Re: [ovs-discuss] Unable to add flows - Operation not permitted
On Wed, May 05, 2021 at 07:38:45PM +, Seshadri, Usha wrote: > 1. I am trying to add flows by executing the following command on the CLI > as a non-root user, but I see 'Operation not permitted' errors in the log > file as provided below: [...] > 2021-05-05T16:05:15.278Z|00012|ofproto_dpif|ERR|failed to open datapath of > type system: Operation not permitted > 2021-05-05T16:05:15.278Z|00013|ofproto|ERR|failed to open datapath br0: > Operation not permitted > 2021-05-05T16:05:15.278Z|00014|bridge|ERR|failed to create bridge br0: > Operation not permitted I guess that you are using the OVS datapath that uses the Linux kernel module. Ordinarily, this does require root. People who work with containers a lot (nto me) might know some workaround. > 1. Running the command again says the bridge already exists. > > ovs-vsctl add-br br0 > ovs-vsctl: cannot create a bridge named br0 because a bridge named br0 > already exists Yes. ovs-vsctl just modifies the database, which already has an entry for the bridge. OVS tries to configure the system to look like the database, but it doesn't succeed because it doesn't have the right permissions. > It appears I may be running into permissions issue. The owner + group > permissions are identical, owned by root. The user in OpenShift belongs to > the root group. Does OVS need to run as root? Any help with this is greatly > appreciated. I can't help with this part, but maybe someone else can. ___ discuss mailing list disc...@openvswitch.org https://mail.openvswitch.org/mailman/listinfo/ovs-discuss
[ovs-discuss] Unable to add flows - Operation not permitted
Hello, I am a newbie to OVS. I am trying to explore adding flows on the command line and running into 'Operation not permitted' errors. Setup: 1. Docker image: Base CentOS 8 image + openvswitch binaries via dnf install 2. Image from step 1 deployed on OpenShift. 3. Startup OVS via ovs-ctl as a non-root user using 'ovs-ctl start' command on the CLI and the output from the command is as given below. I can see ovsdb-server and ovs-vswitchd are successfully running via the 'ps' command. ovs-ctl start /etc/openvswitch/conf.db does not exist ... (warning). Creating empty database /etc/openvswitch/conf.db [ OK ] nice: cannot set niceness: Permission denied Starting ovsdb-server [ OK ] system ID not configured, please use --system-id ... failed! Configuring Open vSwitch system IDs [ OK ] nice: cannot set niceness: Permission denied Starting ovs-vswitchd [ OK ] Enabling remote OVSDB managers [ OK ] 1. I am trying to add flows by executing the following command on the CLI as a non-root user, but I see 'Operation not permitted' errors in the log file as provided below: ovs-vsctl add-br br0 ovs-vsctl: Error detected while setting up 'br0'. See ovs-vswitchd log for details. ovs-vsctl: The default log directory is "/var/log/openvswitch". cat /var/log/openvswitch/ovs-vswitchd.log 2021-05-05T14:44:19.191Z|1|vlog|INFO|opened log file /var/log/openvswitch/ovs-vswitchd.log 2021-05-05T14:44:19.192Z|2|vswitchd|ERR|mlockall failed: Cannot allocate memory 2021-05-05T14:44:19.193Z|3|ovs_numa|INFO|Discovered 8 CPU cores on NUMA node 0 2021-05-05T14:44:19.193Z|4|ovs_numa|INFO|Discovered 1 NUMA nodes and 8 CPU cores 2021-05-05T14:44:19.194Z|5|reconnect|INFO|unix:/var/run/openvswitch/db.sock: connecting... 2021-05-05T14:44:19.195Z|6|netlink_socket|INFO|netlink: could not enable listening to all nsid (Operation not permitted) 2021-05-05T14:44:19.196Z|7|reconnect|INFO|unix:/var/run/openvswitch/db.sock: connected 2021-05-05T14:44:19.199Z|8|dpif_netlink|INFO|The kernel module does not support meters. 2021-05-05T14:44:19.201Z|9|bridge|INFO|ovs-vswitchd (Open vSwitch) 2.12.0 2021-05-05T16:05:15.276Z|00010|memory|INFO|2964 kB peak resident set size after 4856.1 seconds 2021-05-05T16:05:15.277Z|00011|dpif|WARN|failed to create datapath ovs-system: Operation not permitted 2021-05-05T16:05:15.278Z|00012|ofproto_dpif|ERR|failed to open datapath of type system: Operation not permitted 2021-05-05T16:05:15.278Z|00013|ofproto|ERR|failed to open datapath br0: Operation not permitted 2021-05-05T16:05:15.278Z|00014|bridge|ERR|failed to create bridge br0: Operation not permitted 1. Running the command again says the bridge already exists. ovs-vsctl add-br br0 ovs-vsctl: cannot create a bridge named br0 because a bridge named br0 already exists It appears I may be running into permissions issue. The owner + group permissions are identical, owned by root. The user in OpenShift belongs to the root group. Does OVS need to run as root? Any help with this is greatly appreciated. Thanks, Usha ___ discuss mailing list disc...@openvswitch.org https://mail.openvswitch.org/mailman/listinfo/ovs-discuss
