1. Glasce Architecture

The glass architecture is shown in Fig. 1-1.

Figure 1-1 Architecture of glass

Figure 1-2 Grace schema diagram in the official open stack document
1) Mirror service components:
Glance-api: is an external API interface that can accept external API mirroring requests.REST Request is mainly used to analyze, distribute, respond to various mirror management, and then through other modules (EG. glance-registry, Store Backend back-end storage interface) to complete the operation of image discovery, acquisition, storage, etc.The default binding port is 9292.
Glance provides the REST API to support the following mirroring operations: query, register, upload, get, delete, access rights management
glance-registry: Used to store, process, and obtain Image Metadata.Image Metadata REST Request is responded to from glance-api, and then interacts with MySQL to store, process, and retrieve Image Metadate.The default binding port is 9191.
_glance-db: Supported by MySQL in Openstack for storing Image Metadata.
Image Metadate: Refers to the storage of MySQL Database by glance-registry; image chunk data is stored in and obtained from various backend store s by glance-store.
Glance Store: Used to store mirror files.Contact the glance-api through the Store Backend backend storage interface.Through this interface, glances can get a mirror file from the Image Store and hand it over to Nova to create a virtual machine.
_Glance supports multiple Imange Store scenarios through Store Adapter
Support swift, file system, s3, sheepdog, rbd, cinder, etc.
2)image has access to:
public: Can be used by all tenant s.
private Private / Projects: Can only be used by tenant where image owner is located.
Shared: A non-shared image can be shared to another tenant through member-* operations.
Protected: The image of protected cannot be deleted.

3) The various states of the image
queued: There is no image data uploaded, only metadata in db.
Save: uploading image data
active: normal state
deleted/pending_delete: deleted/pending delete
killed:image metadata incorrect, waiting to be deleted.

2. Image formats supported by Glance

raw - Unstructured Mirror Format
_vhd - A universal virtual machine disk format for Vmware, Xen, Microsoft Virtual PC/Virtual Server/Hyper-V, VirtualBox, etc.
_vmdk-Vmware's virtual machine disk format, also supports multiple Hypervisor s
_vdi-Virtual Box, QEMU, etc. Supported Virtual Machine Disk Formats
_qcow2 - A disk format that supports QEMU and can be dynamically extended
_aki-Amazon Kernel Mirror
_ari-Amazon Ramdisk mirror
_ami-Amazon Virtual Machine Mirroring

3. Common interview questions

1) openstack docks ceph cluster, which format does image use?
A: Use the raw format.

2) The difference between raw and qcow 2:
A:
(1) Differences in space occupancy, such as 20G specified space, 20G for raw, and 5G for qcow2, which is used to save space;
(2) If you use the raw format with ceph, it is more compatible with the raw format, even if you specify the qcow2 format, the back end will be converted to the raw format first.

4. Working process of glance components

5. Actual warfare: glass's manual build

5.1. Installation Configuration of Control Nodes

(1) Create a glass database:

[root@controller ~]# mysql  -uroot -popenstack <<EOF
create database glance;
GRANT ALL PRIVILEGES ON glance.* TO 'glance'@'localhost'  IDENTIFIED BY 'openstack'; GRANT ALL PRIVILEGES ON glance.* TO 'glance'@'%' IDENTIFIED BY 'openstack';
EOF

(2) Create a glance user and add an administrator role to the service project

[root@controller ~]# source admin_openrc 
//To execute this sentence separately, enter the password of the glance user:
[root@controller ~]# openstack user create --domain default --password-prompt glance
User Password:
Repeat User Password:
+---------------------+----------------------------------+
| Field               | Value                            |
+---------------------+----------------------------------+
| domain_id           | default                          |
| enabled             | True                             |
| id                  | cd90f56cf9bc4c8f8a01f88c5c179762 |
| name                | glance                           |
| options             | {}                               |
| password_expires_at | None                             |
+---------------------+----------------------------------+
[root@controller ~]# openstack role add --project service --user glance admin

(3) Create glance services and ports

[root@controller ~]# openstack service create --name glance --description "OpenStack Image" image
+-------------+----------------------------------+
| Field       | Value                            |
+-------------+----------------------------------+
| description | OpenStack Image                  |
| enabled     | True                             |
| id          | ad61f9ee483e4bea9cb374796f097dd3 |
| name        | glance                           |
| type        | image                            |
+-------------+----------------------------------+
[root@controller ~]# openstack endpoint create --region RegionOne  image public http://controller:9292
+--------------+----------------------------------+
| Field        | Value                            |
+--------------+----------------------------------+
| enabled      | True                             |
| id           | b781cb1117f040f1a18615b649fb5388 |
| interface    | public                           |
| region       | RegionOne                        |
| region_id    | RegionOne                        |
| service_id   | ad61f9ee483e4bea9cb374796f097dd3 |
| service_name | glance                           |
| service_type | image                            |
| url          | http://controller:9292           |
+--------------+----------------------------------+
[root@controller ~]# openstack endpoint create --region RegionOne  image internal http://controller:9292 
+--------------+----------------------------------+
| Field        | Value                            |
+--------------+----------------------------------+
| enabled      | True                             |
| id           | 129da42ca64c4cfb821afcf3c2e81dfd |
| interface    | internal                         |
| region       | RegionOne                        |
| region_id    | RegionOne                        |
| service_id   | ad61f9ee483e4bea9cb374796f097dd3 |
| service_name | glance                           |
| service_type | image                            |
| url          | http://controller:9292           |
+--------------+----------------------------------+
[root@controller ~]# openstack endpoint create --region RegionOne  image admin http://controller:9292
+--------------+----------------------------------+
| Field        | Value                            |
+--------------+----------------------------------+
| enabled      | True                             |
| id           | 9fc675719b1d49a48851abeee9f2622c |
| interface    | admin                            |
| region       | RegionOne                        |
| region_id    | RegionOne                        |
| service_id   | ad61f9ee483e4bea9cb374796f097dd3 |
| service_name | glance                           |
| service_type | image                            |
| url          | http://controller:9292           |
+--------------+----------------------------------+
[root@controller ~]# openstack endpoint list
---------+-----------+-----------------------------+
| ID                               | Region    | Service Name | Service Type | Enabled | Interface | URL                         |
---------+-----------+-----------------------------+
| 01ccfab5acb0407888620ca056f93dfe | RegionOne | keystone     | identity     | True    | admin     | http://controller:35357/v3/ |
| 129da42ca64c4cfb821afcf3c2e81dfd | RegionOne | glance       | image        | True    | internal  | http://controller:9292      |
| 4c2bd465260043039bcf7bf78776dd6b | RegionOne | keystone     | identity     | True    | internal  | http://controller:5000/v3/  |
| 9cd64dded6014abea4936800d3fd614c | RegionOne | glance       | image        | True    | public    | http://controller:9292      |
| 9fc675719b1d49a48851abeee9f2622c | RegionOne | glance       | image        | True    | admin     | http://controller:9292      |
| bdc34c7c99bb432eb13fa83a45d0065e | RegionOne | keystone     | identity     | True    | public    | http://controller:5000/v3/  |
+----------------------------------+-----------+--------------+--------------+---------+-----------+-----------------------------+
//Action Delete endpoint Command
[root@controller ~]# openstack endpoint delete IDNAME


(4) Control node installs packages and configures

[root@controller ~]# yum -y install openstack-glance 
[root@controller ~]# vim /etc/glance/glance-api.conf 
[database]
connection = mysql+pymysql://glance:openstack@controller/glance

[keystone_authtoken]
auth_uri = http://controller:5000 internal port
auth_url = http://controller:35357 Administrator Port
memcached_servers = controller:11211
auth_type = password
project_domain_name = default
user_domain_name = default
project_name = service
username = glance
password = openstack

[paste_deploy] (Turn on the following configuration)
flavor = keystone

[glance_store] (Turn on the following configuration)
stores = file,http 
default_store = file 
filesystem_store_datadir = /var/lib/glance/images/
[root@controller ~]# egrep -v "^#|^$" /etc/glance/glance-api.conf
[root@controller ~]# vim /etc/glance/glance-registry.conf 
[database] 
connection = mysql+pymysql://glance:openstack@controller/glance

[keystone_authtoken]
auth_uri = http://controller:5000
auth_url = http://controller:35357
memcached_servers = controller:11211
auth_type = password
project_domain_name = default
user_domain_name = default
project_name = service
username = glance
password = openstack

[paste_deploy]
flavor = keystone
[root@controller ~]# egrep -v "^#|^$" /etc/glance/glance-registry.conf

