Fix creation of bootable volume error in Caracal

Fixes an issue in Caracal where setting a volume's bootable property fails due to uninitialized oslo_privesp daemon inside cinder-volume container. This is a temporary workaround to set cinder-volume as privileged in cinder static overrides. The details of the fix and associated task are also in Openstack Storyboard. Test Plan: - PASS: Apply stx-openstack with changes. - PASS: Verify bootable volume creation. Closes-Bug: 2100010 Reference: https://storyboard.openstack.org/#!/story/2011307 Change-Id: I39cbdcb85ad81a66da7e4331cc1a543cb8416d68 Signed-off-by: Mateus Nascimento <mateus.soaresdonascimento@windriver.com> (cherry picked from commit b49af69dc15c320c12e2d165b1af3954e9632ac1)
2025-02-26 12:41:00 -03:00 · 2025-02-26 12:41:00 -03:00 · 9e5ab9a6c1
commit 9e5ab9a6c1
parent 2b7e633898
1 changed files with 5 additions and 0 deletions
--- a/stx-openstack-helm-fluxcd/stx-openstack-helm-fluxcd/manifests/cinder/cinder-static-overrides.yaml
+++ b/stx-openstack-helm-fluxcd/stx-openstack-helm-fluxcd/manifests/cinder/cinder-static-overrides.yaml
@ -67,6 +67,11 @@ pod:
      - key: openstack-compute-node
        operator: Exists
        effect: NoSchedule
+  security_context:
+    cinder_volume:
+      container:
+        cinder_volume:
+          privileged: true
 network:
  api:
    ingress: