From ce9ae866699456ab3c69be6e34c419e537630d49 Mon Sep 17 00:00:00 2001
From: Grzegorz Grasza <xek@redhat.com>
Date: Thu, 8 Apr 2021 14:34:57 +0200
Subject: [PATCH] Mount /etc/openldap inside the keystone container

For configuring high availability for LDAP in keystone one
needs to edit /etc/openldap/ldap.conf. This worked
before control plane was containerised. Mounting the
openldap configuration into the keystone container
restores the previous behavior.

Change-Id: Id0d73a8ab0ddf7bf9e2b76ea14ffc9acff3a0ad3
Closes-Bug: #1923048
Resolves: rhbz#1944466
(cherry picked from commit 313e4484e2a219eec7affb5e1e5e61d41687c6fd)
---
 deployment/keystone/keystone-container-puppet.yaml | 1 +
 1 file changed, 1 insertion(+)

diff --git a/deployment/keystone/keystone-container-puppet.yaml b/deployment/keystone/keystone-container-puppet.yaml
index 4332e07bb9..445cca57d8 100644
--- a/deployment/keystone/keystone-container-puppet.yaml
+++ b/deployment/keystone/keystone-container-puppet.yaml
@@ -676,6 +676,7 @@ outputs:
                 - {get_attr: [ContainersCommon, volumes]}
                 - {get_attr: [KeystoneLogging, volumes]}
                 -
+                  - /etc/openldap:/etc/openldap:ro
                   - /var/lib/kolla/config_files/keystone.json:/var/lib/kolla/config_files/config.json:ro
                   - /var/lib/config-data/puppet-generated/keystone:/var/lib/kolla/config_files/src:ro
                 - if: