diff --git a/images/virt-launcher/werf.inc.yaml b/images/virt-launcher/werf.inc.yaml index d238443408..e3a3221af9 100644 --- a/images/virt-launcher/werf.inc.yaml +++ b/images/virt-launcher/werf.inc.yaml @@ -2,6 +2,7 @@ image: {{ .ModuleNamePrefix }}{{ .ImageName }} final: true fromImage: {{ .ModuleNamePrefix }}distroless +fromCacheVersion: "{{ now | date "Mon Jan 2 15:04:05 MST 2006" }}" git: {{- include "image mount points" . }} import: @@ -9,10 +10,6 @@ import: add: /relocate to: / after: install - - image: tools/tini-v0.19.0 - add: /usr/bin/tini - to: /usr/bin/tini - after: install imageSpec: config: user: 0 @@ -139,6 +136,7 @@ packages: image: {{ .ModuleNamePrefix }}{{ .ImageName }}-binaries final: false fromImage: {{ .ModuleNamePrefix }}base-alt-p11-binaries +fromCacheVersion: "{{ now | date "Mon Jan 2 15:04:05 MST 2006" }}" git: # Add qemu and virtqemud configs - add: {{ .ModuleDir }}/images/{{ .ImageName }}/configs @@ -158,6 +156,10 @@ git: includePaths: - nsswitch.conf import: +- image: tools/tini-v0.19.0 + add: /usr/bin/tini + to: /relocate/usr/bin/tini + before: setup # Libvirt and QEMU libraries and binaries - image: {{ .ModuleNamePrefix }}packages/libvirt add: /libvirt @@ -392,6 +394,10 @@ shell: echo "Create symlink for run -> var/run " ln -s var/run run + - | + setcap cap_net_bind_service=+ep /relocate/usr/bin/virt-launcher-monitor + setcap cap_net_bind_service=+ep /relocate/usr/bin/tini + # /etc/libvirt-init will be copied back into /etc/libvirt at runtime. This is necessary because we configure libvirt to mount /etc/libvirt and set readOnlyRootFilesystem for other directories. # DO NOT REMOVE. node-labeler.sh uses /etc/libvirt. - | diff --git a/templates/kubevirt/kubevirt.yaml b/templates/kubevirt/kubevirt.yaml index f82827d938..ad5eb38af1 100644 --- a/templates/kubevirt/kubevirt.yaml +++ b/templates/kubevirt/kubevirt.yaml @@ -54,7 +54,6 @@ spec: - HotplugVolumes - Snapshot - ExpandDisks - - Root - CPUManager - Sidecar - VolumeSnapshotDataSource