kubevirt on openshift tweaks

#fist make sure externalIPNetworkCIDRs is set to ["0.0.0.0/0"] in master config
# refer to https://access.redhat.com/solutions/2464791
# this is needed for the services that declare use of external ips

# in the project where you're deploying kubevirt

#disable selinux or fight as https://adam.younglogic.com/2017/09/se-linux-for-centos-continued/
setenforce 0
sed -i "s/SELINUX=enforcing/SELINUX=permissive/" /etc/selinux/config

#needed for the controller virt-controller
oc create sa kubevirt-controller
oc adm policy add-cluster-role-to-user cluster-admin -z kubevirt-controller
oc patch deployment/virt-controller --patch '{"spec":{"template":{"spec":{"serviceAccountName": "kubevirt-controller"}}}}'
#alternatively you could run the following:
#oc adm policy add-cluster-role-to-user cluster-admin -z default


oc create sa kubevirt-iscsi
oc adm policy add-scc-to-user hostmount-anyuid -z kubevirt-iscsi
oc patch deployment/iscsi-demo-target-tgtd --patch '{"spec":{"template":{"spec":{"serviceAccountName": "kubevirt-iscsi"}}}}'

oc create sa kubevirt-privileged
oc adm policy add-scc-to-user privileged -z kubevirt-privileged
oc adm policy add-cluster-role-to-user cluster-admin -z kubevirt-privileged
oc patch deployment/virt-manifest --patch '{"spec":{"template":{"spec":{"serviceAccountName": "kubevirt-privileged"}}}}'
oc patch daemonset/virt-handler --patch '{"spec":{"template":{"spec":{"serviceAccountName": "kubevirt-privileged"}}}}'
oc patch daemonset/libvirt --patch '{"spec":{"template":{"spec":{"serviceAccountName": "kubevirt-privileged"}}}}'