kolla-ansible

Kolla - Pike - nova_compute : could not access kvm kernel module permission denied

Bug #1742734 reported by Imran Zunzani
14
This bug affects 3 people
Affects Status Importance Assigned to Milestone
kolla-ansible
Invalid
Undecided
Unassigned
CentOS
New
Undecided
Unassigned

Bug Description

Launching any VM fails with error in the nova-libvert log:
'kvm kernel module permission denied'

Kolla-ansible has a qemu.conf that sets:

user = "nova"
group = "nova"

for nova-libvert container, but this doesn't solve the issue.

The fix is to change the qemu.conf in the nova-compute container instead.
Change /etc/libvert/qemu.conf in the nova-compute container, and set

user = "root"
group = "kvm"

and restart nova-compute container.

This solves the issue.

Details:

Openstack version: pike

docker image: kolla/centos-binary-nova-compute

image id: 3ea63299db94

kolla_version: 5.0.1

Revision history for this message
Imran Zunzani (imranzunzani) wrote :

Fixed image can be pulled from iimraann/kolla-centos-binary-nova-compute:pike

URL:
https://hub.docker.com/r/iimraann/kolla-centos-binary-nova-compute/

Eduardo Gonzalez (egonzalez90)
no longer affects: kolla
Changed in kolla-ansible:
status: New → Incomplete
Revision history for this message
Imran Zunzani (imranzunzani) wrote :

Why is this marked 'incomplete'?

Revision history for this message
Imran Zunzani (imranzunzani) wrote :

What I am trying to say is that the settings in the file:

https://github.com/openstack/kolla-ansible/blob/master/ansible/roles/nova/templates/qemu.conf.j2

is getting applied to "nova-libvirt".

These don't take effect inside 'nova-libvirt' as after some time the group gets reset to '78' causing libvirt's operations to fail.

It should get applied to "nova-compute" instead, and the proper values that seem to work are:

user = "root"
group = "kvm"

in that conf.

Changed in kolla-ansible:
status: Incomplete → New
Revision history for this message
JD Lester (jdlester8) wrote :

Can somebody look at this? I'm unable to launch an instance on Queens deployed by kolla-ansible. I get the kvm permission denied error as well. I tried changing the ansible role to user=root group=kvm, but that didn't work. I changed user=root group=kvm on the compute host /etc/libvirt/qemu.conf, but that didn't work either.

I believe this is relevant.
https://bugs.launchpad.net/kolla/+bug/1715356

Revision history for this message
Michal Nasiadka (mnasiadka) wrote :

Pike is EOL

Changed in kolla-ansible:
status: New → Invalid
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.