Glance is OpenStack's image service that stores and retrieves virtual machine (VM) images and their metadata. Glance consists of several components - the glance-api service that handles image API requests, the glance-registry service that stores and processes image metadata, and an image store like OpenStack Object Storage where the actual image files are stored. Glance supports various image formats like QCOW2, VHD, VMDK etc. that can be used by different hypervisors. Images in Glance can be public, private or shared between specific tenants using image members.

1. OpenStack
Image Service
Codename: Glance
Deepti Ramakrishna
Software Engineer, Intel

2. What is Glance?
● Stores and retrieves VM images and metadata information
● A VM image is a single file which contains a virtual disk that has a bootable
operating system installed on it
● OpenStack Compute (Nova) makes use of this during instance
provisioning

3. Image metadata
● Nova uses image metadata to select the right host for
your VM
● If the property option is set on an image, and Nova is configured
so that the ImagePropertiesFilter scheduler filter is enabled
(default), then the scheduler only considers compute hosts that
satisfy that property
● openstack image set --property architecture=arm
--property hypervisor_type=qemu image_name_or_id

4. Glance architecture
● glance-api: Accepts image API calls
● glance-registry: Stores, processes
and retrieves metadata about images
● Database: Stores image metadata
● Image Store: Variety of locations
where an image can be stored
https://www.safaribooksonline.com/library/view/deploying-openstack/9781449311223/ch03.html

5. Image formats
● ISO: An archive format for the data contents of an optical disc, such as
CD-ROM
● QCOW2 (QEMU Copy-On-Write Version 2): Commonly used with KVM
hypervisor. Uses sparse representation and hence the image size is
smaller
● Raw: An unstructured disk image format; natively supported by both
KVM and XEN hypervisors. If you have a file without an extension it is
possibly a raw format
● VDI: VirtualBox uses VDI image format
● VHD: Microsoft Hyper-V uses the VHD (Virtual Hard Disk) format for
images
● VMDK: VMware ESXi hypervisor uses the VMDK (Virtual Machine Disk)
format for images

6. Image formats - continued
● AKI (Amazon Kernel Image): A kernel file that the hypervisor will load
initially to boot the image
● AMI (Amazon Machine Image): This is a virtual machine image in raw
format
● ARI (Amazon Ramdisk Image): An optional ramdisk file mounted at boot
time
● OVF (Open Virtualization Format)
● Defined by Distributed Management Task Force (DMTF) standards group
● OVF package consists of :
● A .ovf XML metadata file that contains metadata information
● One or more disk image files
● Optional manifest file with extension .mf
● Optional certificate file with extension .cert
● Entire directory can be distributed as an OVA package, which is a tar archive
file with the OVF directory inside.

7. Operations on images
● Create image
● Creating a new image is a step done outside of your OpenStack
installation. You create the new image manually on your own system
and then upload the image to your cloud.
● http://docs.openstack.org/image-guide/create-images-manually.html
● Modify image
● guestfish program is a tool from the libguestfs project that allows you
to modify the files inside of a virtual machine image.
● http://docs.openstack.org/image-guide/modify-images.html
● Convert images from one format to another
● qemu-img convert command can do conversion between multiple
formats
● qemu-img convert -f raw -O qcow2 image.img image.qcow2

8. Creating Nova instance from an image
http://docs.openstack.org/admin-guide/compute-images-instances.html

9. Image download: How it works?
● Image service streams the image from the back end to the compute node
● Object storage node on a separate network
● Allow image traffic to flow between compute and object storage nodes
● Configure the my_block_storage_ip option in the storage node configuration file to
allow block storage traffic to reach the compute node
● Direct method
● On request the Image service will return a URL that links directly to the back-end store
● You can download the image directly from that URL
● Configure image_file_url section of the nova.conf file on compute nodes

10. Image status
queued Image service reserved an image ID for the image in the registry but did
not yet upload any image data.
saving Image service is currently uploading the raw data for the image.
active Image is active and fully available in the Image service.
killed An image data upload error occurred.
deleted The Image service retains information about the image but the image is
no longer available for use.
pending_delete Similar to the deleted status. An image in this state is not recoverable.

11. Image members and sharing concept
● public-images
● Set by the cloud provider
● my-owned-images
● You inherently own these images
● images-of-which-i-am-a-member
● Tenant ID can be added as an image member to a particular image

12. Glare (Glance Artifact Repository)
● Going beyond storing just VM images
● Based on Glance v2 API and supports different artifact types, like
containers, various templates, application packages, and not just VM
images only
● Support for community App catalog
● Collection of ready-to-use applications
● Murano packages
● Heat templates
● Still in experimental phase

13. Useful links
● Current (v2) API
● http://developer.openstack.org/api-ref-image-v2.html
● Source code
● https://github.com/openstack/glance
● Blueprints
● https://blueprints.launchpad.net/glance
● Bugs
● https://bugs.launchpad.net/glance/+bugs
● Code Review
● https://review.openstack.org/#/q/project:+openstack/glance

14. Lab session

15. CLI commands
● Verify all services are up and running
● $ pstree
● Verify Glance service is running
● $ pgrep -l glance
● Source as an admin (user) of admin (project) and show the default images that
come with devstack
● List images which you can access
● $ glance image-list
● Get details of a specific image
● $ glance image-show <IMAGE ID>
● Review checksum, disk/container formats, protected, public
● Source as a demo (user) of demo (project) and show the default images
● List images
● Get details of a specific image
● Download some image
● $ mkdir ~/images
● $ wget http://download.cirros-cloud.net/0.3.3/cirros-0.3.3-x86_64-
disk.img -O ~/images/cirros-0.3.3-x86_64-disk.img

16. CLI commands - continued
● Upload the image to Glance
● $ glance image-create --name "test_img1" --disk-format qcow2 --
container-format bare --file ~/images/cirros-0.3.3-x86_64-disk.img
● Place where you can find your newly uploaded image
● cd /opt/stack/data/glance/images
● In /etc/glance/glance-api.conf show [glance_store] section
● Show how the above image is private by sourcing as demo (user) of
invisible_to_admin (project)
● $ source openrc demo invisible_to_admin
● $ glance image-list
● Your new “test_img1” is not visible to this user but is visible to the admin
● Source back as demo (user) of demo (project)
● Update the name of this new image
● $ glance image-update <IMAGE ID> --name test
● Delete this newly added image
● $ glance image-delete <IMAGE ID>

17. CLI - Advanced (How to share images)
● How to share the newly created image between demo (user) of projects - demo and
invisible_to_admin
● Source as an admin (user) of admin (project) and get the MEMBER-ID for
invisible_to_admin project
● $ openstack project list
● Source as demo (user) of demo (project)
● Share the newly created image with invisible_to_admin project
● $ glance member-create <IMAGE-ID> <MEMBER-ID>
● Now the status for it gets to pending
● Source as demo (user) of invisible_to_admin (project)
● Accept the shared image
● $ glance member-update <IMAGE-ID> <MEMBER-ID> accepted
● Now list the images and you can see the shared image

18. Thank You!