glance replicator

4,161 views

Published on

Published in: Technology
0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total views
4,161
On SlideShare
0
From Embeds
0
Number of Embeds
2,038
Actions
Shares
0
Downloads
26
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide

glance replicator

  1. 1. Advent Calendar 2012 JP openstack Open source software to build public and private clouds.glance-replicator glance-replicator 2012.12.23 @irix_jp 1
  2. 2. glance-replicator● folsom から glance に組み込まれたコマンドツー ル● 二つの glance サーバ間で image のレプリケー ションができる。● レプリケーションだけでなく、イメージのインポート・ エクスポートも可能 2
  3. 3. 動作イメージ images glance-replicator glance-api glance-registry glance-api glance-registry DB DBimages images data store keystone data store keystone 3
  4. 4. コマンド (stable/folsom)$ glance-replicator –hUsage: glance-replicator <command> [options] [args]Commands: help <command> Output help for one of the commands below compare What is missing from the slave glance? dump Dump the contents of a glance instance to local disk. livecopy Load the contents of one glance instance into another. load Load the contents of a local directory into glance. size Determine the size of a glance instance if dumped to disk. 4
  5. 5. TIPS● 認証にはテナント・ユーザ・パスワードではな く、 keystone が発行した TOKEN を使う ● TOKEN を取得するスクリプト – get_token.sh #!/bin/bash HOST_IP=$1 ADMIN_TENANT=$2 ADMIN_USER=$3 ADMIN_PASSWORD=$4 TOKEN=`curl -s -d "{"auth":{"passwordCredentials": {"username": "$ADMIN_USER", "password": "$ADMIN_PASSWORD"}, "tenan tName": "$ADMIN_TENANT"}}" -H "Content-type: application/json" http:// $HOST_IP:5000/v2.0/tokens | python -c "import sys; import json; tok = json.loads(sys.stdin.read()); print tok[access][token][id];"` echo $TOKEN 5
  6. 6. テスト環境● 二つの独立した OpenStack 環境を構築● devstack での All in One 環境( localrc は次項) 192.168.128.100 192.168.128.200 Ubuntu12.04 Ubuntu12.04 Folsom/stable Folsom/stable Devstack Devstack (all in one) (all in one) 6
  7. 7. localrcHOST_IP=192.168.128.100 HOST_IP=192.168.128.200ADMIN_PASSWORD=openstack ADMIN_PASSWORD=openstackMYSQL_PASSWORD=$ADMIN_PASSWORD MYSQL_PASSWORD=$ADMIN_PASSWORDRABBIT_PASSWORD=$ADMIN_PASSWORD RABBIT_PASSWORD=$ADMIN_PASSWORDSERVICE_PASSWORD=$ADMIN_PASSWORD SERVICE_PASSWORD=$ADMIN_PASSWORDSERVICE_TOKEN=admintoken SERVICE_TOKEN=admintokendisable_service n-net disable_service n-netdisable_service n-obj disable_service n-objenable_service q-svc enable_service q-svcenable_service q-agt enable_service q-agtenable_service q-dhcp enable_service q-dhcpenable_service q-l3 enable_service q-l3ENABLE_TENANT_TUNNELS=True ENABLE_TENANT_TUNNELS=TrueFIXED_RANGE=172.24.17.0/24 FIXED_RANGE=172.24.17.0/24NETWORK_GATEWAY=172.24.17.254 NETWORK_GATEWAY=172.24.17.254FLOATING_RANGE=10.0.0.0/24 FLOATING_RANGE=10.0.0.0/24NOVA_BRANCH=stable/folsom NOVA_BRANCH=stable/folsomGLANCE_BRANCH=stable/folsom GLANCE_BRANCH=stable/folsomKEYSTONE_BRANCH=stable/folsom KEYSTONE_BRANCH=stable/folsomHORIZON_BRANCH=stable/folsom HORIZON_BRANCH=stable/folsomCINDER_BRANCH=stable/folsom CINDER_BRANCH=stable/folsomQUANTUM_BRANCH=stable/folsom QUANTUM_BRANCH=stable/folsom 7
