Mount /boot from the host within the nova-compute container
libguestfs expects to find /boot/vmlinuz-* for the running version of the kernel. This check is duplicated in nova-compute when libguestfs has failed to launch, providing a useful bread crumb for operators [1]. Obviously when this is called from within the nova-compute container in the context of a TripleO deployment this can easily fail after a minor update that has pulled in a newer container containing a newer kernel. This check could also fail in the opposite case if the host kernel is updated past the version present in the container. This change works around this by simply passing /boot as read-only through to the nova-compute container ensure libguestfs is able to always find the correct version of vmlinuz. This should also allow us to eventually drop the kernel RPM from the nova-compute container that has been a constant source of maintenance overhead in terms of CVEs etc. [1]aa096fd183/nova/virt/disk/vfs/guestfs.py (L75-L97)
Change-Id: Iadef8f3300bb1b5b995052c1a35a1becbfd5730c (cherry picked from commit9c5c36632d
)
This commit is contained in:
parent
9bf3a14d59
commit
02faf53ea8
|
@ -794,6 +794,7 @@ outputs:
|
|||
- /var/lib/libvirt:/var/lib/libvirt:shared,z
|
||||
- /sys/class/net:/sys/class/net
|
||||
- /sys/bus/pci:/sys/bus/pci
|
||||
- /boot:/boot:ro
|
||||
-
|
||||
# podman fails to relable if nova_nfs_enabled where we have
|
||||
# the nfs share mounted to /var/lib/nova/instances
|
||||
|
|
Loading…
Reference in New Issue