<html><body><div>Hi again,<br></div><div><br data-mce-bogus="1"></div><div>sorry to pick up this old post again but I manged to figure out what's wrong. The error:<br data-mce-bogus="1"></div><div><br data-mce-bogus="1"></div><div><pre class="logs"><pre class="logs">end Kernel panic - not syncing: VFS: Unable to mount root fs on unknown-block(0,0)<br><br>only arises when using the nano flavor:<br><br><div class="line number1 index0 alt2"><code class="java plain">openstack flavor create --id </code><code class="java value">0</code> <code class="java plain">--vcpus </code><code class="java value">1</code> <code class="java plain">--ram </code><code class="java value">64</code> <code class="java plain">--disk </code><code>1</code> <code class="java plain">m1.nano</code></div><div class="line number1 index0 alt2"><code class="java plain"><br data-mce-bogus="1"></code></div><div class="line number1 index0 alt2"><code>It works fine when using 128 instead of 64MB RAM:</code></div><div class="line number1 index0 alt2"><code><br data-mce-bogus="1"></code></div><div class="line number1 index0 alt2"><code></code><code class="java plain"><pre class="logs"><pre class="logs"><div class="line number1 index0 alt2">openstack flavor create --id <code class="java value">0</code> --vcpus <code class="java value">1</code> --ram 128 --disk <code>1</code> m1.nano</div></pre></pre></code></div>Cheers,<br>Oliver<br></pre></pre></div><div><br>Am 19. Oktober 2020 um 16:21 schrieb Oliver Weinmann <oliver.weinmann@me.com>:<br><br><div><blockquote type="cite"><div class="msg-quote"><div>Ok, I will try to disable selinux and deploy one more compute node. I just stumbled across another issue, not sure if it is related. The instance seems to be deployed just fine but now I looked on the console and neither cirros nor centos 7 seem to be booting up correctly. <br></div><div><br data-mce-bogus="1"></div><div>on cirros i see an error:<br data-mce-bogus="1"></div><div><br data-mce-bogus="1"></div><div><pre class="logs"><pre class="logs">[    0.846019] ---[ end Kernel panic - not syncing: VFS: Unable to mount root fs on unknown-block(0,0) ]---<br><br>and on centos7:<br><br>error: not a correct XFS inode.<br><br>I tried to create with ephemeral and volume.<br><br>Cheers,<br>Oliver<br></pre></pre></div><div>Am 19. Oktober 2020 um 16:09 schrieb Alex Schultz <aschultz@redhat.com>:<br><br><div><blockquote type="cite"><div class="msg-quote"><div class="_stretch"><span class="body-text-content">On Mon, Oct 19, 2020 at 7:59 AM Oliver Weinmann <oliver.weinmann@me.com> wrote:<br><blockquote type="cite" class="quoted-plain-text"><br></blockquote><blockquote type="cite" class="quoted-plain-text">First of all thanks a lot for the quick reply.</blockquote><blockquote type="cite" class="quoted-plain-text"><br></blockquote><blockquote type="cite" class="quoted-plain-text">I just checked and it seems that the package is really not available for centos8 from the upstream repo:</blockquote><blockquote type="cite" class="quoted-plain-text"><br></blockquote><blockquote type="cite" class="quoted-plain-text"><a data-mce-href="https://centos.pkgs.org/8/centos-appstream-x86_64/podman-1.6.4-15.module_el8.2.0+465+f9348e8f.x86_64.rpm.html" href="https://centos.pkgs.org/8/centos-appstream-x86_64/podman-1.6.4-15.module_el8.2.0+465+f9348e8f.x86_64.rpm.html">https://centos.pkgs.org/8/centos-appstream-x86_64/podman-1.6.4-15.module_el8.2.0+465+f9348e8f.x86_64.rpm.html</a><br data-mce-bogus="1"></blockquote><blockquote type="cite" class="quoted-plain-text"><br></blockquote><blockquote type="cite" class="quoted-plain-text">When you say it should be available via rdo, does this mean I have to add or use a different repo when deploying undercloud / overcloud? I have followed the tripleo guide to deploy it:</blockquote><br>I thought we shipped it, maybe we don't because we run with selinux<br>disabled so it doesn't show up in CI.<br><br><blockquote type="cite" class="quoted-plain-text"><br></blockquote><blockquote type="cite" class="quoted-plain-text"><a data-mce-href="https://docs.openstack.org/tripleo-docs/latest/" href="https://docs.openstack.org/tripleo-docs/latest/">https://docs.openstack.org/tripleo-docs/latest/</a><br data-mce-bogus="1"></blockquote><blockquote type="cite" class="quoted-plain-text"><br></blockquote><blockquote type="cite" class="quoted-plain-text">And is there a way to disable selinux on all overcloud nodes by default? I guess it is the default to disable it?