Bug 2002272

Summary: Unable to LiveMigrate a VM with nonroot VirtLauncher Pod
Product: Container Native Virtualization (CNV) Reporter: Kedar Bidarkar <kbidarka>
Component: VirtualizationAssignee: lpivarc
Status: CLOSED ERRATA QA Contact: Kedar Bidarkar <kbidarka>
Severity: high Docs Contact:
Priority: high    
Version: 4.9.0CC: cnv-qe-bugs, lpivarc
Target Milestone: ---   
Target Release: 4.10.0   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: Doc Type: If docs needed, set a value
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2022-03-16 15:55:26 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Kedar Bidarkar 2021-09-08 11:50:23 UTC 
Description of problem:
Unable to LiveMigrate a VM with Nonroot-VirtLauncher Pod

Version-Release number of selected component (if applicable):
CNV-4.9.0

How reproducible:
Always

Steps to Reproduce:
1. With nonroot VirtLauncher Pod set in FeatureGates
2. with volumeMode as Block ( ceph-rbd)
3.

Actual results:
Live Migration fails with nonroot-virtlauncher Pods.

---
reason:Live migration failed error encountered during MigrateToURI3 libvirt api call: virError(Code=9, Domain=10, Message='operation failed: Failed to connect to remote libvirt URI qemu+unix:///session?socket=/var/run/kubevirt/migrationproxy/d0d123d8-86c8-4411-9b50-f4da67216d9b-source.sock: Failed to connect socket to '/var/run/kubevirt/migrationproxy/d0d123d8-86c8-4411-9b50-f4da67216d9b-source.sock': Permission denied')

Expected results:

Live Migration is successful

Additional info:

Events:
  Type     Reason            Age                  From                         Message
  ----     ------            ----                 ----                         -------
  Normal   SuccessfulCreate  168m                 disruptionbudget-controller  Created PodDisruptionBudget kubevirt-disruption-budget-9gx4x
  Normal   SuccessfulCreate  168m                 virtualmachine-controller    Created virtual machine pod virt-launcher-vm2-rhel84-ocs-fnl56
  Normal   Started           165m                 virt-handler                 VirtualMachineInstance started.
  Normal   SuccessfulCreate  158m                 virtualmachine-controller    Created PodDisruptionBudget kubevirt-migration-pdb-migrate-job-vm2-rhel84-ocs
  Normal   PreparingTarget   158m                 virt-handler                 Migration Target is listening at 10.129.2.2, on ports: 32915,44191,37397
  Normal   Migrating         158m                 virt-handler                 VirtualMachineInstance is migrating.
  Normal   PreparingTarget   158m (x2 over 158m)  virt-handler                 VirtualMachineInstance Migration Target Prepared.
  Warning  SyncFailed        155m                 virt-handler                 server error. command Migrate failed: "migration job already executed"
  Warning  Migrated          155m                 virt-handler                 VirtualMachineInstance migration uid dba0b477-e80f-43bb-86e5-50282bfeba25 failed. reason:Live migration failed error encountered during MigrateToURI3 libvirt api call: virError(Code=9, Domain=10, Message='operation failed: Failed to connect to remote libvirt URI qemu+unix:///session?socket=/var/run/kubevirt/migrationproxy/d0d123d8-86c8-4411-9b50-f4da67216d9b-source.sock: Failed to connect socket to '/var/run/kubevirt/migrationproxy/d0d123d8-86c8-4411-9b50-f4da67216d9b-source.sock': Permission denied')
  Normal   SuccessfulDelete  155m                 disruptionbudget-controller  Deleted PodDisruptionBudget kubevirt-migration-pdb-migrate-job-vm2-rhel84-ocs
Comment 2 Kedar Bidarkar 2021-12-05 15:50:06 UTC 
Was able to LiveMigrate a VMI with NonRoot-Virtlauncher pod successfully with both DV in FileSystem (NFS)  and Block (OCS-RBD)  VolumeMode.

VERIFIED with container-native-virtualization/virt-operator/images/v4.10.0-123
Comment 7 errata-xmlrpc 2022-03-16 15:55:26 UTC 
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory (Moderate: OpenShift Virtualization 4.10.0 Images security and bug fix update), and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHSA-2022:0947