Skip to content

Instantly share code, notes, and snippets.

@cloudnull

cloudnull/1-lxc-glance-api.sh

Last active August 29, 2015 14:01
Show Gist options
  • Save cloudnull/6c735c43d3c1feacfea9 to your computer and use it in GitHub Desktop.
Save cloudnull/6c735c43d3c1feacfea9 to your computer and use it in GitHub Desktop.
Download ZIP
Install Glance Bits in a container
Raw
1-lxc-glance-api.sh
#!/usr/bin/env bash
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
# This script makes the assumption that the you have installed the
# lxc-defiant template. If you have not installed the lxc-defiant template
# go here to get the latest version: https://github.com/cloudnull/lxc_defiant
# Variables:
# LXC_NAME="" # Name of the container, default "keystone1"
# LXC_DISTRO_NAME="" # Distro to deploy, default "precise"
# LXC_PASSWORD="" # Password for unix user, default "secrete"
# LXC_USERNAME="" # username for unix user, default "openstacl"
# LXC_NET_PREFIX="" # first three octets of IP address, default "10.0.0"
# LXC_NETMASK="" # subnet mask, default "255.255.255.0"
# LXC_IP_ADDR="" # last octet of IP for LXC container, default "200"
# LXC_GATEWAY="" # Default gateway, default "10.0.0.1"
# Enable Debug
# set -x
set -e -u -v
LXC_NAME=${LXC_NAME:-"glance-api"}
LXC_DISTRO_NAME=${LXC_DISTRO_NAME:-"precise"}
LXC_PASSWORD=${LXC_PASSWORD:-"secrete"}
LXC_USERNAME=${LXC_USERNAME:-"racker"}
LXC_NET_PREFIX=${LXC_NET_PREFIX:-"192.168.18"}
LXC_NETMASK=${LXC_NETMASK:-"255.255.255.0"}
LXC_IP_ADDR=${LXC_IP_ADDR:-$LXC_NET_PREFIX.201}
LXC_GATEWAY=${LXC_GATEWAY:-$LXC_NET_PREFIX.1}
# Create container
lxc-create --name ${LXC_NAME} \
--template defiant \
--config /etc/lxc/lxc-rpc.conf \
-- \
--bind-dir /openstack/glance=/etc/glance \
--release precise \
--max-ram 4096 \
--ip-address eth1=$LXC_IP_ADDR=255.255.255.0 \
--username $LXC_USERNAME \
--password $LXC_PASSWORD \
--optional-packages rsync,libmysqlclient-dev,mysql-client,curl,wget,iptables,python-dev,sshpass,git-core,sqlite3,build-essential,libssl-dev,libffi-dev
# Start container
lxc-start -d --name $LXC_NAME
# Wait 5 seconds to get the container online
sleep 5
# Make sure SSH is good to go
lxc-attach --name $LXC_NAME <<EOL
update-rc.d ssh defaults
service ssh restart
EOL
# Install pip
lxc-attach --name $LXC_NAME <<EOL
curl https://bootstrap.pypa.io/get-pip.py | python
EOL
# Creating the glance directories
lxc-attach --name $LXC_NAME <<EOL
mkdir /var/log/glance
mkdir /var/lib/glance
mkdir /var/lib/glance/cache
mkdir /var/lib/glance/cache/api
mkdir /var/lib/glance/cache/registry
mkdir /var/lib/glance/images
mkdir /var/lib/glance/scrubber
mkdir /etc/glance
mkdir /var/cache/glance
EOL
# Create glance group
lxc-attach --name $LXC_NAME <<EOL
groupadd --system \
glance
EOL
# Create the glance user
lxc-attach --name $LXC_NAME <<EOL
useradd --gid glance \
--create-home \
--home-dir /var/lib/glance \
--shell /bin/false \
--system \
glance
EOL
# Set ownership of all glance directories
lxc-attach --name $LXC_NAME <<EOL
chown -R glance:glance /var/log/glance
chown -R glance:glance /var/lib/glance
