Open Stack

Hi Igor,

Are you running this on Precise?  If so, Precise is a bit pickier than
previous versions about requiring a setting in /etc/libvirt/qemu.conf

You need to add /dev/net/tun to the cgroup_device_acl list in that file,
and restart libvirt.

This is actually handled automatically by a branch I've pushed for review
in devstack: https://review.openstack.org/#/c/7001/

It has lots of positive reviews, but still needs one more core review and
I've been waiting a while.  If you're a devstack core, please give me a
hand! :)

Dan

p.s.  the root cause of needing to tweak /etc/libvirt/qemu.conf is that
we're using libvirt <interface type=ethernet> elements to work with
openvswitch.  Starting in libvirt 0.9.11 (not available in precise),
openvswitch is integrated directly with libvirt, meaning that using
type=ethernet (and the workaround) is no longer necessary.


On Thu, May 24, 2012 at 1:05 PM, Igor Laskovy <igor.laskovy at gmail.com>wrote:

> Hello all from sunny Kiev))
>
> I have built nova+quantum+openvswitch without nova-volume lab on two
> nodes - one controller with everything on it except nova-compute and
> second dedicated compute node with nova-compute:
>
> During creating VM I have error which I still can't fix:
> $ nova boot --image precise --flavor m1.tiny  my-precise-vm3
> $ nova list
>
> +--------------------------------------+----------------+--------+----------+
> |                  ID                  |      Name      | Status |
> Networks |
>
> +--------------------------------------+----------------+--------+----------+
> | 5a72aa9f-5743-486a-9496-130d367bc665 | my-precise-vm3 | ERROR  |
>  |
>
> +--------------------------------------+----------------+--------+----------+
>
> # cat /var/log/libvirt/qemu/instance-00000012.log
> 2012-05-24 19:51:47.994+0000: starting up
> LC_ALL=C PATH=/usr/local/sbin:/usr/local/bin:/usr/bin:/usr/sbin:/sbin:/bin
> QEMU_AUDIO_DRV=none /usr/bin/kvm -S -M pc-1.0 -enable-kvm -m 512 -smp
> 1,sockets=1,cores=1,threads=1 -name instance-00000012 -uuid
> 5a72aa9f-5743-486a-9496-130d367bc665 -nodefconfig -nodefaults -chardev
>
> socket,id=charmonitor,path=/var/lib/libvirt/qemu/instance-00000012.monitor,server,nowait
> -mon chardev=charmonitor,id=monitor,mode=control -rtc base=utc
> -no-shutdown -drive
>
> file=/var/lib/nova/instances/instance-00000012/disk,if=none,id=drive-virtio-disk0,format=qcow2,cache=none
> -device
> virtio-blk-pci,bus=pci.0,addr=0x5,drive=drive-virtio-disk0,id=virtio-disk0,bootindex=1
> -netdev tap,ifname=tap24b9f3da-8b,script=,id=hostnet0 -device
> rtl8139,netdev=hostnet0,id=net0,mac=fa:16:3e:49:f1:a9,bus=pci.0,addr=0x3
> -netdev tap,ifname=tapcdd6bc93-86,script=,id=hostnet1 -device
> rtl8139,netdev=hostnet1,id=net1,mac=fa:16:3e:68:94:b4,bus=pci.0,addr=0x4
> -chardev
> file,id=charserial0,path=/var/lib/nova/instances/instance-00000012/console.log
> -device isa-serial,chardev=charserial0,id=serial0 -chardev
> pty,id=charserial1 -device isa-serial,chardev=charserial1,id=serial1
> -usb -device usb-tablet,id=input0 -vnc 192.168.1.71:0 -k en-us -vga
> cirrus -device virtio-balloon-pci,id=balloon0,bus=pci.0,addr=0x6
> Domain id=4 is tainted: shell-scripts
> char device redirected to /dev/pts/2
> kvm: -netdev tap,ifname=tap24b9f3da-8b,script=,id=hostnet0: could not
> open /dev/net/tun: Operation not permitted
> kvm: -netdev tap,ifname=tap24b9f3da-8b,script=,id=hostnet0: Device
> 'tap' could not be initialized
> 2012-05-24 19:51:48.175+0000: shutting down
>
> /var/lib/nova/instances/instance-00000012# virsh create libvirt.xml
> error: Failed to create domain from libvirt.xml
> error: internal error Process exited while reading console log output:
> char device redirected to /dev/pts/2
> kvm: -netdev tap,ifname=tap24b9f3da-8b,script=,id=hostnet0: could not
> open /dev/net/tun: Operation not permitted
> kvm: -netdev tap,ifname=tap24b9f3da-8b,script=,id=hostnet0: Device
> 'tap' could not be initialized
>
> Waiting any advises!
>
> --
> Igor Laskovy
> Kiev, Ukraine
>
> _______________________________________________
> Mailing list: https://launchpad.net/~openstack
> Post to     : openstack at lists.launchpad.net
> Unsubscribe : https://launchpad.net/~openstack
> More help   : https://help.launchpad.net/ListHelp
>



-- 
~~~~~~~~~~~~~~~~~~~~~~~~~~~
Dan Wendlandt
Nicira, Inc: www.nicira.com
twitter: danwendlandt
~~~~~~~~~~~~~~~~~~~~~~~~~~~
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openstack.org/pipermail/openstack/attachments/20120524/1b2e89c4/attachment.html>