Re: [Rdo-list] [rhos-list] Remote Cinder access
On 08/27/2013 07:29 AM, Lutz Christoph wrote:
Hi!
I'm in the last tests for a three node RDO setup, and I found that with
Since this is RDO related, I'm going to move this over to the community
oriented list :)
the current default setup, qemu-kvm can't access a volume:
qemu-kvm: -drive
file=/dev/disk/by-path/ip-192.168.104.61:3260-iscsi-iqn.2010-10.org.openstack:volume-229b80d0-ad10-4a3b-b022-d632de368001-lun-1,if=none,id=drive-virtio-disk0,format=raw,serial=229b80d0-ad10-4a3b-b022-d632de368001,cache=none:
could not open disk image
/dev/disk/by-path/ip-192.168.104.61:3260-iscsi-iqn.2010-10.org.openstack:volume-229b80d0-ad10-4a3b-b022-d632de368001-lun-1:
Permission denied
SELinux issue perhaps? Whenever I see a permission denied that's always
the first thing I check. Try:
# getenforce
and
# audit2why -a
If it's not that, then maybe Eric (cc'd) from the Cinder team can help.
The device looks just like any other disk device:
lrwxrwxrwx. 1 root root 9 Aug 27 10:40
/dev/disk/by-path/ip-192.168.104.61:3260-iscsi-iqn.2010-10.org.openstack:volume-229b80d0-ad10-4a3b-b022-d632de368001-lun-1
-> ../../sdj
brw-rw----. 1 root disk 8, 144 Aug 27 10:40 /dev/sdj
qemu is running under the "nova" user (it is running as "qemu" on an
all-in-one server). When I added the "disk" group to the "nova"
user,
the problem went away.
Hm, this seems to indicate that it might not be an SELinux issue, but
still run the above commands just to be sure. Never hurts to check that :)
Doing the same on the all-in-one machine did not have this problem,
but
them access is directly to the LV, not via iSCSI, and the user is
different, though it does not have the "disk" group attached.
Now, I'm wondering if adding the "disk" group is the right thing to so,
considering that the all-in-one does not need this, or there is a more
elegant solution.
Best regards / Mit freundlichen Grüßen
Lutz Christoph