Public bug reported: I had following settings when I want to enable inject feature in nova. [libvirt] inject_partition = -1 inject_key = True
But nova-compute service will raise following exception 2015-10-20 07:12:57.318 ERROR nova.virt.libvirt.driver [req-777e2fe1-a4f0-4c16-bb71-ee34e59aa2ba admin admin] [instance: b2d39549-96d5-42c6-bdab-a0cee10b24bb] Error injecting data into image 865c98b5-ffd7-4f32-b1af-07b273fcc07d (libguestfs installed but not usable (/usr/bin/supermin-helper exited with error status 1. To see full error messages you may need to enable debugging. See http://libguestfs.org/guestfs-faq.1.html#debugging-libguestfs)) 2015-10-20 07:12:57.319 ERROR nova.compute.manager [req-777e2fe1-a4f0-4c16-bb71-ee34e59aa2ba admin admin] [instance: b2d39549-96d5-42c6-bdab-a0cee10b24bb] Instance failed to spawn 2015-10-20 07:12:57.319 TRACE nova.compute.manager [instance: b2d39549-96d5-42c6-bdab-a0cee10b24bb] Traceback (most recent call last): 2015-10-20 07:12:57.319 TRACE nova.compute.manager [instance: b2d39549-96d5-42c6-bdab-a0cee10b24bb] File "/opt/stack/nova/nova/compute/manager.py", line 2172, in _build_resources 2015-10-20 07:12:57.319 TRACE nova.compute.manager [instance: b2d39549-96d5-42c6-bdab-a0cee10b24bb] yield resources 2015-10-20 07:12:57.319 TRACE nova.compute.manager [instance: b2d39549-96d5-42c6-bdab-a0cee10b24bb] File "/opt/stack/nova/nova/compute/manager.py", line 2019, in _build_and_run_instance 2015-10-20 07:12:57.319 TRACE nova.compute.manager [instance: b2d39549-96d5-42c6-bdab-a0cee10b24bb] block_device_info=block_device_info) 2015-10-20 07:12:57.319 TRACE nova.compute.manager [instance: b2d39549-96d5-42c6-bdab-a0cee10b24bb] File "/opt/stack/nova/nova/virt/libvirt/driver.py", line 2437, in spawn 2015-10-20 07:12:57.319 TRACE nova.compute.manager [instance: b2d39549-96d5-42c6-bdab-a0cee10b24bb] admin_pass=admin_password) 2015-10-20 07:12:57.319 TRACE nova.compute.manager [instance: b2d39549-96d5-42c6-bdab-a0cee10b24bb] File "/opt/stack/nova/nova/virt/libvirt/driver.py", line 2969, in _create_image 2015-10-20 07:12:57.319 TRACE nova.compute.manager [instance: b2d39549-96d5-42c6-bdab-a0cee10b24bb] instance, network_info, admin_pass, files, suffix) 2015-10-20 07:12:57.319 TRACE nova.compute.manager [instance: b2d39549-96d5-42c6-bdab-a0cee10b24bb] File "/opt/stack/nova/nova/virt/libvirt/driver.py", line 2778, in _inject_data 2015-10-20 07:12:57.319 TRACE nova.compute.manager [instance: b2d39549-96d5-42c6-bdab-a0cee10b24bb] instance=instance) 2015-10-20 07:12:57.319 TRACE nova.compute.manager [instance: b2d39549-96d5-42c6-bdab-a0cee10b24bb] File "/usr/local/lib/python2.7/dist-packages/oslo_utils/excutils.py", line 195, in __exit__ 2015-10-20 07:12:57.319 TRACE nova.compute.manager [instance: b2d39549-96d5-42c6-bdab-a0cee10b24bb] six.reraise(self.type_, self.value, self.tb) 2015-10-20 07:12:57.319 TRACE nova.compute.manager [instance: b2d39549-96d5-42c6-bdab-a0cee10b24bb] File "/opt/stack/nova/nova/virt/libvirt/driver.py", line 2772, in _inject_data 2015-10-20 07:12:57.319 TRACE nova.compute.manager [instance: b2d39549-96d5-42c6-bdab-a0cee10b24bb] mandatory=('files',)) 2015-10-20 07:12:57.319 TRACE nova.compute.manager [instance: b2d39549-96d5-42c6-bdab-a0cee10b24bb] File "/opt/stack/nova/nova/virt/disk/api.py", line 414, in inject_data 