</blockquote><br>Set the following in an environment file as part of the deployment:<br><br>parameter_defaults:<br> SELinuxMode: permissive<br><br><blockquote type="cite" class="quoted-plain-text"><br></blockquote><blockquote type="cite" class="quoted-plain-text">Cheers,</blockquote><blockquote type="cite" class="quoted-plain-text">Oliver</blockquote><blockquote type="cite" class="quoted-plain-text"><br></blockquote><blockquote type="cite" class="quoted-plain-text">Am 19. Oktober 2020 um 15:29 schrieb Alex Schultz <aschultz@redhat.com>:</blockquote><blockquote type="cite" class="quoted-plain-text"><br></blockquote><blockquote type="cite" class="quoted-plain-text">On Mon, Oct 19, 2020 at 7:09 AM Oliver Weinmann <oliver.weinmann@me.com> wrote:</blockquote><blockquote type="cite" class="quoted-plain-text"><br></blockquote><blockquote type="cite" class="quoted-plain-text"><br></blockquote><blockquote type="cite" class="quoted-plain-text">Hi all,</blockquote><blockquote type="cite" class="quoted-plain-text"><br></blockquote><blockquote type="cite" class="quoted-plain-text"><br></blockquote><blockquote type="cite" class="quoted-plain-text">I have successfully deployed the overcloud many many times, but this time I have a strange behaviour. Whenever I try to launch an instance it fails. I checked the logs on the compute node and saw this error:</blockquote><blockquote type="cite" class="quoted-plain-text"><br></blockquote><blockquote type="cite" class="quoted-plain-text"><br></blockquote><blockquote type="cite" class="quoted-plain-text">Failed to build and run instance: libvirt.libvirtError: internal error: process exited while connecting to monitor: libvirt: error : cannot execute binary /usr/libexec/qemu-kvm: Permission denied</blockquote><blockquote type="cite" class="quoted-plain-text"><br></blockquote><blockquote type="cite" class="quoted-plain-text"><br></blockquote><blockquote type="cite" class="quoted-plain-text">googling led me to the solution to disable selinux:</blockquote><blockquote type="cite" class="quoted-plain-text"><br></blockquote><blockquote type="cite" class="quoted-plain-text"><br></blockquote><blockquote type="cite" class="quoted-plain-text">setenforce 0</blockquote><blockquote type="cite" class="quoted-plain-text"><br></blockquote><blockquote type="cite" class="quoted-plain-text"><br></blockquote><blockquote type="cite" class="quoted-plain-text">I have not made this change persistent yet, as I would like to know why I'm facing this issue right now. What is actually the default for the overcloud nodes SeLinux? Enforcing, permissive or disabled? I build the ipa and overcloud image myself as I had to include drivers. Is this maybe the reason why SeLinux is now enabled, but is actually disabled when using the default ipa images?</blockquote><blockquote type="cite" class="quoted-plain-text"><br></blockquote><blockquote type="cite" class="quoted-plain-text"><br></blockquote><blockquote type="cite" class="quoted-plain-text"><br></blockquote><blockquote type="cite" class="quoted-plain-text">From a TripleO perspective, we do not officially support selinux</blockquote><blockquote type="cite" class="quoted-plain-text">enabled when running with CentOS. In theory it should work, however</blockquote><blockquote type="cite" class="quoted-plain-text">it is very dependent on versions. I think you're likely running into</blockquote><blockquote type="cite" class="quoted-plain-text">an issue with the correct version of podman which is likely causing</blockquote><blockquote type="cite" class="quoted-plain-text">this. We've had some issues as of late which require a very specific</blockquote><blockquote type="cite" class="quoted-plain-text">version of podman in order to work correctly with nova compute when</blockquote><blockquote type="cite" class="quoted-plain-text">running with selinux enabled. You need 1.6.4-15 or higher which I</blockquote><blockquote type="cite" class="quoted-plain-text">don't think is available with centos8. It should be available via</blockquote><blockquote type="cite" class="quoted-plain-text">RDO.</blockquote><blockquote type="cite" class="quoted-plain-text"><br></blockquote><blockquote type="cite" class="quoted-plain-text">Related: <a data-mce-href="https://review.opendev.org/#/c/736173/" href="https://review.opendev.org/#/c/736173/">https://review.opendev.org/#/c/736173/</a><br data-mce-bogus="1"></blockquote><blockquote type="cite" class="quoted-plain-text"><br></blockquote><blockquote type="cite" class="quoted-plain-text">Thanks and Best Regards,</blockquote><blockquote type="cite" class="quoted-plain-text"><br></blockquote><blockquote type="cite" class="quoted-plain-text">Oliver</blockquote><blockquote type="cite" class="quoted-plain-text"><br></blockquote><blockquote type="cite" class="quoted-plain-text"><br></blockquote><blockquote type="cite" class="quoted-plain-text"><br></blockquote><blockquote type="cite" class="quoted-plain-text"><br></blockquote><br><br></span></div></div></blockquote></div></div></div></blockquote></div></div></body></html>