973160 – Can't start instances - could not open disk image

Bug 973160 - Can't start instances - could not open disk image

Summary: Can't start instances - could not open disk image

Keywords:
Status:	CLOSED DUPLICATE of bug 915349
Alias:	None
Product:	Red Hat OpenStack
Classification:	Red Hat
Component:	openstack-nova
Sub Component:
Version:	3.0
Hardware:	Unspecified
OS:	Unspecified
Priority:	high
Severity:	high
Target Milestone:	---
Target Release:	4.0
Assignee:	RHOS Maint
QA Contact:	Ami Jeain
Docs Contact:
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+	depends on / blocked

Reported:	2013-06-11 11:58 UTC by Daniel Paikov
Modified:	2019-09-09 14:50 UTC (History)
CC List:	7 users (show)
Fixed In Version:
Doc Type:	Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed:	2013-06-11 14:07:05 UTC
Target Upstream Version:
Embargoed:

Attachments	(Terms of Use)
nova logs (21.71 KB, application/x-gunzip) 2013-06-11 11:58 UTC, Daniel Paikov	no flags	Details
libvirtd logs (2.78 MB, application/x-gunzip) 2013-06-11 11:59 UTC, Daniel Paikov	no flags	Details
View All

Description Daniel Paikov 2013-06-11 11:58:28 UTC

Created attachment 759585 [details]
nova logs

Starting instances fails with the following error:


2013-06-11 14:53:16.551 INFO nova.virt.libvirt.driver [req-32313fbc-66bd-4fd3-b65a-f9da3a1f7010 8e65bd9c41154a76906dd78c6fc45401 61ff151532454ee38eb72fc0e0df687b] [instance: b6d28a14-9e24-49f7-80ef-cb07f1fd9712] Injecting key into image 75f9a7f7-4dd1-49ab-a461-7b8cdfc4b8c2
2013-06-11 14:53:41.880 ERROR nova.compute.manager [req-32313fbc-66bd-4fd3-b65a-f9da3a1f7010 8e65bd9c41154a76906dd78c6fc45401 61ff151532454ee38eb72fc0e0df687b] [instance: b6d28a14-9e24-49f7-80ef-cb07f1fd9712] Instance failed to spawn
2013-06-11 14:53:41.880 25165 TRACE nova.compute.manager [instance: b6d28a14-9e24-49f7-80ef-cb07f1fd9712] Traceback (most recent call last):
2013-06-11 14:53:41.880 25165 TRACE nova.compute.manager [instance: b6d28a14-9e24-49f7-80ef-cb07f1fd9712]   File "/usr/lib/python2.6/site-packages/nova/compute/manager.py", line 1103, in _spawn
2013-06-11 14:53:41.880 25165 TRACE nova.compute.manager [instance: b6d28a14-9e24-49f7-80ef-cb07f1fd9712]     block_device_info)
2013-06-11 14:53:41.880 25165 TRACE nova.compute.manager [instance: b6d28a14-9e24-49f7-80ef-cb07f1fd9712]   File "/usr/lib/python2.6/site-packages/nova/virt/libvirt/driver.py", line 1527, in spawn
2013-06-11 14:53:41.880 25165 TRACE nova.compute.manager [instance: b6d28a14-9e24-49f7-80ef-cb07f1fd9712]     block_device_info)
2013-06-11 14:53:41.880 25165 TRACE nova.compute.manager [instance: b6d28a14-9e24-49f7-80ef-cb07f1fd9712]   File "/usr/lib/python2.6/site-packages/nova/virt/libvirt/driver.py", line 2443, in _create_domain_and_network
2013-06-11 14:53:41.880 25165 TRACE nova.compute.manager [instance: b6d28a14-9e24-49f7-80ef-cb07f1fd9712]     domain = self._create_domain(xml, instance=instance)
2013-06-11 14:53:41.880 25165 TRACE nova.compute.manager [instance: b6d28a14-9e24-49f7-80ef-cb07f1fd9712]   File "/usr/lib/python2.6/site-packages/nova/virt/libvirt/driver.py", line 2404, in _create_domain
2013-06-11 14:53:41.880 25165 TRACE nova.compute.manager [instance: b6d28a14-9e24-49f7-80ef-cb07f1fd9712]     domain.createWithFlags(launch_flags)
2013-06-11 14:53:41.880 25165 TRACE nova.compute.manager [instance: b6d28a14-9e24-49f7-80ef-cb07f1fd9712]   File "/usr/lib/python2.6/site-packages/eventlet/tpool.py", line 187, in doit
2013-06-11 14:53:41.880 25165 TRACE nova.compute.manager [instance: b6d28a14-9e24-49f7-80ef-cb07f1fd9712]     result = proxy_call(self._autowrap, f, *args, **kwargs)
2013-06-11 14:53:41.880 25165 TRACE nova.compute.manager [instance: b6d28a14-9e24-49f7-80ef-cb07f1fd9712]   File "/usr/lib/python2.6/site-packages/eventlet/tpool.py", line 147, in proxy_call
2013-06-11 14:53:41.880 25165 TRACE nova.compute.manager [instance: b6d28a14-9e24-49f7-80ef-cb07f1fd9712]     rv = execute(f,*args,**kwargs)
2013-06-11 14:53:41.880 25165 TRACE nova.compute.manager [instance: b6d28a14-9e24-49f7-80ef-cb07f1fd9712]   File "/usr/lib/python2.6/site-packages/eventlet/tpool.py", line 76, in tworker
2013-06-11 14:53:41.880 25165 TRACE nova.compute.manager [instance: b6d28a14-9e24-49f7-80ef-cb07f1fd9712]     rv = meth(*args,**kwargs)
2013-06-11 14:53:41.880 25165 TRACE nova.compute.manager [instance: b6d28a14-9e24-49f7-80ef-cb07f1fd9712]   File "/usr/lib64/python2.6/site-packages/libvirt.py", line 708, in createWithFlags
2013-06-11 14:53:41.880 25165 TRACE nova.compute.manager [instance: b6d28a14-9e24-49f7-80ef-cb07f1fd9712]     if ret == -1: raise libvirtError ('virDomainCreateWithFlags() failed', dom=self)
2013-06-11 14:53:41.880 25165 TRACE nova.compute.manager [instance: b6d28a14-9e24-49f7-80ef-cb07f1fd9712] libvirtError: internal error Process exited while reading console log output: 2013-06-11 11:53:41.391+0000: 19649: debug : virFileClose:72 : Closed fd 21
2013-06-11 14:53:41.880 25165 TRACE nova.compute.manager [instance: b6d28a14-9e24-49f7-80ef-cb07f1fd9712] 2013-06-11 11:53:41.391+0000: 19649: debug : virFileClose:72 : Closed fd 28
2013-06-11 14:53:41.880 25165 TRACE nova.compute.manager [instance: b6d28a14-9e24-49f7-80ef-cb07f1fd9712] 2013-06-11 11:53:41.395+0000: 19649: debug : virFileClose:72 : Closed fd 3
2013-06-11 14:53:41.880 25165 TRACE nova.compute.manager [instance: b6d28a14-9e24-49f7-80ef-cb07f1fd9712] char device redirected to /dev/pts/1
2013-06-11 14:53:41.880 25165 TRACE nova.compute.manager [instance: b6d28a14-9e24-49f7-80ef-cb07f1fd9712] qemu-kvm: -drive file=/var/lib/nova/instances/b6d28a14-9e24-49f7-80ef-cb07f1fd9712/disk,if=none,id=drive-virtio-disk0,format=qcow2,cache=none: could not open disk image /var/lib/nova/instances/b6d28a14-9e24-49f7-80ef-cb07f1fd9712/disk: Permission denied

