From 2be9b881c451abb151608ba8d989a5e1cfe532a4 Mon Sep 17 00:00:00 2001 From: nileshchandekar Date: Tue, 12 Aug 2025 19:28:44 +0530 Subject: [PATCH] Add masakari user to libvirt Group Added the Masakari user to the libvirt group to ensure proper permissions for accessing libvirt resources. This resolves permission issues that could prevent Masakari from monitoring and managing virtual machine instances effectively. The fix ensures that the Masakari service can successfully interact with the libvirt daemon for instance evacuation and recovery operations during host failures. Related-Bug: #2120450 Co-authored-by: Jobin Jospeh Change-Id: I4fdbc073319583709f7c9919aedf7728d1e8dee5 Signed-off-by: Nilesh Chandekar --- defaults/main.yml | 3 +++ ..._Masakari_User_to_Libvirt_Group-a0fc38ba3a53dd7f.yaml | 9 +++++++++ tasks/masakari_pre_install.yml | 8 ++++++++ 3 files changed, 20 insertions(+) create mode 100644 releasenotes/notes/Add_Masakari_User_to_Libvirt_Group-a0fc38ba3a53dd7f.yaml diff --git a/defaults/main.yml b/defaults/main.yml index 78397ea..058eef6 100644 --- a/defaults/main.yml +++ b/defaults/main.yml @@ -40,6 +40,9 @@ masakari_upper_constraints_url: >- masakari_git_constraints: - "--constraint {{ masakari_upper_constraints_url }}" +## Libvirt Group +masakari_monitor_libvirt_group: "{{ libvirt_group | default('libvirt') }}" + ## System info masakari_system_user_name: masakari masakari_system_group_name: masakari diff --git a/releasenotes/notes/Add_Masakari_User_to_Libvirt_Group-a0fc38ba3a53dd7f.yaml b/releasenotes/notes/Add_Masakari_User_to_Libvirt_Group-a0fc38ba3a53dd7f.yaml new file mode 100644 index 0000000..8ceb091 --- /dev/null +++ b/releasenotes/notes/Add_Masakari_User_to_Libvirt_Group-a0fc38ba3a53dd7f.yaml @@ -0,0 +1,9 @@ +--- +fixes: + - | + Added the Masakari user to the libvirt group to ensure proper permissions + for accessing libvirt resources. This resolves permission issues that could + prevent Masakari from monitoring and managing virtual machine instances + effectively. The fix ensures that the Masakari service can successfully + interact with the libvirt daemon for instance evacuation and recovery + operations during host failures. diff --git a/tasks/masakari_pre_install.yml b/tasks/masakari_pre_install.yml index e449eee..4a2187b 100644 --- a/tasks/masakari_pre_install.yml +++ b/tasks/masakari_pre_install.yml @@ -31,6 +31,14 @@ createhome: "yes" home: "{{ masakari_system_user_home }}" +- name: Add masakari user to libvirt Group + ansible.builtin.user: + name: "{{ masakari_system_user_name }}" + groups: "{{ masakari_monitor_libvirt_group }}" + append: "yes" + when: + - "masakari_services['masakari-hostmonitor']['group'] in group_names" + - name: Create masakari dir ansible.builtin.file: path: "{{ item.path | realpath }}"