Looking at 'secure.txt' [2], we see that the request for elevated permissions was accepted and there doesn't appear to be any issues, so it's probably not that:
Apr 1 10:07:45 standalone sudo[168779]: nova : TTY=unknown ; PWD=/ ; USER=root ; COMMAND=/usr/bin/nova-rootwrap /etc/nova/rootwrap.conf privsep-helper --config-file /usr/share/nova/nova-dist.conf --config-file /etc/nova/nova.conf --privsep_context vif_plug_ovs.privsep.vif_plug --privsep_sock_path /tmp/tmp1ckrh_yo/privsep.sock
Apr 1 10:07:45 standalone sudo[168779]: pam_unix(sudo:session): session opened for user root by (uid=0)
Apr 1 10:07:46 standalone sudo[168779]: pam_unix(sudo:session): session closed for user root
Looking at 'journal.txt' [3], we don't see any logs for the offending tap interface, 'tap58ee300d-6b', but we *do* see some entries for the offending bridge interface, 'qbr58ee300d-6b':
Apr 01 10:07:46 standalone.localdomain NetworkManager[1055]: <info> [1617271666.9819] manager: (qbr58ee300d-6b): new Bridge device (/org/freedesktop/NetworkManager/Devices/17)
Apr 01 10:07:46 standalone.localdomain systemd-udevd[168834]: Using default interface naming scheme 'rhel-8.0'.
Apr 01 10:07:46 standalone.localdomain systemd-udevd[168834]: link_config: autonegotiation is unset or enabled, the speed and duplex are not writable.
Apr 01 10:07:46 standalone.localdomain systemd-udevd[168834]: Could not generate persistent MAC address for qbr58ee300d-6b: No such file or directory
A quick search brings up what appears to be a related systemd issue [4]. The fix for this issue was included in systemd v242 [5]. This machine has systemd 239-44.el8 [6]:
I took a look at this this morning. Looking at the CI logs [1], we see:
2021-04-01 10:07:47.034 ERROR /var/log/ containers/ nova/nova- compute. log: 7 ERROR os_vif [req-424c6e06- e7b0-4f3e- 9154-999ae266f1 61 cf6941ba4a9f4e0 faafbec5b94d530 1d 9e6fe54a7822461 a9896649072c253 c9 - default default] Failed to plug vif VIFBridge( active= False,address= fa:16:3e: d5:18:32, bridge_ name='qbr58ee30 0d-6b', has_traffic_ filtering= True,id= 58ee300d- 6bc2-42f7- b22b-3bd120109b 16,network= Network( 5bd33c19- f1b4-4a86- 8246-85ac446c3b d8),plugin= 'ovs',port_ profile= VIFPortProfileO penVSwitch, preserve_ on_delete= False,vif_ name='tap58ee30 0d-6b') : pyroute2. netlink. exceptions. NetlinkError: (1, 'Operation not permitted') containers/ nova/nova- compute. log: 7 ERROR os_vif Traceback (most recent call last): containers/ nova/nova- compute. log: 7 ERROR os_vif File "/usr/lib/ python3. 6/site- packages/ os_vif/ __init_ _.py", line 77, in plug containers/ nova/nova- compute. log: 7 ERROR os_vif plugin.plug(vif, instance_info) containers/ nova/nova- compute. log: 7 ERROR os_vif File "/usr/lib/ python3. 6/site- packages/ vif_plug_ ovs/ovs. py", line 299, in plug containers/ nova/nova- compute. log: 7 ERROR os_vif self._plug_ bridge( vif, instance_info) containers/ nova/nova- compute. log: 7 ERROR os_vif File "/usr/lib/ python3. 6/site- packages/ vif_plug_ ovs/ovs. py", line 218, in _plug_bridge containers/ nova/nova- compute. log: 7 ERROR os_vif linux_net. create_ veth_pair( v1_name, v2_name, mtu) containers/ nova/nova- compute. log: 7 ERROR os_vif File "/usr/lib/ python3. 6/site- packages/ oslo_privsep/ priv_context. py", line 247, in _wrap containers/ nova/nova- compute. log: 7 ERROR os_vif return self.channel. remote_ call(name, args, kwargs) containers/ nova/nova- compute. log: 7 ERROR os_vif File "/usr/lib/ python3. 6/site- packages/ oslo_privsep/ daemon. py", line 224, in remote_call containers/ nova/nova- compute. log: 7 ERROR os_vif raise exc_type( *result[ 2]) containers/ nova/nova- compute. log: 7 ERROR os_vif pyroute2. netlink. exceptions. NetlinkError: (1, 'Operation not permitted')
