ceph-container: Permission denied when creating a journal in a new OSD container

Hi, thank you for your work on these containers. I am running on a small issue, and this is the output:

DEBUG:ceph-disk:OSD id is 0
DEBUG:ceph-disk:Initializing OSD...
INFO:ceph-disk:Running command: /usr/bin/ceph --cluster ceph --name client.bootstrap-osd --keyring /var/lib/ceph/bootstrap-osd/ceph.keyring mon getmap -o /var/lib/ceph/tmp/mnt.y_qXKn/activate.monmap
got monmap epoch 1
INFO:ceph-disk:Running command: /usr/bin/ceph-osd --cluster ceph --mkfs --mkkey -i 0 --monmap /var/lib/ceph/tmp/mnt.y_qXKn/activate.monmap --osd-data /var/lib/ceph/tmp/mnt.y_qXKn --osd-journal /var/lib/ceph/tmp/mnt.y_qXKn/journal --osd-uuid 29cd5619-cb46-41da-be4e-05f86180b67c --keyring /var/lib/ceph/tmp/mnt.y_qXKn/keyring --setuser ceph --setgroup ceph
2015-12-03 16:18:44.042200 7f8c7bbb1940 -1 filestore(/var/lib/ceph/tmp/mnt.y_qXKn) mkjournal error creating journal on /var/lib/ceph/tmp/mnt.y_qXKn/journal: (13) Permission denied
2015-12-03 16:18:44.042222 7f8c7bbb1940 -1 OSD::mkfs: ObjectStore::mkfs failed with error -13
2015-12-03 16:18:44.042257 7f8c7bbb1940 -1  ** ERROR: error creating empty object store in /var/lib/ceph/tmp/mnt.y_qXKn: (13) Permission denied
ERROR:ceph-disk:Failed to activate
DEBUG:ceph-disk:Unmounting /var/lib/ceph/tmp/mnt.y_qXKn
INFO:ceph-disk:Running command: /bin/umount -- /var/lib/ceph/tmp/mnt.y_qXKn

I start the OSD container using this command:

sudo docker run -d --net=host \
  --privileged=true \
  -v /var/lib/ceph/:/var/lib/ceph/ \
  -v /dev/:/dev/ \
  -e OSD_DEVICE=/dev/sda \
  -e OSD_TYPE=disk \
  -e MON_IP_AUTO_DETECT=4 \
  -e KV_TYPE=consul \
  -e KV_IP=192.168.1.6 \
  -e KV_PORT=8500 \
  -e ESD_FORCE_ZAP=1 \
  ceph/daemon osd

The ceph monitor should be running, and it is started like this:

sudo docker run -d --net=host \
  -v /var/lib/ceph/:/var/lib/ceph/ \
  -e MON_NAME=ceph_node1 \
  -e MON_IP=192.168.1.41 \
  -e CEPH_PUBLIC_NETWORK=192.168.0.0/24 \
  -e CEPH_CLUSTER_NETWORK=192.168.0.0/24 \
  -e MON_IP_AUTO_DETECT=4 \
  -e KV_TYPE=consul \
  -e KV_IP=192.168.1.6 \
  -e KV_PORT=8500 \
  ceph/daemon mon

I have the default settings from populate.sh (on a side topic, kviator wasn’t working on a goland container. I used curl instead).

I also have 6 hard drive per node, how can I use multiple OSD_TYPE ? Should I start one OSD per hard drive?

Thank you

About this issue

  • Original URL
  • State: closed
  • Created 9 years ago
  • Comments: 86 (71 by maintainers)

