Ask Your Question
1

Nova-compute does not work with docker "hypervisor".

asked 2014-11-03 08:23:25 -0500

yHuKyM gravatar image

updated 2014-11-03 08:29:07 -0500

I have 2 node setup. One is controller, one is compute. On the compute node I have docker installed as hypervisor, with the appropriate driver. Followed the how-to from here: https://wiki.openstack.org/wiki/Docker I do not want to go the docker-heat way.

I am using Ubuntu 14.04 + Icehouse on both nodes.

This is my /etc/nova/nova.conf on the compute host:

[DEFAULT]
dhcpbridge_flagfile=/etc/nova/nova.conf
dhcpbridge=/usr/bin/nova-dhcpbridge
logdir=/var/log/nova
state_path=/var/lib/nova
lock_path=/var/lock/nova
force_dhcp_release=True
iscsi_helper=tgtadm
libvirt_use_virtio_for_bridges=True
connection_type=libvirt
root_helper=sudo nova-rootwrap /etc/nova/rootwrap.conf
verbose=True
ec2_private_dns_show_ip=True
api_paste_config=/etc/nova/api-paste.ini
volumes_path=/var/lib/nova/volumes
enabled_apis=ec2,osapi_compute,metadata

auth_strategy = keystone
rpc_backend = rabbit
rabbit_host = sta-controller-1
rabbit_password = password
my_ip = 10.248.0.111
vnc_enabled = True
vncserver_listen = 0.0.0.0
vncserver_proxyclient_address = 10.248.0.111
novncproxy_base_url = http://192.168.248.8:6080/vnc_auto.html
glance_host = sta-controller-1

compute_driver = novadocker.virt.docker.DockerDriver

scheduler_default_filters = ComputeFilter

[database]
connection = mysql://nova:password@sta-controller-1/nova

[keystone_authtoken]
auth_uri = http://sta-controller-1:5000
auth_host = sta-controller-1
auth_port = 35357
auth_protocol = http
admin_tenant_name = service
admin_user = nova
admin_password = password

I managed to start a container with "nova boot .....". Then I called it the day. I came back the next morning and was unable to start another container. The nova-compute service was dead, and does not want to start again. It complains about libvirt, and does not want to use docker any more. This is the log:

2014-11-03 15:50:46.644 26436 ERROR nova.virt.libvirt.driver [-] Connection to libvirt failed: Failed to connect socket to '/var/run/libvirt/libvirt-sock': Permission denied
2014-11-03 15:50:46.644 26436 TRACE nova.virt.libvirt.driver Traceback (most recent call last):
2014-11-03 15:50:46.644 26436 TRACE nova.virt.libvirt.driver   File "/usr/lib/python2.7/dist-packages/nova/virt/libvirt/driver.py", line 789, in _connect
2014-11-03 15:50:46.644 26436 TRACE nova.virt.libvirt.driver     libvirt.openAuth, uri, auth, flags)
2014-11-03 15:50:46.644 26436 TRACE nova.virt.libvirt.driver   File "/usr/lib/python2.7/dist-packages/eventlet/tpool.py", line 139, in proxy_call
2014-11-03 15:50:46.644 26436 TRACE nova.virt.libvirt.driver     rv = execute(f,*args,**kwargs)
2014-11-03 15:50:46.644 26436 TRACE nova.virt.libvirt.driver   File "/usr/lib/python2.7/dist-packages/eventlet/tpool.py", line 77, in tworker
2014-11-03 15:50:46.644 26436 TRACE nova.virt.libvirt.driver     rv = meth(*args,**kwargs)
2014-11-03 15:50:46.644 26436 TRACE nova.virt.libvirt.driver   File "/usr/lib/python2.7/dist-packages/libvirt.py", line 105, in openAuth
2014-11-03 15:50:46.644 26436 TRACE nova.virt.libvirt.driver     if ret is None:raise libvirtError('virConnectOpenAuth() failed')
2014-11-03 15:50:46.644 26436 TRACE nova.virt.libvirt.driver libvirtError: Failed to connect socket to '/var/run/libvirt/libvirt-sock': Permission denied
2014-11-03 15:50:46.644 26436 TRACE nova.virt.libvirt.driver 
2014-11-03 15:50:46.731 26436 ERROR nova.openstack.common.threadgroup [-] Connection to the hypervisor is ...
(more)
edit retag flag offensive close merge delete

2 answers

Sort by ยป oldest newest most voted
1

answered 2014-11-03 09:02:10 -0500

yHuKyM gravatar image

updated 2014-11-03 09:05:30 -0500

It turns out, that there is config file /etc/nova/nova-compute.conf which should also contain:

[DEFAULT]
compute_driver=novadocker.virt.docker.DockerDriver
#[libvirt]
#virt_type=kvm

This has fixed the issue.

edit flag offensive delete link more
0

answered 2014-11-03 08:52:53 -0500

rajiv-kumar gravatar image

updated 2014-11-03 21:27:51 -0500

By looking at the log provided by you, it seems you have permission issue with socket created for the communication. Give all the permissions to /var/run/libvirt/libvirt-sock using chmod.

sudo chmod 777 /var/run/libvirt/libvirt-sock

I guess, it worked first time because you had superuser permission when you run it. But next time, when you started nova-compute then it did not have that permission.

edit flag offensive delete link more

Comments

1

Not a sollution. Nova-compute is not supposed to need access to libvirt socket, it shouldn't use libvirt at all.

yHuKyM gravatar imageyHuKyM ( 2014-11-03 09:03:49 -0500 )edit

If it is the case then why did it work first time as you mentioned in questions. What i think is, when you started nova-compute you had super user permission or the permission that had permission on the socket. But next time when you run it, it did not have those permission.

rajiv-kumar gravatar imagerajiv-kumar ( 2014-11-03 21:24:33 -0500 )edit
1

That's not it either. Every time (first time included) the service was started with:

sudo service nova-compute restart
yHuKyM gravatar imageyHuKyM ( 2014-11-04 01:53:35 -0500 )edit

Could you try load Nova-Docker container based on https://registry.hub.docker.com/u/ras... then ssh to it from remote host && verify internet access inside container ?

dbaxps gravatar imagedbaxps ( 2015-01-16 02:23:55 -0500 )edit

I tested the recent version on Nova-Docker driver on RDO Juno (AIO) node ( http://www.linux.com/community/blogs/... ) and it works fine no matter of

[libvirt]
virt_type=kvm
dbaxps gravatar imagedbaxps ( 2015-01-16 02:26:27 -0500 )edit

Your Answer

Please start posting anonymously - your entry will be published after you log in or create a new account.

Add Answer

Get to know Ask OpenStack

Resources for moderators

Question Tools

1 follower

Stats

Asked: 2014-11-03 08:23:25 -0500

Seen: 1,957 times

Last updated: Nov 03 '14