[Openstack] Cinder and NFS: permission denied when creating a volume

italy1 remo at italy1.com
Fri Jul 31 04:31:09 UTC 2015


I think your settings are incorrect since nfs needs to be as anonymous are those settings under selinux? Not sure your env so it is hard to see what steps you are missing 

Inviato da IPhone 




On Thu, Jul 30, 2015 at 6:10 PM -0700, "Francesc Pinyol Margalef" <francesc.pinyol.m at gmail.com> wrote:










Hi,
I'm trying to configure Cinder with NFS from a Fujitsu Eternus DX.
Mounting the remote resource works fine, but when I try to create
a volume, I get a "Permission denied" in the logs.

The Fujitsu Eternus DX (192.168.1.101) unit has a directory exported:
$ showmount -e 192.168.1.101
Export list for 192.168.1.101:
/mnt/nas/ 192.168.0.0/22

This directory is owned by uid=102 and gid=201.


In the storage node, the configuration files are:

- /etc/cinder/cinder.conf
[DEFAULT]
nfs_shares_config = /etc/cinder/nfsshares
volume_driver = cinder.volume.drivers.nfs.NfsDriver
[...]

- /etc/cinder/nfsshares
192.168.1.101:/mnt/nas/

I have changed the uid and gid of the user cinder, in order to have the
mentioned uid and gid:
# id cinder
uid=102(cinder) gid=201(cinder) groups=201(cinder),99(nobody)

When I start the service, the remote resource is mounted:
$ df -h
Filesystem                             Size  Used Avail Use% Mounted on
[...]
192.168.1.101:/mnt/nas/   59T  423G   58T   1% /var/lib/cinder/mnt/9ae799cf301b19940950ae49dd800c51

# ls -l /var/lib/cinder/mnt/9ae799cf301b19940950ae49dd800c51/
drwxrwxr-x. 15 cinder cinder       1024 Jul 30 09:55 cust

# ls -ln /var/lib/cinder/mnt/9ae799cf301b19940950ae49dd800c51/
drwxrwxr-x. 15 102 201       1024 Jul 30 09:55 cust


But when I try to create a volume from another node (controller) with:
$ cinder create --display-name myvol 1

I get the following message in the storage node (/var/log/cinder/volume.log):
2015-07-31 02:45:19.325 28370 ERROR oslo_messaging.rpc.dispatcher [req-047ed05d-cd56-410a-afa6-85a4db59728a 751edd7ef0494970bbeecaa5d2861450 f3680324d5124f8ca5937c310881cdb7 - - -] Exception during message handling: Unexpected error while running command.
Command: None
Exit code: -
Stdout: u"Unexpected error while running command.
Command: sudo cinder-rootwrap /etc/cinder/rootwrap.conf truncate -s 1G /var/lib/cinder/mnt/9ae799cf301b19940950ae49dd800c51/volume-4ee83412-bf7d-4cd2-ae74-cffd5af3adc7
Exit code: 1
Stdout: u''
Stderr: '/bin/truncate: cannot open \\xe2\\x80\\x98/var/lib/cinder/mnt/9ae799cf301b19940950ae49dd800c51/volume-4ee83412-bf7d-4cd2-ae74-cffd5af3adc7\\xe2\\x80\\x99 for writing: Permission denied\
'"
Stderr: None


As expected, if I try to manually run the same problematic command as root, I get the same error:
# sudo cinder-rootwrap /etc/cinder/rootwrap.conf truncate -s 1G /var/lib/cinder/mnt/9ae799cf301b19940950ae49dd800c51/volume-4ee83412-bf7d-4cd2-ae74-cffd5af3adc7
/bin/truncate: cannot open ‘/var/lib/cinder/mnt/9ae799cf301b19940950ae49dd800c51/volume-4ee83412-bf7d-4cd2-ae74-cffd5af3adc7’ for writing: Permission denied

But if I run it as cinder user, all is fine:
[root at storage-node cinder]# su -c "truncate -s 1G /var/lib/cinder/mnt/9ae799cf301b19940950ae49dd800c51/volume-4ee83412-bf7d-4cd2-ae74-cffd5af3adc7" cinder
[root at storage-node cinder]# ls -l /var/lib/cinder/mnt/9ae799cf301b19940950ae49dd800c51/volume-4ee83412-bf7d-4cd2-ae74-cffd5af3adc7
-rw-r--r--. 1 cinder cinder 1073741824 Jul 31 02:51 /var/lib/cinder/mnt/9ae799cf301b19940950ae49dd800c51/volume-4ee83412-bf7d-4cd2-ae74-cffd5af3adc7


Why Cinder is not able to write to the mounted directory?
Should Cinder be forced to write to the mounted directory as cinder user? How?


Francesc



-- 
Francesc Pinyol Margalef
http://www.francescpinyol.cat/



!DSPAM:1,55bacb09153191570613895!
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openstack.org/pipermail/openstack/attachments/20150731/0efb5a06/attachment.html>


More information about the Openstack mailing list