Image Service인 Glance를 이용해서 사용자에게 가상 환경의 운영체제를 제공할 수 있다.
1. 데이터베이스 구축과 서비스 생성
# mysql
MariaDB [(none)]> CREATE DATABASE glance;
MariaDB [(none)]> GRANT ALL PRIVILEGES ON glance.* TO 'glance'@'localhost' \
IDENTIFIED BY 'GLANCE_DB_비밀번호';
MariaDB [(none)]> GRANT ALL PRIVILEGES ON glance.* TO 'glance'@'%' \
IDENTIFIED BY 'GLANCE_DB_비밀번호';Glance 서비스가 사용할 데이터베이스를 구축한 후 admin용 명령어를 사용하기 위해 keystone 구축할 때 만든 자격 증명을 실행한다.
# . admin-openrc그리고 나서 도메인, 프로젝트, 사용자 및 역할 생성을 한다.
# openstack user create --domain default --password-prompt glance
User Password:
Repeat User Password:
+---------------------+----------------------------------+
| Field | Value |
+---------------------+----------------------------------+
| domain_id | default |
| enabled | True |
| id | 3f4e777c4062483ab8d9edd7dff829df |
| name | glance |
| options | {} |
| password_expires_at | None |
+---------------------+----------------------------------+
# openstack role add --project service --user glance admin
# openstack service create --name glance \
--description "OpenStack Image" image
+-------------+----------------------------------+
| Field | Value |
+-------------+----------------------------------+
| description | OpenStack Image |
| enabled | True |
| id | 8c2c7f1b9b5049ea9e63757b5533e6d2 |
| name | glance |
| type | image |
+-------------+----------------------------------+Glance API을 위한 엔드포인트를 생성한다.
$ openstack endpoint create --region RegionOne \
image public http://노드_IP_주소:9292
+--------------+----------------------------------+
| Field | Value |
+--------------+----------------------------------+
| enabled | True |
| id | 340be3625e9b4239a6415d034e98aace |
| interface | public |
| region | RegionOne |
| region_id | RegionOne |
| service_id | 8c2c7f1b9b5049ea9e63757b5533e6d2 |
| service_name | glance |
| service_type | image |
| url | http://노드_IP_주소:9292 |
+--------------+----------------------------------+
$ openstack endpoint create --region RegionOne \
image internal http://노드_IP_주소:9292
+--------------+----------------------------------+
| Field | Value |
+--------------+----------------------------------+
| enabled | True |
| id | a6e4b153c2ae4c919eccfdbb7dceb5d2 |
| interface | internal |
| region | RegionOne |
| region_id | RegionOne |
| service_id | 8c2c7f1b9b5049ea9e63757b5533e6d2 |
| service_name | glance |
| service_type | image |
| url | http://노드_IP_주소:9292 |
+--------------+----------------------------------+
$ openstack endpoint create --region RegionOne \
image admin http://노드_IP_주소:9292
+--------------+----------------------------------+
| Field | Value |
+--------------+----------------------------------+
| enabled | True |
| id | 0c37ed58103f4300a84ff125a539032d |
| interface | admin |
| region | RegionOne |
| region_id | RegionOne |
| service_id | 8c2c7f1b9b5049ea9e63757b5533e6d2 |
| service_name | glance |
| service_type | image |
| url | http://노드_IP_주소:9292 |
+--------------+----------------------------------+쿼터 제한을 두고 싶다면 아래와 같이 설정을 한다.
# openstack --os-cloud devstack-system-admin registered limit create \
--service glance --default-limit 1000 --region RegionOne image_size_total
+---------------+----------------------------------+
| Field | Value |
+---------------+----------------------------------+
| default_limit | 1000 |
| description | None |
| id | 9cedfc5de80345a9b13ed00c2b5460f2 |
| region_id | RegionOne |
| resource_name | image_size_total |
| service_id | e38c84a2487f49fd9864193bdc8a3174 |
+---------------+----------------------------------+
# openstack --os-cloud devstack-system-admin registered limit create \
--service glance --default-limit 1000 --region RegionOne image_stage_total
+---------------+----------------------------------+
| Field | Value |
+---------------+----------------------------------+
| default_limit | 1000 |
| description | None |
| id | 5a68712b6ba6496d823d0c66e5e860b9 |
| region_id | RegionOne |
| resource_name | image_stage_total |
| service_id | e38c84a2487f49fd9864193bdc8a3174 |
+---------------+----------------------------------+
# openstack --os-cloud devstack-system-admin registered limit create \
--service glance --default-limit 100 --region RegionOne image_count_total
+---------------+----------------------------------+
| Field | Value |
+---------------+----------------------------------+
| default_limit | 100 |
| description | None |
| id | beb91b043296499f8e6268f29d8b2749 |
| region_id | RegionOne |
| resource_name | image_count_total |
| service_id | e38c84a2487f49fd9864193bdc8a3174 |
+---------------+----------------------------------+
# openstack --os-cloud devstack-system-admin registered limit create \
--service glance --default-limit 100 --region RegionOne image_count_uploading
+---------------+----------------------------------+
| Field | Value |
+---------------+----------------------------------+
| default_limit | 100 |
| description | None |
| id | fc29649c047a45bf9bc03ec4a7bcb8af |
| region_id | RegionOne |
| resource_name | image_count_uploading |
| service_id | e38c84a2487f49fd9864193bdc8a3174 |
+---------------+----------------------------------+2. Glance 설치와 구성
# apt install glance
# vim /etc/glance/glance-api.conf
[database]
# ...
connection = mysql+pymysql://glance:GLANCE_DB_비빌번호@localhost/glance
[keystone_authtoken]
# ...
www_authenticate_uri = http://localhost:5000
auth_url = http://localhost:5000
memcached_servers = localhost:11211
auth_type = password
project_domain_name = Default
user_domain_name = Default
project_name = service
username = glance
password = GLANCE_DB_비빌번호
[paste_deploy]
# ...
flavor = keystone
[glance_store]
# ...
stores = file,http
default_store = file
filesystem_store_datadir = /var/lib/glance/images/
[oslo_limit]
auth_url = http://localhost:5000
auth_type = password
user_domain_id = default
username = MY_SERVICE
system_scope = all
password = MY_PASSWORD
endpoint_id = ENDPOINT_ID
region_name = RegionOne
[DEFAULT]
use_keystone_quotas = True- [database], [keystone_authtoken] 레이어 부분에서 controller가 아닌 localhost로 해줘야 한다.
- MY_SERVICE 계정이 시스템 범위 리소스에 대한 제한과 같은 판독기 액세스 권한을 가지고 있는지 확인한다.
# openstack role add --user MY_SERVICE --user-domain Default --system all reader
마지막으로 데이터베이스를 연결한다.
# su -s /bin/sh -c "glance-manage db_sync" glance3. 설치 완료
# service glance-api restart4. 작동 확인
가벼운 이미지 파일인 cirros을 다운받아서 테스트를 해본다.
# . admin-openrc
# wget http://download.cirros-cloud.net/0.4.0/cirros-0.4.0-x86_64-disk.img
# glance image-create --name "cirros" \
--file cirros-0.4.0-x86_64-disk.img \
--disk-format qcow2 --container-format bare \
--visibility=public
+------------------+------------------------------------------------------+
| Field | Value |
+------------------+------------------------------------------------------+
| checksum | 133eae9fb1c98f45894a4e60d8736619 |
| container_format | bare |
| created_at | 2015-03-26T16:52:10Z |
| disk_format | qcow2 |
| file | /v2/images/cc5c6982-4910-471e-b864-1098015901b5/file |
| id | cc5c6982-4910-471e-b864-1098015901b5 |
| min_disk | 0 |
| min_ram | 0 |
| name | cirros |
| owner | ae7a98326b9c455588edd2656d723b9d |
| protected | False |
| schema | /v2/schemas/image |
| size | 13200896 |
| status | active |
| tags | |
| updated_at | 2015-03-26T16:52:10Z |
| virtual_size | None |
| visibility | public |
+------------------+------------------------------------------------------+
# glance image-list
+--------------------------------------+--------+--------+
| ID | Name | Status |
+--------------------------------------+--------+--------+
| 38047887-61a7-41ea-9b49-27987d5e8bb9 | cirros | active |
+--------------------------------------+--------+--------+