2021-04-01 10:07:47.034 ERROR /var/log/
2021-04-01 10:07:47.034 ERROR /var/log/
2021-04-01 10:07:47.034 ERROR /var/log/
2021-04-01 10:07:47.034 ERROR /var/log/
2021-04-01 10:07:47.034 ERROR /var/log/
2021-04-01 10:07:47.034 ERROR /var/log/
2021-04-01 10:07:47.034 ERROR /var/log/
2021-04-01 10:07:47.034 ERROR /var/log/
2021-04-01 10:07:47.034 ERROR /var/log/
2021-04-01 10:07:47.034 ERROR /var/log/
2021-04-01 10:07:47.034 ERROR /var/log/
2021-04-01 10:07:47.034 ERROR /var/log/
Looking at 'secure.txt' [2], we see that the request for elevated permissions was accepted and there doesn't appear to be any issues, so it's probably not that:
Apr 1 10:07:45 standalone sudo[168779]: nova : TTY=unknown ; PWD=/ ; USER=root ; COMMAND= /usr/bin/ nova-rootwrap /etc/nova/ rootwrap. conf privsep-helper --config-file /usr/share/ nova/nova- dist.conf --config-file /etc/nova/nova.conf --privsep_context vif_plug_ ovs.privsep. vif_plug --privsep_sock_path /tmp/tmp1ckrh_ yo/privsep. sock sudo:session) : session opened for user root by (uid=0) sudo:session) : session closed for user root
Apr 1 10:07:45 standalone sudo[168779]: pam_unix(
Apr 1 10:07:46 standalone sudo[168779]: pam_unix(
Looking at 'journal.txt' [3], we don't see any logs for the offending tap interface, 'tap58ee300d-6b', but we *do* see some entries for the offending bridge interface, 'qbr58ee300d-6b':
Apr 01 10:07:46 standalone. localdomain NetworkManager[ 1055]: <info> [1617271666.9819] manager: (qbr58ee300d-6b): new Bridge device (/org/freedeskt op/NetworkManag er/Devices/ 17) localdomain systemd- udevd[168834] : Using default interface naming scheme 'rhel-8.0'. localdomain systemd- udevd[168834] : link_config: autonegotiation is unset or enabled, the speed and duplex are not writable. localdomain systemd- udevd[168834] : Could not generate persistent MAC address for qbr58ee300d-6b: No such file or directory
Apr 01 10:07:46 standalone.
Apr 01 10:07:46 standalone.
Apr 01 10:07:46 standalone.
A quick search brings up what appears to be a related systemd issue [4]. The fix for this issue was included in systemd v242 [5]. This machine has systemd 239-44.el8 [6]:
systemd.x86_64 239-44.el8 @baseos container. x86_64 239-44.el8 @quickstart- centos- base libs.x86_ 64 239-44.el8 @System pam.x86_ 64 239-44.el8 @baseos udev.x86_ 64 239-44.el8 @baseos
systemd-
systemd-
systemd-
systemd-
So my money is on this being a systemd bug that we need fixes for CentOS 8/Stream.
[1] https:/ /logserver. rdoproject. org/openstack- periodic- integration- main/opendev. org/openstack/ tripleo- ci/master/ periodic- tripleo- ci-centos- 8-scenario007- standalone- master/ df5f2e4/ logs/undercloud /var/log/ extra/errors. txt.txt. gz /logserver. rdoproject. org/openstack- periodic- integration- main/opendev. org/openstack/ tripleo- ci/master/ periodic- tripleo- ci-centos- 8-scenario007- standalone- master/ df5f2e4/ logs/undercloud /var/log/ secure. txt.gz /logserver. rdoproject. org/openstack- periodic- integration- main/opendev. org/openstack/ tripleo- ci/master/ periodic- tripleo- ci-centos- 8-scenario007- standalone- master/ df5f2e4/ logs/undercloud /var/log/ extra/journal. txt.gz /github. com/systemd/ systemd/ issues/ 3374#issuecomme nt-283665247 /github. com/systemd/ systemd/ commit/ 6d36464065601f7 9a352367cf099be 8907d8f9aa /logserver. rdoproject. org/openstack- periodic- integration- main/opendev. org/openstack/ tripleo- ci/master/ periodic- tripleo- ci-centos- 8-scenario007- standalone- master/ df5f2e4/ logs/undercloud /var/log/ extra/package- list-installed. txt.gz
[2] https:/
[3] https:/
[4] https:/
[5] https:/
[6] https:/