neutron

Howto setup OVS with Ubuntu 12.04

Asked by Endre Karlson

I'm wondering on howto setup OVS with Quantum & Ubuntu 12.04?

I've tried adding this to qemu.conf:
cgroup_device_acl = [
   "/dev/null", "/dev/full", "/dev/zero",
   "/dev/random", "/dev/urandom",
   "/dev/ptmx", "/dev/kvm", "/dev/kqemu",
   "/dev/rtc", "/dev/hpet", "/dev/net/tun",
]

And also this udev rule:
KERNEL=="tun", MODE="0666", OPTIONS+="static_node=net/tun", GROUP="kvm"

Rebooted and tried to spawn guests but then I still get:

2012-05-02 11:38:41 ERROR nova.rpc.amqp [req-efd72ce0-e862-4b58-b82d-9fdac46840ff f0e22141b0404e7f9852cce01f6454de f8109734926d4b1c91d6e7b5d1cbd23a] Exception during message handling
2012-05-02 11:38:41 TRACE nova.rpc.amqp Traceback (most recent call last):
2012-05-02 11:38:41 TRACE nova.rpc.amqp File "/usr/lib/python2.7/dist-packages/nova/rpc/amqp.py", line 252, in _process_data
2012-05-02 11:38:41 TRACE nova.rpc.amqp rval = node_func(context=ctxt, **node_args)
2012-05-02 11:38:41 TRACE nova.rpc.amqp File "/usr/lib/python2.7/dist-packages/nova/exception.py", line 114, in wrapped
2012-05-02 11:38:41 TRACE nova.rpc.amqp return f(*args, **kw)
2012-05-02 11:38:41 TRACE nova.rpc.amqp File "/usr/lib/python2.7/dist-packages/nova/compute/manager.py", line 177, in decorated_function
2012-05-02 11:38:41 TRACE nova.rpc.amqp sys.exc_info())
2012-05-02 11:38:41 TRACE nova.rpc.amqp File "/usr/lib/python2.7/contextlib.py", line 24, in __exit__
2012-05-02 11:38:41 TRACE nova.rpc.amqp self.gen.next()
2012-05-02 11:38:41 TRACE nova.rpc.amqp File "/usr/lib/python2.7/dist-packages/nova/compute/manager.py", line 171, in decorated_function
2012-05-02 11:38:41 TRACE nova.rpc.amqp return function(self, context, instance_uuid, *args, **kwargs)
2012-05-02 11:38:41 TRACE nova.rpc.amqp File "/usr/lib/python2.7/dist-packages/nova/compute/manager.py", line 651, in run_instance
2012-05-02 11:38:41 TRACE nova.rpc.amqp do_run_instance()
2012-05-02 11:38:41 TRACE nova.rpc.amqp File "/usr/lib/python2.7/dist-packages/nova/utils.py", line 945, in inner
2012-05-02 11:38:41 TRACE nova.rpc.amqp retval = f(*args, **kwargs)
2012-05-02 11:38:41 TRACE nova.rpc.amqp File "/usr/lib/python2.7/dist-packages/nova/compute/manager.py", line 650, in do_run_instance
2012-05-02 11:38:41 TRACE nova.rpc.amqp self._run_instance(context, instance_uuid, **kwargs)
2012-05-02 11:38:41 TRACE nova.rpc.amqp File "/usr/lib/python2.7/dist-packages/nova/compute/manager.py", line 451, in _run_instance
2012-05-02 11:38:41 TRACE nova.rpc.amqp self._set_instance_error_state(context, instance_uuid)
2012-05-02 11:38:41 TRACE nova.rpc.amqp File "/usr/lib/python2.7/contextlib.py", line 24, in __exit__
2012-05-02 11:38:41 TRACE nova.rpc.amqp self.gen.next()
2012-05-02 11:38:41 TRACE nova.rpc.amqp File "/usr/lib/python2.7/dist-packages/nova/compute/manager.py", line 432, in _run_instance
2012-05-02 11:38:41 TRACE nova.rpc.amqp self._deallocate_network(context, instance)
2012-05-02 11:38:41 TRACE nova.rpc.amqp File "/usr/lib/python2.7/contextlib.py", line 24, in __exit__
2012-05-02 11:38:41 TRACE nova.rpc.amqp self.gen.next()
2012-05-02 11:38:41 TRACE nova.rpc.amqp File "/usr/lib/python2.7/dist-packages/nova/compute/manager.py", line 429, in _run_instance
2012-05-02 11:38:41 TRACE nova.rpc.amqp injected_files, admin_password)
2012-05-02 11:38:41 TRACE nova.rpc.amqp File "/usr/lib/python2.7/dist-packages/nova/compute/manager.py", line 592, in _spawn
2012-05-02 11:38:41 TRACE nova.rpc.amqp self._legacy_nw_info(network_info), block_device_info)
2012-05-02 11:38:41 TRACE nova.rpc.amqp File "/usr/lib/python2.7/dist-packages/nova/exception.py", line 114, in wrapped
2012-05-02 11:38:41 TRACE nova.rpc.amqp return f(*args, **kw)
2012-05-02 11:38:41 TRACE nova.rpc.amqp File "/usr/lib/python2.7/dist-packages/nova/virt/libvirt/connection.py", line 922, in spawn
2012-05-02 11:38:41 TRACE nova.rpc.amqp self._create_new_domain(xml)
2012-05-02 11:38:41 TRACE nova.rpc.amqp File "/usr/lib/python2.7/dist-packages/nova/virt/libvirt/connection.py", line 1575, in _create_new_domain
2012-05-02 11:38:41 TRACE nova.rpc.amqp domain.createWithFlags(launch_flags)
2012-05-02 11:38:41 TRACE nova.rpc.amqp File "/usr/lib/python2.7/dist-packages/eventlet/tpool.py", line 187, in doit
2012-05-02 11:38:41 TRACE nova.rpc.amqp result = proxy_call(self._autowrap, f, *args, **kwargs)
2012-05-02 11:38:41 TRACE nova.rpc.amqp File "/usr/lib/python2.7/dist-packages/eventlet/tpool.py", line 147, in proxy_call
2012-05-02 11:38:41 TRACE nova.rpc.amqp rv = execute(f,*args,**kwargs)
2012-05-02 11:38:41 TRACE nova.rpc.amqp File "/usr/lib/python2.7/dist-packages/eventlet/tpool.py", line 76, in tworker
2012-05-02 11:38:41 TRACE nova.rpc.amqp rv = meth(*args,**kwargs)
2012-05-02 11:38:41 TRACE nova.rpc.amqp File "/usr/lib/python2.7/dist-packages/libvirt.py", line 581, in createWithFlags
2012-05-02 11:38:41 TRACE nova.rpc.amqp if ret == -1: raise libvirtError ('virDomainCreateWithFlags() failed', dom=self)
2012-05-02 11:38:41 TRACE nova.rpc.amqp libvirtError: internal error Process exited while reading console log output: char device redirected to /dev/pts/4
2012-05-02 11:38:41 TRACE nova.rpc.amqp qemu-system-x86_64: -netdev tap,ifname=tap0c2deee4-94,script=,id=hostnet0: could not open /dev/net/tun: Operation not permitted
2012-05-02 11:38:41 TRACE nova.rpc.amqp qemu-system-x86_64: -netdev tap,ifname=tap0c2deee4-94,script=,id=hostnet0: Device 'tap' could not be initialized

While if I set these in qemu.conf and restart libvirtd:
clear_emulator_capabilities = 0
user = root
group = root

all works dandy but I see this as a bit of a security hole?

Question information

Language:
English Edit question
Status:
Answered
For:
neutron Edit question
Assignee:
No assignee Edit question
Last query:
Last reply:
Revision history for this message
dan wendlandt (danwent) said : 		#1

Hi Endre,

That's strange. Just changing the cgroup_device_acl and rebooting the device was enough for me. Perhaps restarting libvirt wasn't sufficient?

Revision history for this message
dan wendlandt (danwent) said : 		#2

actually, i confirmed that changing the cgroup_device_acls and restarting libvirt was sufficient for me. perhaps you have some other things installed complicating the matter?

Also, starting with libvirt 0.9.11, OVS will be supported natively in libvirt, meaning we can git rid of the type=ethernet stuff all together.

Can you help with this problem?

Provide an answer of your own, or ask Endre Karlson for more information if necessary.

To post a message you must log in.