Include keystone authtoken config in manila-share service

Because manila-share is a pacemaker-managed service, it has to be on the controller node. If you deploy the api services to a different node, then manila-share loses access to the authtoken hieradata generated by manila-api. Adding it explicitly to the manila-share config allows this setup to deploy sanely. Note that I'm having a different problem with manila db-syncs in this setup, so there's likely another patch required to get it fully working. Change-Id: Iac782fa67ea912d24b9905dd8bbafb8ff28dd669 Partial-Bug: 1633077 (cherry picked from commit f20c044c73)
2016-11-04 12:28:18 -05:00 · 2016-11-04 12:28:18 -05:00 · 2b51ded160
commit 2b51ded160
parent 0ced02d9a6
1 changed files with 8 additions and 0 deletions
--- a/puppet/services/manila-share.yaml
+++ b/puppet/services/manila-share.yaml
@ -21,6 +21,10 @@ parameters:
  MonitoringSubscriptionManilaShare:
    default: 'overcloud-manila-share'
    type: string
+  ManilaPassword:
+    description: The password for the manila service account.
+    type: string
+    hidden: true

 resources:
  ManilaBase:
@ -40,5 +44,9 @@ outputs:
        map_merge:
          - get_attr: [ManilaBase, role_data, config_settings]
          - manila::volume::cinder::cinder_admin_tenant_name: 'service'
+            manila::keystone::authtoken::password: {get_param: ManilaPassword}
+            manila::keystone::authtoken::auth_uri: {get_param: [EndpointMap, KeystoneInternal, uri]}
+            manila::keystone::authtoken::auth_url: { get_param: [EndpointMap, KeystoneAdmin, uri_no_suffix] }
+            manila::keystone::authtoken::project_name: 'service'
      step_config: |
        include ::tripleo::profile::base::manila::share