Add cinder credentials to nova conf
Added user/project CONF with admin role at cinder group, and when determine context is_admin and without token, do authenticaion with user/project info to call cinder api. When set reclaim_instance_interval > 0, and then delete an instance which booted from volume with `delete_on_termination` set as true. After reclaim_instance_interval time pass, all volumes boot instance with state: attached and in-use, even when attached instances was deleted. This happens because as admin context from `nova.compute.manager._reclaim_queued_deletes` did not have any token info, then call cinder api would be failed. The corresponding nova changes merged in change https://review.opendev.org/#/c/522112/ Also rephrased CinderPassword parameter description in cinder service templates to make it generic. Depends-On: https://review.opendev.org/#/c/657918/ Related-Bug: #1734025 Change-Id: If0f9e442e5ed3b2d94bc51e65c145519c51cbc86
This commit is contained in:
parent
54d48b591d
commit
8f8b750e4f
@ -54,7 +54,7 @@ parameters:
|
||||
Whether to create cron job for purging soft deleted rows in Cinder database.
|
||||
type: boolean
|
||||
CinderPassword:
|
||||
description: The password for the cinder service account, used by cinder-api.
|
||||
description: The password for the cinder service and db account.
|
||||
type: string
|
||||
hidden: true
|
||||
KeystoneRegion:
|
||||
|
@ -9,7 +9,7 @@ parameters:
|
||||
description: The Cinder service's storage availability zone.
|
||||
type: string
|
||||
CinderPassword:
|
||||
description: The password for the cinder service account, used by cinder-api.
|
||||
description: The password for the cinder service and db account.
|
||||
type: string
|
||||
hidden: true
|
||||
Debug:
|
||||
|
@ -275,6 +275,14 @@ parameters:
|
||||
description: The password for the keystone admin account, used for monitoring, querying neutron etc.
|
||||
type: string
|
||||
hidden: true
|
||||
CinderPassword:
|
||||
description: The password for the cinder service and db account.
|
||||
type: string
|
||||
hidden: true
|
||||
KeystoneRegion:
|
||||
type: string
|
||||
default: 'regionOne'
|
||||
description: Keystone region for endpoint
|
||||
|
||||
resources:
|
||||
|
||||
@ -418,6 +426,12 @@ outputs:
|
||||
- {get_param: CephClientUserName}
|
||||
tripleo::profile::base::nova::compute::cinder_nfs_backend: {get_param: CinderEnableNfsBackend}
|
||||
rbd_persistent_storage: {get_param: CinderEnableRbdBackend}
|
||||
nova::cinder::username: 'cinder'
|
||||
nova::cinder::auth_type: 'v3password'
|
||||
nova::cinder::project_name: 'service'
|
||||
nova::cinder::password: {get_param: CinderPassword}
|
||||
nova::cinder::auth_url: {get_param: [EndpointMap, KeystoneV3Internal, uri]}
|
||||
nova::cinder::region_name: {get_param: KeystoneRegion}
|
||||
nova::compute::rbd::libvirt_rbd_secret_key: {get_param: CephClientKey}
|
||||
nova::compute::rbd::libvirt_rbd_secret_uuid: {get_param: CephClusterFSID}
|
||||
nova::compute::instance_usage_audit: true
|
||||
|
Loading…
Reference in New Issue
Block a user