On Debian this libvirt and qemu users/groups setup changed and it
seems to be easier to maintain now, so we can drop a libvirt script
setup step.
Previously, on CentOS, there was no mismatch between the container kvm
GID and the host kvm GID because both had our qemu rpm installed and
it was forcing the GID to 36 [1]. On Debian it was removed at all [2],
relying now on the debian/systemd patch [3][4] that already creates
the group and sets the device (/dev/kvm) permissions and ownership
accordingly.
Since on Debian sytemd is already creating the kvm group and handling
the /dev/kvm permission and ownership, we can remove this step from our
libvirt container setup script and rely on Debian installation defaults.
Test Plan:
PASS - Build openstack-helm-infra
PASS - Build stx-openstack-fluxcd package
PASS - Build stx-openstack helm charts
PASS - Upload/Apply/Remove the application
PASS - Check that the script skipped the kvm device permission set
PASS - Check that the host kvm device has the correct permissions and ownership.
PASS - Check the container and host users and groups
Reviewed: https:/ /review. opendev. org/c/starlingx /openstack- armada- app/+/868209 /opendev. org/starlingx/ openstack- armada- app/commit/ 39f75382fa7b59d 9433bfd1c812d9c 6b31f762b2
Committed: https:/
Submitter: "Zuul (22348)"
Branch: master
commit 39f75382fa7b59d 9433bfd1c812d9c 6b31f762b2
Author: Thales Elero Cervi <email address hidden>
Date: Tue Dec 20 09:47:32 2022 -0300
Add patch to libvirt setup script
On Debian this libvirt and qemu users/groups setup changed and it
seems to be easier to maintain now, so we can drop a libvirt script
setup step.
Previously, on CentOS, there was no mismatch between the container kvm
GID and the host kvm GID because both had our qemu rpm installed and
it was forcing the GID to 36 [1]. On Debian it was removed at all [2],
relying now on the debian/systemd patch [3][4] that already creates
the group and sets the device (/dev/kvm) permissions and ownership
accordingly.
Since on Debian sytemd is already creating the kvm group and handling
the /dev/kvm permission and ownership, we can remove this step from our
libvirt container setup script and rely on Debian installation defaults.
[1] https:/ /opendev. org/starlingx/ integ/src/ branch/ master/ virt/qemu/ centos/ qemu-kvm. spec#L722 /salsa. debian. org/qemu- team/qemu/ -/commit/ cb8737ef48a37ed df12ac199b46f90 34273ba6d3 /salsa. debian. org/systemd- team/systemd/ -/commit/ 4fc3fa53bfa6e16 ceb6cd312f49003 839b56144a /bugs.launchpad .net/ubuntu/ +source/ gnome-boxes/ +bug/1767302/ comments/ 18
[2] https:/
[3] https:/
[4] https:/
Test Plan: helm-infra fluxcd package
ownership.
PASS - Build openstack-
PASS - Build stx-openstack-
PASS - Build stx-openstack helm charts
PASS - Upload/Apply/Remove the application
PASS - Check that the script skipped the kvm device permission set
PASS - Check that the host kvm device has the correct permissions and
PASS - Check the container and host users and groups
Partial-Bug: 1999445
Signed-off-by: Thales Elero Cervi <email address hidden> 932902d2b7f97ef 23bedac3260
Change-Id: I47e5be5f34989f