[kolla[ Issue running masakari-hostmonitor

Chris DiLorenzo cdilorenzo at gmail.com
Thu Dec 2 20:17:56 UTC 2021


It's not running it privileged mode:

ubuntu at control001-poc:~$ docker inspect
--format='{{.HostConfig.Privileged}}' masakari_hostmonitor
false

The config in ansible/roles/masakari/defaults/main.yml looks like this:

  masakari-hostmonitor:
    container_name: masakari_hostmonitor
    group: masakari-hostmonitor
    enabled: true
    ipc_mode: host
    image: "{{ masakari_monitors_image_full }}"
    volumes: "{{ masakari_hostmonitor_default_volumes +
masakari_hostmonitor_extra_volumes }}"
    dimensions: "{{ masakari_hostmonitor_dimensions }}"

The reason I am running 12.0.0 is that the hostmonitor code isn't in 11.x

Thanks,
Chris

On Thu, Dec 2, 2021 at 2:28 PM Radosław Piliszek <
radoslaw.piliszek at gmail.com> wrote:

> Hi Chris,
>
> as for the issue itself - check if the container is running privileged
> (it should).
>
> As for the other details - Kolla-Ansible 12.x is for Wallaby, not
> Victoria, that could be causing issues.
> 12.0.0 is not the latest release for Wallaby either (12.2.0 is for today).
> Fixing these might help with the other issue.
>
> -yoctozepto
>
> On Thu, 2 Dec 2021 at 18:08, Chris DiLorenzo <cdilorenzo at gmail.com> wrote:
> >
> > Hello,
> >
> > I am running Kolla-12.0.0 with Openstack Victoria.  I have mostly
> successfully deployed masakari.  The instance monitoring works, I can set
> up segments in Horizon and via CLI.  But I can't get masakari-hostmonitor
> to start:
> >
> > 2021-12-02 16:50:44.999 7 INFO oslo.privsep.daemon [-] Running privsep
> helper: ['sudo', 'privsep-helper', '--config-file',
> '/etc/masakari-monitors/masakari
> > -monitors.conf', '--privsep_context',
> 'masakarimonitors.privsep.monitors_priv', '--privsep_sock_path',
> '/tmp/tmpf_65hc7m/privsep.sock']
> > 2021-12-02 16:50:44.892 261 INFO oslo.privsep.daemon [-] privsep daemon
> starting
> > 2021-12-02 16:50:44.898 261 INFO oslo.privsep.daemon [-] privsep process
> running with uid/gid: 0/0
> > 2021-12-02 16:50:44.902 261 ERROR oslo.privsep.daemon [-] [Errno 1]
> Operation not permitted
> > Traceback (most recent call last):
> >   File
> "/var/lib/kolla/venv/lib/python3.8/site-packages/oslo_privsep/daemon.py",
> line 593, in helper_main
> >     Daemon(channel, context).run()
> >   File
> "/var/lib/kolla/venv/lib/python3.8/site-packages/oslo_privsep/daemon.py",
> line 403, in run
> >     self._drop_privs()
> >   File
> "/var/lib/kolla/venv/lib/python3.8/site-packages/oslo_privsep/daemon.py",
> line 439, in _drop_privs
> >     capabilities.drop_all_caps_except(self.caps, self.caps, [])
> >   File
> "/var/lib/kolla/venv/lib/python3.8/site-packages/oslo_privsep/capabilities.py",
> line 156, in drop_all_caps_except
> >     raise OSError(errno, os.strerror(errno))
> > PermissionError: [Errno 1] Operation not permitted
> > 2021-12-02 16:50:45.001 7 DEBUG oslo_privsep.comm [-] EOF on privsep
> read channel _reader_main
> /var/lib/kolla/venv/lib/python3.8/site-packages/oslo_privsep
> > /comm.py:149
> > 2021-12-02 16:50:45.475 7 WARNING oslo.privsep.daemon [-] privsep log:
> [Errno 1] Operation not permitted
> > 2021-12-02 16:50:45.565 7 INFO oslo.privsep.daemon [-] Spawned new
> privsep daemon via rootwrap
> > 2021-12-02 16:50:45.565 7 DEBUG oslo.privsep.daemon [-] Accepted privsep
> connection to /tmp/tmpf_65hc7m/privsep.sock __init__
> /var/lib/kolla/venv/lib/pytho
> > n3.8/site-packages/oslo_privsep/daemon.py:371
> > 2021-12-02 16:50:45.467 267 INFO oslo.privsep.daemon [-] privsep daemon
> starting
> > 2021-12-02 16:50:45.471 267 INFO oslo.privsep.daemon [-] privsep process
> running with uid/gid: 0/0
> > 2021-12-02 16:50:45.474 267 ERROR oslo.privsep.daemon [-] [Errno 1]
> Operation not permitted
> > Traceback (most recent call last):
> >   File
> "/var/lib/kolla/venv/lib/python3.8/site-packages/oslo_privsep/daemon.py",
> line 593, in helper_main
> >     Daemon(channel, context).run()
> >   File
> "/var/lib/kolla/venv/lib/python3.8/site-packages/oslo_privsep/daemon.py",
> line 403, in run
> >     self._drop_privs()
> >   File
> "/var/lib/kolla/venv/lib/python3.8/site-packages/oslo_privsep/daemon.py",
> line 439, in _drop_privs
> >     capabilities.drop_all_caps_except(self.caps, self.caps, [])
> >   File
> "/var/lib/kolla/venv/lib/python3.8/site-packages/oslo_privsep/capabilities.py",
> line 156, in drop_all_caps_except
> >     raise OSError(errno, os.strerror(errno))
> > PermissionError: [Errno 1] Operation not permitted
> >
> > sudoers in the container appears to be set up correctly.
> >
> > Thanks
> > Chris
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openstack.org/pipermail/openstack-discuss/attachments/20211202/ef270f87/attachment.htm>


More information about the openstack-discuss mailing list