chown -R glance:glance /etc/glance
EOL
# Get the glance source
lxc-attach --name $LXC_NAME <<EOL
pushd /tmp
git clone https://github.com/openstack/glance
pushd glance
git checkout stable/icehouse
popd
popd
EOL
# Install the glance bits
lxc-attach --name $LXC_NAME <<EOL
pip install warlock
pip install mysql-python
pip install python-glanceclient
pip install /tmp/glance
pushd /tmp/glance/etc/
for i in *
do
if [ ! -f "/etc/glance/$i" ]; then
cp $i /etc/glance/
fi
done
popd
EOL
# Drop the init script
INIT_SCRIPT="/etc/init.d/glance-api"
PROGRAM_NAME="glance-api"
PROGRAM_INFO="Start and stop glance-api on boot"
PROGRAM_BINARY="/usr/local/bin/glance-api"
PROGRAM_PID_FILE="/var/run/glance-api.pid"
PROGRAM_USER="glance"
PROGRAM_WORK_DIR="/var/lib/glance"
PROGRAM_OPTIONS=""
LXC_INIT_SCRIPT="/var/lib/lxc/$LXC_NAME/rootfs${INIT_SCRIPT}"
cat > $LXC_INIT_SCRIPT<<EOF
#! /usr/bin/env bash
### BEGIN INIT INFO
# Provides: ${PROGRAM_NAME}
# Required-Start: \$remote_fs \$syslog
# Required-Stop: \$remote_fs \$syslog
# Should-Start: \$named
# Default-Start: 2 3 4 5
# Default-Stop: 0 1 6
# Short-Description: ${PROGRAM_INFO}
# Description: ${PROGRAM_INFO}
### END INIT INFO
set -e
SSD_OPTIONS="--start --background"
SSD_PID="--make-pidfile --pidfile ${PROGRAM_PID_FILE}"
SSD_CHROOT="--chuid ${PROGRAM_USER} --chdir ${PROGRAM_WORK_DIR}"
SSD="--exec ${PROGRAM_BINARY} ${PROGRAM_OPTIONS}"
# ---- Don't touch things after this line ----
source /lib/lsb/init-functions
export PATH="${PATH:+$PATH:}/usr/sbin:/sbin"
program_start() {
if start-stop-daemon \${SSD_OPTIONS} \${SSD_PID} \${SSD_CHROOT} \${SSD}; then
rc=0
sleep 1
if ! kill -0 \$(cat "${PROGRAM_PID_FILE}") >/dev/null 2>&1; then
rc=1
fi
else
rc=1
fi
if [ \$rc -eq 0 ]; then
log_end_msg 0
else
log_failure_msg "${PROGRAM_NAME} daemon failed to start"
log_end_msg 1
rm -f "${PROGRAM_PID_FILE}"
fi
}
case "\$1" in
start)
log_daemon_msg "Starting ${PROGRAM_NAME} daemon" "${PROGRAM_NAME}"
if [ -s "${PROGRAM_PID_FILE}" ] && kill -0 \$(cat "${PROGRAM_PID_FILE}") >/dev/null 2>&1; then
log_progress_msg "${PROGRAM_NAME} is already running"
log_end_msg 0
exit 0
fi
program_start
;;
stop)
log_daemon_msg "Stopping ${PROGRAM_NAME} daemon" "${PROGRAM_NAME}"
start-stop-daemon --stop --quiet --oknodo --pidfile "${PROGRAM_PID_FILE}"
log_end_msg $?
rm -f "${PROGRAM_PID_FILE}"
;;
restart)
set +e
log_daemon_msg "Restarting ${PROGRAM_NAME} daemon" "${PROGRAM_NAME}"
if [ -s ${PROGRAM_PID_FILE} ] && kill -0 \$(cat "${PROGRAM_PID_FILE}") >/dev/null 2>&1; then
start-stop-daemon --stop --quiet --oknodo --pidfile "${PROGRAM_PID_FILE}" || true
sleep 1
else
log_warning_msg "${PROGRAM_NAME} daemon not running, attempting to start."
rm -f "${PROGRAM_PID_FILE}"
fi
program_start
;;
status)
status_of_proc -p "${PROGRAM_PID_FILE}" "${PROGRAM_BINARY}" ${PROGRAM_NAME}
exit $?
;;
*)
echo "Usage: /etc/init.d/${PROGRAM_NAME} {start|stop|restart|status}"
exit 1
esac
exit 0
EOF
lxc-attach --name $LXC_NAME <<EOL
chown root:root ${INIT_SCRIPT}
chmod 0755 ${INIT_SCRIPT}
update-rc.d ${PROGRAM_NAME} defaults
EOL
