Ask Your Question
0

Nova-Docker Failed to attach vif

asked 2015-11-10 10:18:36 -0500

thanhtien522 gravatar image

Hi, I'm trying to manage Docker Container by OpenStack using Nova-Docker following the guide in nova-docker github.

OpenStack version: Kilo

Network: nova-network

Docker version:

Client:
Version:      1.8.2
API version:  1.20
Package Version: docker-1.8.2-7.el7.centos.x86_64
Go version:   go1.4.2
Git commit:   bb472f0/1.8.2
Built:
OS/Arch:      linux/amd64

Server:
Version:      1.8.2
API version:  1.20
Package Version:
Go version:   go1.4.2
Git commit:   bb472f0/1.8.2
Built:
OS/Arch:      linux/amd64

When I boot new instance it success:

+--------------------------------------+-------+---------+------------+-------------+-------------------------+
| ID                                   | Name  | Status  | Task State | Power State | Networks                |
+--------------------------------------+-------+---------+------------+-------------+-------------------------+
| e5d63c1c-4f44-482c-96ad-cbe071dd4a97 | test1 | ACTIVE  | -          | Running     | demo-net=172.28.182.244 |
+--------------------------------------+-------+---------+------------+-------------+-------------------------+

But I can't connect to this instance. Then I check on nova-compute log, it show this error:

2015-11-10 21:39:30.377 21639 ERROR novadocker.virt.docker.vifs [req-7814c2bd-347c-42cf-846c-68a26867430c b33e43ef1fbb4ea49ed9036a93d3b1c3 b414e370902a4355ba76a49b658d4aee - - -] Fai
led to attach vif
2015-11-10 21:39:30.377 21639 TRACE novadocker.virt.docker.vifs Traceback (most recent call last):
2015-11-10 21:39:30.377 21639 TRACE novadocker.virt.docker.vifs   File "/usr/lib/python2.7/site-packages/novadocker/virt/docker/vifs.py", line 439, in attach
2015-11-10 21:39:30.377 21639 TRACE novadocker.virt.docker.vifs     container_id, run_as_root=True)
2015-11-10 21:39:30.377 21639 TRACE novadocker.virt.docker.vifs   File "/usr/lib/python2.7/site-packages/nova/utils.py", line 207, in execute
2015-11-10 21:39:30.377 21639 TRACE novadocker.virt.docker.vifs     return processutils.execute(*cmd, **kwargs)
2015-11-10 21:39:30.377 21639 TRACE novadocker.virt.docker.vifs   File "/usr/lib/python2.7/site-packages/oslo_concurrency/processutils.py", line 233, in execute
2015-11-10 21:39:30.377 21639 TRACE novadocker.virt.docker.vifs     cmd=sanitized_cmd)
2015-11-10 21:39:30.377 21639 TRACE novadocker.virt.docker.vifs ProcessExecutionError: Unexpected error while running command.
2015-11-10 21:39:30.377 21639 TRACE novadocker.virt.docker.vifs Command: sudo nova-rootwrap /etc/nova/rootwrap.conf ip link set ns0fb3057d-71 netns 068de0b131438c52a9f21acdc419872263
6dd23f98775f63b41d26c7854a9fc3
2015-11-10 21:39:30.377 21639 TRACE novadocker.virt.docker.vifs Exit code: 255
2015-11-10 21:39:30.377 21639 TRACE novadocker.virt.docker.vifs Stdout: u''
2015-11-10 21:39:30.377 21639 TRACE novadocker.virt.docker.vifs Stderr: u'Error: argument "068de0b131438c52a9f21acdc4198722636dd23f98775f63b41d26c7854a9fc3" is wrong: Invalid "netns"
 value\n\n'
2015-11-10 21:39:30.377 21639 TRACE novadocker.virt.docker.vifs

With a little time working around I generate this script:

sudo nova-rootwrap /etc/nova/rootwrap.conf ip link set ns0fb3057d-71 netns 068de0b131438c52a9f21acdc4198722636dd23f98775f63b41d26c7854a9fc3
sudo nova-rootwrap /etc/nova/rootwrap.conf ip netns exec 068de0b131438c52a9f21acdc4198722636dd23f98775f63b41d26c7854a9fc3 ip link set ns0fb3057d-71 address fa:16:3e:01:44:bb
sudo nova-rootwrap /etc/nova/rootwrap.conf ip netns exec 068de0b131438c52a9f21acdc4198722636dd23f98775f63b41d26c7854a9fc3 ip addr add 172.28.182.244/29 dev ns0fb3057d-71
sudo nova-rootwrap /etc/nova/rootwrap.conf ip netns exec 068de0b131438c52a9f21acdc4198722636dd23f98775f63b41d26c7854a9fc3 ip link set ns0fb3057d-71 up
sudo nova-rootwrap /etc/nova/rootwrap.conf ip netns exec 068de0b131438c52a9f21acdc4198722636dd23f98775f63b41d26c7854a9fc3 ip route replace default via 172.28.182.241 dev ns0fb3057d-71

When I run this script, every thing work find and I can connect to this instance via ip address ... (more)

edit retag flag offensive close merge delete

1 answer

Sort by ยป oldest newest most voted
0

answered 2015-11-15 21:52:39 -0500

thanhtien522 gravatar image

updated 2015-11-16 23:51:09 -0500

Update 17/11/2015

Finally I solve this problem by disable SELinux.


