[one-users] Fwd: Re: Opennebula 3.0 RC1 and persistent images in KVM VMs
Alberto Picón Couselo
alpicon1 at gmail.com
Mon Sep 26 17:46:06 PDT 2011
Sorry, as Ruben S. Montero stated, I specified dynamic_ownership=0 in
/etc/libvirt/qemu.conf to avoid KVM changing image file permissions in
/var/lib/one/images to root:root.
Best Regards,
Alberto Picón
-------- Mensaje original --------
Asunto: Re: [one-users] Opennebula 3.0 RC1 and persistent images in KVM
VMs
Fecha: Tue, 27 Sep 2011 02:00:45 +0200
De: Alberto Picón Couselo <alpicon1 at gmail.com>
Responder a: alpicon1 at gmail.com
Para: Ruben S. Montero <rubensm at dacya.ucm.es>
CC: users at lists.opennebula.org <users at lists.opennebula.org>
Hi all,
I finally executed KVM VM's with persistent disks in OpenNebula.
I made the following changes in /etc/libvirt/qemu.conf
# The user ID for QEMU processes run by the system instance
user = "oneadmin"
# The group ID for QEMU processes run by the system instance
group = "oneadmin"
# Whether libvirt should dynamically change file ownership
# to match the configured user/group above. Defaults to 1.
# Set to 0 to disable file ownership changes.
dynamic_ownership = 1
Oneadmin and libvirt-qemu user and group membership are as follows in
KVM worker node:
~# groups oneadmin
oneadmin : oneadmin kvm libvirt
~# groups libvirt-qemu
libvirt-qemu : kvm oneadmin
I changed KVM /dev/kvm group from kvm to oneadmin:
~# chgrp oneadmin /dev/kvm
~# ls -la /dev/kvm
crw-rw---- 1 root oneadmin 10, 232 sep 16 20:35 /dev/kvm
I will need to change group permissions of /dev/kvm to oneadmin in
rc.local because reloading qemu-kvm resets /dev/kvm to kvm group. Do you
know any other way to set up group of /dev/kvm?
Thank you very much everybody for your help and support!
Best Regards,
Alberto Picón
El 26/09/2011 22:45, Ruben S. Montero escribió:
> Hi
>
> You may try to disable dynamic ownership in qemu.conf, as:
> ...
> user = "root"
> group = "root"
>
> dynamic_ownership = 0
> ...
>
> Cheers
>
> Ruben
> On Mon, Sep 26, 2011 at 9:52 PM, Alberto Picón Couselo
> <alpicon1 at gmail.com <mailto:alpicon1 at gmail.com>> wrote:
>
> Hi, Fabian.
>
> We have tested root read and write access to NFS mount in KVM
> worker node and it works correctly. As you stated, when we create
> a persistent image, Opennebula creates a link to the registered
> image in /var/lib/{VID}/image. We are using FreeNAS 8.0 Final
> Release for shared storage and it implements NFSv3.
>
> When a new instance is deployed using a persistent image, the
> image changes a quarter of a second to libvirt-bin:kvm file
> permissions, instance fails to boot with "permission denied" error
> and persistent image in repository changes its file permissions to
> root user and root group.
>
> When we use a non persistent image, KVM instance boots correctly
> cloning the registered image to /var/lib/{VID}/image/disk.0, and
> it has libvirt-bin:kvm file permissions during RUNNING state.
>
> Please, any clue regarding this issue would be really appreciated.
>
> Best Regards,
> Alberto Picón
>
> El 26/09/2011 13:50, Fabian Wenk escribió:
>
> Hello Alberto
>
> On 25.09.2011 00 <tel:25.09.2011%2000>:27, Alberto Picón
> Couselo wrote:
>
> We have some a problems using persistent KVM images in
> Opennebula 3.0 RC1.
>
> Our configuration is as follows:
>
> Opennebula Front-End Ubuntu LTS 10.04
> KVM worker node Debian Queeze 6.0.2
> NAS for NFS Shared storage
>
>
> Sat Sep 24 23:49:08 2011 [VMM][I]: Command execution fail:
> 'if [ -x
> "/var/lib/one/remotes/vmm/kvm/deploy" ]; then
> /var/lib/one/remotes/vmm/kvm/deploy
> /var/lib/one/212/images/deployment.0
> tc-kvm-hv02 212 tc-kvm-hv02; else
> exit 42; fi'
> Sat Sep 24 23:49:08 2011 [VMM][I]: error: Failed to create
> domain from
> /var/lib/one/212/images/deployment.0
> Sat Sep 24 23:49:08 2011 [VMM][I]: error: internal error
> process exited
> while connecting to monitor: qemu: could not open disk image
> /var/lib/one/212/images/disk.0: Permission denied
>
>
> Please, can you give us any clue regarding this issue?.
> Persistent mode
> for KVM VMs is essential for us...
>
>
> Is root allowed to read/write in the NFS mounted images
> folder? Check the options in /etc/exports on the NFS server.
> Eventually you also need to force the client (cluster node) to
> mount it using NFSv3 (instead of NFSv4).
>
> With persistent images, the images stays in the images folder
> and is only linked from the <vm_id>/images/ folder. KVM does
> run with root privileges.
>
>
> bye
> Fabian
> _______________________________________________
> Users mailing list
> Users at lists.opennebula.org <mailto:Users at lists.opennebula.org>
> http://lists.opennebula.org/listinfo.cgi/users-opennebula.org
>
> _______________________________________________
> Users mailing list
> Users at lists.opennebula.org <mailto:Users at lists.opennebula.org>
> http://lists.opennebula.org/listinfo.cgi/users-opennebula.org
>
>
>
>
> --
> Dr. Ruben Santiago Montero
> Associate Professor (Profesor Titular), Complutense University of Madrid
>
> URL: http://dsa-research.org/doku.php?id=people:ruben
> Weblog: http://blog.dsa-research.org/?author=7
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.opennebula.org/pipermail/users-opennebula.org/attachments/20110927/e2c89950/attachment-0002.htm>
More information about the Users
mailing list