#
# lxc-attach --name $LXC_NAME <<EOL
# pip install lockfile
# pushd /tmp
# git clone https://github.com/rcbops/glance-image-sync
# pushd /tmp/glance-image-sync
# mv glance-image-sync.py /usr/local/bin/glance-image-sync
# chmod +x /usr/local/bin/glance-image-sync
# popd
# popd
# cat "*/5 * * * * glance /usr/local/bin/glance-image-sync both" | tee /etc/cron.d/glance-image-sync
# chmod +x /etc/cron.d/glance-image-sync
# EOL
Raw
1-lxc-glance-registry.sh
#!/usr/bin/env bash
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
# This script makes the assumption that the you have installed the
# lxc-defiant template. If you have not installed the lxc-defiant template
# go here to get the latest version: https://github.com/cloudnull/lxc_defiant
# Variables:
# LXC_NAME="" # Name of the container, default "keystone1"
# LXC_DISTRO_NAME="" # Distro to deploy, default "precise"
# LXC_PASSWORD="" # Password for unix user, default "secrete"
# LXC_USERNAME="" # username for unix user, default "openstacl"
# LXC_NET_PREFIX="" # first three octets of IP address, default "10.0.0"
# LXC_NETMASK="" # subnet mask, default "255.255.255.0"
# LXC_IP_ADDR="" # last octet of IP for LXC container, default "200"
# LXC_GATEWAY="" # Default gateway, default "10.0.0.1"
# Enable Debug
# set -x
set -e -u -v
LXC_NAME=${LXC_NAME:-"glance-registry"}
LXC_DISTRO_NAME=${LXC_DISTRO_NAME:-"precise"}
LXC_PASSWORD=${LXC_PASSWORD:-"secrete"}
LXC_USERNAME=${LXC_USERNAME:-"racker"}
LXC_NET_PREFIX=${LXC_NET_PREFIX:-"192.168.18"}
LXC_NETMASK=${LXC_NETMASK:-"255.255.255.0"}
LXC_IP_ADDR=${LXC_IP_ADDR:-$LXC_NET_PREFIX.202}
LXC_GATEWAY=${LXC_GATEWAY:-$LXC_NET_PREFIX.1}
# Create container
lxc-create --name ${LXC_NAME} \
--template defiant \
--config /etc/lxc/lxc-rpc.conf \
-- \
--bind-dir /openstack/glance=/etc/glance \
--release precise \
--max-ram 4096 \
--ip-address eth1=$LXC_IP_ADDR=255.255.255.0 \
--username $LXC_USERNAME \
--password $LXC_PASSWORD \
--optional-packages libmysqlclient-dev,mysql-client,curl,wget,iptables,python-dev,sshpass,git-core,sqlite3,build-essential,libssl-dev,libffi-dev
# Start container
lxc-start -d --name $LXC_NAME
# Wait 5 seconds to get the container online
sleep 5
# Make sure SSH is good to go
lxc-attach --name $LXC_NAME <<EOL
update-rc.d ssh defaults
service ssh restart
EOL
# Install pip
lxc-attach --name $LXC_NAME <<EOL
curl https://bootstrap.pypa.io/get-pip.py | python
EOL
# Creating the glance directories
lxc-attach --name $LXC_NAME <<EOL
mkdir /var/log/glance
mkdir /var/lib/glance
mkdir /var/lib/glance/cache
mkdir /var/lib/glance/cache/api
mkdir /var/lib/glance/cache/registry
mkdir /var/lib/glance/images
mkdir /var/lib/glance/scrubber
mkdir /etc/glance
mkdir /var/cache/glance
EOL
# Create glance group
lxc-attach --name $LXC_NAME <<EOL
groupadd --system \
glance
EOL
# Create the glance user
lxc-attach --name $LXC_NAME <<EOL
useradd --gid glance \
--create-home \
--home-dir /var/lib/glance \
--shell /bin/false \
--system \
glance
EOL
# Set ownership of all glance directories
lxc-attach --name $LXC_NAME <<EOL
chown -R glance:glance /var/log/glance
chown -R glance:glance /var/lib/glance
