I’m running some test with OpenNebula and Firecracker. I have configured a ONE-6.4.0 with a Firecracker node. Then, I have downloaded “bash dockerhub” image, a Firecracker Kernel and I have created a virtual network where I will attach some instances.
When I instantiate my Firecracker microVM, process fails (after PROLOG state) and terminate with these messages:
I have checked “sudo” configuration in my Firecracker node. All seems correct (and, also, I have rewrite /etc/sudoers.d/opennebula-node-firecracker as following: oneadmin ALL=(ALL:ALL) NOPASSWD: ONE_FIRECRACKER, ONE_NET, ONE_OVS, ONE_LXC, ONE_LXD
because in /etc/sudoers.d/opennebula line “Cmnd_Alias ONE_FIRECRACKER” doesn’t include /bin/mount and other tools. Also, I have seen that last line is commented, so I have added “Cmnd_Alias”.
However, when microVM start, all seems OK in firecracker-node, but process finaly fails with “Permission Denied”.
Yes, Debian 11 runs by default Cgroup v2. I have added “systemd.unified_cgroup_hierarchy=0 systemd.legacy_systemd_cgroup_controller” to GRUB_CMDLINE_LINUX in /etc/default/grub, rewrited /boot/grub/grub.cfg, but now system boots with Cgroup v1 but Firecracker VMs keeps failing.
Can you see any error at: /var/lib/one/datastores/<sys_ds>/<vm_id>/logs.fifo ? Also, one of the common mistakes is trying to deploy a MicroVM with a NIC attached without properly configuring the networking drivers, note that Firecracker requires some extra configuration steps .