Hi

I'm trying to setup cinder-volume service with NFS backend

When I create a new VM instance with a volume from web UI, cinder-volume service on storage node creates volume file just fine

But I get the following error on compute node and instance fails to spawn.

2022-10-24 02:14:25.347 402789 ERROR nova.compute.manager [req-47ec9fb1-9daa-4c24-8673-538797a217cc 8769cfaf608349bd9fbb36f92b188fe3 e1e8e8397cde49899b00d09dec76b29e - default default] [instance: 5acb1dc3-0685-4980-977b-b6dfff6dfb45] Instance failed to spawn: libvirt.libvirtError: internal error: process exited while connecting to monitor: 2022-10-24T02:14:24.819644Z qemu-system-x86_64: -blockdev {"driver":"file","filename":"/var/lib/nova/mnt/99c4f7e8b15983b65e20cb7d37db899f/volume-8f478992-dde3-4c20-9005-61cd34eacf30","aio":"native","node-name":"libvirt-2-storage","cache":{"direct":true,"no-flush":false},"auto-read-only":true,"discard":"unmap"}: Could not open '/var/lib/nova/mnt/99c4f7e8b15983b65e20cb7d37db899f/volume-8f478992-dde3-4c20-9005-61cd34eacf30': Permission denied

I've added appropriate configs to apparmor profile. (Using Ubuntu 22.04) Apparmor isn't blocking this access.

While the instance is spawning, I've checked ownership of the volume file on compute node:

root@compute-node:/var/lib/nova/mnt$ ls -al

total 17

drwxr-xr-x  3 nova  nova  4096 Oct 24 04:19 .

drwxr-xr-x 12 nova  nova  4096 Oct 24 02:14 ..

drwxr-x---  2 64061 64061   11 Oct 24 04:19 99c4f7e8b15983b65e20cb7d37db899f

It seems like cinder user on storage node creates volume file with UID/GID of 64061 (cinder user's UID/GID)

But nova user on compute node has UID/GID of 64060, therefore cannot open volume file(/var/lib/nova/mnt/99c4f7e8b15983b65e20cb7d37db899f/volume-8f478992-dde3-4c20-9005-61cd34eacf30)

Should I manually set the UID/GID of nova user on compute node to 64061, so both nova user on compute node and cinder user on storage node would have the same UID/GID?

Feels like this duct taping isn't a proper solution. Did I miss something?

Thank you