yahoo-eng-team team mailing list archive
-
yahoo-eng-team team
-
Mailing list archive
-
Message #77724
[Bug 1756823] Re: systemd based mount failures with Quobyte driver
Reviewed: https://review.openstack.org/554195
Committed: https://git.openstack.org/cgit/openstack/nova/commit/?id=7231f7dee10fa8f9e6cead026f6a5ae3f5b15ae4
Submitter: Zuul
Branch: master
commit 7231f7dee10fa8f9e6cead026f6a5ae3f5b15ae4
Author: Silvan Kaiser <silvan@xxxxxxxxxxx>
Date: Mon Mar 19 11:26:22 2018 +0100
Exec systemd-run without --user flag in Quobyte driver
Removes the --user flag from the systemd based mount command in the
Quobyte driver. This prevents mount failures due to:
- Older systemd releases not supporting the --user flag (e.g. CentOS)
- Systemd versions having a bug preventing running the --scope and
--user flags together
- processutils context not allowing mount to run with this flag
(see bug referenced below for details)
Furthermore the systemd detection is fixed and
all mount and umount commands are moved to libvirt privsep.
Closes-Bug: #1756823
Change-Id: I53f3a062ce419d1142d7dd3103fab565bb105e05
** Changed in: nova
Status: In Progress => Fix Released
--
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to OpenStack Compute (nova).
https://bugs.launchpad.net/bugs/1756823
Title:
systemd based mount failures with Quobyte driver
Status in OpenStack Compute (nova):
Fix Released
Bug description:
I'm rewriting the bug report as the original report was not accurate
enough (still, the original report can be seen further down in this
entry).
Updated bug report:
The Quobyte Nova driver checks for the presence of systemd in order to run mounts via systemd-run if available. However the systemd mount execution is broken in several aspects:
a) systemd detection has an additional whitespace in the path comparison, causing all instances to run without systemd
b) The systemd-run call is broken for CentOS as so far the currently installed systemd version on centos is 219 which does not support the '--user' flag
c) systemd had a bug for several releases that caused "systemctl-run --scope --user" calls to fail on e.g. Ubuntu Xenial (uses v229, fix in systemd was released in v238 according to [1]).
d) When run via processutils the systemd based mount command is executed in a context that does not allow using the "--user" flag resulting in an error as shown in the original bug report. This looks similar to executing systemd-run with --user option as user root.
For these reasons (b to d) the systemd mount variant in the driver
needs to be run as root and the detection (a) to be fixed.
[1] https://github.com/systemd/systemd/blob/master/NEWS
Original bug report:
With different linux distros the systemd-run based mount of a Quobyte volume can fail. This is connected to the --user option causing issues with privilege escalation. Log example:
Mar 19 09:09:27 manualnovaci nova-compute[20516]: ERROR nova.compute.manager [instance: 6ffe17b6-9706-48d2-9ca5-73a670889a19] ProcessExecutionError: Unexpected error while running command.
Mar 19 09:09:27 manualnovaci nova-compute[20516]: ERROR nova.compute.manager [instance: 6ffe17b6-9706-48d2-9ca5-73a670889a19] Command: systemd-run --scope --user mount.quobyte --disable-xattrs 78.46.57.153:7861/
Mar 19 09:09:27 manualnovaci nova-compute[20516]: ERROR nova.compute.manager [instance: 6ffe17b6-9706-48d2-9ca5-73a670889a19] Exit code: 1
Mar 19 09:09:27 manualnovaci nova-compute[20516]: ERROR nova.compute.manager [instance: 6ffe17b6-9706-48d2-9ca5-73a670889a19] Stdout: u''
Mar 19 09:09:27 manualnovaci nova-compute[20516]: ERROR nova.compute.manager [instance: 6ffe17b6-9706-48d2-9ca5-73a670889a19] Stderr: u'Failed to create bus connection: No such file or directory\n'
Besides this the current systemd check is erroneous due to whitespace
in path.
To manage notifications about this bug go to:
https://bugs.launchpad.net/nova/+bug/1756823/+subscriptions
References