(5) Initialize the database table structure

[root@controller ~]# su -s /bin/sh -c "glance-manage db_sync" glance
/usr/lib/python2.7/site-packages/oslo_db/sqlalchemy/enginefacade.py:1336: OsloDBDeprecationWarning: EngineFacade is deprecated; please use oslo_db.sqlalchemy.enginefacade
  expire_on_commit=expire_on_commit, _conf=conf)
INFO  [alembic.runtime.migration] Context impl MySQLImpl.
INFO  [alembic.runtime.migration] Will assume non-transactional DDL.
INFO  [alembic.runtime.migration] Running upgrade  -> liberty, liberty initial
INFO  [alembic.runtime.migration] Running upgrade liberty -> mitaka01, add index on created_at and updated_at columns of 'images' table
INFO  [alembic.runtime.migration] Running upgrade mitaka01 -> mitaka02, update metadef os_nova_server
INFO  [alembic.runtime.migration] Running upgrade mitaka02 -> ocata_expand01, add visibility to images
INFO  [alembic.runtime.migration] Running upgrade ocata_expand01 -> pike_expand01, empty expand for symmetry with pike_contract01
INFO  [alembic.runtime.migration] Running upgrade pike_expand01 -> queens_expand01
INFO  [alembic.runtime.migration] Context impl MySQLImpl.
INFO  [alembic.runtime.migration] Will assume non-transactional DDL.
Upgraded database to: queens_expand01, current revision(s): queens_expand01
INFO  [alembic.runtime.migration] Context impl MySQLImpl.
INFO  [alembic.runtime.migration] Will assume non-transactional DDL.
INFO  [alembic.runtime.migration] Context impl MySQLImpl.
INFO  [alembic.runtime.migration] Will assume non-transactional DDL.
Database migration is up to date. No migration needed.
INFO  [alembic.runtime.migration] Context impl MySQLImpl.
INFO  [alembic.runtime.migration] Will assume non-transactional DDL.
INFO  [alembic.runtime.migration] Context impl MySQLImpl.
INFO  [alembic.runtime.migration] Will assume non-transactional DDL.
INFO  [alembic.runtime.migration] Running upgrade mitaka02 -> ocata_contract01, remove is_public from images
INFO  [alembic.runtime.migration] Running upgrade ocata_contract01 -> pike_contract01, drop glare artifacts tables
INFO  [alembic.runtime.migration] Running upgrade pike_contract01 -> queens_contract01
INFO  [alembic.runtime.migration] Context impl MySQLImpl.
INFO  [alembic.runtime.migration] Will assume non-transactional DDL.
Upgraded database to: queens_contract01, current revision(s): queens_contract01
INFO  [alembic.runtime.migration] Context impl MySQLImpl.
INFO  [alembic.runtime.migration] Will assume non-transactional DDL.
Database is synced successfully.
[root@controller ~]# mysql -hlocalhost -uglance -popenstack -e "use glance;show tables;"

(6) Service Startup and Set Open Self-Start

[root@controller ~]# systemctl enable openstack-glance-api.service openstack-glance-registry.service 
[root@controller ~]# systemctl start openstack-glance-api.service  openstack-glance-registry.service

5.2. Validation

(1) Enforcement of authorization

[root@controller ~]# source admin_openrc

(2) Download experimental image cirros

[root@controller ~]# wget http://download.cirros-cloud.net/0.3.5/cirros-0.3.5-x86_64-disk.img

(3) Create a mirror:

[root@controller ~]# openstack image create "cirros" --file cirros-0.3.5-x86_64-disk.img --disk-format qcow2 --container-format bare  --public
+------------------+------------------------------------------------------+
| Field            | Value                                             |
+------------------+------------------------------------------------------+
| checksum         | ee1eca47dc88f4879d8a229cc70a07c6             |
| container_format | bare                                              |
| created_at       | 2020-03-17T14:16:48Z                             |
| disk_format      | qcow2                                            |
| file             | 2/images/7dfa1f88-6e3a-45aa-90ff-f348e6e399c0/file |
| id               | 7dfa1f88-6e3a-45aa-90ff-f348e6e399c0             |
| min_disk         | 0                                                 |
| min_ram          | 0                                                |
| name             | cirros                                           |
| owner            | db82536ef7124608b3f3931ba4ce9615             |
| protected        | False                                             |
| schema           | /v2/schemas/image                               |
| size             | 13287936                                         |
| status           | active                                             |
| tags             |                                                   |
| updated_at       | 2020-03-17T14:16:48Z                             |
| virtual_size     | None                                               |
| visibility       | public                                               |
+------------------+------------------------------------------------------+
[root@controller ~]# openstack image list
+--------------------------------------+--------+--------+
| ID                                   | Name   | Status |
+--------------------------------------+--------+--------+
| 7dfa1f88-6e3a-45aa-90ff-f348e6e399c0 | cirros | active |
+--------------------------------------+--------+--------+

#View mirror file information
[root@controller ~]# openstack image show cirros

#Set mirror protected state (not deletable)
[root@controller ~]# openstack image set --protected  IDNAME
#Set mirror unprotected state (deletable)
[root@controller ~]# openstack image set --unprotected  IDNAME

This completes the installation of Glance. The next section describes the Nova component and its installation process