[Openstack-operators] [Openstack] Quantum+Openvswitch: could not open /dev/net/tun: Operation not permitted
Igor Laskovy
igor.laskovy at gmail.com
Sat May 26 18:31:41 UTC 2012
Thank you Dan, Chris, Dean and Soheil for help. I very appreciated your help!
Yes, I using Precise for this lab and after I have added /dev/net/tun
to the cgroup_device_acl list I have ACTIVE state for my running
instances. BTW, the doc
http://openvswitch.org/openstack/documentation/ already have this
clarification, thanks))
Well, although that the instances are running, I can't ping or ssh to them.
I already doing this:
$ nova secgroup-add-rule default icmp -1 -1 0.0.0.0/0
$ nova secgroup-add-rule default tcp 22 22 0.0.0.0/0
but didn't help!
On Fri, May 25, 2012 at 12:40 AM, Dan Wendlandt <dan at nicira.com> wrote:
> Hi Igor,
>
> Are you running this on Precise? If so, Precise is a bit pickier than
> previous versions about requiring a setting in /etc/libvirt/qemu.conf
>
> You need to add /dev/net/tun to the cgroup_device_acl list in that file, and
> restart libvirt.
>
> This is actually handled automatically by a branch I've pushed for review in
> devstack: https://review.openstack.org/#/c/7001/
>
> It has lots of positive reviews, but still needs one more core review and
> I've been waiting a while. If you're a devstack core, please give me a
> hand! :)
>
> Dan
>
> p.s. the root cause of needing to tweak /etc/libvirt/qemu.conf is that
> we're using libvirt <interface type=ethernet> elements to work with
> openvswitch. Starting in libvirt 0.9.11 (not available in precise),
> openvswitch is integrated directly with libvirt, meaning that using
> type=ethernet (and the workaround) is no longer necessary.
>
>
> On Thu, May 24, 2012 at 1:05 PM, Igor Laskovy <igor.laskovy at gmail.com>
> wrote:
>>
>> Hello all from sunny Kiev))
>>
>> I have built nova+quantum+openvswitch without nova-volume lab on two
>> nodes - one controller with everything on it except nova-compute and
>> second dedicated compute node with nova-compute:
>>
>> During creating VM I have error which I still can't fix:
>> $ nova boot --image precise --flavor m1.tiny my-precise-vm3
>> $ nova list
>>
>> +--------------------------------------+----------------+--------+----------+
>> | ID | Name | Status |
>> Networks |
>>
>> +--------------------------------------+----------------+--------+----------+
>> | 5a72aa9f-5743-486a-9496-130d367bc665 | my-precise-vm3 | ERROR |
>> |
>>
>> +--------------------------------------+----------------+--------+----------+
>>
>> # cat /var/log/libvirt/qemu/instance-00000012.log
>> 2012-05-24 19:51:47.994+0000: starting up
>> LC_ALL=C PATH=/usr/local/sbin:/usr/local/bin:/usr/bin:/usr/sbin:/sbin:/bin
>> QEMU_AUDIO_DRV=none /usr/bin/kvm -S -M pc-1.0 -enable-kvm -m 512 -smp
>> 1,sockets=1,cores=1,threads=1 -name instance-00000012 -uuid
>> 5a72aa9f-5743-486a-9496-130d367bc665 -nodefconfig -nodefaults -chardev
>>
>> socket,id=charmonitor,path=/var/lib/libvirt/qemu/instance-00000012.monitor,server,nowait
>> -mon chardev=charmonitor,id=monitor,mode=control -rtc base=utc
>> -no-shutdown -drive
>>
>> file=/var/lib/nova/instances/instance-00000012/disk,if=none,id=drive-virtio-disk0,format=qcow2,cache=none
>> -device
>> virtio-blk-pci,bus=pci.0,addr=0x5,drive=drive-virtio-disk0,id=virtio-disk0,bootindex=1
>> -netdev tap,ifname=tap24b9f3da-8b,script=,id=hostnet0 -device
>> rtl8139,netdev=hostnet0,id=net0,mac=fa:16:3e:49:f1:a9,bus=pci.0,addr=0x3
>> -netdev tap,ifname=tapcdd6bc93-86,script=,id=hostnet1 -device
>> rtl8139,netdev=hostnet1,id=net1,mac=fa:16:3e:68:94:b4,bus=pci.0,addr=0x4
>> -chardev
>> file,id=charserial0,path=/var/lib/nova/instances/instance-00000012/console.log
>> -device isa-serial,chardev=charserial0,id=serial0 -chardev
>> pty,id=charserial1 -device isa-serial,chardev=charserial1,id=serial1
>> -usb -device usb-tablet,id=input0 -vnc 192.168.1.71:0 -k en-us -vga
>> cirrus -device virtio-balloon-pci,id=balloon0,bus=pci.0,addr=0x6
>> Domain id=4 is tainted: shell-scripts
>> char device redirected to /dev/pts/2
>> kvm: -netdev tap,ifname=tap24b9f3da-8b,script=,id=hostnet0: could not
>> open /dev/net/tun: Operation not permitted
>> kvm: -netdev tap,ifname=tap24b9f3da-8b,script=,id=hostnet0: Device
>> 'tap' could not be initialized
>> 2012-05-24 19:51:48.175+0000: shutting down
>>
>> /var/lib/nova/instances/instance-00000012# virsh create libvirt.xml
>> error: Failed to create domain from libvirt.xml
>> error: internal error Process exited while reading console log output:
>> char device redirected to /dev/pts/2
>> kvm: -netdev tap,ifname=tap24b9f3da-8b,script=,id=hostnet0: could not
>> open /dev/net/tun: Operation not permitted
>> kvm: -netdev tap,ifname=tap24b9f3da-8b,script=,id=hostnet0: Device
>> 'tap' could not be initialized
>>
>> Waiting any advises!
>>
>> --
>> Igor Laskovy
>> Kiev, Ukraine
>>
>> _______________________________________________
>> Mailing list: https://launchpad.net/~openstack
>> Post to : openstack at lists.launchpad.net
>> Unsubscribe : https://launchpad.net/~openstack
>> More help : https://help.launchpad.net/ListHelp
>
>
>
>
> --
> ~~~~~~~~~~~~~~~~~~~~~~~~~~~
> Dan Wendlandt
> Nicira, Inc: www.nicira.com
> twitter: danwendlandt
> ~~~~~~~~~~~~~~~~~~~~~~~~~~~
>
--
Igor Laskovy
Kiev, Ukraine
More information about the Openstack-operators
mailing list