From 73740ff670b259b02fc61722055b2b0d10849070 Mon Sep 17 00:00:00 2001
From: junbo <jiang.junbo@99cloud.net>
Date: Tue, 2 May 2017 19:26:41 +0800
Subject: [PATCH] mount /run in sahara-engine container

sahara-engine service need to run ip netns command in container
when set use_namespaces=true in saraha.conf

Change-Id: I8b10cdd0127e1895ae40dfeed1a5910e6bcd701c
Related-Bug: #1687602
Closes-Bug: #1687624
---
 ansible/roles/sahara/defaults/main.yml | 2 ++
 ansible/roles/sahara/handlers/main.yml | 1 +
 ansible/roles/sahara/tasks/config.yml  | 1 +
 3 files changed, 4 insertions(+)

diff --git a/ansible/roles/sahara/defaults/main.yml b/ansible/roles/sahara/defaults/main.yml
index f12d8af603..d1e9dbe6b4 100644
--- a/ansible/roles/sahara/defaults/main.yml
+++ b/ansible/roles/sahara/defaults/main.yml
@@ -17,11 +17,13 @@ sahara_services:
     group: sahara-engine
     enabled: true
     image: "{{ sahara_engine_image_full }}"
+    privileged: True
     volumes:
       - "{{ node_config_directory }}/sahara-engine/:{{ container_config_directory }}/:ro"
       - "/etc/localtime:/etc/localtime:ro"
       - "sahara:/var/lib/sahara/"
       - "kolla_logs:/var/log/kolla/"
+      - "/run:/run:shared"
 
 
 ####################
diff --git a/ansible/roles/sahara/handlers/main.yml b/ansible/roles/sahara/handlers/main.yml
index 79a9a57f73..0dbec54fc7 100644
--- a/ansible/roles/sahara/handlers/main.yml
+++ b/ansible/roles/sahara/handlers/main.yml
@@ -36,6 +36,7 @@
     name: "{{ service.container_name }}"
     image: "{{ service.image }}"
     volumes: "{{ service.volumes }}"
+    privileged: "{{ service.privileged | default(False) }}"
   when:
     - action != "config"
     - inventory_hostname in groups[service.group]
diff --git a/ansible/roles/sahara/tasks/config.yml b/ansible/roles/sahara/tasks/config.yml
index 7eba441e8f..36456b0ccc 100644
--- a/ansible/roles/sahara/tasks/config.yml
+++ b/ansible/roles/sahara/tasks/config.yml
@@ -68,6 +68,7 @@
     common_options: "{{ docker_common_options }}"
     name: "{{ item.value.container_name }}"
     image: "{{ item.value.image }}"
+    privileged: "{{ item.value.privileged | default(False) }}"
     volumes: "{{ item.value.volumes }}"
   register: check_sahara_containers
   when: