搜索
支持控制台(Console)开发人员开始试用联系人

此内容没有您所选择的语言版本。

Chapter 5. Configuring the Image service (glance)

download PDF

The Image service (glance) provides discovery, registration, and delivery services for disk and server images. It provides the ability to copy or snapshot a server image, and immediately store it. You can use stored images as templates to commission new servers quickly and more consistently than installing a server operating system and individually configuring services.

You can configure the following back ends (stores) for the Image service:

  • RADOS Block Device (RBD) is the default back end when you use Red Hat Ceph Storage.
  • Block Storage (cinder).
  • Object Storage (swift).
  • NFS.

5.1. Configuring a Ceph RBD back end

You can configure the Image service (glance) with Red Hat Ceph Storage RADOS Block Device (RBD) as the storage back end.

Prerequisites

  • Ensure network connectivity between the storage back end, the Red Hat OpenShift cluster, and the Compute nodes.

Procedure

  1. Open your OpenStackControlPlane CR file, openstack_control_plane.yaml, and add the following parameters to the glance template to configure Ceph RBD as the back end: 

    apiVersion: core.openstack.org/v1beta1
kind: OpenStackControlPlane
spec:
    ...
  glance:
    template:
      databaseInstance: openstack
      databaseUser: glance
      customServiceConfig: |
        [DEFAULT]
        enabled_backends = default_backend:rbd
        enabled_import_methods=[web-download,glance-direct]
        [glance_store]
        default_backend = default_backend
        [default_backend]
        rbd_store_ceph_conf = /etc/ceph/ceph.conf
        store_description = "RBD backend"
        rbd_store_pool = images
        rbd_store_user = openstack
        rbd_thin_provisioning = True
...

  2. Update the control plane: 

    $ oc apply -f openstack_control_plane.yaml -n openstack

  3. Wait until RHOCP creates the resources related to the OpenStackControlPlane CR. Run the following command to check the status: 

    $ oc get openstackcontrolplane -n openstack

    The OpenStackControlPlane resources are created when the status is "Setup complete".

    Tip

    Append the -w option to the end of the get command to track deployment progress.

Image conversion

When you use Red Hat Ceph Storage as a back end for the Image service, image-conversion is enabled by default with a dedicated PersistentVolumeClaim (PVC), glance-conversion. The PVC is mounted to the /var/lib/glance/os_glance_staging_store path. You can run the oc describe pod command to see the glance-conversion PVC:

Example output: 

...
    Mounts:
      /etc/ceph from ceph (ro)
      /etc/my.cnf from config-data (ro,path="my.cnf")
      /usr/local/bin/container-scripts from scripts (ro)
      /var/lib/config-data/default from config-data (ro)
      /var/lib/glance from glance (rw)
      /var/lib/glance/os_glance_staging_store from glance-conversion (rw)
      /var/lib/kolla/config_files/config.json from config-data (ro,path="glance-api-config.json")
      /var/log/glance from logs (rw)
...

The PVC is only created for an external instance to store the staging data of an uploaded image.

5.2. Configuring a Block Storage back end

You can configure the Image service (glance) with the Block Storage service (cinder) as the storage back end.

Prerequisites

  • Ensure network connectivity between the storage back end, the Red Hat OpenShift cluster, and the Compute nodes.

Procedure

  1. Open your OpenStackControlPlane CR file, openstack_control_plane.yaml, and add the following parameters to the glance template to configure the Block Storage service as the back end: 

    apiVersion: core.openstack.org/v1beta1
kind: OpenStackControlPlane
spec:
    ...
  glance:
    template:
      customServiceConfig: |
        [DEFAULT]
        enabled_backends = default_backend:cinder
        [glance_store]
        default_backend = default_backend
        [default_backend]
        rootwrap_config = /etc/glance/rootwrap.conf
        description = Default cinder backend
        cinder_store_user_name = {{ .ServiceUser }}
        cinder_store_password = {{ .ServicePassword }}
        cinder_store_project_name = servicecinder_catalog_info volumev3::publicURL
...

  2. Update the control plane: 

    $ oc apply -f openstack_control_plane.yaml -n openstack

  3. Wait until RHOCP creates the resources related to the OpenStackControlPlane CR. Run the following command to check the status: 

    $ oc get openstackcontrolplane -n openstack

    The OpenStackControlPlane resources are created when the status is "Setup complete".

    Tip

    Append the -w option to the end of the get command to track deployment progress.

5.3. Configuring an Object Storage back end

You can configure the Image service (glance) with the Object Storage service (swift) as the storage back end.

Prerequisites

  • Ensure network connectivity between the storage back end, the Red Hat OpenShift cluster, and the Compute nodes.

Procedure

  1. Open your OpenStackControlPlane CR file, openstack_control_plane.yaml, and add the following parameters to the glance template to configure the Object Storage service as the back end: 

    apiVersion: core.openstack.org/v1beta1
kind: OpenStackControlPlane
metadata:
  name: openstack
spec:
   …
   glance:
      template:
        customServiceConfig: |
            [DEFAULT]
            enabled_backends = default_backend:swift
            [glance_store]
            default_backend = default_backend
            [default_backend]
            swift_store_create_container_on_put = True
            swift_store_auth_version = 3
            swift_store_auth_address = {{ .KeystoneInternalURL }}
            swift_store_key = {{ .ServicePassword }}
            swift_store_user = service:glance
            swift_store_endpoint_type = internalURL
...

  2. Update the control plane: 

    $ oc apply -f openstack_control_plane.yaml -n openstack

  3. Wait until RHOCP creates the resources related to the OpenStackControlPlane CR. Run the following command to check the status: 

    $ oc get openstackcontrolplane -n openstack

    The OpenStackControlPlane resources are created when the status is "Setup complete".

    Tip

    Append the -w option to the end of the get command to track deployment progress.

5.4. Configuring an NFS back end

When you mount an NFS share on the Image service (glance), the Image service does not manage the operation. The Image service writes data to the file system but is unaware that the back end is an NFS share.

If you use NFS as an Image service back end, Red Hat recommends the following best practices to mitigate risk:

  • Use a reliable production-grade NFS back end.
  • Make sure the network is propagated to the OpenShift control plane, where the Image service is deployed, and the Image service has a NetworkAttachmentDefinition (NAD) that points to the network. This configuration ensures that the Image service pods can reach the NFS server.
  • Set underlying file system permissions. Write permissions must be present in the shared file system that you use as a store.
  • Ensure that the user and the group that the glance-api process runs on do not have write permissions on the mount point at the local file system. This means that the process can detect possible mount failure and put the store into read-only mode during a write attempt.

Limitations

  • In Red Hat OpenStack Services on OpenShift (RHOSO), you cannot set client-side NFS mount options in a pod spec. You can set NFS mount options in one of the following ways:

    • Set server-side mount options.
    • Use /etc/nfsmount.conf.
    • Mount NFS volumes by using PersistentVolumes, which have mount options.

Procedure

  1. Open your OpenStackControlPlane CR file, openstack_control_plane.yaml, and add the extraMounts parameter in the spec section to add the export path and IP address of the NFS share. The path is mapped to /var/lib/glance/images, where the Image service API stores and retrieves images: 

    apiVersion: core.openstack.org/v1beta1
kind: OpenStackControlPlane
metadata:
  name: openstack
...
spec:
  extraMounts:
  - extraVol:
    - extraVolType: Nfs
      mounts:
      - mountPath: /var/lib/glance/images
        name: nfs
      propagation:
      - Glance
      volumes:
      - name: nfs
        nfs:
          path: {{ <nfs_export_path> }}
          server: {{ <nfs_ip_address> }}
    name: r1
    region: r1
    • Replace <nfs_export_path> with the export path of your NFS share.
    • Replace <nfs_ip_address> with the IP address of your NFS share. This IP address must be part of the overlay network that is reachable by the Image service.

  2. Add the following parameters to the glance template to configure NFS as the back end: 

    ...
spec:
  extraMounts:
    ...
  glance:
    template:
      customServiceConfig: |
        [DEFAULT]
        enabled_backends = default_backend:file
        [glance_store]
        default_backend = default_backend
        [default_backend]
        filesystem_store_datadir = /var/lib/glance/images
      databaseInstance: openstack
      glanceAPIs:
...

  3. Update the control plane: 

    $ oc apply -f openstack_control_plane.yaml -n openstack

  4. Wait until RHOCP creates the resources related to the OpenStackControlPlane CR. Run the following command to check the status: 

    $ oc get openstackcontrolplane -n openstack

    The OpenStackControlPlane resources are created when the status is "Setup complete".

    Tip

    Append the -w option to the end of the get command to track deployment progress.

Red Hat logoGithubRedditYoutubeTwitter

学习

尝试、购买和销售

社区

关于红帽文档

通过我们的产品和服务,以及可以信赖的内容,帮助红帽用户创新并实现他们的目标。

让开源更具包容性

红帽致力于替换我们的代码、文档和 Web 属性中存在问题的语言。欲了解更多详情,请参阅红帽博客.

關於紅帽

我们提供强化的解决方案,使企业能够更轻松地跨平台和环境(从核心数据中心到网络边缘)工作。

© 2024 Red Hat, Inc.