Commits related to this issue

Most upvoted comments

Same issue here: command: Running command: /usr/bin/timeout 300 ceph-osd --cluster ceph --mkfs --mkkey -i 0 --monmap /var/lib/ceph/tmp/mnt.onP01K/activate.monmap --osd-data /var/lib/ceph/tmp/mnt.onP01K --osd-journal /var/lib/ceph/tmp/mnt.onP01K/journal --osd-uuid 7902072a-e34d-41d6-b091-bdc624640650 --keyring /var/lib/ceph/tmp/mnt.onP01K/keyring --setuser ceph --setgroup disk mount_activate: Failed to activate unmount: Unmounting /var/lib/ceph/tmp/mnt.onP01K command_check_call: Running command: /bin/umount – /var/lib/ceph/tmp/mnt.onP01K Traceback (most recent call last): File “/usr/sbin/ceph-disk”, line 9, in <module> load_entry_point(‘ceph-disk==1.0.0’, ‘console_scripts’, ‘ceph-disk’)() File “/usr/lib/python2.7/site-packages/ceph_disk/main.py”, line 4994, in run main(sys.argv[1:]) File “/usr/lib/python2.7/site-packages/ceph_disk/main.py”, line 4945, in main args.func(args) File “/usr/lib/python2.7/site-packages/ceph_disk/main.py”, line 3299, in main_activate reactivate=args.reactivate, File “/usr/lib/python2.7/site-packages/ceph_disk/main.py”, line 3056, in mount_activate (osd_id, cluster) = activate(path, activate_key_template, init) File “/usr/lib/python2.7/site-packages/ceph_disk/main.py”, line 3232, in activate keyring=keyring, File “/usr/lib/python2.7/site-packages/ceph_disk/main.py”, line 2725, in mkfs ‘–setgroup’, get_ceph_group(), File “/usr/lib/python2.7/site-packages/ceph_disk/main.py”, line 2672, in ceph_osd_mkfs raise Error(‘%s failed : %s’ % (str(arguments), error)) ceph_disk.main.Error: Error: [‘ceph-osd’, ‘–cluster’, ‘ceph’, ‘–mkfs’, ‘–mkkey’, ‘-i’, ‘0’, ‘–monmap’, ‘/var/lib/ceph/tmp/mnt.onP01K/activate.monmap’, ‘–osd-data’, ‘/var/lib/ceph/tmp/mnt.onP01K’, ‘–osd-journal’, ‘/var/lib/ceph/tmp/mnt.onP01K/journal’, ‘–osd-uuid’, ‘7902072a-e34d-41d6-b091-bdc624640650’, ‘–keyring’, ‘/var/lib/ceph/tmp/mnt.onP01K/keyring’, ‘–setuser’, ‘ceph’, ‘–setgroup’, ‘disk’] failed : 2016-06-30 12:56:44.787350 7f2423018800 -1 filestore(/var/lib/ceph/tmp/mnt.onP01K) mkjournal error creating journal on /var/lib/ceph/tmp/mnt.onP01K/journal: (2) No such file or directory 2016-06-30 12:56:44.787447 7f2423018800 -1 OSD::mkfs: ObjectStore::mkfs failed with error -2 2016-06-30 12:56:44.787522 7f2423018800 -1 ** ERROR: error creating empty object store in /var/lib/ceph/tmp/mnt.onP01K: (2) No such file or directory

+1
russell-islam on Jun 30, 2016

I dont think this issue is specific to docker, but rather is a general ceph-disk issue. I have the same problem creating disks with dmcrypt (plain keys) using ceph 10.2.1 on Ubuntu 14.04.4

Here is upstart log:

main_trigger: main_trigger: Namespace(cluster='ceph', dev='/dev/sdc1', dmcrypt=None, dmcrypt_key_dir='/etc/ceph/dmcrypt-keys', func=<function main_trigger at 0x7f67311e0d70>, log_stdout=True, prepend_to_path='/usr/bin', prog='ceph-disk', setgroup=None, setuser=None, statedir='/var/lib/ceph', sync=True, sysconfdir='/etc/ceph', verbose=True)
command: Running command: /sbin/init --version
command: Running command: /sbin/blkid -o udev -p /dev/sdc1
command: Running command: /sbin/blkid -o udev -p /dev/sdc1
main_trigger: trigger /dev/sdc1 parttype 4fbd7e29-9d25-41b8-afd0-5ec00ceff05d uuid 755c6c87-0993-47e2-9614-5bf38298f56e
command: Running command: /usr/sbin/ceph-disk --verbose activate --dmcrypt /dev/sdc1
main_trigger: 
main_trigger: main_activate: path = /dev/sdc1
get_dm_uuid: get_dm_uuid /dev/sdc1 uuid path is /sys/dev/block/8:33/dm/uuid
command: Running command: /sbin/blkid -o udev -p /dev/sdc1
command: Running command: /sbin/blkid -o udev -p /dev/sdc1
command: Running command: /sbin/blkid -o udev -p /dev/sdc1
command: Running command: /sbin/blkid -o udev -p /dev/sdc1
command: Running command: /usr/bin/ceph --name client.osd-lockbox.755c6c87-0993-47e2-9614-5bf38298f56e --keyring /var/lib/ceph/osd-lockbox/755c6c87-0993-47e2-9614-5bf38298f56e/keyring config-key get dm-crypt/osd/755c6c87-0993-47e2-9614-5bf38298f56e/luks
get_dmcrypt_key: stderr obtained 'dm-crypt/osd/755c6c87-0993-47e2-9614-5bf38298f56e/luks'

