Add missing [privsep_entrypoint]/helper_command
Closes-Bug: ATMOSPHERE-648
Change-Id: I12243527ad763bb249195220093717d68de050f6
diff --git a/images/cinder/Dockerfile b/images/cinder/Dockerfile
index 3c6782b..3c7a0fb 100644
--- a/images/cinder/Dockerfile
+++ b/images/cinder/Dockerfile
@@ -22,7 +22,7 @@
RUN <<EOF bash -xe
apt-get update -qq
apt-get install -qq -y --no-install-recommends \
- ceph-common lsscsi nfs-common nvme-cli python3-rados python3-rbd qemu-utils qemu-block-extra sysfsutils udev util-linux
+ ceph-common dmidecode lsscsi nfs-common nvme-cli python3-rados python3-rbd qemu-utils qemu-block-extra sysfsutils udev util-linux
apt-get clean
rm -rf /var/lib/apt/lists/*
EOF
diff --git a/images/glance/Dockerfile b/images/glance/Dockerfile
index 5e9317e..b3fc6ed 100644
--- a/images/glance/Dockerfile
+++ b/images/glance/Dockerfile
@@ -21,7 +21,7 @@
RUN <<EOF bash -xe
apt-get update -qq
apt-get install -qq -y --no-install-recommends \
- ceph-common lsscsi nvme-cli python3-rados python3-rbd qemu-block-extra qemu-utils sysfsutils udev util-linux
+ ceph-common dmidecode lsscsi nvme-cli python3-rados python3-rbd qemu-block-extra qemu-utils sysfsutils udev util-linux
apt-get clean
rm -rf /var/lib/apt/lists/*
EOF
diff --git a/images/nova/Dockerfile b/images/nova/Dockerfile
index dc76086..1f59932 100644
--- a/images/nova/Dockerfile
+++ b/images/nova/Dockerfile
@@ -26,7 +26,7 @@
RUN <<EOF bash -xe
apt-get update -qq
apt-get install -qq -y --no-install-recommends \
- ceph-common genisoimage iproute2 libosinfo-bin lsscsi ndctl nfs-common nvme-cli openssh-client ovmf python3-libvirt python3-rados python3-rbd qemu-efi-aarch64 qemu-block-extra qemu-utils sysfsutils udev util-linux swtpm swtpm-tools libtpms0
+ ceph-common dmidecode genisoimage iproute2 libosinfo-bin lsscsi ndctl nfs-common nvme-cli openssh-client ovmf python3-libvirt python3-rados python3-rbd qemu-efi-aarch64 qemu-block-extra qemu-utils sysfsutils udev util-linux swtpm swtpm-tools libtpms0
apt-get clean
rm -rf /var/lib/apt/lists/*
EOF
diff --git a/releasenotes/notes/add-missing-osbrick-helper-0bc348399986a5d6.yaml b/releasenotes/notes/add-missing-osbrick-helper-0bc348399986a5d6.yaml
new file mode 100644
index 0000000..de6b6a7
--- /dev/null
+++ b/releasenotes/notes/add-missing-osbrick-helper-0bc348399986a5d6.yaml
@@ -0,0 +1,11 @@
+---
+fixes:
+ - The ``[privsep_osbrick]/helper_command`` configuration value was not
+ configured in both of the Cinder and Nova services, which lead to the
+ inability to run certain CLI commands since it instead tried to do a plain
+ ``sudo`` instead. This has been fixed by adding the missing helper command
+ configuration to both services.
+ - The ``dmidecode`` package which is required by the ``os-brick`` library for
+ certain operations was not installed on the images that needed it, which
+ can cause NVMe-oF discovery issues. The package has been added to all
+ images that require it.
diff --git a/roles/cinder/vars/main.yml b/roles/cinder/vars/main.yml
index 4917bd9..ef3d6cd 100644
--- a/roles/cinder/vars/main.yml
+++ b/roles/cinder/vars/main.yml
@@ -52,6 +52,8 @@
pool_timeout: 30
oslo_messaging_notifications:
driver: noop
+ privsep_osbrick:
+ helper_command: sudo cinder-rootwrap /etc/cinder/rootwrap.conf privsep-helper --config-file /etc/cinder/cinder.conf
manifests:
ingress_api: false
job_clean: false
diff --git a/roles/nova/vars/main.yml b/roles/nova/vars/main.yml
index bd72f52..4636b98 100644
--- a/roles/nova/vars/main.yml
+++ b/roles/nova/vars/main.yml
@@ -111,6 +111,8 @@
driver: noop
os_vif_ovs:
ovsdb_connection: unix:/run/openvswitch/db.sock
+ privsep_osbrick:
+ helper_command: sudo nova-rootwrap /etc/nova/rootwrap.conf privsep-helper --config-file /etc/nova/nova.conf
scheduler:
max_attempts: 3
workers: 8