From 37e4c3c596a4199f914813221609fc2a265ce107 Mon Sep 17 00:00:00 2001 From: David Vallee Delisle Date: Tue, 27 Jul 2021 08:30:00 -0400 Subject: [PATCH] [c9] nova_libvirt with host's cgroupns Based on related bz, nova_libvirt container should be started with cgroupns set to host in Centos 9 Related-Bug: #1936005 Related: https://bugzilla.redhat.com/show_bug.cgi?id=1985377 Change-Id: Id0c4505c794f8cbae331f0f569967739c82700eb (cherry picked from commit 9b34719ed39125a35dbfc8293a5c88bbd8f8b78f) --- deployment/nova/nova-libvirt-container-puppet.yaml | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/deployment/nova/nova-libvirt-container-puppet.yaml b/deployment/nova/nova-libvirt-container-puppet.yaml index 5d003a4480..d684d1745b 100644 --- a/deployment/nova/nova-libvirt-container-puppet.yaml +++ b/deployment/nova/nova-libvirt-container-puppet.yaml @@ -522,6 +522,7 @@ outputs: create_virtlogd_wrapper: start_order: 1 detach: false + cgroupns: host net: host pid: host user: root @@ -548,6 +549,7 @@ outputs: start_order: 0 image: {get_param: ContainerNovaLibvirtImage} ulimit: {get_param: ContainerNovaLibvirtUlimit} + cgroupns: host net: host pid: host security_opt: label=disable @@ -580,6 +582,7 @@ outputs: start_order: 1 image: {get_param: ContainerNovaLibvirtImage} ulimit: {get_param: ContainerNovaLibvirtUlimit} + cgroupns: host net: host pid: host pids_limit: {get_param: ContainerNovaLibvirtPidsLimit} @@ -647,6 +650,7 @@ outputs: - label=disable privileged: false user: root + cgroupns: host net: host volumes: list_concat: