Re: cannot start system VMs: disaster after maintenance followup

Thu, 21 Mar 2019 08:09:19 -0700 

Hey Jevgeni,

what OS mgmt, what OS hypervisor, what qemu/libvirt versions - still in
Basic Zone, SG ?

Andrija

On Thu, 21 Mar 2019 at 13:06, Jevgeni Zolotarjov <j.zolotar...@gmail.com>
wrote:

> I reinstalled cloudstack from scratch - everything
>
> But looks like I hit the same wall now
>
> In the last step of installation it cannot create system VMs.
>
> service libvirtd status -l
> gives me
> ------------------------------------
> ● libvirtd.service - Virtualization daemon
>    Loaded: loaded (/usr/lib/systemd/system/libvirtd.service; enabled;
> vendor preset: enabled)
>    Active: active (running) since Thu 2019-03-21 11:45:00 GMT; 18min ago
>      Docs: man:libvirtd(8)
>            https://libvirt.org
>  Main PID: 537 (libvirtd)
>     Tasks: 20 (limit: 32768)
>    CGroup: /system.slice/libvirtd.service
>            ├─  537 /usr/sbin/libvirtd -l
>            ├─12206 /usr/sbin/dnsmasq
> --conf-file=/var/lib/libvirt/dnsmasq/default.conf --leasefile-ro
> --dhcp-script=/usr/libexec/libvirt_leaseshelper
>            └─12207 /usr/sbin/dnsmasq
> --conf-file=/var/lib/libvirt/dnsmasq/default.conf --leasefile-ro
> --dhcp-script=/usr/libexec/libvirt_leaseshelper
>
> Mar 21 11:45:01 mtl1-apphst03.mt.pbt.com.mt libvirtd[537]: 2019-03-21
> 11:45:01.168+0000: 566: info : libvirt version: 4.5.0, package: 10.el7_6.6
> (CentOS BuildSystem <http://bugs.centos.org>, 2019-03-14-10:21:47,
> x86-01.bsys.centos.org)
> Mar 21 11:45:01 mtl1-apphst03.mt.pbt.com.mt libvirtd[537]: 2019-03-21
> 11:45:01.168+0000: 566: info : hostname: mtl1-apphst03.mt.pbt.com.mt
> Mar 21 11:45:01 mtl1-apphst03.mt.pbt.com.mt libvirtd[537]: 2019-03-21
> 11:45:01.168+0000: 566: error : virFirewallApplyRuleDirect:709 : internal
> error: Failed to apply firewall rules /usr/sbin/iptables -w --table nat
> --insert POSTROUTING --source 192.168.122.0/24 '!' --destination
> 192.168.122.0/24 --jump MASQUERADE: iptables v1.4.21: can't initialize
> iptables table `nat': Table does not exist (do you need to insmod?)
> Mar 21 11:45:01 mtl1-apphst03.mt.pbt.com.mt libvirtd[537]: Perhaps
> iptables
> or your kernel needs to be upgraded.
> Mar 21 11:45:01 mtl1-apphst03.mt.pbt.com.mt dnsmasq[12206]: read
> /etc/hosts
> - 4 addresses
> Mar 21 11:45:01 mtl1-apphst03.mt.pbt.com.mt dnsmasq[12206]: read
> /var/lib/libvirt/dnsmasq/default.addnhosts - 0 addresses
> Mar 21 11:45:01 mtl1-apphst03.mt.pbt.com.mt dnsmasq-dhcp[12206]: read
> /var/lib/libvirt/dnsmasq/default.hostsfile
> Mar 21 11:45:01 mtl1-apphst03.mt.pbt.com.mt libvirtd[537]: 2019-03-21
> 11:45:01.354+0000: 566: warning : virSecurityManagerNew:189 : Configured
> security driver "none" disables default policy to create confined guests
> Mar 21 11:49:57 mtl1-apphst03.mt.pbt.com.mt libvirtd[537]: 2019-03-21
> 11:49:57.354+0000: 542: warning : qemuDomainObjTaint:7521 : Domain id=2
> name='s-1-VM' uuid=1a06d3a7-4e3f-4cba-912f-74ae24569bac is tainted:
> high-privileges
> Mar 21 11:49:59 mtl1-apphst03.mt.pbt.com.mt libvirtd[537]: 2019-03-21
> 11:49:59.402+0000: 540: warning : qemuDomainObjTaint:7521 : Domain id=3
> name='v-2-VM' uuid=af2a8342-cd9b-4b55-ba12-480634a31d65 is tainted:
> high-privileges
>
>
> What can be done about that ?
>


-- 

Andrija Panić

Reply via email to