  8. 8. 初期状態の glance ● 192.168.128.100$ glance --os-auth-url http://localhost:5000/v2.0 --os-tenant-name admin --os-username admin --os-password openstack image-list+--------------------------------------+---------------------------------+-------------+------------------+----------+--------+| ID | Name | Disk Format | Container Format | Size | Status |+--------------------------------------+---------------------------------+-------------+------------------+----------+--------+| de150d8d-eb33-45f9-88a6-142228b902ba | cirros-0.3.0-x86_64-uec | ami | ami | 25165824 | active || bcaf789e-df5e-4862-b77b-d6cc8e63d33b | cirros-0.3.0-x86_64-uec-kernel | aki | aki | 4731440 | active || 0db62cb0-d592-4a24-8fdf-45a44a6f9298 | cirros-0.3.0-x86_64-uec-ramdisk | ari | ari | 2254249 | active |+--------------------------------------+---------------------------------+-------------+------------------+----------+--------+ ● 192.168.128.200$ glance --os-auth-url http://localhost:5000/v2.0 --os-tenant-name admin --os-username admin --os-password openstack image-list→ 空 8
  9. 9. compare ● 100 → 200$ glance-replicator -v compare 192.168.128.100:9292 192.168.128.200:9292 -M `./get_token.sh 192.168.128.100 admin admin openstack` -S `./get_token.sh 192.168.128.200 admin admin openstack`de150d8d-eb33-45f9-88a6-142228b902ba: entirely missing from the destination0db62cb0-d592-4a24-8fdf-45a44a6f9298: entirely missing from the destinationbcaf789e-df5e-4862-b77b-d6cc8e63d33b: entirely missing from the destination ● 200 → 100$ glance-replicator -v compare 192.168.128.200:9292 192.168.128.100:9292 -M `./get_token.sh 192.168.128.200 admin admin openstack` -S `./get_token.sh 192.168.128.100 admin admin openstack`→ 空 9
  10. 10. livecopy ● 100 → 200$ glance-replicator -v livecopy 192.168.128.100:9292 192.168.128.200:9292 -M `./get_token.sh192.168.128.100 demo demo openstack` -S `./get_token.sh 192.168.128.200 demo demo openstack`Considering de150d8d-eb33-45f9-88a6-142228b902bade150d8d-eb33-45f9-88a6-142228b902ba is being syncedConsidering 0db62cb0-d592-4a24-8fdf-45a44a6f92980db62cb0-d592-4a24-8fdf-45a44a6f9298 is being syncedConsidering bcaf789e-df5e-4862-b77b-d6cc8e63d33bbcaf789e-df5e-4862-b77b-d6cc8e63d33b is being synced ● 200 → 100$ glance-replicator -v compare 192.168.128.200:9292 192.168.128.100:9292 -M `./get_token.sh 192.168.128.200 admin admin openstack` -S `./get_token.sh 192.168.128.100 admin admin openstack`→ 空 10
  11. 11. コピー後の状態1 ● 192.168.128.100$ glance --os-auth-url http://localhost:5000/v2.0 --os-tenant-name admin --os-username admin --os-password openstack image-list+--------------------------------------+---------------------------------+-------------+------------------+----------+--------+| ID | Name | Disk Format | Container Format | Size | Status |+--------------------------------------+---------------------------------+-------------+------------------+----------+--------+| de150d8d-eb33-45f9-88a6-142228b902ba | cirros-0.3.0-x86_64-uec | ami | ami | 25165824 | active || bcaf789e-df5e-4862-b77b-d6cc8e63d33b | cirros-0.3.0-x86_64-uec-kernel | aki | aki | 4731440 | active || 0db62cb0-d592-4a24-8fdf-45a44a6f9298 | cirros-0.3.0-x86_64-uec-ramdisk | ari | ari | 2254249 | active |+--------------------------------------+---------------------------------+-------------+------------------+----------+--------+ ● 192.168.128.200$ glance --os-auth-url http://localhost:5000/v2.0 --os-tenant-name admin --os-username admin --os-password openstack image-list+--------------------------------------+---------------------------------+-------------+------------------+----------+--------+| ID | Name | Disk Format | Container Format | Size | Status |+--------------------------------------+---------------------------------+-------------+------------------+----------+--------+| de150d8d-eb33-45f9-88a6-142228b902ba | cirros-0.3.0-x86_64-uec | ami | ami | 25165824 | active || bcaf789e-df5e-4862-b77b-d6cc8e63d33b | cirros-0.3.0-x86_64-uec-kernel | aki | aki | 4731440 | active || 0db62cb0-d592-4a24-8fdf-45a44a6f9298 | cirros-0.3.0-x86_64-uec-ramdisk | ari | ari | 2254249 | active |+--------------------------------------+---------------------------------+-------------+------------------+----------+--------+ 11
