diff --git a/ansible/roles/cyborg/defaults/main.yml b/ansible/roles/cyborg/defaults/main.yml index fb47ede602..8123db3339 100644 --- a/ansible/roles/cyborg/defaults/main.yml +++ b/ansible/roles/cyborg/defaults/main.yml @@ -13,6 +13,7 @@ cyborg_services: container_name: cyborg_agent group: cyborg-agent enabled: true + privileged: true image: "{{ cyborg_agent_image_full }}" volumes: "{{ cyborg_agent_default_volumes + cyborg_agent_extra_volumes }}" dimensions: "{{ cyborg_agent_dimensions }}" diff --git a/ansible/roles/cyborg/handlers/main.yml b/ansible/roles/cyborg/handlers/main.yml index a888384be2..2fb5083357 100644 --- a/ansible/roles/cyborg/handlers/main.yml +++ b/ansible/roles/cyborg/handlers/main.yml @@ -9,6 +9,7 @@ common_options: "{{ docker_common_options }}" name: "{{ service.container_name }}" image: "{{ service.image }}" + privileged: "{{ service.privileged | default(False) }}" volumes: "{{ service.volumes }}" dimensions: "{{ service.dimensions }}" when: @@ -24,6 +25,7 @@ common_options: "{{ docker_common_options }}" name: "{{ service.container_name }}" image: "{{ service.image }}" + privileged: "{{ service.privileged | default(False) }}" volumes: "{{ service.volumes }}" dimensions: "{{ service.dimensions }}" when: @@ -39,6 +41,7 @@ common_options: "{{ docker_common_options }}" name: "{{ service.container_name }}" image: "{{ service.image }}" + privileged: "{{ service.privileged | default(False) }}" volumes: "{{ service.volumes }}" dimensions: "{{ service.dimensions }}" when: diff --git a/ansible/roles/cyborg/tasks/check-containers.yml b/ansible/roles/cyborg/tasks/check-containers.yml index 1bfae3f685..bd3b48714c 100644 --- a/ansible/roles/cyborg/tasks/check-containers.yml +++ b/ansible/roles/cyborg/tasks/check-containers.yml @@ -6,6 +6,7 @@ common_options: "{{ docker_common_options }}" name: "{{ item.value.container_name }}" image: "{{ item.value.image }}" + privileged: "{{ item.value.privileged | default(False) }}" volumes: "{{ item.value.volumes }}" dimensions: "{{ item.value.dimensions }}" when: diff --git a/releasenotes/notes/add-privileged-capability-to-cyborg-agent-14db36a5818847d1.yaml b/releasenotes/notes/add-privileged-capability-to-cyborg-agent-14db36a5818847d1.yaml new file mode 100644 index 0000000000..b1988e53b4 --- /dev/null +++ b/releasenotes/notes/add-privileged-capability-to-cyborg-agent-14db36a5818847d1.yaml @@ -0,0 +1,6 @@ +--- +fixes: + - | + Fix that cyborg agent failed to start privsep daemon. Add privileged + capability for cyborg agent. See `bug 1873715 + `__.