Search

Frequently Asked Questions

Solution

How To

Adding Custom CNAME Entries to OpenStack DNS Service (Designate)

Enable Maintenance Mode for Authorized Host

Mount Cinder Volumes to Instances by UUID

Configure CPU Pinning (Nova)

Configure Hypervisor For UEFI Instance Boot

Create QCOW2 Image of a Running Instance

Migrating Cinder Volumes in LVM Storage Backend

Enable Thick Provisioning for Nova

Isolate Compute Hosts for a Specific Tenant

Create Instance on Specific Host Using CLI

Limit Memory Provisioning in Platform9 Managed OpenStack

List Rules in Security Group Using CLI

Add an Admin User to Project

Configure Auto-Start for Instances After Host Reboot

Change DNS Servers on Linux Host

Authenticate OpenStack Provider Using Terraform

Move All Instances From Hypervisor in Case of Hardware Failure

Unable to Delete Stacks Stuck in "DELETE_FAILED" State

Replace a Designate Node

Obtain Compute Hosts/Hypervisor Info Using API

Identify Backing Image for Instance (QEMU)

Exclude Set of Hypervisors While Migrating Instances Without Shared Storage

Set CPU Allocation Ratio For Host Aggregate

Obtain OpenStack Instances Boot Logs

Create TLD and Associated DNS Zone (Designate)

Set Up Input Keyboard For Instance

How to Identify Ephemeral vs Boot-From-Volume Instances in OpenStack

Identifying Heat Stack Associated With Murano Environment

Edit Individual Users Quotas

Reboot an Instance

How-To Migrate Volumes Using CLI

Set/Unset Maintenance Mode Using the OpenStack CLI

How To Reset OpenStack Volume States

Share the Network with Multiple Tenants

Identify Block Device of Volume Attached to Instance

Export Instance Data in CSV Format

Assign Specific MAC to Instance

How-To Enable Automatic Confirm Action After Instance Resize Operation

How-To Manually Update Neutron port Binding

How-To Get Consolidate Size Information of all The Cinder Volumes Provisioned

How-To Get Consolidated Data for Cores and RAM Used Across All Tenants

How-To Check Consul Cluster Status

List All VMs in OpenStack Region

List Projects For Users

How To Resize Instance on Same host?

How-To Calculate Cinder's Provisioned Ratio

Can I Add More Floating IP Addresses?

Enable Nova Debug Logging on Compute Host

How-To Obtain Quota Usage in OpenStack

How-To Expose all Physical CPU Features to KVM

For a Boot From Volume Instance, How To Find Post Instance Creation if the Associated Volume is Set to be Deleted on Termination or Not?

How-To Create Custom User in Windows Using Cloudbase-init

What Does UUID in the "Owner" Field Correspond to?

Keypairs Created in Clarity UI Not Populated in AWS Console

Will my vCenter Resources be Deleted Upon Deauthorizing the Platform9 VMware Gateway?

What is the Default Username and Password for my Instances?

Incorrect Total Count of Instances Displayed in UI

Network Bound Disk Encryption Using Clevis Client With Platform9 Managed OpenStack

Change MTU Size For Existing Network Using OpenStack CLI/API

Using "Nova Service-Force-Down

How to Boot Into Recovery Mode on an Ubuntu Cloud Image

List All Application Stack And Tenants in OpenStack Region

Host Failing to Converge: "AttributeError: 'module' object has no attribute 'SSL_ST_INIT'

Instance Migration Fails With Error "not able to execute ssh command: Unexpected error while running command.

Instance Creation Fails with Error "Timeout Waiting For Vif Plugging Callback

Instance Creation Failure Within Server Group: "Quota exceeded, too many servers in group

E: The repository 'http://platform9-neutron.s3-website-us-west-1.amazonaws.com ubuntu/ Release' does not have a Release file.

Cannot Resize Instance Created From Bootable Volume Using UI

Creating Volume-Backed Instance From Image Fails

VM Fails to Boot With: 'Unable to find security driver for label apparmor'

Host Convergence Failure Due to Inability to Acquire DPKG Frontend Lock

QEMU Image Lock Fail to Start VMs After Host Crashes

Heat Stack Creation Fails With Error "No images matching

Bootable Volume Creation Fails With Error "key signature_verified exists for volume

Cinder Fails to Create a Boot From Volume Instance When Multipath is Enabled on the Storage Array

Instance Created Using Server Snapshot Fails to Spawn

OpenStack CLI Not Working With Okta MFA

Host Unable to Converge Due to Untrusted Package Error

Volume Shows Attached After Detach Operation Fails With Error " Unable to detach from guest transient domain

The 'openstacksdk' Version 0.39.0 is Required to Run Pf9-express To Onboard Host.

Removal of the Block storage Role fails with 'NoneType' object has no attribute 'split'

How-To Extend Lease for Tenant VMs

Platform9 UI Doesnt List All Components While Creating Support Tickets.

Error Sending Support Request For SSO Users

Pf9-Hostagent Removes Sudo-LDAP Package Post Upgrade.

VMWare Instance Doesn't Show IP Address in OpenStack UI or CLI

How To Obtain Diagnostic Information From OpenStack VM?

List All Instances, Username, And Tenants in OpenStack Region

Changes in Libvirt XML File of VM are Lost After a Hard Reboot.

Killing pf9-hostd Process Restarts Platform9's Host Agent Service

Ingress Traffic Being Flooded Unexpectedly for Instances on Provider Network

Hypervisor Allocated Storage % Extremely High in the Infrastructire Tab

Host Reporting in "Error Authorized State" Due to Missing Physical Network Config Label

"Unable to obtain pidfile" Error While Starting Libvirtd Service

Create Soft Affinity/Anti-Affinity Server Groups

Is it Possible to Set Server Group for Instances Created via OpenStack CLI?

Determine Volume Attachment With OpenStack CLI

Is OpenStack CLI Compatible With Python 3?

Finding vSphere UUID for vSphere VM in Clarity UI

Instances Stop Randomly Due to Out of Memory Error

Instance Deployment Failing for Certain AMIs in Platform9 Managed Omni

Unable to Add Host in Management Plane

SSO Users Have "Email" Field on Support Form

Can I Change the IP of the Image Library Node?

Deleting Cinder Service From Host

Downloading Platform9 Hostagent Installer

How To Enable Debug Level Logging for Imagelibrary Service on Host.

How To Persist The Default Gateway Configuration in Case of Multiple Interfaces?

How To Enable High Availability For Routers?

How To Add Multiple Ephemeral Disk in Virtual Machine?

How-To Delete Stale Hypervisor Entry

Auto Deleting Volumes on Instance Delete

Convert OVA Image to Supported Format

Instance Tenant Transfer

API call to Fetch the Version of Openstack Components.

How to Add Roles to Hypervisors Using API Calls

How to Add Roles to Hypervisors Using API Calls

How to Perform Cold-Migration to Specific Host?

How to Enable 'Discard/TRIM' in Openstack Instance ?

Using OpenStack CLI With MFA

Use All host CPU Features To The Guest By Updating CPU modes

'openstack image unset' Command Fails with 'BadRequestException' Error

Stack deletion fails with 'DELETE_FAILED'

How to Change the Debug Level for PF9-consul Logs?

VM Build Fails as Volume did not get Created

Windows Instance/Guest OS Time Skew

VM migration fails with 'guest CPU doesn't match specification: missing features: md-clear' error.

VM migration fails with error 'Unable to create allocation for 'DISK_GB' on resource provider'

VM Migration Failed Due To Missing Libvirtd's Socket File [WIP]

Image Status Shows Pending Status on GUI

How to get Gnocchi Resources in PMO?

iSCSI Target Deletion Failure Due to Active Sessions

Viewing Per-Tenant Block Storage Usage in OpenStack

Internal Only

Templates

VM Fails to Boot With: 'Unable to find security driver for label apparmor'

Problem

A virtual machine (VM) is unable to boot up with the following fault message.

Environment

Platform9 Managed OpenStack - v3.6.0 and higher
AppArmor
Ubuntu 14.04

Cause

The VMs' libvirtd process is a part of the AppArmor security module.

Resolution

Remove the VM's libvirtd process from apparmor by running the command.

Open the XML definition of the VM for editing.

Scroll to the end of the file until you see this line.

Change it to the following.

If the VM was in a ShutOff state initially, start the VM from a virsh perspective.

If you are editing the XML of an already running instance you will have to stop and start VMs for the changes to take effect.

Additional Information

Please see the official AppArmor Documentation for more details on working with this Mandatory Access Control (MAC) mechanism.

Last updated on

Was this page helpful?

On This Page

VM Fails to Boot With: 'Unable to find security driver for label apparmor'Problem Environment Cause Resolution Additional Information