From 11d7233ccc6de629e94a42faa8d507e037c44aba Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Rados=C5=82aw=20Piliszek?= Date: Thu, 12 Aug 2021 18:36:53 +0000 Subject: [PATCH] Bump libvirtd memlock ulimit This is required for libvirtd with cgroupsv2 (Debian Bullseye and soon others). Otherwise, device attachments simply fail. The warning message suggests filtering will be disabled but it actually just fails the action entirely. Change-Id: Id1fbd49a31a6e6e51b667f646278b93897c05b21 Closes-Bug: #1941940 --- ansible/roles/nova-cell/defaults/main.yml | 12 +++++++++++- releasenotes/notes/bug-1941940-c63265ea6ea2f594.yaml | 11 +++++++++++ 2 files changed, 22 insertions(+), 1 deletion(-) create mode 100644 releasenotes/notes/bug-1941940-c63265ea6ea2f594.yaml diff --git a/ansible/roles/nova-cell/defaults/main.yml b/ansible/roles/nova-cell/defaults/main.yml index c8e41cd05a..3d5e139752 100644 --- a/ansible/roles/nova-cell/defaults/main.yml +++ b/ansible/roles/nova-cell/defaults/main.yml @@ -239,7 +239,17 @@ nova_compute_ironic_image: "{{ docker_registry ~ '/' if docker_registry else '' nova_compute_ironic_tag: "{{ nova_tag }}" nova_compute_ironic_image_full: "{{ nova_compute_ironic_image }}:{{ nova_compute_ironic_tag }}" -nova_libvirt_dimensions: "{{ default_container_dimensions }}" +nova_libvirt_default_dimensions: + ulimits: + # NOTE(yoctozepto): This limit bump is required for cgroupsv2 which use eBPF + # to filter devices. See also LP#1941940. The new value is said to support + # up to 4096 guests (see libvirtd systemd service file from Debian Bullseye + # libvirt-daemon-system package for details). + memlock: + soft: 67108864 # 64 MiB + hard: 67108864 # 64 MiB + +nova_libvirt_dimensions: "{{ default_container_dimensions | combine(nova_libvirt_default_dimensions, recursive=True) }}" nova_ssh_dimensions: "{{ default_container_dimensions }}" nova_novncproxy_dimensions: "{{ default_container_dimensions }}" nova_spicehtml5proxy_dimensions: "{{ default_container_dimensions }}" diff --git a/releasenotes/notes/bug-1941940-c63265ea6ea2f594.yaml b/releasenotes/notes/bug-1941940-c63265ea6ea2f594.yaml new file mode 100644 index 0000000000..7b33dbe6ae --- /dev/null +++ b/releasenotes/notes/bug-1941940-c63265ea6ea2f594.yaml @@ -0,0 +1,11 @@ +--- +fixes: + - | + Fixes inability to attach devices (e.g., volumes via iSCSI/FC) + to instances on Debian Bullseye. + `LP#1941940 `__ +upgrade: + - | + To fix LP#1941940, ``nova_libvirt_dimensions`` now by default combines with + ``nova_libvirt_default_dimensions``. Please consider this when customising + that variable.