| Summary: | live migrations from 5 to 6 are failing with selinux disabled | ||
|---|---|---|---|
| Product: | Red Hat OpenStack | Reporter: | Jack Waterworth <jwaterwo> |
| Component: | openstack-nova | Assignee: | Eoghan Glynn <eglynn> |
| Status: | CLOSED NOTABUG | QA Contact: | nlevinki <nlevinki> |
| Severity: | high | Docs Contact: | |
| Priority: | unspecified | ||
| Version: | 5.0 (RHEL 6) | CC: | berrange, dasmith, eglynn, kchamart, ndipanov, sbauza, sferdjao, sgordon, vromanso, yeylon |
| Target Milestone: | --- | Keywords: | Unconfirmed, ZStream |
| Target Release: | 8.0 (Liberty) | ||
| Hardware: | All | ||
| OS: | Linux | ||
| Whiteboard: | |||
| Fixed In Version: | Doc Type: | Bug Fix | |
| Doc Text: | Story Points: | --- | |
| Clone Of: | Environment: | ||
| Last Closed: | 2016-02-12 15:32:20 UTC | Type: | Bug |
| Regression: | --- | Mount Type: | --- |
| Documentation: | --- | CRM: | |
| Verified Versions: | Category: | --- | |
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
| Cloudforms Team: | --- | Target Upstream Version: | |
i should clarify that selinux is DISABLE on the source, but PERMISSIVE on the target. |
Description of problem: live migrations from 5 to 6 are failing with selinux disabled Version-Release number of selected component (if applicable): source compute: rhel 6.5 libvirt-0.10.2-54.el6.x86_64 libvirt-client-0.10.2-54.el6.x86_64 libvirt-python-0.10.2-54.el6.x86_64 target compute: rhel 7.1 libvirt-1.2.8-16.el7.x86_64 libvirt-client-1.2.8-16.el7.x86_64 libvirt-python-1.2.8-7.el7.x86_64 How reproducible: every time Steps to Reproduce: 1. Disable selinux on source 2. Attempt to live migrate instance Actual results: live migration fails with error 2016-02-04 08:34:52.766 27698 ERROR nova.virt.libvirt.driver [-] [instance: 044f3270-b614-49ce-b8d0-21c39b47fea0] Live Migration failure: unsupported configuration: Unable to find security driver for label none Expected results: migration should not fail Additional info: problematic instance: 044f3270-b614-49ce-b8d0-21c39b47fea0 ----------------------- 2016-02-04 07:41:52.195 27698 WARNING nova.virt.libvirt.driver [-] [instance: 044f3270-b614-49ce-b8d0-21c39b47fea0] An error occurred trying to live migrate. Falling back to legacy live migrate flow. Error: unsupported configuration: Unable to find security driver for label none 2016-02-04 07:41:52.196 27698 WARNING nova.virt.libvirt.driver [-] Your libvirt version does not support the VIR_DOMAIN_XML_MIGRATABLE flag, and the graphics (VNC and/or SPICE) listen addresses on the destination node do not match the addresses on the source node. Since the source node has listen addresses set to either the catch-all address (0.0.0.0 or ::) or the local address (127.0.0.1 or ::1), the live migration will succeed, but the VM will continue to listen on the current addresses. 2016-02-04 07:41:52.339 27698 ERROR nova.virt.libvirt.driver [-] [instance: 044f3270-b614-49ce-b8d0-21c39b47fea0] Live Migration failure: unsupported configuration: Unable to find security driver for label none ----------------------- 2016-02-04 08:34:52.645 27698 WARNING nova.virt.libvirt.driver [-] [instance: 044f3270-b614-49ce-b8d0-21c39b47fea0] An error occurred trying to live migrate. Falling back to legacy live migrate flow. Error: unsupported configuration: Unable to find security driver for label none 2016-02-04 08:34:52.646 27698 WARNING nova.virt.libvirt.driver [-] Your libvirt version does not support the VIR_DOMAIN_XML_MIGRATABLE flag, and the graphics (VNC and/or SPICE) listen addresses on the destination node do not match the addresses on the source node. Since the source node has listen addresses set to either the catch-all address (0.0.0.0 or ::) or the local address (127.0.0.1 or ::1), the live migration will succeed, but the VM will continue to listen on the current addresses. 2016-02-04 08:34:52.766 27698 ERROR nova.virt.libvirt.driver [-] [instance: 044f3270-b614-49ce-b8d0-21c39b47fea0] Live Migration failure: unsupported configuration: Unable to find security driver for label none ----------------------- additionally, this appears to be a known issue with RHEV, but i am uncertain if the same applies to openstack: Virtual machine fails to start or migrate on Red Hat Enterprise Virtualization https://access.redhat.com/solutions/650773