Bug 1783343

Summary: [CNV 2.3] VMI fails to start on "Unable to set XATTR trusted.libvirt.security.dac"
Product: Container Native Virtualization (CNV) Reporter: Irina Gulina <igulina>
Component: VirtualizationAssignee: sgott
Status: CLOSED ERRATA QA Contact: zhe peng <zpeng>
Severity: urgent Docs Contact:
Priority: high    
Version: 2.3.0CC: alkaplan, cnv-qe-bugs, danken, dgilbert, fdeutsch, ipinto, jfehlig, jsuchane, mprivozn, ncredi, oshoval, phoracek, rmohr, rnetser, sgordon, sgott, talayan, yadu
Target Milestone: ---Keywords: TestBlocker
Target Release: 2.3.0   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: virt-launcher-container-v2.3.0-27 hco-bundle-registry-container-v2.2.0-320 Doc Type: If docs needed, set a value
Doc Text:
Story Points: ---
Clone Of: 1774373 Environment:
Last Closed: 2020-05-04 19:10:37 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On: 1774373    
Bug Blocks:    

Comment 4 zhe peng 2020-02-20 02:48:52 UTC 
verify with build:
Server Version: 4.4.0-0.nightly-2020-02-17-022408
Kubernetes Version: v1.17.1
$ virtctl version
Client Version: version.Info{GitVersion:"v0.26.1", GitCommit:"e40ff7965e2aadbf21131626dfa3be85524e3a2c", GitTreeState:"clean", BuildDate:"2020-02-19T16:16:36Z", GoVersion:"go1.12.8", Compiler:"gc", Platform:"linux/amd64"}
Server Version: version.Info{GitVersion:"v0.26.1", GitCommit:"e40ff7965e2aadbf21131626dfa3be85524e3a2c", GitTreeState:"clean", BuildDate:"2020-02-19T16:14:32Z", GoVersion:"go1.12.12", Compiler:"gc", Platform:"linux/amd64"}

create a vm[1]
$ oc get vm
NAME        AGE     RUNNING   VOLUME
vm-cirros   5m29s   true

$ oc get vmi
NAME        AGE     PHASE     IP            NODENAME
vm-cirros   5m16s   Running   x.x.x.x   zpeng-ocp44-llgmg-worker-nk6nx

vm can be started and login, move to verified.

[1]
#cat vm-cirros.yaml 
---
apiVersion: kubevirt.io/v1alpha3
kind: VirtualMachine
metadata:
  labels:
    kubevirt.io/vm: vm-cirros
  name: vm-cirros
spec:
  running: false
  template:
    metadata:
      labels:
        kubevirt.io/vm: vm-cirros
    spec:
      domain:
        devices:
          disks:
          - disk:
              bus: virtio
            name: containerdisk
          - disk:
              bus: virtio
            name: cloudinitdisk
        machine:
          type: ""
        resources:
          requests:
            memory: 64M
      terminationGracePeriodSeconds: 0
      volumes:
      - containerDisk:
          image: kubevirt/cirros-container-disk-demo:latest
        name: containerdisk
      - cloudInitNoCloud:
          userData: |
            #!/bin/sh
            
             echo 'printed from cloud-init userdata'
        name: cloudinitdisk
Comment 7 errata-xmlrpc 2020-05-04 19:10:37 UTC 
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHEA-2020:2011