[libvirt] Question about verifying same uid:gid in src and dst for live migration
Daniel P. Berrangé
berrange at redhat.com
Wed May 9 07:55:30 UTC 2018
On Wed, May 09, 2018 at 01:45:53PM +0800, Fei Li wrote:
> Hi,
>
> When I do live migration using virsh command line based on NFS shared
> storage between two systems
> having the same security mechanism and having the same kvm/qemu/libvirt
> version, I encounter the
> following error:
>
> debug : qemuMonitorJSONIOProcessLine:193 : Line [{"timestamp": {"seconds": 1524893525, "microseconds": 522686},
> "event": "BLOCK_IO_ERROR", "data": {"device": "drive-virtio-disk0", "nospace": false, "node-name": "#block120",
> "reason": "Permission denied", "operation": "write", "action": "report"}}]
> ...
> error: internal error: qemu unexpectedly closed the monitor:
> qemu-system-x86_64: load of migration failed: Input/output error
> ...
>
> According to the "Permission denied" && "write" information, I find the
> below 2 ways can fix this error:
> - Change the mode of guest's .qcow2 file from 644 to 646
Absolutely no - any process or user that can access the mount can
then compromise your disk images
> - Keep qemu's uid the same one between src host and dst host (They are not
> same before I change them)
You *must* have the same uid+gid between source and dest hosts
> After confirming that keeping qemu's uid identical between src host and dst
> host can fix such issue,
> my question is whether a fix in libvirt should be pursued or just document
> the requirement for same
> uid:gid across host systems in a migration cluster is ok?
In Fedora and RHEL at least the system is setup so that these users get
a fixed uid:gid upon installation to avoid this kind of problem.
Regards,
Daniel
--
|: https://berrange.com -o- https://www.flickr.com/photos/dberrange :|
|: https://libvirt.org -o- https://fstop138.berrange.com :|
|: https://entangle-photo.org -o- https://www.instagram.com/dberrange :|
More information about the libvir-list
mailing list