Remove selinux relabel mount option for neutron

Neutron agent processes launched in containers are failing with "Error: relabel failed "/var/lib/neutron": \ SELinux relabeling of /var/lib/neutron is not allowed" Possibly related prior patch: https://review.opendev.org/#/c/626546/ Change-Id: Ifc7d0cb79214da44d9cd12481f010e2d7d325aa6 Related-Bug: #1881146
2020-05-28 13:03:10 -02:30 · 2020-05-28 13:03:10 -02:30 · 3fa8c735ae
parent b58d69fe9a
commit 3fa8c735ae
5 changed files with 5 additions and 5 deletions
--- a/templates/neutron/dibbler-client.epp
+++ b/templates/neutron/dibbler-client.epp
@ -52,7 +52,7 @@ echo "Starting a new child container ${NAME}"
 $CLI run --detach ${LOGGING} \
     -v /var/lib/config-data/puppet-generated/neutron/etc/neutron:/etc/neutron:ro \
     -v /run/netns:/run/netns:shared \
-     -v /var/lib/neutron:/var/lib/neutron:z,shared \
+     -v /var/lib/neutron:/var/lib/neutron:shared \
     -v /dev/log:/dev/log \
     --net host \
     --pid host \
--- a/templates/neutron/dnsmasq.epp
+++ b/templates/neutron/dnsmasq.epp
@ -50,7 +50,7 @@ echo "Starting a new child container ${NAME}"
 $CLI run --detach ${LOGGING} \
     -v /var/lib/config-data/puppet-generated/neutron/etc/neutron:/etc/neutron:ro \
     -v /run/netns:/run/netns:shared \
-     -v /var/lib/neutron:/var/lib/neutron:z,shared \
+     -v /var/lib/neutron:/var/lib/neutron:shared \
     -v /dev/log:/dev/log \
     --net host \
     --pid host \
--- a/templates/neutron/haproxy.epp
+++ b/templates/neutron/haproxy.epp
@ -50,7 +50,7 @@ echo "Starting a new child container ${NAME}"
 $CLI run --detach ${LOGGING} \
     -v /var/lib/config-data/puppet-generated/neutron/etc/neutron:/etc/neutron:ro \
     -v /run/netns:/run/netns:shared \
-     -v /var/lib/neutron:/var/lib/neutron:z,shared \
+     -v /var/lib/neutron:/var/lib/neutron:shared \
     -v /dev/log:/dev/log \
     --net host \
     --pid host \
--- a/templates/neutron/keepalived.epp
+++ b/templates/neutron/keepalived.epp
@ -51,7 +51,7 @@ $CLI run --detach ${LOGGING} \
    -v /lib/modules:/lib/modules:ro \
    -v /sbin/modprobe:/sbin/modprobe:ro \
    -v /run/netns:/run/netns:shared \
-    -v /var/lib/neutron:/var/lib/neutron:z,shared \
+    -v /var/lib/neutron:/var/lib/neutron:shared \
    -v /dev/log:/dev/log \
    --net host \
    --pid host \
--- a/templates/neutron/radvd.epp
+++ b/templates/neutron/radvd.epp
@ -49,7 +49,7 @@ echo "Starting a new child container ${NAME}"
 $CLI run --detach ${LOGGING} \
     -v /var/lib/config-data/puppet-generated/neutron/etc/neutron:/etc/neutron:ro \
     -v /run/netns:/run/netns:shared \
-     -v /var/lib/neutron:/var/lib/neutron:z,shared \
+     -v /var/lib/neutron:/var/lib/neutron:shared \
     -v /dev/log:/dev/log \
     --net host \
     --pid host \