yahoo-eng-team team mailing list archive
-
yahoo-eng-team team
-
Mailing list archive
-
Message #65093
[Bug 1672357] Re: [Newton][Nova] When deploying an instance. Get the following error: sudo: pam_unix(sudo:auth): auth could not identify password for [nova]sudo: pam_unix(sudo:auth): auth could not identify password for [nova]
[Expired for OpenStack Compute (nova) because there has been no activity
for 60 days.]
** Changed in: nova
Status: Incomplete => Expired
--
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to OpenStack Compute (nova).
https://bugs.launchpad.net/bugs/1672357
Title:
[Newton][Nova] When deploying an instance. Get the following error:
sudo: pam_unix(sudo:auth): auth could not identify password for
[nova]sudo: pam_unix(sudo:auth): auth could not identify password for
[nova]
Status in OpenStack Compute (nova):
Expired
Bug description:
I have recently installed a new Openstackcloud.
One controller and two nova nodes. When I tried to launch a new instance I got an error.
I could only launch instance on the controller node, but not on the two nova nodes.
The error message I got was:
==> nova/nova-compute.log <==
2017-03-13 09:18:37.738 780 INFO oslo.privsep.daemon [req-ad1726ad-ce87-4bda-a359-25f68d7aa0be - - - - -] Running privsep helper: ['sudo', 'nova-rootwrap', '/etc/nova/rootwrap.conf', 'privsep-helper', '--config-file', '/etc/nova/nova.conf', '--config-file', '/etc/nova/nova-compute.conf', '--privsep_context', 'os_brick.privileged.default', '--privsep_sock_path', '/tmp/tmpcWGEib/privsep.sock']
==> auth.log <==
Mar 13 09:18:37 nova1 sudo: pam_unix(sudo:auth): auth could not identify password for [nova]
Mar 13 09:18:37 nova1 sudo: nova : command not allowed ; TTY=unknown ; PWD=/var/lib/nova ; USER=root ; COMMAND=/usr/local/bin/nova-rootwrap /etc/nova/rootwrap.conf privsep-helper --config-file /etc/nova/nova.conf --config-file /etc/nova/nova-compute.conf --privsep_context os_brick.privileged.default --privsep_sock_path /tmp/tmpcWGEib/privsep.sock
==> nova/nova-compute.log <==
2017-03-13 09:18:37.772 780 CRITICAL oslo.privsep.daemon [req-ad1726ad-ce87-4bda-a359-25f68d7aa0be - - - - -] privsep helper command exited non-zero (1)
2017-03-13 09:18:37.777 780 WARNING oslo.privsep.daemon [-] privsep log: sudo: no tty present and no askpass program specified
2017-03-13 09:18:37.794 780 ERROR nova.compute.manager [req-ad1726ad-ce87-4bda-a359-25f68d7aa0be - - - - -] [instance: 7842db94-82bb-4b48-8dbe-6e7b33ee4b12] Instance failed block device setup
2017-03-13 09:18:37.794 780 ERROR nova.compute.manager [instance: 7842db94-82bb-4b48-8dbe-6e7b33ee4b12] Traceback (most recent call last):
2017-03-13 09:18:37.794 780 ERROR nova.compute.manager [instance: 7842db94-82bb-4b48-8dbe-6e7b33ee4b12] File "/usr/lib/python2.7/dist-packages/nova/compute/manager.py", line 1582, in _prep_block_device
2017-03-13 09:18:37.794 780 ERROR nova.compute.manager [instance: 7842db94-82bb-4b48-8dbe-6e7b33ee4b12] wait_func=self._await_block_device_map_created)
After some investigation I had to change a couple of thing to get it to work.
1.) Add the following line to sudoer
nova ALL = (root) NOPASSWD: /usr/local/bin/nova-rootwrap /etc/nova/rootwrap.conf *
According to the manual, it should be /usr/bin/nova-rootwrap. But that didn't work either.
2.) Change owner on directory /var/lib/nova/instance to nova:nova. For some reason it is registered as root:root.
For some reason most directory in /var/lib/nova has owner root:root.
I have follow the installation manual for Openstack newton.
To manage notifications about this bug go to:
https://bugs.launchpad.net/nova/+bug/1672357/+subscriptions
References
