Introduction
In any cloud environment, virtual machine images are the foundation of compute workloads. Whether you’re launching a simple Linux VM or deploying a complex enterprise application stack, everything starts with a VM image. In OpenStack, this responsibility is handled by Glance, the Image service.
OpenStack Glance provides a centralized repository to discover, store, and retrieve virtual machine images. It abstracts the underlying storage backends and integrates tightly with OpenStack Nova to enable seamless instance booting. Understanding Glance is essential for cloud administrators, OpenStack operators, and anyone preparing for OpenStack certifications.
This blog explores Glance architecture, supported image formats, backend storage options, CLI usage, and best practices for managing VM images effectively.
1. What Is OpenStack Glance?
OpenStack Glance is the Image Service of OpenStack. Its primary role is to:
-
Store VM disk images
-
Manage image metadata
-
Provide image discovery APIs
-
Serve images to Nova during instance creation
Glance itself does not run virtual machines. Instead, it works behind the scenes to ensure that compute services can access the correct images quickly and securely.
Common Image Types in Glance
-
Operating system images (Ubuntu, RHEL, CentOS, Windows)
-
Snapshots of running instances
-
Custom golden images with preinstalled software
-
ISO images for specialized boot workflows
2. Glance Architecture Overview
Glance follows a modular and scalable architecture designed to support large cloud deployments.
Key Components
1️⃣ Glance API Server
-
Exposes REST APIs for image operations
-
Handles requests such as upload, download, delete, and list images
-
Enforces authentication and authorization via Keystone
2️⃣ Database
-
Stores image metadata, not the actual image data
-
Metadata includes:
-
Image name and ID
-
Disk and container format
-
Visibility (public, private, shared)
-
Properties and tags
-
3️⃣ Storage Backends
Glance supports multiple backend storage options, configured via glance-api.conf:
-
Local filesystem
-
OpenStack Swift
-
Ceph RBD
-
NFS
-
Vendor storage plugins
The backend choice affects performance, scalability, and reliability.
4️⃣ Metadata Definitions (Metadefs)
-
Standardize image properties
-
Enable automation and consistency
-
Used heavily by Nova and Horizon
Note: The Glance Registry component is deprecated and no longer used in modern OpenStack releases.
3. Supported Image Formats
Glance supports a wide range of image formats to accommodate different hypervisors and use cases.
Common Disk Formats
| Format | Description | Use Case |
|---|---|---|
| QCOW2 | Compressed, copy-on-write | Default for KVM/QEMU |
| RAW | Uncompressed disk | High-performance workloads |
| VMDK | VMware format | VMware integration |
| VHD / VHDX | Hyper-V format | Microsoft environments |
| ISO | Bootable image | Installer-based workflows |
Best Choice for Most Deployments
-
QCOW2 is recommended for KVM-based OpenStack clouds due to space efficiency and snapshot support.
4. Uploading Images Using the OpenStack CLI
The OpenStack CLI is the most common way to manage images in Glance.
Upload a New Image
Important Flags Explained
-
--disk-format: Format of the image file -
--container-format: Usuallybare -
--public: Makes image available to all projects -
--private: Restricts image to the current project
Adding Image Properties
These properties optimize VM performance when booted via Nova.
5. Viewing and Managing Images
List All Images
View Image Details
Delete an Image
Change Image Visibility
6. Glance and Nova Integration
When a user launches a VM:
-
Nova receives the request
-
Nova queries Glance for the image
-
Glance serves the image from its backend
-
Nova caches or streams the image to the compute node
-
The hypervisor boots the instance
This tight integration makes Glance a critical dependency for VM lifecycle operations.
7. Backend Storage Options and Recommendations
Filesystem
-
Simple and easy
-
Not suitable for large-scale production
Swift
-
Object storage backend
-
Good for multi-region setups
Ceph RBD (Recommended)
-
High availability and scalability
-
Native integration with Nova
-
Supports copy-on-write cloning
Most production OpenStack clouds use Ceph RBD as the Glance backend.
8. Security and Image Governance
Best Practices
-
Regularly audit public images
-
Restrict upload permissions
-
Scan images for vulnerabilities
-
Use trusted base images only
-
Remove outdated or unused images
Metadata Standardization
Use Glance metadefs to enforce consistent image properties across teams and automation pipelines.
9. Best Practices Summary
✅ Use QCOW2 for general workloads
✅ Store images in Ceph or Swift for scalability
✅ Tag images for automation and lifecycle management
✅ Audit images regularly for compliance
✅ Automate image uploads using CI/CD pipelines
Conclusion
OpenStack Glance plays a foundational role in cloud infrastructure by managing VM images efficiently and securely. From handling diverse image formats to integrating with scalable storage backends, Glance ensures that compute services can operate reliably at scale.
By understanding Glance architecture, mastering CLI operations, and following best practices, OpenStack administrators can maintain a clean, secure, and high-performance image repository that supports both development and production workloads.
FAQs (0)
Sign in to ask a question. You can read FAQs without logging in.