openstack team mailing list archive

Thread
Date

Re: ANNOUNCE: Ultimate OpenStack Grizzly Guide, with super easy Quantum!

To: Martinx - ジェームズ <thiagocmartinsc@xxxxxxxxx>
From: Jean-Baptiste RANSY <jean-baptiste.ransy@xxxxxxxxxx>
Date: Thu, 21 Mar 2013 15:26:39 +0100
Cc: "openstack-operators@xxxxxxxxxxxxxxxxxxx" <openstack-operators@xxxxxxxxxxxxxxxxxxx>, "openstack@xxxxxxxxxxxxxxxxxxx" <openstack@xxxxxxxxxxxxxxxxxxx>
In-reply-to: <CAJSM8J3w3J5qASaGWBsBKVahkqT2azoXnCFJrob4_=g5ZxsZpw@mail.gmail.com>
User-agent: Mozilla/5.0 (X11; Linux x86_64; rv:17.0) Gecko/20130106 Thunderbird/17.0.2

Hello Thiago,

I think it's better to use rootwrap in sudoers :

nova ALL = (root) NOPASSWD: /usr/bin/nova-rootwrap /etc/nova/rootwrap.conf *
cinder ALL = (root) NOPASSWD: /usr/bin/cinder-rootwrap
/etc/cinder/rootwrap.conf *
quantum ALL = (root) NOPASSWD: /usr/bin/quantum-rootwrap
/etc/quantum/rootwrap.conf *

NOTE : with quantum (l3, dhcp, etc ..) you can encounter issue with
rootwrap, especially with namespaces (i don't know if this is still the
case)
To fix that, just add 'root_helper = sudo /usr/bin/quantum-rootwrap
/etc/quantum/rootwrap.conf' in the .ini file of each quantum service.

I don't know why root_helper isn't in each quantum service sample files
if it must be configured ... is it normal or not ?
If this addition (to add root_helper in each ini file) should not be
necessary, I think i identified the root problem.
In the dhcp_agent for example, just need to replace each occurrences of
'self.conf.root_helper' by 'self.root_helper'

If someone has the answer, let me know if I should open a bug or not.

Regards,


jbr_


On 03/21/2013 01:19 AM, Martinx - ジェームズ wrote:
> 1 problem fixed with:
>
> visudo
>
> ---
> quantum ALL=NOPASSWD: ALL
> cinder ALL=NOPASSWD: ALL
> nova ALL=NOPASSWD: ALL
> ---
>
> Guide updated...
>
>
> On 20 March 2013 19:51, Martinx - ジェームズ
> <thiagocmartinsc@xxxxxxxxx <mailto:thiagocmartinsc@xxxxxxxxx>> wrote:
>
>     Hi!
>
>      I'm working with Grizzly G3+RC1 on top of Ubuntu 12.04.2 and here
>     is the guide I wrote:
>
>      Ultimate OpenStack Grizzly Guide
>     <https://gist.github.com/tmartinx/d36536b7b62a48f859c2>
>
>      It covers:
>
>      * Ubuntu 12.04.2
>      * Basic Ubuntu setup
>      * KVM
>      * OpenvSwitch
>      * Name Resolution for OpenStack components;
>      * LVM for Instances
>      * Keystone
>      * Glance
>      * Quantum - Single Flat, Super Green!!
>      * Nova
>      * Cinder / tgt
>      * Dashboard
>
>      It is still a draft but, every time I deploy Ubuntu and Grizzly,
>     I follow this little guide...
>
>      I would like some help to improve this guide... If I'm doing
>     something wrong, tell me! Please!
>
>      Probably I'm doing something wrong, I don't know yet, but I'm
>     seeing some errors on the logs, already reported here on this
>     list. Like for example: nova-novncproxy conflicts with novnc (no
>     VNC console for now), dhcp-agent.log / auth.log points to some
>     problems with `sudo' or the `rootwarp' subsystem when dealing with
>     metadata (so it isn't working)...
>
>      But in general, it works great!!
>
>     Best!
>     Thiago
>
>
>
>
> _______________________________________________
> Mailing list: https://launchpad.net/~openstack
> Post to     : openstack@xxxxxxxxxxxxxxxxxxx
> Unsubscribe : https://launchpad.net/~openstack
> More help   : https://help.launchpad.net/ListHelp

Follow ups

Re: ANNOUNCE: Ultimate OpenStack Grizzly Guide, with super easy Quantum!
From: Razique Mahroua, 2013-03-21

References

ANNOUNCE: Ultimate OpenStack Grizzly Guide, with super easy Quantum!
From: Martinx - ジェームズ, 2013-03-20
Re: ANNOUNCE: Ultimate OpenStack Grizzly Guide, with super easy Quantum!
From: Martinx - ジェームズ, 2013-03-21