(Last Updated On: November 17, 2018)

Part one of this series is Installation of Openstack three Node Cluster on CentOS 7

Installation of Glance

In this second session, we are going to install glance image service. The Image service (glance) project provides a service where users can upload and discover data assets that are meant to be used with other services. This currently includes images and metadata definitions. Glance image services include discovering, registering, and retrieving virtual machine (VM) images. Glance has a RESTful API that allows querying of VM image metadata as well as retrieval of the actual image. (Opesnstack.org, 2018)

The first step as you might guess is the addition of glance user to Keystone as already installed and add roles (A role is the level of authorization that a user has.) to it.

“The world as we have created it is a process of our thinking. It cannot be changed without changing our thinking.”
― Albert Einstein

Let us get started with adding glance user to keystone.

[[email protected] ~(keystone)]# openstack user create --domain default --project service --password password glance
+---------------------+----------------------------------+
| Field               | Value                            |
+---------------------+----------------------------------+
| default_project_id  | 76d124ff821e4db5ad792a113b54724e |
| domain_id           | default                          |
| enabled             | True                             |
| id                  | 9feefa47a5414490ad16ac19201bac8f |
| name                | glance                           |
| options             | {}                               |
| password_expires_at | None                             |
+---------------------+----------------------------------+
You can confirm the new glance user as shown below.

[[email protected] ~(keystone)]# openstack user list                                     
+----------------------------------+--------+
| ID                               | Name   |
+----------------------------------+--------+
| 1f53dd25b3ee44218b36dd821c1d7dd9 | admin  |
| 9feefa47a5414490ad16ac19201bac8f | glance |
+----------------------------------+--------+

[[email protected] ~(keystone)]# openstack role add --project service --user glance admin
[[email protected] ~(keystone)]# openstack service create --name glance --description "Glance Serves Images" image
+-------------+----------------------------------+
| Field       | Value                            |
+-------------+----------------------------------+
| description | Glance Serves Images             |
| enabled     | True                             |
| id          | 4145a8e51f9d4c0d81cf4f0f5d505ab8 |
| name        | glance                           |
| type        | image                            |
+-------------+----------------------------------+
[[email protected] ~(keystone)]# export controller=192.168.122.130

We shall proceed to add endpoints. An endpoint in Keystone is just a URL that can be used to access a service within OpenStack. An endpoint is just like a point of contact for a given user to use an OpenStack service. The admin URL is for the admin users, the internal URL is what the other services use to talk to each other. And the public URL is what everyone else accessing the service endpoint uses.

[[email protected] ~(keystone)]# openstack endpoint create --region RegionOne image public http://$controller:9292
+--------------+----------------------------------+
| Field        | Value                            |
+--------------+----------------------------------+
| enabled      | True                             |
| id           | 86e2ed91b42341d3b8edf1c829842192 |
| interface    | public                           |
| region       | RegionOne                        |
| region_id    | RegionOne                        |
| service_id   | 4145a8e51f9d4c0d81cf4f0f5d505ab8 |
| service_name | glance                           |
| service_type | image                            |
| url          | http://192.168.122.130:9292      |
+--------------+----------------------------------+

[[email protected] ~(keystone)]# openstack endpoint create --region RegionOne image internal http://$controller:9292

+--------------+----------------------------------+
| Field        | Value                            |
+--------------+----------------------------------+
| enabled      | True                             |
| id           | c335a3a29239432c85a9db34a43b2b38 |
| interface    | internal                         |
| region       | RegionOne                        |
| region_id    | RegionOne                        |
| service_id   | 4145a8e51f9d4c0d81cf4f0f5d505ab8 |
| service_name | glance                           |
| service_type | image                            |
| url          | http://192.168.122.130:9292      |
+--------------+----------------------------------+

 # openstack endpoint create --region RegionOne image admin http://$controller:9292 

+--------------+----------------------------------+
| Field        | Value                            |
+--------------+----------------------------------+
| enabled      | True                             |
| id           | 0daefdd6ced44e4aaaa6457309ba395b |
| interface    | admin                            |
| region       | RegionOne                        |
| region_id    | RegionOne                        |
| service_id   | 4145a8e51f9d4c0d81cf4f0f5d505ab8 |
| service_name | glance                           |
| service_type | image                            |
| url          | http://192.168.122.130:9292      |
+--------------+----------------------------------+

After we are done with the addition of glance user, assigning of roles and the creation of endpoints, glance needs a database to function and therefore let us go ahead and create a database for it before installing and configuring it. This must be exciting already.

[[email protected] ~(keystone)]# mysql -u root -p 
Enter password: 
Welcome to the MariaDB monitor.  Commands end with ; or \g.
Your MariaDB connection id is 7
Server version: 10.1.20-MariaDB MariaDB Server

Copyright (c) 2000, 2016, Oracle, MariaDB Corporation Ab and others.

