nova-lxd

  1. Bug #1747720
  2. Comment #2

Comment 2 for bug 1747720

Revision history for this message
Alex Kavanagh (ajkavanagh) wrote :

Yes, I get the same thing:

May 15 10:45:28 devstack nova-compute[3085]: Command: sudo nova-rootwrap /etc/nova/rootwrap.conf mount -o loop,uid=1000,gid=110 /opt/stack/data/nova/instances/instance-00000001/configdrive.iso /tmp/tmp086sM2
May 15 10:45:28 devstack nova-compute[3085]: Exit code: 99
May 15 10:45:28 devstack nova-compute[3085]: Stdout: u''
May 15 10:45:28 devstack nova-compute[3085]: Stderr: u'/usr/local/bin/nova-rootwrap: Unauthorized command: mount -o loop,uid=1000,gid=110 /opt/stack/data/nova/instances/instance-00000001/configdrive.iso /tmp/tmp086sM2 (no filter matched)\n'
May 15 10:45:28 devstack nova-compute[3085]: ERROR nova.compute.manager [instance: e32e065f-b76f-4b0a-8a89-f5e60bf1459e] Traceback (most recent call last):
May 15 10:45:28 devstack nova-compute[3085]: ERROR nova.compute.manager [instance: e32e065f-b76f-4b0a-8a89-f5e60bf1459e] File "/opt/stack/nova/nova/compute/manager.py", line 2237, in _build_resources
May 15 10:45:28 devstack nova-compute[3085]: ERROR nova.compute.manager [instance: e32e065f-b76f-4b0a-8a89-f5e60bf1459e] yield resources
May 15 10:45:28 devstack nova-compute[3085]: ERROR nova.compute.manager [instance: e32e065f-b76f-4b0a-8a89-f5e60bf1459e] File "/opt/stack/nova/nova/compute/manager.py", line 2017, in _build_and_run_instance
May 15 10:45:28 devstack nova-compute[3085]: ERROR nova.compute.manager [instance: e32e065f-b76f-4b0a-8a89-f5e60bf1459e] block_device_info=block_device_info)
May 15 10:45:28 devstack nova-compute[3085]: ERROR nova.compute.manager [instance: e32e065f-b76f-4b0a-8a89-f5e60bf1459e] File "/opt/stack/nova-lxd/nova/virt/lxd/driver.py", line 569, in spawn
May 15 10:45:28 devstack nova-compute[3085]: ERROR nova.compute.manager [instance: e32e065f-b76f-4b0a-8a89-f5e60bf1459e] network_info)
May 15 10:45:28 devstack nova-compute[3085]: ERROR nova.compute.manager [instance: e32e065f-b76f-4b0a-8a89-f5e60bf1459e] File "/opt/stack/nova-lxd/nova/virt/lxd/driver.py", line 1273, in _add_configdrive
May 15 10:45:28 devstack nova-compute[3085]: ERROR nova.compute.manager [instance: e32e065f-b76f-4b0a-8a89-f5e60bf1459e] run_as_root=True)
May 15 10:45:28 devstack nova-compute[3085]: ERROR nova.compute.manager [instance: e32e065f-b76f-4b0a-8a89-f5e60bf1459e] File "/opt/stack/nova/nova/utils.py", line 236, in execute
May 15 10:45:28 devstack nova-compute[3085]: ERROR nova.compute.manager [instance: e32e065f-b76f-4b0a-8a89-f5e60bf1459e] return RootwrapProcessHelper().execute(*cmd, **kwargs)
May 15 10:45:28 devstack nova-compute[3085]: ERROR nova.compute.manager [instance: e32e065f-b76f-4b0a-8a89-f5e60bf1459e] File "/opt/stack/nova/nova/utils.py", line 119, in execute
May 15 10:45:28 devstack nova-compute[3085]: ERROR nova.compute.manager [instance: e32e065f-b76f-4b0a-8a89-f5e60bf1459e] return processutils.execute(*cmd, **kwargs)
May 15 10:45:28 devstack nova-compute[3085]: ERROR nova.compute.manager [instance: e32e065f-b76f-4b0a-8a89-f5e60bf1459e] File "/usr/local/lib/python2.7/dist-packages/oslo_concurrency/processutils.py", line 424, in execute
May 15 10:45:28 devstack nova-compute[3085]: ERROR nova.compute.manager [instance: e32e065f-b76f-4b0a-8a89-f5e60bf1459e] cmd=sanitized_cmd)
May 15 10:45:28 devstack nova-compute[3085]: ERROR nova.compute.manager [instance: e32e065f-b76f-4b0a-8a89-f5e60bf1459e] ProcessExecutionError: Unexpected error while running command.
May 15 10:45:28 devstack nova-compute[3085]: ERROR nova.compute.manager [instance: e32e065f-b76f-4b0a-8a89-f5e60bf1459e] Command: sudo nova-rootwrap /etc/nova/rootwrap.conf mount -o loop,uid=1000,gid=110 /opt/stack/data/nova/instances/instance-00000001/configdrive.iso /tmp/tmp086sM2
May 15 10:45:28 devstack nova-compute[3085]: ERROR nova.compute.manager [instance: e32e065f-b76f-4b0a-8a89-f5e60bf1459e] Exit code: 99
May 15 10:45:28 devstack nova-compute[3085]: ERROR nova.compute.manager [instance: e32e065f-b76f-4b0a-8a89-f5e60bf1459e] Stdout: u''
May 15 10:45:28 devstack nova-compute[3085]: ERROR nova.compute.manager [instance: e32e065f-b76f-4b0a-8a89-f5e60bf1459e] Stderr: u'/usr/local/bin/nova-rootwrap: Unauthorized command: mount -o loop,uid=1000,gid=110 /opt/stack/data/nova/instances/instance-00000001/configdrive.iso /tmp/tmp086sM2 (no filter matched)\n'
May 15 10:45:28 devstack nova-compute[3085]: ERROR nova.compute.manager [instance: e32e065f-b76f-4b0a-8a89-f5e60bf1459e]

As to why it's happening looks to be because the mount and umount commands are missing from:

/etc/nova/rootmap.d/lxd.filters

which currently contains:

root@devstack:/etc/nova/rootwrap.d# cat lxd.filters
# nova-rootwrap filters for compute nodes running nova-lxd
# This file should be owned by (and only-writable by) the root user

[Filters]
zfs: CommandFilter, zfs, root
zpool: CommandFilter, zpool, root
btrfs: CommandFilter, btrfs, root
chown: CommandFilter, chown, root
chmod: CommandFilter, chmod, root

I think, according to https://docs.openstack.org/nova/queens/admin/root-wrap-reference.html that it probably should include mount and umount.