2:39 a.m.
On Tue, Dec 10, 2019 at 4:35 PM Robert Webb <rwebb(a)ropeguru.com> wrote:
...
>https://ovirt.org/develop/troubleshooting-nfs-storage-issues.html
>
>Generally speaking:
>
>Files there are created by vdsm (vdsmd), but are used (when running VMs)
>by qemu. So both of them need access.
So the link to the NFS storage troubleshooting page is where I found that the perms
needed to be 755.
I think this is an error in the troubleshooting page. There is no
reason to allow access to
other users except vdsm:kvm.
...
Like this:
drwxr-xr-x+ 2 vdsm kvm 4096 Dec 10 09:03 .
drwxr-xr-x+ 3 vdsm kvm 4096 Dec 10 09:02 ..
-rw-rw---- 1 vdsm kvm 53687091200 Dec 10 09:02 5a514067-82fb-42f9-b436-f8f93883fe27
-rw-rw---- 1 vdsm kvm 1048576 Dec 10 09:03
5a514067-82fb-42f9-b436-f8f93883fe27.lease
-rw-r--r-- 1 vdsm kvm 298 Dec 10 09:03
5a514067-82fb-42f9-b436-f8f93883fe27.meta
So, with all that said, I cleaned everything up and my directory permissions look like
what Tony posted for his. I have added in his export options to my setup and rebooted my
host.
I created a new VM from scratch and the files under images now look like this:
drwxr-xr-x+ 2 vdsm kvm 4096 Dec 10 09:03 .
drwxr-xr-x+ 3 vdsm kvm 4096 Dec 10 09:02 ..
-rw-rw---- 1 vdsm kvm 53687091200 Dec 10 09:02 5a514067-82fb-42f9-b436-f8f93883fe27
-rw-rw---- 1 vdsm kvm 1048576 Dec 10 09:03
5a514067-82fb-42f9-b436-f8f93883fe27.lease
-rw-r--r-- 1 vdsm kvm 298 Dec 10 09:03
5a514067-82fb-42f9-b436-f8f93883fe27.meta
Still not the 755 as expected,
It is not expected, the permissions look normal.
These are the permissions used for volumes on file based storage:
lib/vdsm/storage/constants.py:FILE_VOLUME_PERMISSIONS = 0o660
but I am guessing with the addition of the "anonuid=36,anongid=36" to
the exports, everything is now working as expected. The VM will boot
and run as expected. There was nothing in the any of the documentation
which alluded to possibly needed the additional options in the NFS
export options.
I this is a libvirt issue, it tries to access volumes as root, and
without anonuid=36,anongid=36
it will be squashed to nobody and fail.
Nir
2:52 a.m.
New subject: Still having NFS issues. (Permissions)
On Fri, Dec 13, 2019 at 1:39 AM Nir Soffer <nsoffer(a)redhat.com> wrote:
On Tue, Dec 10, 2019 at 4:35 PM Robert Webb <rwebb(a)ropeguru.com> wrote:
...
> >https://ovirt.org/develop/troubleshooting-nfs-storage-issues.html
> >
> >Generally speaking:
> >
> >Files there are created by vdsm (vdsmd), but are used (when running VMs)
> >by qemu. So both of them need access.
>
> So the link to the NFS storage troubleshooting page is where I found that the perms
needed to be 755.
I think this is an error in the troubleshooting page. There is no
reason to allow access to
other users except vdsm:kvm.
The page mentions other daemons:
> In principle, the user vdsm, with uid 36 and gid 36, must have
read and write permissions on
> all NFS exports. However, some daemons on the hypervisor hosts (for example,
sanlock)
> use a different uid but need access to the directory too.
But other daemon that should have access to vdsm storage are in the
kvm group (vdsm configure
this during installation):
$ id sanlock
uid=179(sanlock) gid=179(sanlock) groups=179(sanlock),6(disk),36(kvm),107(qemu)
...
> Like this:
>
> drwxr-xr-x+ 2 vdsm kvm 4096 Dec 10 09:03 .
> drwxr-xr-x+ 3 vdsm kvm 4096 Dec 10 09:02 ..
> -rw-rw---- 1 vdsm kvm 53687091200 Dec 10 09:02
5a514067-82fb-42f9-b436-f8f93883fe27
> -rw-rw---- 1 vdsm kvm 1048576 Dec 10 09:03
5a514067-82fb-42f9-b436-f8f93883fe27.lease
> -rw-r--r-- 1 vdsm kvm 298 Dec 10 09:03
5a514067-82fb-42f9-b436-f8f93883fe27.meta
>
>
> So, with all that said, I cleaned everything up and my directory permissions look
like what Tony posted for his. I have added in his export options to my setup and rebooted
my host.
>
> I created a new VM from scratch and the files under images now look like this:
>
> drwxr-xr-x+ 2 vdsm kvm 4096 Dec 10 09:03 .
> drwxr-xr-x+ 3 vdsm kvm 4096 Dec 10 09:02 ..
> -rw-rw---- 1 vdsm kvm 53687091200 Dec 10 09:02
5a514067-82fb-42f9-b436-f8f93883fe27
> -rw-rw---- 1 vdsm kvm 1048576 Dec 10 09:03
5a514067-82fb-42f9-b436-f8f93883fe27.lease
> -rw-r--r-- 1 vdsm kvm 298 Dec 10 09:03
5a514067-82fb-42f9-b436-f8f93883fe27.meta
>
>
> Still not the 755 as expected,
It is not expected, the permissions look normal.
These are the permissions used for volumes on file based storage:
lib/vdsm/storage/constants.py:FILE_VOLUME_PERMISSIONS = 0o660
but I am guessing with the addition of the "anonuid=36,anongid=36" to
the exports, everything is now working as expected. The VM will boot
and run as expected. There was nothing in the any of the documentation
which alluded to possibly needed the additional options in the NFS
export options.
I this is a libvirt issue, it tries to access volumes as root, and
without anonuid=36,anongid=36
it will be squashed to nobody and fail.
Nir
1807
days inactive
1807
days old
1 comments
1 participants
participants (1)
-
Nir Soffer