We do something similar when we add new OpenStack nodes (or reinstall them). Our storage backend is Ceph, and we use a CephFS mount for /var/lib/nova/instances on all compute nodes for live migration. Since we migrated last year from openSUSE to Ubuntu (package based deployment), we needed to preserve the ownership of /var/lib/nova/instances. Now we create the user nova (and cinder for /var/lib/cinder/conversion, which is also a CephFS mount) with the UID/GID from before Ubuntu, before installing the nova (and cinder) packages. I wonder if we could transition to the actual UID/GID from Ubuntu... I will have to think about that. Zitat von Thomas Goirand <zigo@debian.org>:
On 4/8/25 11:15, Nell Jerram wrote:
Many thanks for this Thomas. I am using OpenStack Caracal packages on Ubuntu Jammy (using cloud-archive:caracal), so I'm surprised I'm not seeing those numbers.
Aha, my setup script creates the nova user with
useradd -m -p password -s /bin/bash nova
_before_ installing the nova packages. I wonder if this is indeed the problem...
Best wishes - Nell
Well, I just had a quick look at the Ubuntu packages, and they are creating the UID / GID for you (see below). I'd suggest either doing what the package does in your script, or just let the package do it.
Cheers,
Thomas Goirand (zigo)
#!/bin/sh -e
NOVA_UID=64060 NOVA_GID=64060
if [ "$1" = "configure" ]; then if ! getent group nova > /dev/null 2>&1; then addgroup --quiet --system \ --gid $NOVA_GID nova 2>/dev/null fi
if ! getent passwd nova > /dev/null 2>&1; then adduser --quiet --system \ --home /var/lib/nova \ --no-create-home \ --uid $NOVA_UID \ --gid $NOVA_GID \ --shell /usr/sbin/nologin nova 2>/dev/null fi
if [ -z "$2" ]; then # New install - blanket permissions chown -R nova:nova /var/lib/nova/ fi
chown nova:adm /var/log/nova chmod 0750 /var/log/nova