[libvirt-users] Error starting domain: internal error: Unable to add port vnet0 to OVS bridge br0
Laine Stump
laine at redhat.com
Tue Mar 26 17:31:12 UTC 2019
I added libvirt-users at redhat.com back to the Cc for this response.
Please don't remove the list address when responding to postings on a
mailing list. A message to the list is *much* more likely to reach
someone who knows the answer than is a private message to a single person.
On 3/26/19 10:03 AM, Harsh Gondaliya wrote:
> Mar 26 19:25:01 dpdk-OptiPlex-5040 libvirtd.service: 20423: error :
> virCommandWait:2553 : internal error: Child process (ovs-vsctl
> --timeout=5 -- --if-exists del-port vnet0 -- add-port br0 vnet0 -- set
> Interface vnet0 'external-ids:attached-mac="52:54:00:90:c6:c3"' -- set
> Interface vnet0
> 'external-ids:iface-id="a9700eff-03a7-4c47-a112-429fc20677a2"' -- set
> Interface vnet0
> 'external-ids:vm-id="41b4eef0-b820-41da-9034-9de22e1379e0"' -- set
> Interface vnet0 external-ids:iface-status=active) unexpected exit status
> 126:
> *
> *
> *libvirt: error : cannot execute binary ovs-vsctl: Permission denied*
>
> Mar 26 19:25:01 dpdk-OptiPlex-5040 kernel: [ 1932.243181] audit:
> type=1400 audit(1553608501.701:59): apparmor="DENIED" operation="exec"
> profile="/usr/sbin/libvirtd" name="/usr/local/bin/ovs-vsctl" pid=20679
> comm="libvirtd" requested_mask="x" denied_mask="x" fsuid=0 ouid=0
AppArmor is prohibiting it for some reason. I don't run debian or
ubuntu, so I don't have any idea how AppArmor works. Possibly someone
else on the list knows (or maybe you could search for help on AppArmor
somewhere).
>
> Mar 26 19:25:01 dpdk-OptiPlex-5040 libvirtd.service: 20423: debug :
> virCommandRun:2280 : Result status 0, stdout: '' stderr: 'libvirt:
> error : cannot execute binary ovs-vsctl: Permission denied#012'
> Mar 26 19:25:01 dpdk-OptiPlex-5040 libvirtd.service: 20423: error :
> virNetDevOpenvswitchAddPort:155 : internal error: Unable to add port
> vnet0 to OVS bridge br0
> Mar 26 19:25:01 dpdk-OptiPlex-5040 NetworkManager[1096]: <info>
> [1553608501.7126] devices removed (path: /sys/devices/virtual/net/vnet0,
> iface: vnet0)
>
>
> libvrt does not have permissions to execute ovs-vsctl. How can I get
> this issue sorted out?
>
> On Wed, Mar 20, 2019 at 12:10 AM Laine Stump <laine at redhat.com
> <mailto:laine at redhat.com>> wrote:
>
> On 3/15/19 3:21 AM, Harsh Gondaliya wrote:
> > I have installed OVS from sources using the installation steps
> mentioned
> > on this link:
> http://docs.openvswitch.org/en/latest/intro/install/general/
> >
> > I had installed libvrt, KVM, QEMU and all the necessary packages
> using
> > apt-get. My KVM-QEMU hypervisor has been running well.
> >
> > To add a VM with the port attached to OVS bridge I changed the XML
> > domain file as per the instructions on this page:
> > http://docs.openvswitch.org/en/latest/howto/libvirt/
> >
> > But the when I start the VM using the Virtual Machine Manager I get
> > the following error:
> > *Error starting domain: internal error: Unable to add port vnet0
> to OVS
> > bridge br0*
>
> libvirt is creating a tap device, then running ovs-vsctl to attempt to
> attach it to the configured switch. To see what command is run, and
> what
> error is output, add this to your /etc/libvirt/libvirt.d:
>
> log_filters="1:util.command 1:util.netdevopenvswitch"
> log_outputs="1:syslog:libvirtd.service"
>
> and restart the libvirt service, then attempt to start your guest while
> watching the system logs. You will see an ovs-vsctl command run by
> virCommandRunAsync. That command and its output should give you a clue
> to what is missing from the locally-built openvswitch vs the official
> package installed with apt-get.
>
>
> > Traceback (most recent call last):
> > File "/usr/share/virt-manager/virtManager/asyncjob.py", line
> 90, in
> > cb_wrapper
> > callback(asyncjob, *args, **kwargs)
> > File "/usr/share/virt-manager/virtManager/asyncjob.py", line
> 126, in
> > tmpcb
> > callback(*args, **kwargs)
> > File "/usr/share/virt-manager/virtManager/libvirtobject.py",
> line 83,
> > in newfn
> > ret = fn(self, *args, **kwargs)
> > File "/usr/share/virt-manager/virtManager/domain.py", line
> 1402, in
> > startup
> > self._backend.create()
> > File "/usr/lib/python2.7/dist-packages/libvirt.py", line 1035,
> in create
> > if ret == -1: raise libvirtError ('virDomainCreate()
> failed', dom=self)
> > libvirtError: internal error: Unable to add port vnet0 to OVS
> bridge br0
> >
> > My output for ovs-vsctl show:
> > 3c28f516-dd5c-43cf-bea1-7c068668d1f6
> > Bridge "br0"
> > Port "enp0s31f6"
> > Interface "enp0s31f6"
> > Port "br0"
> > Interface "br0"
> > type: internal
> > ovs_version: "2.11.90"
> >
> > *However, when OVS is installed using apt-get rather than installing
> > from source or tarball, all these steps work very well.*
> > *
> > *
> > Please guide me why this error is occurring. I am using Ubuntu
> 16.04 LTS
> > as my host machine. Many users are facing this issue and they have
> > reported it on OVS and other mailing lists. But, none is able to
> give a
> > satisfactory solution.
> >
> > Regards,
> > Harsh
> >
> >
> > _______________________________________________
> > libvirt-users mailing list
> > libvirt-users at redhat.com <mailto:libvirt-users at redhat.com>
> > https://www.redhat.com/mailman/listinfo/libvirt-users
> >
>
More information about the libvirt-users
mailing list