Версия

-   openstack-glance-19.0.0-alt1

Шаги воспроизведения

1.  Установить пакеты:

    # apt-get install -y openstack-glance mariadb-common mariadb-server memcached openstack-keystone python3-module-openstackclient apache2-cgi-bin

2.  Запустить сервисы:

    # systemctl enable --now memcached mysqld.service && sleep 5; systemctl status memcached mysqld.service --no-pager -l

3.  Настроить Keystone (от root):

    echo "CREATE DATABASE keystone;" | mysql -u root
    echo "GRANT ALL PRIVILEGES ON keystone.* TO 'keystone'@'localhost' IDENTIFIED BY '1';" | mysql -u root
    echo "GRANT ALL PRIVILEGES ON keystone.* TO 'keystone'@'%' IDENTIFIED BY '1';" | mysql -u root
    awk '/^\[database\]/{p=1} p && /^$/ && !a {print "connection = mysql+pymysql://keystone:1@127.0.0.1/keystone"; a=1} 1' /etc/keystone/keystone.conf > /etc/keystone/keystone.conf.tmp && \mv /etc/keystone/keystone.conf.tmp /etc/keystone/keystone.conf
    awk '/^\[cache\]/{p=1} p && /^$/ && !a {print "enabled = true\nbackend = dogpile.cache.memcached"; a=1} 1' /etc/keystone/keystone.conf > /etc/keystone/keystone.conf.tmp && \mv /etc/keystone/keystone.conf.tmp /etc/keystone/keystone.conf

    cat > /etc/my.cnf.d/openstack.cnf <<'EOF'
    [mysqld]
    bind-address = 127.0.0.1
    default-storage-engine = innodb
    innodb_file_per_table
    max_connections = 4096
    collation-server = utf8_general_ci
    character-set-server = utf8
    EOF

    sed -i "/skip-networking/d" /etc/my.cnf.d/server.cnf

    systemctl restart mariadb
    keystone-manage db_sync
    keystone-manage fernet_setup --keystone-user keystone --keystone-group keystone
    keystone-manage credential_setup --keystone-user keystone --keystone-group keystone
    keystone-manage bootstrap --bootstrap-password 1 --bootstrap-admin-url http://$(hostname -i):5000/v3/ --bootstrap-internal-url http://$(hostname -i):5000/v3/ --bootstrap-public-url http://$(hostname -i):5000/v3/ --bootstrap-region-id RegionOne
    chown -R keystone:keystone /etc/keystone
    systemctl enable --now httpd2.service
    cat > auth_data <<'EOF'
    export OS_AUTH_URL=http://127.0.0.1:5000/v3
    export OS_IDENTITY_API_VERSION=3
    export OS_USERNAME=admin
    export OS_PASSWORD=1
    export OS_PROJECT_NAME=admin
    export OS_USER_DOMAIN_NAME=Default
    export OS_PROJECT_DOMAIN_NAME=Default
    export OS_REGION_NAME=RegionOne
    EOF

4.  Настроить Glance (от root):

    . auth_data
    openstack endpoint create --region RegionOne identity public http://127.0.0.1:5000/v3
    openstack endpoint create --region RegionOne identity internal http://127.0.0.1:5000/v3
    openstack endpoint create --region RegionOne identity admin http://127.0.0.1:35357/v3
    openstack project create --domain default --description TEST service
    openstack role create user
    echo "CREATE DATABASE glance;" | mysql -u root
    echo "GRANT ALL PRIVILEGES ON glance.* TO 'glance'@'127.0.0.1' IDENTIFIED BY '1';" | mysql -u root
    echo "GRANT ALL PRIVILEGES ON glance.* TO 'glance'@'%' IDENTIFIED BY '1';" | mysql -u root
    cat > /etc/glance/glance-api.conf <<EOF
    [DEFAULT]
    [database]
    connection = mysql+pymysql://glance:1@127.0.0.1/glance
    [glance_store]
    stores = file,http
    default_store = file
    filesystem_store_datadir = /var/lib/glance/images/
    [image_format]
    [keystone_authtoken]
    auth_uri = http://127.0.0.1:5000
    auth_url = http://127.0.0.1:35357
    memcached_servers = 127.0.0.1:11211
    auth_type = password
    project_domain_name = default
    user_domain_name = default
    project_name = service
    username = glance
    password = 1
    [paste_deploy]
    flavor = keystone
    EOF
    cat > /etc/glance/glance-registry.conf <<EOF
    [DEFAULT]
    [database]
    connection = mysql+pymysql://glance:1@127.0.0.1/glance
    [keystone_authtoken]
    auth_uri = http://127.0.0.1:5000
    auth_url = http://127.0.0.1:35357
    memcached_servers = 127.0.0.1:11211
    auth_type = password
    project_domain_name = default
    user_domain_name = default
    project_name = service
    username = glance
    password = 1
    [paste_deploy]
    flavor = keystone
    [profiler]
    EOF
    cat > admin_openrc << EOF
    export OS_PROJECT_DOMAIN_NAME=default
    export OS_USER_DOMAIN_NAME=default
    export OS_PROJECT_NAME=admin
    export OS_USERNAME=admin
    export OS_PASSWORD=1
    export OS_AUTH_URL=http://127.0.0.1:35357/v3
    export OS_IDENTITY_API_VERSION=3
    export OS_IMAGE_API_VERSION=2
    EOF
    . admin_openrc
    openstack user create --domain default --password 1 glance
    openstack role add --project service --user glance admin
    openstack service create --name glance --description TEST image
    openstack endpoint create --region RegionOne image public http://127.0.0.1:9292
    openstack endpoint create --region RegionOne image internal http://127.0.0.1:9292
    openstack endpoint create --region RegionOne image admin http://127.0.0.1:9292