Comment 1 Daniel Paikov 2013-06-11 11:59:53 UTC

Created attachment 759586 [details]
libvirtd logs

Comment 3 Alan Pevec 2013-06-11 12:11:37 UTC

Please provide AVC denials from audit log and versions of:
openstack-nova
openstack-selinux
selinux-policy

Comment 4 Daniel Paikov 2013-06-11 12:26:51 UTC

openstack-nova-compute-2013.1.1-4.el6ost.noarch
openstack-selinux-0.1.2-10.el6ost.noarch
selinux-policy-3.7.19-195.el6_4.10.noarch

audit log looks like this:
Jun 11 14:53:41 orange-vdsf kernel: type=1400 audit(1370951621.471:71362): avc:  denied  { read } for  pid=19650 comm="qemu-kvm" name="65d7155bdf4f0c6506e4e81530c3ac18226f83f4" dev=dm-6 ino=2491669 scontext=unconfined_u:system_r:svirt_t:s0:c317,c815 tcontext=unconfined_u:object_r:nova_var_lib_t:s0 tclass=file
Jun 11 14:53:41 orange-vdsf kernel: type=1400 audit(1370951621.471:71363): avc:  denied  { getattr } for  pid=19650 comm="qemu-kvm" path="/var/lib/nova/instances/_base/65d7155bdf4f0c6506e4e81530c3ac18226f83f4" dev=dm-6 ino=2491669 scontext=unconfined_u:system_r:svirt_t:s0:c317,c815 tcontext=unconfined_u:object_r:nova_var_lib_t:s0 tclass=file
Jun 11 14:53:41 orange-vdsf kernel: type=1400 audit(1370951621.471:71364): avc:  denied  { read } for  pid=19650 comm="qemu-kvm" name="65d7155bdf4f0c6506e4e81530c3ac18226f83f4" dev=dm-6 ino=2491669 scontext=unconfined_u:system_r:svirt_t:s0:c317,c815 tcontext=unconfined_u:object_r:nova_var_lib_t:s0 tclass=file

Comment 5 Alan Pevec 2013-06-11 14:07:05 UTC

* from libvirtd.log

2013-06-11 10:04:19.715+0000: 30150: info : libvirt version: 0.10.2, package: 18.el6 (Red Hat, Inc. <http://bugzilla.redhat.com/bugzilla>, 2013-01-28-15:42:10, x86-003.build.bos.redhat.com)

You need latest 6.4.Z update >= libvirt-0.10.2-18.el6_4.2

*** This bug has been marked as a duplicate of bug 915349 ***

Note You need to log in before you can comment on or make changes to this bug.