chown -R glance:glance /etc/glance
EOL
# Get the glance source
lxc-attach --name $LXC_NAME <<EOL
pushd /tmp
git clone https://github.com/openstack/glance
pushd glance
git checkout stable/icehouse
popd
popd
EOL
# Install the glance bits
lxc-attach --name $LXC_NAME <<EOL
pip install warlock
pip install mysql-python
pip install python-glanceclient
pip install /tmp/glance
pushd /tmp/glance/etc/
for i in *
do
if [ ! -f "/etc/glance/\$i" ]; then
cp \$i /etc/glance/
fi
done
popd
EOL
# Drop the init script
INIT_SCRIPT="/etc/init.d/glance-registry"
PROGRAM_NAME="glance-registry"
PROGRAM_INFO="Start and stop glance-registry on boot"
PROGRAM_BINARY="/usr/local/bin/glance-registry"
PROGRAM_PID_FILE="/var/run/glance-registry.pid"
PROGRAM_USER="glance"
PROGRAM_WORK_DIR="/var/lib/glance"
PROGRAM_OPTIONS=""
LXC_INIT_SCRIPT="/var/lib/lxc/$LXC_NAME/rootfs${INIT_SCRIPT}"
cat > $LXC_INIT_SCRIPT<<EOF
#! /usr/bin/env bash
### BEGIN INIT INFO
# Provides: ${PROGRAM_NAME}
# Required-Start: \$remote_fs \$syslog
# Required-Stop: \$remote_fs \$syslog
# Should-Start: \$named
# Default-Start: 2 3 4 5
# Default-Stop: 0 1 6
# Short-Description: ${PROGRAM_INFO}
# Description: ${PROGRAM_INFO}
### END INIT INFO
set -e
SSD_OPTIONS="--start --background"
SSD_PID="--make-pidfile --pidfile ${PROGRAM_PID_FILE}"
SSD_CHROOT="--chuid ${PROGRAM_USER} --chdir ${PROGRAM_WORK_DIR}"
SSD="--exec ${PROGRAM_BINARY} ${PROGRAM_OPTIONS}"
# ---- Don't touch things after this line ----
source /lib/lsb/init-functions
export PATH="${PATH:+$PATH:}/usr/sbin:/sbin"
program_start() {
if start-stop-daemon \${SSD_OPTIONS} \${SSD_PID} \${SSD_CHROOT} \${SSD}; then
rc=0
sleep 1
if ! kill -0 \$(cat "${PROGRAM_PID_FILE}") >/dev/null 2>&1; then
rc=1
fi
else
rc=1
fi
if [ \$rc -eq 0 ]; then
log_end_msg 0
else
log_failure_msg "${PROGRAM_NAME} daemon failed to start"
log_end_msg 1
rm -f "${PROGRAM_PID_FILE}"
fi
}
case "\$1" in
start)
log_daemon_msg "Starting ${PROGRAM_NAME} daemon" "${PROGRAM_NAME}"
if [ -s "${PROGRAM_PID_FILE}" ] && kill -0 \$(cat "${PROGRAM_PID_FILE}") >/dev/null 2>&1; then
log_progress_msg "${PROGRAM_NAME} is already running"
log_end_msg 0
exit 0
fi
program_start
;;
stop)
log_daemon_msg "Stopping ${PROGRAM_NAME} daemon" "${PROGRAM_NAME}"
start-stop-daemon --stop --quiet --oknodo --pidfile "${PROGRAM_PID_FILE}"
log_end_msg $?
rm -f "${PROGRAM_PID_FILE}"
;;
restart)
set +e
log_daemon_msg "Restarting ${PROGRAM_NAME} daemon" "${PROGRAM_NAME}"
if [ -s ${PROGRAM_PID_FILE} ] && kill -0 \$(cat "${PROGRAM_PID_FILE}") >/dev/null 2>&1; then
start-stop-daemon --stop --quiet --oknodo --pidfile "${PROGRAM_PID_FILE}" || true
sleep 1
else
log_warning_msg "${PROGRAM_NAME} daemon not running, attempting to start."
rm -f "${PROGRAM_PID_FILE}"
fi
program_start
;;
status)
status_of_proc -p "${PROGRAM_PID_FILE}" "${PROGRAM_BINARY}" ${PROGRAM_NAME}
exit $?
;;
*)
echo "Usage: /etc/init.d/${PROGRAM_NAME} {start|stop|restart|status}"
exit 1
esac
exit 0
EOF
lxc-attach --name $LXC_NAME <<EOL
chown root:root ${INIT_SCRIPT}
chmod 0755 ${INIT_SCRIPT}
update-rc.d ${PROGRAM_NAME} defaults
EOL
Raw
2-glance-setup.rst