2015-10-20 07:12:57.319 TRACE nova.compute.manager [instance: b2d39549-96d5-42c6-bdab-a0cee10b24bb] fs = vfs.VFS.instance_for_image(image, partition) 2015-10-20 07:12:57.319 TRACE nova.compute.manager [instance: b2d39549-96d5-42c6-bdab-a0cee10b24bb] File "/opt/stack/nova/nova/virt/disk/vfs/api.py", line 62, in instance_for_image 2015-10-20 07:12:57.319 TRACE nova.compute.manager [instance: b2d39549-96d5-42c6-bdab-a0cee10b24bb] vfs.inspect_capabilities() 2015-10-20 07:12:57.319 TRACE nova.compute.manager [instance: b2d39549-96d5-42c6-bdab-a0cee10b24bb] File "/opt/stack/nova/nova/virt/disk/vfs/guestfs.py", line 89, in inspect_capabilities 2015-10-20 07:12:57.319 TRACE nova.compute.manager [instance: b2d39549-96d5-42c6-bdab-a0cee10b24bb] _("libguestfs installed but not usable (%s)") % e) 2015-10-20 07:12:57.319 TRACE nova.compute.manager [instance: b2d39549-96d5-42c6-bdab-a0cee10b24bb] NovaException: libguestfs installed but not usable (/usr/bin/supermin-helper exited with error status 1. 2015-10-20 07:12:57.319 TRACE nova.compute.manager [instance: b2d39549-96d5-42c6-bdab-a0cee10b24bb] To see full error messages you may need to enable debugging. 2015-10-20 07:12:57.319 TRACE nova.compute.manager [instance: b2d39549-96d5-42c6-bdab-a0cee10b24bb] See http://libguestfs.org/guestfs-faq.1.html#debugging-libguestfs) 2015-10-20 07:12:57.319 TRACE nova.compute.manager [instance: b2d39549-96d5-42c6-bdab-a0cee10b24bb] 2015-10-20 07:12:57.322 INFO nova.compute.manager [req-777e2fe1-a4f0-4c16-bb71-ee34e59aa2ba admin admin] [instance: b2d39549-96d5-42c6-bdab-a0cee10b24bb] Terminating instance Why guestfs will inspect capabilities fail? Because of host's kernel only allow root user had read/write permission. If compute-service didn't had read permission then it will launch image fail. In libguestfs offical FAQ site had point out this issue, following is the link http://libguestfs.org/guestfs-faq.1.html#binaries It had suggested users to change host's kernel permission. You can also check result by guestfish command: > export LIBGUESTFS_DEBUG=1 > export LIBGUESTFS_TRACE=1 > guestfish -a /dev/null <fs> launch ... ... /usr/bin/supermin-helper: open: /boot/vmlinuz-3.13.0-55-generic: Permission denied libguestfs: error: /usr/bin/supermin-helper exited with error status 1, see debug messages above ... ... We can have three way to resolve this problem. 1. Open service in root permission 2. Change kernel's permission in compute-service 3. Check whether service had permission to read kernel. Suggest users to modify permission instead directly modify permission. Then users need to manually change kernel's permission. We shouldn't open service in root permission, therefore first way shouldn't been accepted. It will probably have security issue if service can directly change file's permission. At last, I prefer third way. Because of this issue will only happen in ubuntu os and previous reasons. libguestfs-tools 1:1.24.5-1 ** Affects: nova Importance: Undecided Assignee: Chung Chih, Hung (lyanchih) Status: New ** Changed in: nova Assignee: (unassigned) => Chung Chih, Hung (lyanchih) -- You received this bug notification because you are a member of Yahoo! Engineering Team, which is subscribed to OpenStack Compute (nova). https://bugs.launchpad.net/bugs/1507915 Title: libguestfs launch image failed in ubuntu Status in OpenStack Compute (nova): New Bug description: I had following settings when I want to enable inject feature in nova. [libvirt] inject_partition = -1 inject_key = True But nova-compute service will raise following exception 2015-10-20 07:12:57.318 ERROR nova.virt.libvirt.driver [req-777e2fe1-a4f0-4c16-bb71-ee34e59aa2ba admin admin] [instance: b2d39549-96d5-42c6-bdab-a0cee10b24bb] Error injecting data into image 865c98b5-ffd7-4f32-b1af-07b273fcc07d (libguestfs installed but not usable (/usr/bin/supermin-helper exited with error status 1. To see full error messages you may need to enable debugging. See http://libguestfs.org/guestfs-faq.1.html#debugging-libguestfs)) 2015-10-20 07:12:57.319 ERROR nova.compute.manager [req-777e2fe1-a4f0-4c16-bb71-ee34e59aa2ba admin admin] [instance: b2d39549-96d5-42c6-bdab-a0cee10b24bb] Instance failed to spawn 2015-10-20 07:12:57.319 TRACE nova.compute.manager [instance: b2d39549-96d5-42c6-bdab-a0cee10b24bb] Traceback (most recent call last): 2015-10-20 07:12:57.319 TRACE nova.compute.manager [instance: b2d39549-96d5-42c6-bdab-a0cee10b24bb] File "/opt/stack/nova/nova/compute/manager.py", line 2172, in _build_resources 2015-10-20 07:12:57.319 TRACE nova.compute.manager [instance: b2d39549-96d5-42c6-bdab-a0cee10b24bb] yield resources 2015-10-20 07:12:57.319 TRACE nova.compute.manager [instance: b2d39549-96d5-42c6-bdab-a0cee10b24bb] File "/opt/stack/nova/nova/compute/manager.py", line 2019, in _build_and_run_instance 2015-10-20 07:12:57.319 TRACE nova.compute.manager [instance: b2d39549-96d5-42c6-bdab-a0cee10b24bb] block_device_info=block_device_info) 2015-10-20 07:12:57.319 TRACE nova.compute.manager [instance: b2d39549-96d5-42c6-bdab-a0cee10b24bb] File "/opt/stack/nova/nova/virt/libvirt/driver.py", line 2437, in spawn 2015-10-20 07:12:57.319 TRACE nova.compute.manager [instance: b2d39549-96d5-42c6-bdab-a0cee10b24bb] admin_pass=admin_password) 2015-10-20 07:12:57.319 TRACE nova.compute.manager [instance: b2d39549-96d5-42c6-bdab-a0cee10b24bb] File "/opt/stack/nova/nova/virt/libvirt/driver.py", line 2969, in _create_image 2015-10-20 07:12:57.319 TRACE nova.compute.manager [instance: b2d39549-96d5-42c6-bdab-a0cee10b24bb] instance, network_info, admin_pass, files, suffix) 2015-10-20 07:12:57.319 TRACE nova.compute.manager [instance: b2d39549-96d5-42c6-bdab-a0cee10b24bb] File "/opt/stack/nova/nova/virt/libvirt/driver.py", line 2778, in _inject_data 2015-10-20 07:12:57.319 TRACE nova.compute.manager [instance: b2d39549-96d5-42c6-bdab-a0cee10b24bb] instance=instance) 2015-10-20 07:12:57.319 TRACE nova.compute.manager [instance: b2d39549-96d5-42c6-bdab-a0cee10b24bb] File "/usr/local/lib/python2.7/dist-packages/oslo_utils/excutils.py", line 195, in __exit__ 2015-10-20 07:12:57.319 TRACE nova.compute.manager [instance: b2d39549-96d5-42c6-bdab-a0cee10b24bb] six.reraise(self.type_, self.value, self.tb) 2015-10-20 07:12:57.319 TRACE nova.compute.manager [instance: b2d39549-96d5-42c6-bdab-a0cee10b24bb] File "/opt/stack/nova/nova/virt/libvirt/driver.py", line 2772, in _inject_data 2015-10-20 07:12:57.319 TRACE nova.compute.manager [instance: b2d39549-96d5-42c6-bdab-a0cee10b24bb] mandatory=('files',)) 2015-10-20 07:12:57.319 TRACE nova.compute.manager [instance: b2d39549-96d5-42c6-bdab-a0cee10b24bb] File "/opt/stack/nova/nova/virt/disk/api.py", line 414, in inject_data 2015-10-20 07:12:57.319 TRACE nova.compute.manager [instance: b2d39549-96d5-42c6-bdab-a0cee10b24bb] fs = vfs.VFS.instance_for_image(image, partition) 2015-10-20 07:12:57.319 TRACE nova.compute.manager [instance: b2d39549-96d5-42c6-bdab-a0cee10b24bb] File "/opt/stack/nova/nova/virt/disk/vfs/api.py", line 62, in instance_for_image 2015-10-20 07:12:57.319 TRACE nova.compute.manager [instance: b2d39549-96d5-42c6-bdab-a0cee10b24bb] vfs.inspect_capabilities() 2015-10-20 07:12:57.319 TRACE nova.compute.manager [instance: b2d39549-96d5-42c6-bdab-a0cee10b24bb] File "/opt/stack/nova/nova/virt/disk/vfs/guestfs.py", line 89, in inspect_capabilities 2015-10-20 07:12:57.319 TRACE nova.compute.manager [instance: b2d39549-96d5-42c6-bdab-a0cee10b24bb] _("libguestfs installed but not usable (%s)") % e) 2015-10-20 07:12:57.319 TRACE nova.compute.manager [instance: b2d39549-96d5-42c6-bdab-a0cee10b24bb] NovaException: libguestfs installed but not usable (/usr/bin/supermin-helper exited with error status 1. 2015-10-20 07:12:57.319 TRACE nova.compute.manager [instance: b2d39549-96d5-42c6-bdab-a0cee10b24bb] To see full error messages you may need to enable debugging. 2015-10-20 07:12:57.319 TRACE nova.compute.manager [instance: b2d39549-96d5-42c6-bdab-a0cee10b24bb] See http://libguestfs.org/guestfs-faq.1.html#debugging-libguestfs) 2015-10-20 07:12:57.319 TRACE nova.compute.manager [instance: b2d39549-96d5-42c6-bdab-a0cee10b24bb] 2015-10-20 07:12:57.322 INFO nova.compute.manager [req-777e2fe1-a4f0-4c16-bb71-ee34e59aa2ba admin admin] [instance: b2d39549-96d5-42c6-bdab-a0cee10b24bb] Terminating instance Why guestfs will inspect capabilities fail? Because of host's kernel only allow root user had read/write permission. If compute-service didn't had read permission then it will launch image fail. In libguestfs offical FAQ site had point out this issue, following is the link http://libguestfs.org/guestfs-faq.1.html#binaries It had suggested users to change host's kernel permission. You can also check result by guestfish command: > export LIBGUESTFS_DEBUG=1 > export LIBGUESTFS_TRACE=1 > guestfish -a /dev/null <fs> launch ... ... /usr/bin/supermin-helper: open: /boot/vmlinuz-3.13.0-55-generic: Permission denied libguestfs: error: /usr/bin/supermin-helper exited with error status 1, see debug messages above ... ... We can have three way to resolve this problem. 1. Open service in root permission 2. Change kernel's permission in compute-service 3. Check whether service had permission to read kernel. Suggest users to modify permission instead directly modify permission. Then users need to manually change kernel's permission. We shouldn't open service in root permission, therefore first way shouldn't been accepted. It will probably have security issue if service can directly change file's permission. At last, I prefer third way. Because of this issue will only happen in ubuntu os and previous reasons. libguestfs-tools 1:1.24.5-1 To manage notifications about this bug go to: https://bugs.launchpad.net/nova/+bug/1507915/+subscriptions -- Mailing list: https://launchpad.net/~yahoo-eng-team Post to : yahoo-eng-team@lists.launchpad.net Unsubscribe : https://launchpad.net/~yahoo-eng-team More help : https://help.launchpad.net/ListHelp
