Comment 6 for bug 1800345

Alexey had suggested below steps as a workaround and with this VM launch seems to be working fine even when selinux is set to 'enforcing'.

replace contrail_dpdk.te file at /tmp with below content:
[root@overcloud-contraildpdk-0 tmp]# cat contrail_dpdk.te
module contrail_dpdk 1.0;

require {
        type container_var_run_t;
        type svirt_t;
        type var_run_t;
        class sock_file { create unlink };
        class dir { add_name remove_name write };
}

#============= svirt_t ==============
allow svirt_t container_var_run_t:dir { add_name remove_name write };
allow svirt_t container_var_run_t:sock_file { create unlink };
allow svirt_t var_run_t:sock_file { create unlink };

then execute below commands:

/bin/checkmodule -M -m -o /tmp/contrail_dpdk.mod /tmp/contrail_dpdk.te
/bin/semodule_package -o /tmp/contrail_dpdk.pp -m /tmp/contrail_dpdk.mod
/sbin/semodule -i /tmp/contrail_dpdk.pp