Update: By editing nova-docker code, I have more information for debug:

When I try to list all netns by root user or other superuser in console, I showed all netns have been created: With two commands and the result are the same:

sudo ip netns show
sudo nova-rootwrap /etc/nova/rootwrap.conf ip netns show
Result:
39ec80ddd49a8052c8d92cf792cd79a76e2bdc80021643f946be9afa68230111
48c92aa1a7c0790279068d39a372e69af98afa8b84efa147801b43bb0c3e5ca2
e0553d74e0f9a575952ff95466f575707d88a0883153b4d3d68ef709d1506a9d
c837ef997e8d507cadc81d1124983ac8675171af518410ea95f9215900cefe26
ae878013238762e88977059bb772a99362e77bf01e9f1c63dc5769ccacf55ad6
1ed4824bf92978f670498d3fe2b405d8803e83333f742afe5fb01bc1da0a6984
0739e1dece96a1c6ea0248b1b7a92e69169a1777183b9bbb3e0ab95c6c526fb8
4fa61829fb57ffab30c88fe27a413e95f5b253b54f1804577fce584fa81884be
068de0b131438c52a9f21acdc4198722636dd23f98775f63b41d26c7854a9fc3
78836c23cd205edbadd14e9b7500b2e2cb2bb11cc9cc0385e561bb50a0240127

But when I run this command in nova-docker source it did not show anything. The code to run is bellow:

#sudo nova-rootwrap /etc/nova/rootwrap.conf ip netns show
result = tils.execute('ip', 'netns', 'show', run_as_root=True)

and

#sudo ip netns show
_PIPE = subprocess.PIPE

obj = subprocess.Popen(['sudo', 'ip', 'netns', 'show'],
                                   stdin=_PIPE,
                                   stdout=_PIPE,
                                   stderr=_PIPE)

result = obj.communicate(None)
obj.stdin.close()

And the result is:

('', '')

And here is result when I list all link in /var/run/netns

# ll /var/run/netns/
total 0
lrwxrwxrwx. 1 root root 18 Nov 10 21:39 068de0b131438c52a9f21acdc4198722636dd23f98775f63b41d26c7854a9fc3 -> /proc/22538/ns/net
lrwxrwxrwx. 1 root root 18 Nov 12 14:36 0739e1dece96a1c6ea0248b1b7a92e69169a1777183b9bbb3e0ab95c6c526fb8 -> /proc/11324/ns/net
lrwxrwxrwx. 1 root root 18 Nov 12 14:42 1ed4824bf92978f670498d3fe2b405d8803e83333f742afe5fb01bc1da0a6984 -> /proc/11792/ns/net
lrwxrwxrwx. 1 root root 18 Nov 16 10:39 39ec80ddd49a8052c8d92cf792cd79a76e2bdc80021643f946be9afa68230111 -> /proc/25963/ns/net
lrwxrwxrwx. 1 root root 18 Nov 16 10:08 48c92aa1a7c0790279068d39a372e69af98afa8b84efa147801b43bb0c3e5ca2 -> /proc/25288/ns/net
lrwxrwxrwx. 1 root root 18 Nov 12 14:26 4fa61829fb57ffab30c88fe27a413e95f5b253b54f1804577fce584fa81884be -> /proc/10158/ns/net
lrwxrwxrwx. 1 root root 17 Nov  9 11:21 78836c23cd205edbadd14e9b7500b2e2cb2bb11cc9cc0385e561bb50a0240127 -> /proc/4139/ns/net
lrwxrwxrwx. 1 root root 18 Nov 16 09:44 ae878013238762e88977059bb772a99362e77bf01e9f1c63dc5769ccacf55ad6 -> /proc/23756/ns/net
lrwxrwxrwx. 1 root root 18 Nov 16 10:00 c837ef997e8d507cadc81d1124983ac8675171af518410ea95f9215900cefe26 -> /proc/24321/ns/net
lrwxrwxrwx. 1 root root 18 Nov 16 10:03 e0553d74e0f9a575952ff95466f575707d88a0883153b4d3d68ef709d1506a9d -> /proc/24998/ns/net

Thanks.

edit flag offensive delete link more

Your Answer

Please start posting anonymously - your entry will be published after you log in or create a new account.

Add Answer

Get to know Ask OpenStack

Resources for moderators

Question Tools

1 follower

Stats

Asked: 2015-11-10 10:14:28 -0500

Seen: 214 times

Last updated: Nov 16 '15