Replace ceph by cephadm

[dupremathieu]

Summary

This PR migrates the SEAPATH cluster storage management from bare Ceph daemon
packages to cephadm, the official Ceph orchestration tool. Cephadm manages
Ceph daemons as containers rather than native system services. Since cephadm
relies on Podman (rather than Docker) to run those containers, this
migration also implies replacing Docker with Podman as the container runtime
dependency. Finally, reworking the livemigration user—now renamed
libvirtadmin to reflect its broader role—was necessary to keep user
management consistent throughout the cluster.

All other commits in this PR address bugs and regressions discovered during
the migration work.

---

Main changes

cephadm integration

• recipes-extended/ceph: create the cephadm recipe – Introduces a
  dedicated Yocto recipe that fetches the upstream cephadm Python script and
  installs it on the target image.
• distro: seapath-common: set cephadm as preferred cephadm provider –
  Declares the new cephadm recipe as the preferred provider for the
  cephadm runtime package, so it supersedes the copy bundled inside the
  monolithic ceph package.
• images/seapath-host-common-ha.inc: install cephadm package – Adds
  the cephadm package to the HA host image so the orchestrator is available
  at first boot.
• cephadm: add lvm2 and podman dependencies – cephadm requires both
  lvm2 (OSD provisioning) and podman (daemon containers) at runtime;
  these are now declared as explicit RDEPENDS.

Podman replacing Docker

• The kernel configuration fragment docker.cfg is retained for the
  container-related kernel options that Podman also needs.
• Docker packages (docker-ce, docker-ce-contrib) are removed from the
  host image recipes and replaced where appropriate by podman and related
  packages.

User management rework

• system-config-cluster: rename user to libvirtadmin – The
  livemigration user/group is renamed to libvirtadmin because the account
  is now also used for VM console access across the cluster, not only for live
  migration. The rename is applied consistently in:
  • conf/distro/include/group.gid
  • conf/distro/include/passwd.uid
  • cukinia security tests (groups.conf, passwd.conf)
• python3-vm-manager: bump to the last version – Picks up the upstream
  change that uses libvirtadmin as the default user for the vm-mgr console
  command, and removes the now-unnecessary pyproject.toml licence field
  patch.

Ceph packaging refactor (prerequisite work)

A series of commits restructured the Ceph 18 Yocto packaging to make the
cephadm migration feasible and to align with Debian's package split:

• recipes-extended/ceph: add ceph.inc and include it in ceph_16.bbappend –
  Extracts common packaging logic into a shared include file.
• recipes-extended/ceph: import ceph 18.2.7 from meta-virtualization –
  Brings in the upstream Ceph 18.2.7 recipe as a baseline.
• recipes-extended/ceph: add ceph 18 bbappend – Applies SEAPATH-specific
  customisations on top of the base recipe (cross-compilation patches, file
  installations, sysctl configuration, sudoers, etc.).
• ceph: refactor packaging into smaller packages – Splits the monolithic
  ceph package into fine-grained sub-packages (ceph-common, ceph-base,
  ceph-mon, ceph-osd, ceph-mds, ceph-mgr, …) matching Debian's
  structure, enabling minimal installations.
• ceph: remove circular dependencies between ceph packages – Fixes a
  packaging deadlock where each sub-package depended on the main ceph package
  and vice-versa. Introduces CEPH_BASE_PACKAGE to control which package owns
  the ceph system user.
• ceph: move packages definitions back to ceph 16 bbappend – Consolidates
  package definitions in the bbappend to avoid duplication between the .bb
  and .bbappend files.
• distro: seapath-common: update ceph version to 18.2.7 – Promotes
  Ceph 18.2.7 as the default cluster storage version.
• ceph: patch updates – Ports the Python binding cross-compilation patch
  from Ceph 16 to Ceph 18 and imports relevant patches from Debian.
• ceph: update patch Upstream-Status – Marks OE-specific patches
  correctly to avoid spurious upstream submission warnings.
• ceph: disable export BUILD_DOC in ceph_18.2.7.bb – Disables the
  BUILD_DOC export that was enabling the Ceph library mock-up used for
  documentation generation, which caused build issues.

---

Testing

The cukinia test suite has been updated throughout this PR to reflect the new
user/group names and the new cephadm-based deployment model:

• SEAPATH_CLUSTER_USERS now includes libvirtadmin instead of
  livemigration.
• Cluster-specific tests (ceph OSD path, cluster user presence) are guarded
  behind the seapath-clustering DISTRO_FEATURES flag so they do not run
  on non-clustering images.

To test cephadm instead of Ceph daemon on Yocto you do the following modification
in your inventory:

• Remove: force_cephadm: true
• Add the following global "vars":

cephadm_pullimages: true
force_cephadm: true
cephadm_network: "{{ public_network }}"

[eroussy]

Why are you talking about libvirtadmin user. You don't do anything related to this user in this PR
The username change from livemigration to libvirtadmin was already done in 72e06e7
In fact, all the "User management rework" is from another PR. Remove it from the description and remove all mention of libvirtadmin

[eroussy]

Ok to remove docker, but we should install the docker-podman compatibility tool, so that user can still use the "docker" command