process exited while connecting to monitor

danielinbaraj-cognit commented 4 years ago

System Information

Ubuntu

Linux distribution

18 openSUSE 42.2/ Centos7/ Ubuntu..

Terraform version

terraform -v

Terraform v0.12.21

Provider and libvirt versions

terraform-provider-libvirt -version

provider.template v2.1.2

If that gives you "was not built correctly", get the Git commit hash from your local provider repository:

git describe --always --abbrev=40 --dirty

Checklist

[ ] Is your issue/contribution related with enabling some setting/option exposed by libvirt that the plugin does not yet support, or requires changing/extending the provider terraform schema?
- [ ] Make sure you explain why this option is important to you, why it should be important to everyone. Describe your use-case with detail and provide examples where possible.
- [ ] If it is a very special case, consider using the XSLT support in the provider to tweak the definition instead of opening an issue
- [ ] Maintainers do not have expertise in every libvirt setting, so please, describe the feature and how it is used. Link to the appropriate documentation
[ ] Is it a bug or something that does not work as expected? Please make sure you fill the version information below:

Description of Issue/Question

Error: Error creating libvirt domain: virError(Code=1, Domain=10, Message='internal error: process exited while connecting to monitor: 2020-03-06T12:54:07.970013Z qemu-system-x86_64: -drive file=/home//tmp/terraform-provider-libvirt-pool-ubuntu/ubuntu-qcow2,format=qcow2,if=none,id=drive-virtio-disk0: Could not open '/home//tmp/terraform-provider-libvirt-pool-ubuntu/ubuntu-qcow2': Permission denied')

Setup

(Please provide the full main.tf file for reproducing the issue (Be sure to remove sensitive information)

provider "libvirt" { uri = "qemu:///system" }

resource "libvirt_pool" "ubuntu" { name = "ubuntu" type = "dir" path = "/home//tmp/terraform-provider-libvirt-pool-ubuntu" }

resource "libvirt_volume" "ubuntu-qcow2" { name = "ubuntu-qcow2" pool = libvirt_pool.ubuntu.name source = "https://cloud-images.ubuntu.com/releases/xenial/release/ubuntu-16.04-server-cloudimg-amd64-disk1.img" format = "qcow2" }

data "template_file" "user_data" { template = file("${path.module}/cloud_init.cfg") }

data "template_file" "network_config" { template = file("${path.module}/network_config.cfg") }

resource "libvirt_cloudinit_disk" "commoninit" { name = "commoninit.iso" user_data = data.template_file.user_data.rendered network_config = data.template_file.network_config.rendered pool = libvirt_pool.ubuntu.name }

resource "libvirt_network" "vm_network" { name = "vm_network" addresses = ["10.0.1.0/24"] dhcp { enabled = true } }

resource "libvirt_domain" "domain-ubuntu" { name = "ubuntu-terraform" memory = "512" vcpu = 1

cloudinit = libvirt_cloudinit_disk.commoninit.id

network_interface { network_id = libvirt_network.vm_network.id network_name = "vm_network" }

console { type = "pty" target_port = "0" target_type = "serial" }

console { type = "pty" target_type = "virtio" target_port = "1" }

disk { volume_id = libvirt_volume.ubuntu-qcow2.id }

graphics { type = "spice" listen_type = "address" autoport = "true" } }

Steps to Reproduce Issue

(Include debug logs if possible and relevant).

Additional information:

Do you have SELinux or Apparmor/Firewall enabled? Some special configuration? Have you tried to reproduce the issue without them enabled?

MalloZup commented 4 years ago

Could not open '/home//tmp/terraform-provider-libvirt-pool-ubuntu/ubuntu-qcow2': Permission denied'

this means that in your system you need to adjust permission.

It is something more on KVM/Libvirt sysadmin rather then a bug. Check online guide about setting up kvm/libvirt and add users etc

hth

matrohon commented 4 years ago

I have the exact same issue when I want to use terraform-libvirt-provider from a regular user, which is allowed to create libvirt domain.

It seems the resources are not created by the user, but by root.

for instance, after applying the example, "virsh pool-list " doesn't give anything, while "sudo virsh pool-list" shows the ubuntu pool.

MalloZup commented 4 years ago

@matrohon it is is because your user most probably doesn't belong to KVM/libvirt group check howto online about that . :sun_with_face:

matrohon commented 4 years ago

@MalloZup I think my user is in the correct group (libvirt), and libvirt users have RW acces to libvirtd UNIX sockets.

I'm using debian buster and libvirt doesn't use Polkit.

The strange thing is that I'm able to create a pool with my user, using virsh for instance. Then the directory created for the pool is owned by the user. I'm also able to create a pool with the same user by using terraform and the libvirt provider, but then, the corresponding directory is owned by root.

matrohon commented 4 years ago

I finally managed to run terraform with the libvirt provider as a normal user, on debian 10. The user must be a member of the "libvirt" group, but also a member of the "kvm" group.

The uri to connect to libvirt must be "qemu:///session" and not "qemu:///system". This will create pools and files (qcow2, cloudinit) with the ownership of the user, and so avoid the original issue of this thread:

Could not open '/home//tmp/terraform-provider-libvirt-pool-ubuntu/ubuntu-qcow2': Permission denied'

danielinbaraj-cognit commented 4 years ago

I finally managed to run terraform with the libvirt provider as a normal user, on debian 10. The user must be a member of the "libvirt" group, but also a member of the "kvm" group.

The uri to connect to libvirt must be "qemu:///session" and not "qemu:///system". This will create pools and files (qcow2, cloudinit) with the ownership of the user, and so avoid the original issue of this thread:
Could not open '/home//tmp/terraform-provider-libvirt-pool-ubuntu/ubuntu-qcow2': Permission denied'

could you please display your libvirt.tf file.

I am unable to even i connect to qemu:///session. My user is both member of libvirt and kvm

matrohon commented 4 years ago

@danielinbaraj-cognit what error do you have?

I've been using the ubuntu-example.tf example in the repo. After modifying the uri with "session", you only need to comment the "network_interface" part, since the "default" network is not a user network.

I think the network bridge must be present before the terraform command is run, and created by a privileged user (root). Then, as a user, you can attach an iface to this bridge by following this guide

MalloZup commented 4 years ago

@danielinbaraj-cognit @matrohon feel free also to discuss this in the gitter chat

MalloZup commented 4 years ago

https://gitter.im/terraform-provider-libvirt/Lobby

ashfaaq321 commented 11 months ago

➜ libreddit-loadbalance-demo git:(master) ✗ sudo terraform apply loadbalance
libvirt_domain.domain_bullseye_loadbalance[0]: Creating... ╷ │ Error: error creating libvirt domain: internal error: process exited while connecting to monitor: 2023-10-30T14:59:35.765142Z qemu-system-x86_64: -blockdev {"driver":"file","filename":"/home/atm/code/libvirt/pool/bullseye_basic/debian-bullseye-qcow2","node-name":"libvirt-3-storage","auto-read-only":true,"discard":"unmap"}: Could not open '/home/atm/code/libvirt/pool/bullseye_basic/debian-bullseye-qcow2': Permission denied │ │ with libvirt_domain.domain_bullseye_loadbalance[0], │ on conf.tf line 69, in resource "libvirt_domain" "domain_bullseye_loadbalance": │ 69: resource "libvirt_domain" "domain_bullseye_loadbalance" { │ IAM GETTING THIS ERROR PLEASE HELP ME OUT

dmacvicar / terraform-provider-libvirt