run: cryptsetup --key-file - create 755c6c87-0993-47e2-9614-5bf38298f56e /dev/sdc1 --key-size 256
run: 
run: 
command_check_call: Running command: /bin/chown ceph:ceph /dev/mapper/755c6c87-0993-47e2-9614-5bf38298f56e
command: Running command: /sbin/blkid -p -s TYPE -o value -- /dev/mapper/755c6c87-0993-47e2-9614-5bf38298f56e
command: Running command: /usr/bin/ceph-conf --cluster=ceph --name=osd. --lookup osd_mount_options_xfs
command: Running command: /usr/bin/ceph-conf --cluster=ceph --name=osd. --lookup osd_fs_mount_options_xfs
mount: Mounting /dev/mapper/755c6c87-0993-47e2-9614-5bf38298f56e on /var/lib/ceph/tmp/mnt.1cqcTR with options noatime,inode64
command_check_call: Running command: /bin/mount -t xfs -o noatime,inode64 -- /dev/mapper/755c6c87-0993-47e2-9614-5bf38298f56e /var/lib/ceph/tmp/mnt.1cqcTR
activate: Cluster uuid is 74c33b34-ece5-11e3-aed4-000c2970ff98
command: Running command: /usr/bin/ceph-osd --cluster=ceph --show-config-value=fsid
activate: Cluster name is ceph
activate: OSD uuid is 755c6c87-0993-47e2-9614-5bf38298f56e
allocate_osd_id: Allocating OSD id...
command: Running command: /usr/bin/ceph --cluster ceph --name client.bootstrap-osd --keyring /var/lib/ceph/bootstrap-osd/ceph.keyring osd create --concise 755c6c87-0993-47e2-9614-5bf38298f56e
command: Running command: /bin/chown -R ceph:ceph /var/lib/ceph/tmp/mnt.1cqcTR/whoami.20927.tmp
activate: OSD id is 3
activate: Initializing OSD...
command_check_call: Running command: /usr/bin/ceph --cluster ceph --name client.bootstrap-osd --keyring /var/lib/ceph/bootstrap-osd/ceph.keyring mon getmap -o /var/lib/ceph/tmp/mnt.1cqcTR/activate.monmap
got monmap epoch 1
command_check_call: Running command: /usr/bin/ceph-osd --cluster ceph --mkfs --mkkey -i 3 --monmap /var/lib/ceph/tmp/mnt.1cqcTR/activate.monmap --osd-data /var/lib/ceph/tmp/mnt.1cqcTR --osd-journal /var/lib/ceph/tmp/mnt.1cqcTR/journal --osd-uuid 755c6c87-0993-47e2-9614-5bf38298f56e --keyring /var/lib/ceph/tmp/mnt.1cqcTR/keyring --setuser ceph --setgroup ceph
2016-06-07 13:50:02.003675 7fc73a1d7800 -1 filestore(/var/lib/ceph/tmp/mnt.1cqcTR) mkjournal error creating journal on /var/lib/ceph/tmp/mnt.1cqcTR/journal: (13) Permission denied
2016-06-07 13:50:02.003741 7fc73a1d7800 -1 OSD::mkfs: ObjectStore::mkfs failed with error -13
2016-06-07 13:50:02.003798 7fc73a1d7800 -1  ** ERROR: error creating empty object store in /var/lib/ceph/tmp/mnt.1cqcTR: (13) Permission denied
mount_activate: Failed to activate
unmount: Unmounting /var/lib/ceph/tmp/mnt.1cqcTR
command_check_call: Running command: /bin/umount -- /var/lib/ceph/tmp/mnt.1cqcTR
Traceback (most recent call last):
  File "/usr/sbin/ceph-disk", line 9, in <module>
    load_entry_point('ceph-disk==1.0.0', 'console_scripts', 'ceph-disk')()
  File "/usr/lib/python2.7/dist-packages/ceph_disk/main.py", line 4964, in run
    main(sys.argv[1:])
  File "/usr/lib/python2.7/dist-packages/ceph_disk/main.py", line 4915, in main
    args.func(args)
  File "/usr/lib/python2.7/dist-packages/ceph_disk/main.py", line 3269, in main_activate
    reactivate=args.reactivate,
  File "/usr/lib/python2.7/dist-packages/ceph_disk/main.py", line 3026, in mount_activate
    (osd_id, cluster) = activate(path, activate_key_template, init)
  File "/usr/lib/python2.7/dist-packages/ceph_disk/main.py", line 3202, in activate
    keyring=keyring,
  File "/usr/lib/python2.7/dist-packages/ceph_disk/main.py", line 2695, in mkfs
    '--setgroup', get_ceph_group(),
  File "/usr/lib/python2.7/dist-packages/ceph_disk/main.py", line 439, in command_check_call
    return subprocess.check_call(arguments)
  File "/usr/lib/python2.7/subprocess.py", line 540, in check_call
    raise CalledProcessError(retcode, cmd)
subprocess.CalledProcessError: Command '['/usr/bin/ceph-osd', '--cluster', 'ceph', '--mkfs', '--mkkey', '-i', '3', '--monmap', '/var/lib/ceph/tmp/mnt.1cqcTR/activate.monmap', '--osd-data', '/var/lib/ceph/tmp/mnt.1cqcTR', '--osd-journal', '/var/lib/ceph/tmp/mnt.1cqcTR/journal', '--osd-uuid', '755c6c87-0993-47e2-9614-5bf38298f56e', '--keyring', '/var/lib/ceph/tmp/mnt.1cqcTR/keyring', '--setuser', 'ceph', '--setgroup', 'ceph']' returned non-zero exit status 1

