Add a nova section to cinder configuration

Cinder needs to send notifications to nova when attached volumes
are being extended. By default, cinder uses the client context
for this, but nova requires admin privileges for this. So we
configure cinder to use the nova service user instead. See
also [0].

[0] https://bugs.launchpad.net/openstack-ansible/+bug/1902914

Change-Id: Ib4c6820dd15ecfa3e3763c188e0a2cc322ecea55
This commit is contained in:
Jens Harbott 2021-03-04 14:09:57 +01:00
parent 2e5dd8c317
commit f6c6e8b180
2 changed files with 13 additions and 0 deletions

View File

@ -15,6 +15,12 @@ default['openstack']['block-storage']['conf'].tap do |conf|
conf['keystone_authtoken']['project_name'] = 'service'
conf['keystone_authtoken']['user_domain_name'] = 'Default'
conf['keystone_authtoken']['project_domain_name'] = 'Default'
conf['nova']['auth_type'] = 'password'
conf['nova']['region_name'] = node['openstack']['region']
conf['nova']['username'] = 'nova'
conf['nova']['project_name'] = 'service'
conf['nova']['user_domain_name'] = 'Default'
conf['nova']['project_domain_name'] = 'Default'
conf['oslo_concurrency']['lock_path'] = '/var/lib/cinder/tmp'
end

View File

@ -56,6 +56,12 @@ node.default['openstack']['block-storage']['conf_secrets']
.[]('keystone_authtoken')['password'] =
get_password 'service', 'openstack-block-storage'
if node['openstack']['block-storage']['conf']['nova']['auth_type'] == 'password'
node.default['openstack']['block-storage']['conf_secrets']
.[]('nova')['password'] =
get_password 'service', 'openstack-compute'
end
auth_url = identity_endpoint.to_s
directory '/etc/cinder' do
@ -71,6 +77,7 @@ node.default['openstack']['block-storage']['conf'].tap do |conf|
conf['DEFAULT']['osapi_volume_listen'] = cinder_api_bind_address
conf['DEFAULT']['osapi_volume_listen_port'] = cinder_api_bind['port']
conf['keystone_authtoken']['auth_url'] = auth_url
conf['nova']['auth_url'] = auth_url
end
# Todo(jr): Make this configurable depending on backend to be used