Ask Your Question

Revision history [back]

click to hide/show revision 1
initial version

Howto setup OVS with Ubuntu 12.04

I'm wondering on howto setup OVS with Quantum & Ubuntu 12.04?

I've tried adding this to qemu.conf: cgroup_device_acl = [ "/dev/null", "/dev/full", "/dev/zero", "/dev/random", "/dev/urandom", "/dev/ptmx", "/dev/kvm", "/dev/kqemu", "/dev/rtc", "/dev/hpet", "/dev/net/tun", ]

And also this udev rule: KERNEL=="tun", MODE="0666", OPTIONS+="static_node=net/tun", GROUP="kvm"

Rebooted and tried to spawn guests but then I still get:

2012-05-02 11:38:41 ERROR nova.rpc.amqp [req-efd72ce0-e862-4b58-b82d-9fdac46840ff f0e22141b0404e7f9852cce01f6454de f8109734926d4b1c91d6e7b5d1cbd23a] Exception during message handling 2012-05-02 11:38:41 TRACE nova.rpc.amqp Traceback (most recent call last): 2012-05-02 11:38:41 TRACE nova.rpc.amqp File "/usr/lib/python2.7/dist-packages/nova/rpc/amqp.py", line 252, in _process_data 2012-05-02 11:38:41 TRACE nova.rpc.amqp rval = node_func(context=ctxt, node_args) 2012-05-02 11:38:41 TRACE nova.rpc.amqp File "/usr/lib/python2.7/dist-packages/nova/exception.py", line 114, in wrapped 2012-05-02 11:38:41 TRACE nova.rpc.amqp return f(args, *kw) 2012-05-02 11:38:41 TRACE nova.rpc.amqp File "/usr/lib/python2.7/dist-packages/nova/compute/manager.py", line 177, in decorated_function 2012-05-02 11:38:41 TRACE nova.rpc.amqp sys.exc_info()) 2012-05-02 11:38:41 TRACE nova.rpc.amqp File "/usr/lib/python2.7/contextlib.py", line 24, in __exit__ 2012-05-02 11:38:41 TRACE nova.rpc.amqp self.gen.next() 2012-05-02 11:38:41 TRACE nova.rpc.amqp File "/usr/lib/python2.7/dist-packages/nova/compute/manager.py", line 171, in decorated_function 2012-05-02 11:38:41 TRACE nova.rpc.amqp return function(self, context, instance_uuid, args, *kwargs) 2012-05-02 11:38:41 TRACE nova.rpc.amqp File "/usr/lib/python2.7/dist-packages/nova/compute/manager.py", line 651, in run_instance 2012-05-02 11:38:41 TRACE nova.rpc.amqp do_run_instance() 2012-05-02 11:38:41 TRACE nova.rpc.amqp File "/usr/lib/python2.7/dist-packages/nova/utils.py", line 945, in inner 2012-05-02 11:38:41 TRACE nova.rpc.amqp retval = f(args, *kwargs) 2012-05-02 11:38:41 TRACE nova.rpc.amqp File "/usr/lib/python2.7/dist-packages/nova/compute/manager.py", line 650, in do_run_instance 2012-05-02 11:38:41 TRACE nova.rpc.amqp self._run_instance(context, instance_uuid, *kwargs) 2012-05-02 11:38:41 TRACE nova.rpc.amqp File "/usr/lib/python2.7/dist-packages/nova/compute/manager.py", line 451, in _run_instance 2012-05-02 11:38:41 TRACE nova.rpc.amqp self._set_instance_error_state(context, instance_uuid) 2012-05-02 11:38:41 TRACE nova.rpc.amqp File "/usr/lib/python2.7/contextlib.py", line 24, in __exit__ 2012-05-02 11:38:41 TRACE nova.rpc.amqp self.gen.next() 2012-05-02 11:38:41 TRACE nova.rpc.amqp File "/usr/lib/python2.7/dist-packages/nova/compute/manager.py", line 432, in _run_instance 2012-05-02 11:38:41 TRACE nova.rpc.amqp self._deallocate_network(context, instance) 2012-05-02 11:38:41 TRACE nova.rpc.amqp File "/usr/lib/python2.7/contextlib.py", line 24, in __exit__ 2012-05-02 11:38:41 TRACE nova.rpc.amqp self.gen.next() 2012-05-02 11:38:41 TRACE nova.rpc.amqp File "/usr/lib/python2.7/dist-packages/nova/compute/manager.py", line 429, in _run_instance 2012-05-02 11:38:41 TRACE nova.rpc.amqp injected_files, admin_password) 2012-05-02 11:38:41 TRACE nova.rpc.amqp File "/usr/lib/python2.7/dist-packages/nova/compute/manager.py", line 592, in _spawn 2012-05-02 11:38:41 TRACE nova.rpc.amqp self._legacy_nw_info(network_info), block_device_info) 2012-05-02 11:38:41 TRACE nova.rpc.amqp File "/usr/lib/python2.7/dist-packages/nova/exception.py", line 114, in wrapped 2012-05-02 11:38:41 TRACE nova.rpc.amqp return f(args, *kw) 2012-05-02 11:38:41 TRACE nova.rpc.amqp File "/usr/lib/python2.7/dist-packages/nova/virt/libvirt/connection.py", line 922, in spawn 2012-05-02 11:38:41 TRACE nova.rpc.amqp self._create_new_domain(xml) 2012-05-02 11:38:41 TRACE nova.rpc.amqp File "/usr/lib/python2.7/dist-packages/nova/virt/libvirt/connection.py", line 1575, in _create_new_domain 2012-05-02 11:38:41 TRACE nova.rpc.amqp domain.createWithFlags(launch_flags) 2012-05-02 11:38:41 TRACE nova.rpc.amqp File "/usr/lib/python2.7/dist-packages/eventlet/tpool.py", line 187, in doit 2012-05-02 11:38:41 TRACE nova.rpc.amqp result = proxy_call(self._autowrap, f, *args, *kwargs) 2012-05-02 11:38:41 TRACE nova.rpc.amqp File "/usr/lib/python2.7/dist-packages/eventlet/tpool.py", line 147, in proxy_call 2012-05-02 11:38:41 TRACE nova.rpc.amqp rv = execute(f,args,kwargs) 2012-05-02 11:38:41 TRACE nova.rpc.amqp File "/usr/lib/python2.7/dist-packages/eventlet/tpool.py", line 76, in tworker 2012-05-02 11:38:41 TRACE nova.rpc.amqp rv = meth(args,**kwargs) 2012-05-02 11:38:41 TRACE nova.rpc.amqp File "/usr/lib/python2.7/dist-packages/libvirt.py", line 581, in createWithFlags 2012-05-02 11:38:41 TRACE nova.rpc.amqp if ret == -1: raise libvirtError ('virDomainCreateWithFlags() failed', dom=self) 2012-05-02 11:38:41 TRACE nova.rpc.amqp libvirtError: internal error Process exited while reading console log output: char device redirected to /dev/pts/4 2012-05-02 11:38:41 TRACE nova.rpc.amqp qemu-system-x86_64: -netdev tap,ifname=tap0c2deee4-94,script=,id=hostnet0: could not open /dev/net/tun: Operation not permitted 2012-05-02 11:38:41 TRACE nova.rpc.amqp qemu-system-x86_64: -netdev tap,ifname=tap0c2deee4-94,script=,id=hostnet0: Device 'tap' could not be initialized

While if I set these in qemu.conf and restart libvirtd: clear_emulator_capabilities = 0 user = root group = root

all works dandy but I see this as a bit of a security hole?

Howto setup OVS with Ubuntu 12.04

I'm wondering on howto setup OVS with Quantum & Ubuntu 12.04?

I've tried adding this to qemu.conf: qemu.conf:

cgroup_device_acl = [
   "/dev/null", "/dev/full", "/dev/zero",
   "/dev/random", "/dev/urandom",
   "/dev/ptmx", "/dev/kvm", "/dev/kqemu",
   "/dev/rtc", "/dev/hpet", "/dev/net/tun",
]

]

And also this udev rule: rule:

KERNEL=="tun",                  MODE="0666", OPTIONS+="static_node=net/tun", GROUP="kvm"

GROUP="kvm"

Rebooted and tried to spawn guests but then I still get:

2012-05-02 11:38:41 ERROR nova.rpc.amqp [req-efd72ce0-e862-4b58-b82d-9fdac46840ff f0e22141b0404e7f9852cce01f6454de f8109734926d4b1c91d6e7b5d1cbd23a] Exception during message handling
2012-05-02 11:38:41 TRACE nova.rpc.amqp Traceback (most recent call last):
2012-05-02 11:38:41 TRACE nova.rpc.amqp   File "/usr/lib/python2.7/dist-packages/nova/rpc/amqp.py", line 252, in _process_data
2012-05-02 11:38:41 TRACE nova.rpc.amqp     rval = node_func(context=ctxt, node_args)
**node_args)
2012-05-02 11:38:41 TRACE nova.rpc.amqp   File "/usr/lib/python2.7/dist-packages/nova/exception.py", line 114, in wrapped
2012-05-02 11:38:41 TRACE nova.rpc.amqp     return f(args, *kw)
f(*args, **kw)
2012-05-02 11:38:41 TRACE nova.rpc.amqp   File "/usr/lib/python2.7/dist-packages/nova/compute/manager.py", line 177, in decorated_function
2012-05-02 11:38:41 TRACE nova.rpc.amqp     sys.exc_info())
2012-05-02 11:38:41 TRACE nova.rpc.amqp   File "/usr/lib/python2.7/contextlib.py", line 24, in __exit__
2012-05-02 11:38:41 TRACE nova.rpc.amqp     self.gen.next()
2012-05-02 11:38:41 TRACE nova.rpc.amqp   File "/usr/lib/python2.7/dist-packages/nova/compute/manager.py", line 171, in decorated_function
2012-05-02 11:38:41 TRACE nova.rpc.amqp     return function(self, context, instance_uuid, args, *kwargs)
*args, **kwargs)
2012-05-02 11:38:41 TRACE nova.rpc.amqp   File "/usr/lib/python2.7/dist-packages/nova/compute/manager.py", line 651, in run_instance
2012-05-02 11:38:41 TRACE nova.rpc.amqp     do_run_instance()
2012-05-02 11:38:41 TRACE nova.rpc.amqp   File "/usr/lib/python2.7/dist-packages/nova/utils.py", line 945, in inner
2012-05-02 11:38:41 TRACE nova.rpc.amqp     retval = f(args, *kwargs)
f(*args, **kwargs)
2012-05-02 11:38:41 TRACE nova.rpc.amqp   File "/usr/lib/python2.7/dist-packages/nova/compute/manager.py", line 650, in do_run_instance
2012-05-02 11:38:41 TRACE nova.rpc.amqp     self._run_instance(context, instance_uuid, *kwargs)
**kwargs)
2012-05-02 11:38:41 TRACE nova.rpc.amqp   File "/usr/lib/python2.7/dist-packages/nova/compute/manager.py", line 451, in _run_instance
2012-05-02 11:38:41 TRACE nova.rpc.amqp     self._set_instance_error_state(context, instance_uuid)
2012-05-02 11:38:41 TRACE nova.rpc.amqp   File "/usr/lib/python2.7/contextlib.py", line 24, in __exit__
2012-05-02 11:38:41 TRACE nova.rpc.amqp     self.gen.next()
2012-05-02 11:38:41 TRACE nova.rpc.amqp   File "/usr/lib/python2.7/dist-packages/nova/compute/manager.py", line 432, in _run_instance
2012-05-02 11:38:41 TRACE nova.rpc.amqp     self._deallocate_network(context, instance)
2012-05-02 11:38:41 TRACE nova.rpc.amqp   File "/usr/lib/python2.7/contextlib.py", line 24, in __exit__
2012-05-02 11:38:41 TRACE nova.rpc.amqp     self.gen.next()
2012-05-02 11:38:41 TRACE nova.rpc.amqp   File "/usr/lib/python2.7/dist-packages/nova/compute/manager.py", line 429, in _run_instance
2012-05-02 11:38:41 TRACE nova.rpc.amqp     injected_files, admin_password)
2012-05-02 11:38:41 TRACE nova.rpc.amqp   File "/usr/lib/python2.7/dist-packages/nova/compute/manager.py", line 592, in _spawn
2012-05-02 11:38:41 TRACE nova.rpc.amqp     self._legacy_nw_info(network_info), block_device_info)
2012-05-02 11:38:41 TRACE nova.rpc.amqp   File "/usr/lib/python2.7/dist-packages/nova/exception.py", line 114, in wrapped
2012-05-02 11:38:41 TRACE nova.rpc.amqp     return f(args, *kw)
f(*args, **kw)
2012-05-02 11:38:41 TRACE nova.rpc.amqp   File "/usr/lib/python2.7/dist-packages/nova/virt/libvirt/connection.py", line 922, in spawn
2012-05-02 11:38:41 TRACE nova.rpc.amqp     self._create_new_domain(xml)
2012-05-02 11:38:41 TRACE nova.rpc.amqp   File "/usr/lib/python2.7/dist-packages/nova/virt/libvirt/connection.py", line 1575, in _create_new_domain
2012-05-02 11:38:41 TRACE nova.rpc.amqp     domain.createWithFlags(launch_flags)
2012-05-02 11:38:41 TRACE nova.rpc.amqp   File "/usr/lib/python2.7/dist-packages/eventlet/tpool.py", line 187, in doit
2012-05-02 11:38:41 TRACE nova.rpc.amqp     result = proxy_call(self._autowrap, f, *args, *kwargs)
**kwargs)
2012-05-02 11:38:41 TRACE nova.rpc.amqp   File "/usr/lib/python2.7/dist-packages/eventlet/tpool.py", line 147, in proxy_call
2012-05-02 11:38:41 TRACE nova.rpc.amqp     rv = execute(f,args,kwargs)
execute(f,*args,**kwargs)
2012-05-02 11:38:41 TRACE nova.rpc.amqp   File "/usr/lib/python2.7/dist-packages/eventlet/tpool.py", line 76, in tworker
2012-05-02 11:38:41 TRACE nova.rpc.amqp     rv = meth(args,**kwargs)
meth(*args,**kwargs)
2012-05-02 11:38:41 TRACE nova.rpc.amqp   File "/usr/lib/python2.7/dist-packages/libvirt.py", line 581, in createWithFlags
2012-05-02 11:38:41 TRACE nova.rpc.amqp     if ret == -1: raise libvirtError ('virDomainCreateWithFlags() failed', dom=self)
2012-05-02 11:38:41 TRACE nova.rpc.amqp libvirtError: internal error Process exited while reading console log output: char device redirected to /dev/pts/4
2012-05-02 11:38:41 TRACE nova.rpc.amqp qemu-system-x86_64: -netdev tap,ifname=tap0c2deee4-94,script=,id=hostnet0: could not open /dev/net/tun: Operation not permitted
2012-05-02 11:38:41 TRACE nova.rpc.amqp qemu-system-x86_64: -netdev tap,ifname=tap0c2deee4-94,script=,id=hostnet0: Device 'tap' could not be initialized

initialized

While if I set these in qemu.conf and restart libvirtd: libvirtd:

clear_emulator_capabilities = 0
user = root
group = root

root

all works dandy but I see this as a bit of a security hole?