  12. 12. コピー後の状態 2 192.168.128.100$ glance --os-auth-url http://localhost:5000/v2.0 --os-tenant-name 192.168.128.200 $ glance --os-auth-url http://localhost:5000/v2.0 --os-tenant-nameadmin --os-username admin --os-password openstack image-show admin --os-username admin --os-password openstack image-showde150d8d-eb33-45f9-88a6-142228b902ba de150d8d-eb33-45f9-88a6-142228b902ba+-----------------------+--------------------------------------+ +-----------------------+--------------------------------------+| Property | Value | | Property | Value |+-----------------------+--------------------------------------+ +-----------------------+--------------------------------------+| Property kernel_id | bcaf789e-df5e-4862-b77b-d6cc8e63d33b | | Property kernel_id | bcaf789e-df5e-4862-b77b-d6cc8e63d33b || Property ramdisk_id | 0db62cb0-d592-4a24-8fdf-45a44a6f9298 | | Property ramdisk_id | 0db62cb0-d592-4a24-8fdf-45a44a6f9298 || checksum | 2f81976cae15c16ef0010c51e3a6c163 | | checksum | 2f81976cae15c16ef0010c51e3a6c163 || container_format | ami | | container_format | ami || created_at | 2012-12-22T03:00:42 | | created_at | 2012-12-22T16:46:30 || deleted | False | | deleted | False || disk_format | ami | | disk_format | ami || id | de150d8d-eb33-45f9-88a6-142228b902ba | | id | de150d8d-eb33-45f9-88a6-142228b902ba || is_public | True | | is_public | True || min_disk | 0 | | min_disk | 0 || min_ram | 0 | | min_ram | 0 || name | cirros-0.3.0-x86_64-uec | | name | cirros-0.3.0-x86_64-uec || owner | a458e9fbf0394622a1aa627550d20daa | | owner | a458e9fbf0394622a1aa627550d20daa || protected | False | | protected | False || size | 25165824 | | size | 25165824 || status | active | | status | active || updated_at | 2012-12-22T03:00:43 | | updated_at | 2012-12-22T16:46:31 |+-----------------------+--------------------------------------+ +-----------------------+--------------------------------------+ ● owner(tenant_id) までコピーされている点に注意 ● 今回は別の keystone を使っているが、 is_public=true なので image-list に出ているだけ。 12
  13. 13. is_public=false だと・・・ ● 100 側、 demo ユーザで追加$ glance --os-auth-url http://localhost:5000/v2.0 --os-tenant-name demo --os-username demo --os-password openstack image-list+--------------------------------------+---------------------------------+-------------+------------------+----------+--------+| ID | Name | Disk Format | Container Format | Size | Status |+--------------------------------------+---------------------------------+-------------+------------------+----------+--------+| de150d8d-eb33-45f9-88a6-142228b902ba | cirros-0.3.0-x86_64-uec | ami | ami | 25165824 | active || bcaf789e-df5e-4862-b77b-d6cc8e63d33b | cirros-0.3.0-x86_64-uec-kernel | aki | aki | 4731440 | active || 0db62cb0-d592-4a24-8fdf-45a44a6f9298 | cirros-0.3.0-x86_64-uec-ramdisk | ari | ari | 2254249 | active || 0d075151-3925-4b85-8f77-d908f1df70be | snap1 | ami | ami | 25165824 | active |+--------------------------------------+---------------------------------+-------------+------------------+----------+--------+ ● Admin(100) → Admin(200) でコピー ● コピーはされるが、誰も参照できない ( コピーされた ID が 200 側の keystone に存在しないため。