Ask Your Question
1

Nova-compute does not work with docker "hypervisor".

asked 2014-11-03 08:23:25 -0500

yHuKyM gravatar image

updated 2014-11-03 08:29:07 -0500

I have 2 node setup. One is controller, one is compute. On the compute node I have docker installed as hypervisor, with the appropriate driver. Followed the how-to from here: https://wiki.openstack.org/wiki/Docker I do not want to go the docker-heat way.

I am using Ubuntu 14.04 + Icehouse on both nodes.

This is my /etc/nova/nova.conf on the compute host:

[DEFAULT]
dhcpbridge_flagfile=/etc/nova/nova.conf
dhcpbridge=/usr/bin/nova-dhcpbridge
logdir=/var/log/nova
state_path=/var/lib/nova
lock_path=/var/lock/nova
force_dhcp_release=True
iscsi_helper=tgtadm
libvirt_use_virtio_for_bridges=True
connection_type=libvirt
root_helper=sudo nova-rootwrap /etc/nova/rootwrap.conf
verbose=True
ec2_private_dns_show_ip=True
api_paste_config=/etc/nova/api-paste.ini
volumes_path=/var/lib/nova/volumes
enabled_apis=ec2,osapi_compute,metadata

auth_strategy = keystone
rpc_backend = rabbit
rabbit_host = sta-controller-1
rabbit_password = password
my_ip = 10.248.0.111
vnc_enabled = True
vncserver_listen = 0.0.0.0
vncserver_proxyclient_address = 10.248.0.111
novncproxy_base_url = http://192.168.248.8:6080/vnc_auto.html
glance_host = sta-controller-1

compute_driver = novadocker.virt.docker.DockerDriver

scheduler_default_filters = ComputeFilter

[database]
connection = mysql://nova:password@sta-controller-1/nova

[keystone_authtoken]
auth_uri = http://sta-controller-1:5000
auth_host = sta-controller-1
auth_port = 35357
auth_protocol = http
admin_tenant_name = service
admin_user = nova
admin_password = password

I managed to start a container with "nova boot .....". Then I called it the day. I came back the next morning and was unable to start another container. The nova-compute service was dead, and does not want to start again. It complains about libvirt, and does not want to use docker any more. This is the log:

2014-11-03 15:50:46.644 26436 ERROR nova.virt.libvirt.driver [-] Connection to libvirt failed: Failed to connect socket to '/var/run/libvirt/libvirt-sock': Permission denied
2014-11-03 15:50:46.644 26436 TRACE nova.virt.libvirt.driver Traceback (most recent call last):
2014-11-03 15:50:46.644 26436 TRACE nova.virt.libvirt.driver   File "/usr/lib/python2.7/dist-packages/nova/virt/libvirt/driver.py", line 789, in _connect
2014-11-03 15:50:46.644 26436 TRACE nova.virt.libvirt.driver     libvirt.openAuth, uri, auth, flags)
2014-11-03 15:50:46.644 26436 TRACE nova.virt.libvirt.driver   File "/usr/lib/python2.7/dist-packages/eventlet/tpool.py", line 139, in proxy_call
2014-11-03 15:50:46.644 26436 TRACE nova.virt.libvirt.driver     rv = execute(f,*args,**kwargs)
2014-11-03 15:50:46.644 26436 TRACE nova.virt.libvirt.driver   File "/usr/lib/python2.7/dist-packages/eventlet/tpool.py", line 77, in tworker
2014-11-03 15:50:46.644 26436 TRACE nova.virt.libvirt.driver     rv = meth(*args,**kwargs)
2014-11-03 15:50:46.644 26436 TRACE nova.virt.libvirt.driver   File "/usr/lib/python2.7/dist-packages/libvirt.py", line 105, in openAuth
2014-11-03 15:50:46.644 26436 TRACE nova.virt.libvirt.driver     if ret is None:raise libvirtError('virConnectOpenAuth() failed')
2014-11-03 15:50:46.644 26436 TRACE nova.virt.libvirt.driver libvirtError: Failed to connect socket to '/var/run/libvirt/libvirt-sock': Permission denied
2014-11-03 15:50:46.644 26436 TRACE nova.virt.libvirt.driver 
2014-11-03 15:50:46.731 26436 ERROR nova.openstack.common.threadgroup [-] Connection to the hypervisor is ...
(more)
edit retag flag offensive close merge delete
add a comment

2 answers

Sort by ยป oldest newest most voted
1

answered 2014-11-03 09:02:10 -0500

yHuKyM gravatar image

updated 2014-11-03 09:05:30 -0500

It turns out, that there is config file /etc/nova/nova-compute.conf which should also contain:

[DEFAULT]
compute_driver=novadocker.virt.docker.DockerDriver
#[libvirt]
#virt_type=kvm

This has fixed the issue.

edit flag offensive delete link more
add a comment
0

answered 2014-11-03 08:52:53 -0500

rajiv-kumar gravatar image

updated 2014-11-03 21:27:51 -0500

By looking at the log provided by you, it seems you have permission issue with socket created for the communication. Give all the permissions to /var/run/libvirt/libvirt-sock using chmod.

sudo chmod 777 /var/run/libvirt/libvirt-sock

I guess, it worked first time because you had superuser permission when you run it. But next time, when you started nova-compute then it did not have that permission.

edit flag offensive delete link more

Comments

1

Not a sollution. Nova-compute is not supposed to need access to libvirt socket, it shouldn't use libvirt at all.

yHuKyM gravatar imageyHuKyM ( 2014-11-03 09:03:49 -0500 )edit

If it is the case then why did it work first time as you mentioned in questions. What i think is, when you started nova-compute you had super user permission or the permission that had permission on the socket. But next time when you run it, it did not have those permission.

rajiv-kumar gravatar imagerajiv-kumar ( 2014-11-03 21:24:33 -0500 )edit
1

That's not it either. Every time (first time included) the service was started with:

sudo service nova-compute restart
yHuKyM gravatar imageyHuKyM ( 2014-11-04 01:53:35 -0500 )edit

Could you try load Nova-Docker container based on https://registry.hub.docker.com/u/ras... then ssh to it from remote host && verify internet access inside container ?

dbaxps gravatar imagedbaxps ( 2015-01-16 02:23:55 -0500 )edit

I tested the recent version on Nova-Docker driver on RDO Juno (AIO) node ( http://www.linux.com/community/blogs/... ) and it works fine no matter of 

[libvirt]
virt_type=kvm
dbaxps gravatar imagedbaxps ( 2015-01-16 02:26:27 -0500 )edit
see more comments

Your Answer

Please start posting anonymously - your entry will be published after you log in or create a new account.

Add Answer

Get to know Ask OpenStack

Resources for moderators

Question Tools

1 follower

subscribe to rss feed

Stats

Asked: 2014-11-03 08:23:25 -0500

Seen: 1,985 times

Last updated: Nov 03 '14

Related questions

nova-docker setup in devstack

[Docker] Cannot create docker container

Icehouse,I haven't command: "nova server-group-create"

Rabbitmq unstable error in ocata release

Upgrading RDO To Icehouse on Fedora 20

Does Openstack community consider to take ownership of the Flocker project? (since clusterHQ suppressing shutdown)

unexpected controller crash

icehouse on fedora21

How to execute a command on hosts (physical machines) via OpenStack code?

Trove: Error: Unauthorized SSL23_GET_SERVER_HELLO:unknown protocol