How to setup Glance IceHouse

Create the MYSQL Database and grant privileges to the glance user. This only needs to be done once

mysql -h 23.253.238.179 \
      -u root \
      -p \
      -e "CREATE DATABASE glance;"

mysql -h 23.253.238.179 \
      -u root \
      -p \
      -e "GRANT ALL PRIVILEGES ON glance.* TO 'glance'@'%' IDENTIFIED BY 'secrete';"

Drop the Glance-API config, Note that for the backend storage I've chosen to use Cloud Files. I made this decision because the glance image sync app that we have does not work in Icehouse to do the changes in messaging.

cat > /etc/glance/glance-api.conf<<EOF
[DEFAULT]
debug = False
verbose = True
log_file = /var/log/glance/glance-api.log
use_syslog = False
sql_connection = mysql://glance:[email protected]/glance?charset=utf8
default_store = swift
bind_host = 0.0.0.0
bind_port = 9292
backlog = 4096
workers = 1
registry_host = 23.253.238.179
registry_port = 9191
registry_client_protocol = http

##### RPC MESSAGING OPTIONS #####
notification_driver = messaging
rpc_backend = glance.openstack.common.rpc.impl_kombu
rabbit_hosts=192.168.16.1:5672,192.168.16.2:5672,192.168.16.3:5672
rabbit_port = 5672
rabbit_use_ssl = false
rabbit_userid = guest
rabbit_password = guest
rabbit_virtual_host = /
rabbit_notification_exchange = glance
rabbit_notification_topic = notifications
rabbit_durable_queues = False

##### STORE OPTIONS #####
swift_store_auth_version = 2
swift_store_auth_address = https://identity.api.rackspacecloud.com/v2.0
swift_store_user = MossoCloudFS_0f496eab-41a4-49bd-9e53-1953520898fc:cloud10
swift_store_key = ${PASSWORD}
swift_store_container = glance_poc
swift_store_create_container_on_put = True
swift_store_large_object_size = 5120
swift_store_large_object_chunk_size = 200
swift_store_retry_get_count = 5

filesystem_store_datadir = /var/lib/glance/images/
delayed_delete = False
scrub_time = 43200
scrubber_datadir = /var/lib/glance/scrubber/
image_cache_dir = /var/lib/glance/cache/

[keystone_authtoken]
signing_dir = /var/lib/glance/cache/api
auth_uri = http://23.253.238.179:5000/v2.0
# cafile =
auth_host = 23.253.238.179
auth_port = 35357
auth_protocol = http
admin_tenant_name = service
admin_user = glance
admin_password = secrete

[paste_deploy]
flavor = keystone+cachemanagement
EOF

Registry configuration

cat > /etc/glance/glance-registry.conf<<EOF
[DEFAULT]
debug = False
verbose = True
log_file = /var/log/glance/glance-registry.log
use_syslog = False
sql_connection = mysql://glance:[email protected]/glance?charset=utf8
bind_host = 0.0.0.0
bind_port = 9191
backlog = 4096
api_limit_max = 1000
limit_param_default = 25

[keystone_authtoken]
signing_dir = /var/lib/glance/cache/registry/
auth_uri = http://23.253.238.179:5000/v2.0
# cafile =
auth_host = 23.253.238.179
auth_port = 35357
auth_protocol = http
admin_tenant_name = service
admin_user = glance
admin_password = secrete

[paste_deploy]
flavor = keystone
EOF

glance cache config

cat > /etc/glance/glance-cache.conf<<EOF
[DEFAULT]
admin_password = secrete
admin_user = glance
admin_tenant_name = service
use_syslog = False
debug = True
image_cache_dir = /var/lib/glance/cache/
image_cache_stall_time = 86400
image_cache_max_size = 10737418240
registry_host = 23.253.238.179
registry_port = 9191
auth_url = http://23.253.238.179:35357/v2.0
filesystem_store_datadir = /var/lib/glance/images/
EOF

Setup Glance ImageSync from Rackspace, DO NOT USE THIS YET, ITS BROKEN IN ICEHOUSE!

cat > /etc/glance/glance-image-sync.conf<<EOF
[DEFAULT]
api_nodes = 192.168.18.201,192.168.18.216,192.168.18.231
rsync_user = glance
lock_file = /var/run/glance-image-sync
EOF

Setup Keystone. This only needs to be done once

export OS_USERNAME=admin
export OS_PASSWORD=secrete
export OS_AUTH_URL=http://23.253.238.179:5000/v2.0
export OS_TENANT_NAME=admin
unset OS_SERVICE_TOKEN
unset OS_SERVICE_ENDPOINT

keystone user-create --name=glance --pass=secrete [email protected]
keystone user-role-add --user=glance --tenant=service --role=admin

SID=$(keystone service-create --name=glance --type=image --description="Glance Image Service" | awk '/id/ {print $4}')
keystone endpoint-create --service-id=$SID \
                         --publicurl=http://23.253.238.179:9292 \
                         --internalurl=http://23.253.238.179:9292 \
                         --adminurl=http://23.253.238.179:9292

Start the Services

service glance-api restart
service glance-registry restart
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment