Public bug reported:
I have recently installed a new Openstackcloud.
One controller and two nova nodes. When I tried to launch a new instance I got
an error.
I could only launch instance on the controller node, but not on the two nova
nodes.
The error message I got was:
==> nova/nova-compute.log <==
2017-03-13 09:18:37.738 780 INFO oslo.privsep.daemon
[req-ad1726ad-ce87-4bda-a359-25f68d7aa0be - - - - -] Running privsep helper:
['sudo', 'nova-rootwrap', '/etc/nova/rootwrap.conf', 'privsep-helper',
'--config-file', '/etc/nova/nova.conf', '--config-file',
'/etc/nova/nova-compute.conf', '--privsep_context',
'os_brick.privileged.default', '--privsep_sock_path',
'/tmp/tmpcWGEib/privsep.sock']
==> auth.log <==
Mar 13 09:18:37 nova1 sudo: pam_unix(sudo:auth): auth could not identify
password for [nova]
Mar 13 09:18:37 nova1 sudo: nova : command not allowed ; TTY=unknown ;
PWD=/var/lib/nova ; USER=root ; COMMAND=/usr/local/bin/nova-rootwrap
/etc/nova/rootwrap.conf privsep-helper --config-file /etc/nova/nova.conf
--config-file /etc/nova/nova-compute.conf --privsep_context
os_brick.privileged.default --privsep_sock_path /tmp/tmpcWGEib/privsep.sock
==> nova/nova-compute.log <==
2017-03-13 09:18:37.772 780 CRITICAL oslo.privsep.daemon
[req-ad1726ad-ce87-4bda-a359-25f68d7aa0be - - - - -] privsep helper command
exited non-zero (1)
2017-03-13 09:18:37.777 780 WARNING oslo.privsep.daemon [-] privsep log: sudo:
no tty present and no askpass program specified
2017-03-13 09:18:37.794 780 ERROR nova.compute.manager
[req-ad1726ad-ce87-4bda-a359-25f68d7aa0be - - - - -] [instance:
7842db94-82bb-4b48-8dbe-6e7b33ee4b12] Instance failed block device setup
2017-03-13 09:18:37.794 780 ERROR nova.compute.manager [instance:
7842db94-82bb-4b48-8dbe-6e7b33ee4b12] Traceback (most recent call last):
2017-03-13 09:18:37.794 780 ERROR nova.compute.manager [instance:
7842db94-82bb-4b48-8dbe-6e7b33ee4b12] File
"/usr/lib/python2.7/dist-packages/nova/compute/manager.py", line 1582, in
_prep_block_device
2017-03-13 09:18:37.794 780 ERROR nova.compute.manager [instance:
7842db94-82bb-4b48-8dbe-6e7b33ee4b12]
wait_func=self._await_block_device_map_created)
After some investigation I had to change a couple of thing to get it to work.
1.) Add the following line to sudoer
nova ALL = (root) NOPASSWD: /usr/local/bin/nova-rootwrap
/etc/nova/rootwrap.conf *
According to the manual, it should be /usr/bin/nova-rootwrap. But that didn't
work either.
2.) Change owner on directory /var/lib/nova/instance to nova:nova. For some
reason it is registered as root:root.
For some reason most directory in /var/lib/nova has owner root:root.
I have follow the installation manual for Openstack newton.
** Affects: nova
Importance: Undecided
Status: New
** Project changed: horizon => nova
--
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to OpenStack Dashboard (Horizon).
https://bugs.launchpad.net/bugs/1672357
Title:
[Newton][Nova] When deploying an instance. Get the following error:
sudo: pam_unix(sudo:auth): auth could not identify password for
[nova]sudo: pam_unix(sudo:auth): auth could not identify password for
[nova]
Status in OpenStack Compute (nova):
New
Bug description:
I have recently installed a new Openstackcloud.
One controller and two nova nodes. When I tried to launch a new instance I
got an error.
I could only launch instance on the controller node, but not on the two nova
nodes.
The error message I got was:
==> nova/nova-compute.log <==
2017-03-13 09:18:37.738 780 INFO oslo.privsep.daemon
[req-ad1726ad-ce87-4bda-a359-25f68d7aa0be - - - - -] Running privsep helper:
['sudo', 'nova-rootwrap', '/etc/nova/rootwrap.conf', 'privsep-helper',
'--config-file', '/etc/nova/nova.conf', '--config-file',
'/etc/nova/nova-compute.conf', '--privsep_context',
'os_brick.privileged.default', '--privsep_sock_path',
'/tmp/tmpcWGEib/privsep.sock']
==> auth.log <==
Mar 13 09:18:37 nova1 sudo: pam_unix(sudo:auth): auth could not identify
password for [nova]
Mar 13 09:18:37 nova1 sudo: nova : command not allowed ; TTY=unknown ;
PWD=/var/lib/nova ; USER=root ; COMMAND=/usr/local/bin/nova-rootwrap
/etc/nova/rootwrap.conf privsep-helper --config-file /etc/nova/nova.conf
--config-file /etc/nova/nova-compute.conf --privsep_context
os_brick.privileged.default --privsep_sock_path /tmp/tmpcWGEib/privsep.sock
==> nova/nova-compute.log <==
2017-03-13 09:18:37.772 780 CRITICAL oslo.privsep.daemon
[req-ad1726ad-ce87-4bda-a359-25f68d7aa0be - - - - -] privsep helper command
exited non-zero (1)
2017-03-13 09:18:37.777 780 WARNING oslo.privsep.daemon [-] privsep log:
sudo: no tty present and no askpass program specified
2017-03-13 09:18:37.794 780 ERROR nova.compute.manager
[req-ad1726ad-ce87-4bda-a359-25f68d7aa0be - - - - -] [instance:
7842db94-82bb-4b48-8dbe-6e7b33ee4b12] Instance failed block device setup
2017-03-13 09:18:37.794 780 ERROR nova.compute.manager [instance:
7842db94-82bb-4b48-8dbe-6e7b33ee4b12] Traceback (most recent call last):
2017-03-13 09:18:37.794 780 ERROR nova.compute.manager [instance:
7842db94-82bb-4b48-8dbe-6e7b33ee4b12] File
"/usr/lib/python2.7/dist-packages/nova/compute/manager.py", line 1582, in
_prep_block_device
2017-03-13 09:18:37.794 780 ERROR nova.compute.manager [instance:
7842db94-82bb-4b48-8dbe-6e7b33ee4b12]
wait_func=self._await_block_device_map_created)
After some investigation I had to change a couple of thing to get it to work.
1.) Add the following line to sudoer
nova ALL = (root) NOPASSWD: /usr/local/bin/nova-rootwrap
/etc/nova/rootwrap.conf *
According to the manual, it should be /usr/bin/nova-rootwrap. But that didn't
work either.
2.) Change owner on directory /var/lib/nova/instance to nova:nova. For some
reason it is registered as root:root.
For some reason most directory in /var/lib/nova has owner root:root.
I have follow the installation manual for Openstack newton.
To manage notifications about this bug go to:
https://bugs.launchpad.net/nova/+bug/1672357/+subscriptions
--
Mailing list: https://launchpad.net/~yahoo-eng-team
Post to : yahoo-eng-team@lists.launchpad.net
Unsubscribe : https://launchpad.net/~yahoo-eng-team
More help : https://help.launchpad.net/ListHelp
