Glance – Image Management Service

Glance – Image Management Service

After setting up the environment and network settings, you will need to use an image file to create a virtual machine environment. Most people use ISO files, which will take a step-by-step process to complete, otherwise they will use the previously packaged environment. At Openstack, we can use the image packed by the original OS to save a lot of time.

Image files can be linked from the official OpenStack website. Please refer to the following link:

There are quite a few formats available, this article covers only a few of the common file formats:

  • QCOW2
  1. QEMU copy-On Write Version 2, commonly used in KVM environments, is mostly used by OpenStack virtual machines
  • RAW
  1. RAW format images for virtual machines are in portable binary format

There are other way to create image files, but due to the length and depths of the processes, they will not be covered in this article.

When choosing the format, pay attention to whether or not the Hypervisor can read it. For example, when we use the KVM (Kernel-based Virtual Machine) as the Hypervisor, we mainly use the QCOW2 or RAW format, as there are some differences in usage.

In this article, we downloaded images for Ubuntu 16.04 and Cirros to demonstrate.The administrator can use admin privileges to upload the image and determine its attributes, like whether it is public or not. In a typical project, users can also upload their own image files which are separate from other projects and will not access the images of other projects.

In Admin / Compute / Images, click on the Create Image function to the right.

After clicking, you will need to fill out basic information about the image. Here we will fill in CIRROS.

After filling in the basic information, click Browse to select the desired image, and change the format to QCOW2.

We can skip some of these options first, these will be explained later. After clicking Create Image, this image will be uploaded to OpenStack Glance (an image file service).

At this point, we will be able to use the image that was just uploaded to create the virtual machines.We don’t recommend setting up a virtual machine in the administrator page. Instead, go back to your respective project to build the virtual machine. Currently we have two projects, service and admin. We will have a post later to explain Keystone permission management.

Now we can switch to the Project/Compute/Images tab and upload the Ubuntu image, but we will need to limit the image.

We will need to adjust four of the attributes to the newly uploaded image. The following attributes are to be modified:

  • Minimum Disk Space (GB): 3
  • Minimum RAM(MB): 20148
  • Visibility: Private
  • Protected Image: Yes

When a user establishes a virtual machine, it is hard for them to know the minimum requirements that they may need. However, we can use options like Minimum DISK and RAM to limit the user so that the user can avoid selecting the wrong specifications. Visibility is mainly about whether the image is public or private, which in general users will only be able to create as public files. Users with administrator rights will be able to establish the image as public when creating it.

The Protected Image option is there to protect the image. When the value is set to Yes, neither the user nor the administrator can delete the image. Only when this option is set to No can the image be deleted.

Currently, we are using the CIRROS image. Let us quickly setup a virtual machine, the other settings will be covered in subsequent articles.

Go back to the Project/Compute/Instances tab and click on Launch Instance

After selecting it, we need to choose a name for the virtual machine. After entering in “Cirros VM”, press next.

Next, we need to decide on a source. There will be an option at the beginning that may cause confusion for the user, so first we will change the Create New Volume from Yes to No.

After changing it to No, we will move the image of CIRROS to the Allocated section and change the source of the image. After selecting the source, press Next.

Next, select the virtual hardware specifications (Flavor). We will select m1.tiny and press Next. The rest of the Flavors will also be introduced in later sections.

Next we will need to choose a virtual network. If there is no virtual network yet, please refer to the previous article. Here, we will choose the PrivateNet network. If necessary, we can also have multiple virtual networks in the virtual machine but for now we will only use one. In the following sections, we will go over the settings for multiple virtual network cards lightly. Please do not use ExternalNet. After finishing setup, press the Launch Instance button to create a virtual machine.

The virtual machine is finished setting up.

We can click on the Cirros VM link to view information about the virtual machine.

Overall view of the virtual machine.

Log information of the virtual machine

The console interface of the virtual machine. If the screen is blank, use the mouse to select the gray function bar and press Enter.

You can use the console to login to your account first. Cirros’ account/password is cirros/gocubsgo. After logging in, you can use the Ping command to check with the Google’s DNS.

From the Ping results, you can confirm that the virtual machine is connected to the external network. In this case, we need to set the security group and floating IP to be able to connect to the virtual machine. The details for settings will be introduced in subsequent sections.

Security group settings can be found in Project/Network/Security Groups

We will be able to adjust the preset rules later, first click on Manage Rules.

After clicking, we can add many new rules. We will be adding SSH rules.

After adding the new rules, we will create an additional SSH rule for Ingress

Next, we can add a floating IP, which we can do in the Project/Network/Floating IPs tab.

After pressing Allocate IP to Project, we can select ExternalNet to use as an IP Pool. After clicking Allocate IP, we will get a floating IP.

At this point we will see that a floating IP ( has been created, so then we can use the Associate function to bind it to the virtual machine.

In the Port to be associated, we can select the previously established Cirros VM to bind to and click Associate.

After completing the binding, the status will appear to be Down temporarily. It will change back to Active in a few seconds.

Confirm that the status is now Active.

Next we can use the Ping and SSh commands to check whether the Security Group settings are normal. When Ping is used, the virtual machine will not respond. When using SSH, the virtual machine will respond normally.

After logging into tthe VM, we can check the difference between the IP address and the floating IP. The floating IP uses NAT mode, which is connected to the VM and allows for greater flexibility. It allows the user to release the floating IP binding at any time and then bind to the IP to other virtual machines to use.

When the environment is used for a while or if a specific software is installed and used as an image, the virtual machine can be Snapshotted. OpenStack will take a snapshot of the virtual machine and upload a copy to the Glance service so that the user can use this snapshot later.  We will demonstrate it’s features in a future article, as well as anything you need to know.

By 陳彥勝 迎棧科技資深解決方案架構師


Select list(s)*