Allow glance ceph osd cinder pool access

Recently cinder has added clone v2 support for its RBD backend, since
then if you attempt to delete an image from glance that has a
dependent volume, all future uses of that image will fail in
error state. Despite the fact that image itself is still inside of
Ceph/Glance. This issue is reproducible if you are using ceph
client version greater than 'luminous'

To resolve this issue glance RBD driver now checks whether original
image has any dependency before deleting/removing it's snapshot and
returns 409 response if it has any dependency. To check this
dependency glance osd needs 'read' access to cinder side RBD pool.

This change allows glance keyring/osd a read access on cinder side
RBD pool.

Related-Bug: #1954883
Change-Id: I2e6221e6de23920998bb5f32b2323704b3c89f74

devstack/lib/ceph

@@ -697,6 +697,7 @@ function configure_ceph_glance {
             get-or-create client.${GLANCE_CEPH_USER} \
             mon "allow r" \
             osd "allow class-read object_prefix rbd_children, \
+            allow rx pool=${CINDER_CEPH_POOL}, \
             allow rwx pool=${GLANCE_CEPH_POOL}" | \
             sudo tee ${CEPH_CONF_DIR}/ceph.client.${GLANCE_CEPH_USER}.keyring