No entry for terminal type "xterm-termite";
using dumb terminal settings.
Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.

MariaDB [(none)]> create database glance;
Query OK, 1 row affected (0.00 sec)

MariaDB [(none)]> grant all privileges on glance.* to [email protected]'localhost' identified by 'password';   
Query OK, 0 rows affected (0.00 sec)

MariaDB [(none)]> grant all privileges on glance.* to [email protected]'%' identified by 'password';   
Query OK, 0 rows affected (0.00 sec)

MariaDB [(none)]> flush privileges;
Query OK, 0 rows affected (0.00 sec)

MariaDB [(none)]> exit;
Bye

Install glance

[[email protected] ~(keystone)]#  yum --enablerepo=centos-openstack-queens,epel install openstack-glance -y
Loaded plugins: fastestmirror
Loading mirror speeds from cached hostfile
 * base: repos-jnb.psychz.net
 * epel: mirror.de.leaseweb.net
 * extras: repos-jnb.psychz.net
 * updates: repos-jnb.psychz.net
Resolving Dependencies
--> Running transaction check
---> Package openstack-glance.noarch 1:16.0.2-0.20180706180854.f676961.el7 will be installed
--> Processing Dependency: python-glance = 1:16.0.2-0.20180706180854.f676961.el7 for package: 1:openstack-glance-16.0.2-0.20180706180854.f676961.el7.noarch

Configure glance

First, create a back up of the default files and create new files with succinct parameters to match your environment.

sudo mv /etc/glance/glance-api.conf /etc/glance/glance-api.conf.bak
vim /etc/glance/glance-api.conf

Add:

###New##
[DEFAULT]
bind_host = 0.0.0.0

[glance_store]
stores = file,http
default_store = file
filesystem_store_datadir = /var/lib/glance/images/

[database]
# MariaDB connection informotation. Do not forget the password for glance database
connection = mysql+pymysql://glance:[email protected]/glance

# keystone authentication details
[keystone_authtoken]
www_authenticate_uri = http://192.168.122.130:5000
auth_url = http://192.168.122.130:5000
memcached_servers = 192.168.122.130:11211
auth_type = password
project_domain_name = default
user_domain_name = default
project_name = service
username = glance
password = password ##the password for service

[paste_deploy]
flavor = keystone

Also set Glance registry:

mv /etc/glance/glance-registry.conf /etc/glance/glance-registry.conf.bak
vim /etc/glance/glance-registry.conf

Add content:

###New##
[DEFAULT]
bind_host = 0.0.0.0

[database]
# MariaDB connection information. Do not forget glance database password here.
connection = mysql+pymysql://glance:[email protected]/glance

# Keystone authentication details
[keystone_authtoken]
www_authenticate_uri = http://192.168.122.130:5000
auth_url = http://192.168.122.130:5000
memcached_servers = 192.168.122.130:11211
auth_type = password
project_domain_name = default
user_domain_name = default
project_name = service
username = glance
password = password ##service password here

[paste_deploy]
flavor = keystone

Change the file permissions and file ownership of the configuration files as shown below

chmod 640 /etc/glance/glance-api.conf /etc/glance/glance-registry.conf
chown root:glance /etc/glance/glance-api.conf /etc/glance/glance-registry.conf

Do a database sync. In case you have errors here, please confirm your passwords are correct and the spacings of the file are also set well. You should see “Database is synced successfully” in the end.

[[email protected] ~(keystone)]# su -s /bin/bash glance -c "glance-manage db_sync"
/usr/lib/python2.7/site-packages/oslo_db/sqlalchemy/enginefacade.py:1336: OsloDBDeprecationWarning: EngineFacade is deprecated; please use oslo_db.sqlalchemy.enginefacade
  expire_on_commit=expire_on_commit, _conf=conf)
INFO  [alembic.runtime.migration] Context impl MySQLImpl.
INFO  [alembic.runtime.migration] Will assume non-transactional DDL.
INFO  [alembic.runtime.migration] Running upgrade  -> liberty, liberty initial
INFO  [alembic.runtime.migration] Running upgrade liberty -> mitaka01, add index on created_at and updated_at columns of 'images' table
INFO  [alembic.runtime.migration] Running upgrade mitaka01 -> mitaka02, update metadef os_nova_server
INFO  [alembic.runtime.migration] Running upgrade mitaka02 -> ocata_expand01, add visibility to images
INFO  [alembic.runtime.migration] Running upgrade ocata_expand01 -> pike_expand01, empty expand for symmetry with pike_contract01

Start and enable openstack-glance-api and openstack-glance-registry as below and you are good to go with glance service. Do not forget to enable the ports in the firewall as well.

sudo systemctl start openstack-glance-api openstack-glance-registry
sudo systemctl enable openstack-glance-api openstack-glance-registry 
sudo firewall-cmd --add-port={9191/tcp,9292/tcp} --permanent
sudo firewall-cmd --reload