I just made a gerrit patch for this issue https://review.opendev.org/c/openstack/openstack-helm/+/937532

Rico Lin


On Thu, Dec 5, 2024 at 9:42 AM <daniel890723@gmail.com> wrote:
Hello Daniel here
i have been testing on this Error in a clean enviroment
i found out this Error is actually from Cinder-Volume Pod not Cinder-Scheduler Where the Cinder-Volume pod can't get enough Permission to run oslo_privsep
Anyone that trying to run Openstack-helm and encounter this Error when deploy has to give privilige to Cinder-Volume ( No need to give more permission on any other Pod)
The Value.yaml Setting shows below:
    cinder_volume:
      pod:
        runAsUser: 42424
      container:
        ceph_keyring_placement:
          runAsUser: 0
          readOnlyRootFilesystem: true
        ceph_coordination_volume_perms:
          runAsUser: 0
          readOnlyRootFilesystem: true
        init_cinder_conf:
          runAsUser: 0
          readOnlyRootFilesystem: true
        cinder_volume:
          privileged: true # Give cinder_volume priviliged
          readOnlyRootFilesystem: true

Simply add the privileged: true on cinder_volume and everything should be fine
Perhaps Cinder_volume has some wrong setting that cause the permission error?

Daniel Lu