<p><img src="https://mail.dgist.ac.kr:443/mail/dsn/LmM-Y+wKuIyIHc2mE3IIg60jNRguyJhXioNX_986bVghElqlA5o1jtdRCwW4quU3K6CEyRYAoh_MrV8sRBVU8i0jsGBQ" border="0"></p>
<div style="font-family: none; font-size: 11pt;"><p>Hi</p><p><span style="font-size: 11pt;">I'm trying to setup</span><span style="font-size: 11pt;"> cinder-volume service with NFS backend</span><br></p><p><br></p><p>When I create a new VM instance with a volume from web UI, cinder-volume service on storage node creates volume file just fine</p><p>But I get the following error on compute node and instance fails to spawn.</p><p><br></p><p>2022-10-24 02:14:25.347 402789 ERROR nova.compute.manager [req-47ec9fb1-9daa-4c24-8673-538797a217cc 8769cfaf608349bd9fbb36f92b188fe3 e1e8e8397cde49899b00d09dec76b29e - default default] [instance: 5acb1dc3-0685-4980-977b-b6dfff6dfb45] Instance failed to spawn: libvirt.libvirtError: internal error: process exited while connecting to monitor: 2022-10-24T02:14:24.819644Z qemu-system-x86_64: -blockdev {"driver":"file","filename":"/var/lib/nova/mnt/99c4f7e8b15983b65e20cb7d37db899f/volume-8f478992-dde3-4c20-9005-61cd34eacf30","aio":"native","node-name":"libvirt-2-storage","cache":{"direct":true,"no-flush":false},"auto-read-only":true,"discard":"unmap"}: Could not open '/var/lib/nova/mnt/99c4f7e8b15983b65e20cb7d37db899f/volume-8f478992-dde3-4c20-9005-61cd34eacf30': Permission denied<br></p><p><br></p><p>I've added appropriate configs to apparmor profile. (Using Ubuntu 22.04) Apparmor isn't blocking this access.</p><p><span style="font-size: 14.6667px;">While the instance is spawning, </span>I've checked ownership of the volume file on compute node:</p><p><br></p><p>root@compute-node:/var/lib/nova/mnt$ ls -al</p><p><br></p><p>total 17</p><p>drwxr-xr-x 3 nova nova 4096 Oct 24 04:19 .</p><p>drwxr-xr-x 12 nova nova 4096 Oct 24 02:14 ..</p><p>drwxr-x--- 2 64061 64061 11 Oct 24 04:19 99c4f7e8b15983b65e20cb7d37db899f</p><p><br></p><p>It seems like cinder user on storage node creates volume file with UID/GID of 64061 (cinder user's UID/GID)</p><p>But nova user on compute node has UID/GID of 64060, therefore cannot open volume file(/var/lib/nova/mnt/99c4f7e8b15983b65e20cb7d37db899f/volume-8f478992-dde3-4c20-9005-61cd34eacf30)</p><p><br></p><p>Should I manually set the UID/GID of nova user on compute node to 64061, so both nova user on compute node and cinder user on storage node would have the same UID/GID?</p><p>Feels like this duct taping isn't a proper solution. Did I miss something?</p><p><br></p><p>Thank you</p></div>