48956 2023-12-28 09:48:12 +0300 Permission denied: ‘/var/log/glance/glance-manage.log’ 2023-12-28 09:51:54 +0300 1 1 1 Unclassified Branch p10 openstack-glance не указана x86_64 Linux NEW P5 normal --- 1 alimektor grenka aminov qa-p10 oldest_to_newest 239701 0 alimektor 2023-12-28 09:48:12 +0300 Версия - openstack-glance-19.0.0-alt1 Шаги воспроизведения 1. Установить пакеты: # apt-get install -y openstack-glance mariadb-common mariadb-server memcached openstack-keystone python3-module-openstackclient apache2-cgi-bin 2. Запустить сервисы: # systemctl enable --now memcached mysqld.service && sleep 5; systemctl status memcached mysqld.service --no-pager -l 3. Настроить Keystone (от root): echo "CREATE DATABASE keystone;" | mysql -u root echo "GRANT ALL PRIVILEGES ON keystone.* TO 'keystone'@'localhost' IDENTIFIED BY '1';" | mysql -u root echo "GRANT ALL PRIVILEGES ON keystone.* TO 'keystone'@'%' IDENTIFIED BY '1';" | mysql -u root awk '/^\[database\]/{p=1} p && /^$/ && !a {print "connection = mysql+pymysql://keystone:1@127.0.0.1/keystone"; a=1} 1' /etc/keystone/keystone.conf > /etc/keystone/keystone.conf.tmp && \mv /etc/keystone/keystone.conf.tmp /etc/keystone/keystone.conf awk '/^\[cache\]/{p=1} p && /^$/ && !a {print "enabled = true\nbackend = dogpile.cache.memcached"; a=1} 1' /etc/keystone/keystone.conf > /etc/keystone/keystone.conf.tmp && \mv /etc/keystone/keystone.conf.tmp /etc/keystone/keystone.conf cat > /etc/my.cnf.d/openstack.cnf <<'EOF' [mysqld] bind-address = 127.0.0.1 default-storage-engine = innodb innodb_file_per_table max_connections = 4096 collation-server = utf8_general_ci character-set-server = utf8 EOF sed -i "/skip-networking/d" /etc/my.cnf.d/server.cnf systemctl restart mariadb keystone-manage db_sync keystone-manage fernet_setup --keystone-user keystone --keystone-group keystone keystone-manage credential_setup --keystone-user keystone --keystone-group keystone keystone-manage bootstrap --bootstrap-password 1 --bootstrap-admin-url http://$(hostname -i):5000/v3/ --bootstrap-internal-url http://$(hostname -i):5000/v3/ --bootstrap-public-url http://$(hostname -i):5000/v3/ --bootstrap-region-id RegionOne chown -R keystone:keystone /etc/keystone systemctl enable --now httpd2.service cat > auth_data <<'EOF' export OS_AUTH_URL=http://127.0.0.1:5000/v3 export OS_IDENTITY_API_VERSION=3 export OS_USERNAME=admin export OS_PASSWORD=1 export OS_PROJECT_NAME=admin export OS_USER_DOMAIN_NAME=Default export OS_PROJECT_DOMAIN_NAME=Default export OS_REGION_NAME=RegionOne EOF 4. Настроить Glance (от root): . auth_data openstack endpoint create --region RegionOne identity public http://127.0.0.1:5000/v3 openstack endpoint create --region RegionOne identity internal http://127.0.0.1:5000/v3 openstack endpoint create --region RegionOne identity admin http://127.0.0.1:35357/v3 openstack project create --domain default --description TEST service openstack role create user echo "CREATE DATABASE glance;" | mysql -u root echo "GRANT ALL PRIVILEGES ON glance.* TO 'glance'@'127.0.0.1' IDENTIFIED BY '1';" | mysql -u root echo "GRANT ALL PRIVILEGES ON glance.* TO 'glance'@'%' IDENTIFIED BY '1';" | mysql -u root cat > /etc/glance/glance-api.conf <<EOF [DEFAULT] [database] connection = mysql+pymysql://glance:1@127.0.0.1/glance [glance_store] stores = file,http default_store = file filesystem_store_datadir = /var/lib/glance/images/ [image_format] [keystone_authtoken] auth_uri = http://127.0.0.1:5000 auth_url = http://127.0.0.1:35357 memcached_servers = 127.0.0.1:11211 auth_type = password project_domain_name = default user_domain_name = default project_name = service username = glance password = 1 [paste_deploy] flavor = keystone EOF cat > /etc/glance/glance-registry.conf <<EOF [DEFAULT] [database] connection = mysql+pymysql://glance:1@127.0.0.1/glance [keystone_authtoken] auth_uri = http://127.0.0.1:5000 auth_url = http://127.0.0.1:35357 memcached_servers = 127.0.0.1:11211 auth_type = password project_domain_name = default user_domain_name = default project_name = service username = glance password = 1 [paste_deploy] flavor = keystone [profiler] EOF cat > admin_openrc << EOF export OS_PROJECT_DOMAIN_NAME=default export OS_USER_DOMAIN_NAME=default export OS_PROJECT_NAME=admin export OS_USERNAME=admin export OS_PASSWORD=1 export OS_AUTH_URL=http://127.0.0.1:35357/v3 export OS_IDENTITY_API_VERSION=3 export OS_IMAGE_API_VERSION=2 EOF . admin_openrc openstack user create --domain default --password 1 glance openstack role add --project service --user glance admin openstack service create --name glance --description TEST image openstack endpoint create --region RegionOne image public http://127.0.0.1:9292 openstack endpoint create --region RegionOne image internal http://127.0.0.1:9292 openstack endpoint create --region RegionOne image admin http://127.0.0.1:9292 5. Выполнить Sync: # glance-manage db_sync 6. Из-за ошибки https://bugzilla.altlinux.org/48955 - Failed to read config file directory: /etc/glance/glance-api.conf.d/ выполнить: # mkdir -p /etc/glance/glance-api.conf.d 7. Запустить openstack-glance-api: # systemctl start openstack-glance-api # systemctl status openstack-glance-api Ожидаемый результат: нет ошибок в запуске сервиса (code=exited, status=0/SUCCESS). Фактический результат: ошибка Permission denied: '/var/log/glance/glance-manage.log'. Код выхода - (code=exited, status=1/FAILURE) Логи: дек 28 09:41:58 server-10-1-x86-64-20231227.localdomain glance-manage[12426]: Traceback (most recent call last): дек 28 09:41:58 server-10-1-x86-64-20231227.localdomain glance-manage[12426]: File "/usr/bin/glance-manage", line 10, in <module> дек 28 09:41:58 server-10-1-x86-64-20231227.localdomain glance-manage[12426]: sys.exit(main()) дек 28 09:41:58 server-10-1-x86-64-20231227.localdomain glance-manage[12426]: File "/usr/lib/python3/site-packages/glance/cmd/manage.py", line 557, in main дек 28 09:41:58 server-10-1-x86-64-20231227.localdomain glance-manage[12426]: logging.setup(CONF, 'glance') дек 28 09:41:58 server-10-1-x86-64-20231227.localdomain glance-manage[12426]: File "/usr/lib/python3/site-packages/oslo_log/log.py", line 273, in setup дек 28 09:41:58 server-10-1-x86-64-20231227.localdomain glance-manage[12426]: _setup_logging_from_conf(conf, product_name, version) дек 28 09:41:58 server-10-1-x86-64-20231227.localdomain glance-manage[12426]: File "/usr/lib/python3/site-packages/oslo_log/log.py", line 381, in _setup_logging_from_conf дек 28 09:41:58 server-10-1-x86-64-20231227.localdomain glance-manage[12426]: filelog = file_handler(logpath) дек 28 09:41:58 server-10-1-x86-64-20231227.localdomain glance-manage[12426]: File "/usr/lib64/python3.9/logging/handlers.py", line 470, in __init__ дек 28 09:41:58 server-10-1-x86-64-20231227.localdomain glance-manage[12426]: logging.FileHandler.__init__(self, filename, mode=mode, дек 28 09:41:58 server-10-1-x86-64-20231227.localdomain glance-manage[12426]: File "/usr/lib64/python3.9/logging/__init__.py", line 1146, in __init__ дек 28 09:41:58 server-10-1-x86-64-20231227.localdomain glance-manage[12426]: StreamHandler.__init__(self, self._open()) дек 28 09:41:58 server-10-1-x86-64-20231227.localdomain glance-manage[12426]: File "/usr/lib64/python3.9/logging/__init__.py", line 1175, in _open дек 28 09:41:58 server-10-1-x86-64-20231227.localdomain glance-manage[12426]: return open(self.baseFilename, self.mode, encoding=self.encoding, дек 28 09:41:58 server-10-1-x86-64-20231227.localdomain glance-manage[12426]: PermissionError: [Errno 13] Permission denied: '/var/log/glance/glance-manage.log' Решение: # chown glance:glance -R /var/log/glance