Traceback (most recent call last):
  File "/usr/sbin/ceph-disk", line 9, in <module>
    load_entry_point('ceph-disk==1.0.0', 'console_scripts', 'ceph-disk')()
  File "/usr/lib/python2.7/dist-packages/ceph_disk/main.py", line 4964, in run
    main(sys.argv[1:])
  File "/usr/lib/python2.7/dist-packages/ceph_disk/main.py", line 4915, in main
    args.func(args)
  File "/usr/lib/python2.7/dist-packages/ceph_disk/main.py", line 4352, in main_trigger
    raise Error('return code ' + str(ret))
ceph_disk.main.Error: Error: return code 1
+1
wyllys66 on Jun 14, 2016

had the same issue with permission denied on CoreOS

2015-12-07 03:12:01.063550 7fadd14e2940  0 set uid:gid to 64045:64045
2015-12-07 03:12:01.063632 7fadd14e2940  0 ceph version 9.2.0 (bb2ecea240f3a1d525bcb35670cb07bd1f0ca299), process ceph-osd, pid 30438
2015-12-07 03:12:01.064885 7fadd14e2940 -1 asok(0x564408152000) AdminSocketConfigObs::init: failed: AdminSocket::bind_and_listen: failed to bind the UNIX domain socket to '/var/run/ceph/ceph-osd.1.asok': (13) Permission denied
2015-12-07 03:12:01.065055 7fadd14e2940  1 filestore(/var/lib/ceph/osd/ceph-1) mkfs in /var/lib/ceph/osd/ceph-1
2015-12-07 03:12:01.065082 7fadd14e2940 -1 filestore(/var/lib/ceph/osd/ceph-1) mkfs: failed to open /var/lib/ceph/osd/ceph-1/fsid: (13) Permission denied
2015-12-07 03:12:01.065091 7fadd14e2940 -1 OSD::mkfs: ObjectStore::mkfs failed with error -13
2015-12-07 03:12:01.065124 7fadd14e2940 -1  ** ERROR: error creating empty object store in /var/lib/ceph/osd/ceph-1: (13) Permission denied

when changing the script to use ceph-osd to use --setuser root --setgroup root it works but that doesn’t seem like the right thing to do.

the SELinux commands did not work on my CoreOS distro. not sure if there is an equivalent. I could write to /etc/ceph and /var/lib/ceph to write the config and run the monitor so not sure this is even an issue.

The process is pretty confusing: i thought running the ceph/daemon osd was creating an OSD, but from this thread I get that I need to use ceph osd create from the monitor prior to that. is that right? How does the number reported when using ceph osd create relate to the OSD_ID? I don’t quite follow here: what should the number be? Can it be the same on all nodes? or should it be unique? I am used to taking the IP of my node removing the ‘.’ and using it as an ID, so that it is unique in the cluster and can be determined on-the-fly but that didn’t work with ceph, probably the number is too big. when i used 0 or 1 i worked, but i want to eventually provision nodes without having to fix IDs ahead of time, so if it needs to be unique I need another strategy.

another issue I see is the osd daemon scans for ids in a directory, which means 1 docker container can run multiple OSDs, as opposed to running 1 OSD per container. Except for modifying the script there is no easy way to define the OSD_ID to use in a container.

The doc is great when you know what you;re looking for, but as a beginner all this is very confusing. Thanks for enlightening me…

+1
streamnsight on Dec 7, 2015
Read more comments on GitHub
← ceph-container: OSD unable to join CRUSH
ceph-container: python-saml missing →