5.  Выполнить Sync:

    # glance-manage db_sync

6.  Из-за ошибки https://bugzilla.altlinux.org/48955 - Failed to read
    config file directory: /etc/glance/glance-api.conf.d/ выполнить:

    # mkdir -p /etc/glance/glance-api.conf.d

7.  Запустить openstack-glance-api:

    # systemctl start openstack-glance-api
    # systemctl status openstack-glance-api

Ожидаемый результат: нет ошибок в запуске сервиса
(code=exited, status=0/SUCCESS). Фактический результат: ошибка
Permission denied: '/var/log/glance/glance-manage.log'. Код выхода -
(code=exited, status=1/FAILURE)

Логи:

    дек 28 09:41:58 server-10-1-x86-64-20231227.localdomain glance-manage[12426]: Traceback (most recent call last):
    дек 28 09:41:58 server-10-1-x86-64-20231227.localdomain glance-manage[12426]:   File "/usr/bin/glance-manage", line 10, in <module>
    дек 28 09:41:58 server-10-1-x86-64-20231227.localdomain glance-manage[12426]:     sys.exit(main())
    дек 28 09:41:58 server-10-1-x86-64-20231227.localdomain glance-manage[12426]:   File "/usr/lib/python3/site-packages/glance/cmd/manage.py", line 557, in main
    дек 28 09:41:58 server-10-1-x86-64-20231227.localdomain glance-manage[12426]:     logging.setup(CONF, 'glance')
    дек 28 09:41:58 server-10-1-x86-64-20231227.localdomain glance-manage[12426]:   File "/usr/lib/python3/site-packages/oslo_log/log.py", line 273, in setup
    дек 28 09:41:58 server-10-1-x86-64-20231227.localdomain glance-manage[12426]:     _setup_logging_from_conf(conf, product_name, version)
    дек 28 09:41:58 server-10-1-x86-64-20231227.localdomain glance-manage[12426]:   File "/usr/lib/python3/site-packages/oslo_log/log.py", line 381, in _setup_logging_from_conf
    дек 28 09:41:58 server-10-1-x86-64-20231227.localdomain glance-manage[12426]:     filelog = file_handler(logpath)
    дек 28 09:41:58 server-10-1-x86-64-20231227.localdomain glance-manage[12426]:   File "/usr/lib64/python3.9/logging/handlers.py", line 470, in __init__
    дек 28 09:41:58 server-10-1-x86-64-20231227.localdomain glance-manage[12426]:     logging.FileHandler.__init__(self, filename, mode=mode,
    дек 28 09:41:58 server-10-1-x86-64-20231227.localdomain glance-manage[12426]:   File "/usr/lib64/python3.9/logging/__init__.py", line 1146, in __init__
    дек 28 09:41:58 server-10-1-x86-64-20231227.localdomain glance-manage[12426]:     StreamHandler.__init__(self, self._open())
    дек 28 09:41:58 server-10-1-x86-64-20231227.localdomain glance-manage[12426]:   File "/usr/lib64/python3.9/logging/__init__.py", line 1175, in _open
    дек 28 09:41:58 server-10-1-x86-64-20231227.localdomain glance-manage[12426]:     return open(self.baseFilename, self.mode, encoding=self.encoding,
    дек 28 09:41:58 server-10-1-x86-64-20231227.localdomain glance-manage[12426]: PermissionError: [Errno 13] Permission denied: '/var/log/glance/glance-manage.log'

Решение: # chown glance:glance -R /var/log/glance