Installing with DevStack in Docker container

asked 2014-12-10 04:56:08 -0600

affo gravatar image

updated 2014-12-10 06:29:35 -0600

Hi everybody,
I am trying to install OpenStack into a Docker container.

The problem happens at almost the end of the installation, at line 1352: service_check.
Devstack checks services and the problem is that nova-api doesn't start!
Why? Because the command

sudo nova-rootwrap /etc/nova/rootwrap.conf iptables-save -c


iptables-save v1.4.21: Cannot initialize: Permission denied (you must be root)

I know that there is a known problem with Docker and iptables... But I couldn't find a solution except from running commands with --privileged=true.
Unfortunately, I do want my image to be built automatically from Dockerfile, and it is __not possible__ to RUN commands as privileged from file.
Actually, running with --privileged=true, gives this error on mysql service start:

/usr/sbin/mysqld: error while loading shared libraries: cannot open shared object file: Permission denied

And mysql has to be up during OpenStack installation (obviously).

Can you please help me?
Do you have any idea on how should I make iptables-save -c run?

Thank you in advance

edit retag flag offensive close merge delete

1 answer

Sort by ยป oldest newest most voted

answered 2014-12-10 06:20:48 -0600

SamYaple gravatar image

The --privileged=true flag is actually used with you run the container like this

docker run --privileged=true -i -t ubuntu:12.04 /bin/bash

So you should be able to specify it after you build the image.

edit flag offensive delete link more


thank you, see the edit please

affo gravatar imageaffo ( 2014-12-10 06:29:51 -0600 )edit

Get to know Ask OpenStack

Resources for moderators

Question Tools

1 follower


Asked: 2014-12-10 04:56:08 -0600

Seen: 1,051 times

Last updated: Dec 10 '14