MYSQL> use glance; select id,name,is_public,owner from images;+--------------------------------------+---------------------------------+-----------+----------------------------------+| id | name | is_public | owner |+--------------------------------------+---------------------------------+-----------+----------------------------------+| 0d075151-3925-4b85-8f77-d908f1df70be | snap1 | 0 | 936ef2486d3749bbb51bfedbc69e9d28 || 0db62cb0-d592-4a24-8fdf-45a44a6f9298 | cirros-0.3.0-x86_64-uec-ramdisk | 1 | a458e9fbf0394622a1aa627550d20daa || bcaf789e-df5e-4862-b77b-d6cc8e63d33b | cirros-0.3.0-x86_64-uec-kernel | 1 | a458e9fbf0394622a1aa627550d20daa || de150d8d-eb33-45f9-88a6-142228b902ba | cirros-0.3.0-x86_64-uec | 1 | a458e9fbf0394622a1aa627550d20daa |+--------------------------------------+---------------------------------+-----------+----------------------------------+ 13
  14. 14. ユーザ権限でのコピーだと ● 100 側$ glance --os-auth-url http://localhost:5000/v2.0 --os-tenant-name demo --os-username demo --os-password openstack image-list+--------------------------------------+---------------------------------+-------------+------------------+----------+--------+| ID | Name | Disk Format | Container Format | Size | Status |+--------------------------------------+---------------------------------+-------------+------------------+----------+--------+| de150d8d-eb33-45f9-88a6-142228b902ba | cirros-0.3.0-x86_64-uec | ami | ami | 25165824 | active || bcaf789e-df5e-4862-b77b-d6cc8e63d33b | cirros-0.3.0-x86_64-uec-kernel | aki | aki | 4731440 | active || 0db62cb0-d592-4a24-8fdf-45a44a6f9298 | cirros-0.3.0-x86_64-uec-ramdisk | ari | ari | 2254249 | active || 0d075151-3925-4b85-8f77-d908f1df70be | snap1 | ami | ami | 25165824 | active || 3532fd21-6bf8-440c-9bcb-9ea7df30ce8a | snap2 | ami | ami | 25165824 | active |+--------------------------------------+---------------------------------+-------------+------------------+----------+--------+$ glance-replicator -v livecopy 192.168.128.100:9292 192.168.128.200:9292 -M `./get_token.sh 192.168.128.100 demo demo openstack` -S `./get_token.sh 192.168.128.200 demo demo openstack` ● 200 側$ glance --os-auth-url http://localhost:5000/v2.0 --os-tenant-name demo --os-username demo --os-password openstack image-list+--------------------------------------+---------------------------------+-------------+------------------+----------+--------+| ID | Name | Disk Format | Container Format | Size | Status |+--------------------------------------+---------------------------------+-------------+------------------+----------+--------+| de150d8d-eb33-45f9-88a6-142228b902ba | cirros-0.3.0-x86_64-uec | ami | ami | 25165824 | active || bcaf789e-df5e-4862-b77b-d6cc8e63d33b | cirros-0.3.0-x86_64-uec-kernel | aki | aki | 4731440 | active || 0db62cb0-d592-4a24-8fdf-45a44a6f9298 | cirros-0.3.0-x86_64-uec-ramdisk | ari | ari | 2254249 | active || 3532fd21-6bf8-440c-9bcb-9ea7df30ce8a | snap2 | ami | ami | 25165824 | active |+--------------------------------------+---------------------------------+-------------+------------------+----------+--------+snap1 のコピーは、既に同じ ID のイメージが登録されている(参照不可)ため失敗します。 14
  15. 15. まとめ● keystone を共有しているか、していないかで livecopy の使い方が変わる。 ● している場合: admin でコピーすれば終わり ● していない場合:ユーザ権限でコピーする – ユーザ権限でコピーすると、 is_public=true のものが、 ID が 変わってコピーされてしまう。 ● --no-replica-public 等のオプションが欲しい。 – 冬休みに時間があったらパッチ書く(キリッ● dump/load でいったんファイルに落として操作す ればどっちでもおk。 15

×