diff --git a/ansible/roles/nova-cell/defaults/main.yml b/ansible/roles/nova-cell/defaults/main.yml index c8e41cd05a..3d5e139752 100644 --- a/ansible/roles/nova-cell/defaults/main.yml +++ b/ansible/roles/nova-cell/defaults/main.yml @@ -239,7 +239,17 @@ nova_compute_ironic_image: "{{ docker_registry ~ '/' if docker_registry else '' nova_compute_ironic_tag: "{{ nova_tag }}" nova_compute_ironic_image_full: "{{ nova_compute_ironic_image }}:{{ nova_compute_ironic_tag }}" -nova_libvirt_dimensions: "{{ default_container_dimensions }}" +nova_libvirt_default_dimensions: + ulimits: + # NOTE(yoctozepto): This limit bump is required for cgroupsv2 which use eBPF + # to filter devices. See also LP#1941940. The new value is said to support + # up to 4096 guests (see libvirtd systemd service file from Debian Bullseye + # libvirt-daemon-system package for details). + memlock: + soft: 67108864 # 64 MiB + hard: 67108864 # 64 MiB + +nova_libvirt_dimensions: "{{ default_container_dimensions | combine(nova_libvirt_default_dimensions, recursive=True) }}" nova_ssh_dimensions: "{{ default_container_dimensions }}" nova_novncproxy_dimensions: "{{ default_container_dimensions }}" nova_spicehtml5proxy_dimensions: "{{ default_container_dimensions }}" diff --git a/releasenotes/notes/bug-1941940-c63265ea6ea2f594.yaml b/releasenotes/notes/bug-1941940-c63265ea6ea2f594.yaml new file mode 100644 index 0000000000..7b33dbe6ae --- /dev/null +++ b/releasenotes/notes/bug-1941940-c63265ea6ea2f594.yaml @@ -0,0 +1,11 @@ +--- +fixes: + - | + Fixes inability to attach devices (e.g., volumes via iSCSI/FC) + to instances on Debian Bullseye. + `LP#1941940 `__ +upgrade: + - | + To fix LP#1941940, ``nova_libvirt_dimensions`` now by default combines with + ``nova_libvirt_default_dimensions``. Please consider this when customising + that variable.