Add cinder credentials to nova conf
Added user/project CONF with admin role at cinder group,
and when determine context is_admin and without token, do
authenticaion with user/project info to call cinder api.
When set reclaim_instance_interval > 0, and then delete an
instance which booted from volume with `delete_on_termination`
set as true. After reclaim_instance_interval time pass,
all volumes boot instance with state: attached and in-use,
even when attached instances was deleted.
This happens because as admin context from
`nova.compute.manager._reclaim_queued_deletes` did not have
any token info, then call cinder api would be failed.
The corresponding nova changes merged in change
https://review.opendev.org/#/c/522112/
Also rephrased CinderPassword parameter description in
cinder service templates to make it generic.
Conflicts:
deployment/nova/nova-compute-container-puppet.yaml
docker/services/cinder-api.yaml
Depends-On: https://review.opendev.org/#/c/660383
Related-Bug: #1734025
Change-Id: If0f9e442e5ed3b2d94bc51e65c145519c51cbc86
(cherry picked from commit 8f8b750e4f
)
This commit is contained in:
parent
dd46170b74
commit
8da661b1c8
|
@ -14,7 +14,7 @@ parameters:
|
|||
Whether to create cron job for purging soft deleted rows in Cinder database.
|
||||
type: boolean
|
||||
CinderPassword:
|
||||
description: The password for the cinder service account, used by cinder-api.
|
||||
description: The password for the cinder service and db account.
|
||||
type: string
|
||||
hidden: true
|
||||
ServiceData:
|
||||
|
|
|
@ -5,7 +5,7 @@ description: >
|
|||
|
||||
parameters:
|
||||
CinderPassword:
|
||||
description: The password for the cinder service account, used by cinder-api.
|
||||
description: The password for the cinder service and db account.
|
||||
type: string
|
||||
hidden: true
|
||||
Debug:
|
||||
|
|
|
@ -220,6 +220,14 @@ parameters:
|
|||
type: boolean
|
||||
tags:
|
||||
- role_specific
|
||||
CinderPassword:
|
||||
description: The password for the cinder service and db account.
|
||||
type: string
|
||||
hidden: true
|
||||
KeystoneRegion:
|
||||
type: string
|
||||
default: 'regionOne'
|
||||
description: Keystone region for endpoint
|
||||
|
||||
conditions:
|
||||
enable_live_migration_tunnelled:
|
||||
|
@ -321,6 +329,12 @@ outputs:
|
|||
- {get_param: CephClientUserName}
|
||||
tripleo::profile::base::nova::compute::cinder_nfs_backend: {get_param: CinderEnableNfsBackend}
|
||||
rbd_persistent_storage: {get_param: CinderEnableRbdBackend}
|
||||
nova::cinder::username: 'cinder'
|
||||
nova::cinder::auth_type: 'v3password'
|
||||
nova::cinder::project_name: 'service'
|
||||
nova::cinder::password: {get_param: CinderPassword}
|
||||
nova::cinder::auth_url: {get_param: [EndpointMap, KeystoneV3Internal, uri]}
|
||||
nova::cinder::region_name: {get_param: KeystoneRegion}
|
||||
nova::compute::rbd::libvirt_rbd_secret_key: {get_param: CephClientKey}
|
||||
nova::compute::rbd::libvirt_rbd_secret_uuid: {get_param: CephClusterFSID}
|
||||
nova::compute::instance_usage_audit: true
|
||||
|
|
Loading…
Reference in New Issue