OpenStack Compute (nova)

UEFI NVRAM lost on cold migration or resize

Bug #1785123 reported by Chris Friesen on 2018-08-02

16

This bug affects 2 people

Affects		Status	Importance	Assigned to	Milestone
	OpenStack Compute (nova)	In Progress	Low	Boxiang Zhu

Bug Description

If you boot a virtual instance with UEFI, the UEFI NVRAM is lost on a cold migration.

The default storage for the virtual UEFI NVRAM is in /var/lib/libvirt/qemu/nvram/, and the file is not being copied over on cold migration.

Tags:

Revision history for this message

Matt Riedemann (mriedem) wrote on 2018-08-06:

#1

I see the StarlingX fix for this here:

https://github.com/starlingx-staging/stx-nova/commit/71acfeae0d1c59fdc77704527d763bd85a276f9a#diff-f4019782d93a196a0d026479e6aa61b1R8514

tags:	added: libvirt
Changed in nova:
status:	New → Triaged
importance:	Undecided → Low

Revision history for this message

Matthew Booth (mbooth-9) wrote on 2018-08-06:

#2

I'll bet this would also affect a live migrated instance if it was rebooted.

Revision history for this message

Chris Friesen (cbf123) wrote on 2018-08-13:

#3

For a full fix I think you also would need something like https://github.com/starlingx-staging/stx-nova/blob/71acfeae0d1c59fdc77704527d763bd85a276f9a/nova/virt/libvirt/guest.py#L283 in order to keep the nvram around since there are a number of cases where nova is undefining the domain in libvirt but is going to immediately re-create a new domain as the "same" instance and it'd be good to preserve the NVRAM.

Originally we also modified libvirt to store the NVRAM file in the same directory as the other instance files, but I think we're planning on dropping that change since there's going to be no way to override the location of the software TPM file (which means we'll have to deal with that hassle anyway).

Revision history for this message

Adam Spiers (adam.spiers) wrote on 2018-11-13:

#4

Is this related to (or even a duplicate of) bug #1633447 (nova stop/start or reboot --hard resets uefi nvram...) ?

Revision history for this message

Chris Friesen (cbf123) wrote on 2018-11-13:

#5

I think it would be strongly related. I'm not sure if it's a dupe, but the solution should be considered with both in mind.

The issue in all cases is that nova implicitly asks libvirt to create the NVRAM file on instance startup but doesn't ensure that it is preserved over all the nova operations.

In this case the issue is that it's not preserved over operations which result in the instance being moved from one node to another. In bug #163344 it's not preserved over instance operations on the same node.

Revision history for this message

OpenStack Infra (hudson-openstack) wrote on 2018-12-03: Fix proposed to nova (master)

#6

Fix proposed to branch: master
Review: https://review.openstack.org/621646

Changed in nova:
assignee:	nobody → Jack Ding (jackding)
status:	Triaged → In Progress

OpenStack Infra (hudson-openstack) on 2019-05-02

Changed in nova:
assignee:	Jack Ding (jackding) → Chris Friesen (cbf123)

OpenStack Infra (hudson-openstack) on 2019-07-25

Changed in nova:
assignee:	Chris Friesen (cbf123) → yao (yaozhou)

OpenStack Infra (hudson-openstack) on 2019-08-19

Changed in nova:
assignee:	yao (yaozhou) → Boxiang Zhu (bxzhu-5355)

Report a bug

This report contains Public information

Everyone can see this information.

You are

Subscribing...

Edit bug mail

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.