[Expired for OpenStack Compute (nova) because there has been no activity for 60 days.]
** Changed in: nova Status: Incomplete => Expired -- You received this bug notification because you are a member of Yahoo! Engineering Team, which is subscribed to OpenStack Compute (nova). https://bugs.launchpad.net/bugs/2003848 Title: Error by Live Snapshot and not Live Snapshot Status in OpenStack Compute (nova): Expired Bug description: Hi, I want to take a snapshot. Both live and when the instances are switched off. Ubuntu 20.04 # Ansible managed DISTRIB_ID="OSA" DISTRIB_RELEASE="25.2.0" DISTRIB_CODENAME="Yoga" DISTRIB_DESCRIPTION="OpenStack-Ansible" nova-25.0.2.dev8.dist-info Compiled against library: libvirt 8.0.0 Using library: libvirt 8.0.0 Using API: QEMU 8.0.0 Running hypervisor: QEMU 4.2.1 ii apparmor 2.13.3-7ubuntu5.1 amd64 user-space parser utility for AppArmor I've also Adjusted virt-aa-helper: #include <tunables/global> profile virt-aa-helper /usr/lib/libvirt/virt-aa-helper flags=(complain) { #include <abstractions/base> #include <abstractions/openssl> # needed for searching directories capability dac_override, capability dac_read_search, # needed for when disk is on a network filesystem network inet, network inet6, deny @{PROC}/[0-9]*/mounts r, @{PROC}/[0-9]*/net/psched r, owner @{PROC}/[0-9]*/status r, @{PROC}/filesystems r, # Used when internally running another command (namely apparmor_parser) @{PROC}/@{pid}/fd/ r, # allow reading libnl's classid file /etc/libnl{,-3}/classid r, # for gl enabled graphics /dev/dri/{,*} r, # for hostdev /sys/devices/ r, /sys/devices/** r, /sys/bus/usb/devices/ r, deny /dev/sd* r, deny /dev/vd* r, deny /dev/dm-* r, deny /dev/drbd[0-9]* r, deny /dev/dasd* r, deny /dev/nvme* r, deny /dev/zd[0-9]* r, deny /dev/mapper/ r, deny /dev/mapper/* r, /usr/lib/libvirt/virt-aa-helper mr, /{usr/,}sbin/apparmor_parser Ux, /etc/apparmor.d/libvirt/* r, /etc/apparmor.d/libvirt/libvirt-[0-9a-f]*-[0-9a-f]*-[0-9a-f]*-[0-9a-f]*-[0-9a-f]* rw, # for backingstore -- allow access to non-hidden files in @{HOME} as well # as storage pools audit deny @{HOME}/.* mrwkl, audit deny @{HOME}/.*/ rw, audit deny @{HOME}/.*/** mrwkl, audit deny @{HOME}/bin/ rw, audit deny @{HOME}/bin/** mrwkl, @{HOME}/ r, @{HOME}/** r, /var/lib/libvirt/images/ rw, /var/lib/libvirt/images/** rw, # nova base images (LP: #907269) /var/lib/nova/images/** rw, /var/lib/nova/instances/_base/** rw, # nova snapshots (LP: #1244694) /var/lib/nova/instances/snapshots/** rw, } Filesystem: OCFS2 [keystone_authtoken] insecure = False auth_type = password auth_url = www_authenticate_uri = project_domain_id = default user_domain_id = default project_name = service username = nova password = region_name = RegionOne service_token_roles_required = False service_token_roles = service service_type = compute memcached_servers = token_cache_time = 300 [libvirt] inject_partition = -2 inject_password = False inject_key = False virt_type = kvm live_migration_with_native_tls = true live_migration_scheme = tls live_migration_inbound_addr = xxx.xxx.xxx.xxx hw_disk_discard = ignore disk_cachemodes = iscsi_use_multipath = True To manage notifications about this bug go to: https://bugs.launchpad.net/nova/+bug/2003848/+subscriptions -- Mailing list: https://launchpad.net/~yahoo-eng-team Post to : yahoo-eng-team@lists.launchpad.net Unsubscribe : https://launchpad.net/~yahoo-eng-team More help : https://help.launchpad.net/ListHelp