘@‘localhost‘ IDENTIFIED BY ‘glance_dbpass‘; MariaDB [(none)]> GRANT ALL PRIVILEGES ON glance.* TO ‘glance‘@‘%‘ IDENTIFIED BY ‘glance_dbpass‘; MariaDB [(none)]> flush privileges; MariaDB [(none)]> exit;
2. 創建glance-api
# 在任意控制節點操作,以controller01節點為例; # 調用keystone服務需要認證信息,加載環境變量腳本即可 [root@controller01 ~]# . admin-openrc
1)創建service項目
# 創建1個project,glance/nova/neutron等服務加入到此project; # service項目在”default” domain中 [root@controller01 ~]#openstack project create --domain default --description "Service Project" service
2)創建glance用戶
# glance用戶在”default” domain中 [root@controller01 ~]# openstack user create --domain default --password=glance_pass glance
3)glance用戶賦權
# 為glance用戶賦予admin權限 [root@controller01 ~]# openstack role add --project service --user glance admin
4)創建glance服務實體
# 服務實體類型”image” [root@controller01 ~]# openstack service create --name glance --description "OpenStack Image" image
5)創建glance-api
# 註意--region與初始化admin用戶時生成的region一致; # api地址統一采用vip,如果public/internal/admin分別使用不同的vip,請註意區分; # 服務類型為image; # public api [root@controller01 ~]# openstack endpoint create --region RegionTest image public http://controller:9292
# internal api [root@controller01 ~]# openstack endpoint create --region RegionTest image internal http://controller:9292
# admin api [root@controller01 ~]# openstack endpoint create --region RegionTest image admin http://controller:9292
3. 安裝glance
# 在全部控制節點安裝glance,以controller01節點為例 [root@controller01 ~]# yum install openstack-glance python-glance python-glanceclient -y
4. 配置glance-api.conf
# 在全部控制節點操作,以controller01節點為例; # 註意”bind_host”參數,根據節點修改; # 註意glance-api.conf文件的權限:root:glance [root@controller01 ~]# cp /etc/glance/glance-api.conf /etc/glance/glance-api.conf.bak [root@controller01 ~]# egrep -v "^$|^#" /etc/glance/glance-api.conf [DEFAULT] enable_v1_api = false bind_host = 172.30.200.31 [cors] [database] connection = mysql+pymysql://glance:glance_dbpass@controller/glance [glance_store] stores = file,http default_store = file filesystem_store_datadir = /var/lib/glance/images/ [image_format] [keystone_authtoken] auth_uri = http://controller:5000 auth_url = http://controller:35357 memcached_servers = controller01:11211,controller02:11211,controller03:11211 auth_type = password project_domain_name = default user_domain_name = default project_name = service username = glance password = glance_pass [matchmaker_redis] [oslo_concurrency] [oslo_messaging_amqp] [oslo_messaging_kafka] [oslo_messaging_notifications] [oslo_messaging_rabbit] [oslo_messaging_zmq] [oslo_middleware] [oslo_policy] [paste_deploy] flavor = keystone [profiler] [store_type_location_strategy] [task] [taskflow_executor] # 創建鏡像存儲目錄並賦權限; # /var/lib/glance/images是默認的存儲目錄 [root@controller01 ~]# mkdir -p /var/lib/glance/images [root@controller01 ~]# chown glance:nobody /var/lib/glance/images
5. 配置glance-registry.conf(optional)
# 官方文檔指出:glance-registry服務與其api在Q版已經棄用,並且在S版時完全刪除,本章節可忽略; # 在全部控制節點操作,以controller01節點為例; # 註意”bind_host”參數,根據節點修改; # 註意glance-registry.conf文件的權限:root:glance [root@controller01 ~]# cp /etc/glance/glance-registry.conf /etc/glance/glance-registry.conf.bak [root@controller01 ~]# egrep -v "^$|^#" /etc/glance/glance-registry.conf [DEFAULT] bind_host = 172.30.200.31 [database] connection = mysql+pymysql://glance:glance_dbpass@controller/glance [keystone_authtoken] auth_uri = http://controller:5000 auth_url = http://controller:35357 memcached_servers = controller01:11211,controller02:11211,controller03:11211 auth_type = password project_domain_name = default user_domain_name = default project_name = service username = glance password = glance_pass [matchmaker_redis] [oslo_messaging_amqp] [oslo_messaging_kafka] [oslo_messaging_notifications] [oslo_messaging_rabbit] [oslo_messaging_zmq] [oslo_policy] [paste_deploy] flavor = keystone [profiler]
6. 同步glance數據庫
# 任意控制節點操作; # 忽略輸出的“deprecated”信息 [root@controller01 ~]# su -s /bin/sh -c "glance-manage db_sync" glance
# 查看驗證 [root@controller01 ~]# mysql -h controller01 -uglance -pglance_dbpass -e "use glance;show tables;"
7. 啟動服務
# 在全部控制節點操作,以controller01節點為例; # glance-registry在Q版已棄用; [root@controller01 ~]# systemctl enable openstack-glance-api.service openstack-glance-registry.service [root@controller01 ~]# systemctl restart openstack-glance-api.service openstack-glance-registry.service # 查看服務狀態 [root@controller01 ~]# systemctl status openstack-glance-api.service openstack-glance-registry.service # 查看端口 [root@controller01 ~]# netstat -tunlp | grep python2
8. 驗證
在不啟用ceph存儲時,通常采用nfs共享存儲做image的後端存儲,如可將controller01節點的本地存儲做共享,controller02/03節點遠端掛載即可。
這裏後續使用ceph存儲,暫時使用本地驗證,以controller01節點為例。
1)下載鏡像
[root@controller01 ~]# wget http://download.cirros-cloud.net/0.3.5/cirros-0.3.5-x86_64-disk.img
2)上傳鏡像
[root@controller01 ~]# . admin-openrc # “上傳”指將已下載的原始鏡像經過一定的格式轉換上傳到image服務; # 格式指定為qcow2,bare;設置public權限; # 鏡像生成後,在指定的存儲目錄下生成以鏡像id命名的鏡像文件 [root@controller01 ~]# openstack image create "cirros-qcow2" \ --file ~/cirros-0.3.5-x86_64-disk.img --disk-format qcow2 --container-format bare --public
3)查看鏡像
[root@controller01 ~]# openstack image list
9. 設置pcs資源
# 在任意控制節點操作; # 添加資源openstack-glance-api與openstack-glance-registry [root@controller01 ~]# pcs resource create openstack-glance-api systemd:openstack-glance-api --clone interleave=true [root@controller01 ~]# pcs resource create openstack-glance-registry systemd:openstack-glance-registry --clone interleave=true # 查看pcs資源 [root@controller01 ~]# pcs resource
高可用OpenStack(Queen版)集群-5.Glance集群