From 4669ae0d83572681787e573c747e9a4156f5176d Mon Sep 17 00:00:00 2001
From: Carlos Goncalves <cgoncalves@redhat.com>
Date: Wed, 3 Oct 2018 17:39:18 +0200
Subject: [PATCH] Add metadata_settings to Octavia and Glance APIs

Internal TLS works fine if one deploys the API services in the
controller. Once one moves the service away from the controller, the
appropriate service principals won't be created.

Closes-Bug: #1795923
Change-Id: I6e8555fbc90fa0369aae37a7ad19eafc7b4a198a
(cherry picked from commit 66f9c304db336a315b44db94fc2d5f8d01a1c20b)
---
 docker/services/octavia-api.yaml                            | 2 ++
 puppet/services/glance-api.yaml                             | 2 ++
 puppet/services/octavia-api.yaml                            | 2 ++
 ...to-octavia-and-glance-tls-internal-5d8e46650b174626.yaml | 6 ++++++
 4 files changed, 12 insertions(+)
 create mode 100644 releasenotes/notes/add-metadata-settings-to-octavia-and-glance-tls-internal-5d8e46650b174626.yaml

diff --git a/docker/services/octavia-api.yaml b/docker/services/octavia-api.yaml
index d76030d452..0a1e3b57d1 100644
--- a/docker/services/octavia-api.yaml
+++ b/docker/services/octavia-api.yaml
@@ -232,3 +232,5 @@ outputs:
                 - octavia_api_httpd_enabled|bool
                 - httpd_running|bool
               service: name=httpd state=stopped
+      metadata_settings:
+        get_attr: [OctaviaApiPuppetBase, role_data, metadata_settings]
diff --git a/puppet/services/glance-api.yaml b/puppet/services/glance-api.yaml
index 5e8f0389ef..b9b5c41191 100644
--- a/puppet/services/glance-api.yaml
+++ b/puppet/services/glance-api.yaml
@@ -400,3 +400,5 @@ outputs:
             - step|int == 1
             - glance_registry_enabled.rc == 0
           service: name=openstack-glance-registry state=stopped enabled=no
+      metadata_settings:
+        get_attr: [TLSProxyBase, role_data, metadata_settings]
diff --git a/puppet/services/octavia-api.yaml b/puppet/services/octavia-api.yaml
index 6a4647cf6f..f90343af3d 100644
--- a/puppet/services/octavia-api.yaml
+++ b/puppet/services/octavia-api.yaml
@@ -127,3 +127,5 @@ outputs:
           octavia::db::mysql::allowed_hosts:
             - '%'
             - "%{hiera('mysql_bind_host')}"
+      metadata_settings:
+        get_attr: [TLSProxyBase, role_data, metadata_settings]
diff --git a/releasenotes/notes/add-metadata-settings-to-octavia-and-glance-tls-internal-5d8e46650b174626.yaml b/releasenotes/notes/add-metadata-settings-to-octavia-and-glance-tls-internal-5d8e46650b174626.yaml
new file mode 100644
index 0000000000..6eb8457043
--- /dev/null
+++ b/releasenotes/notes/add-metadata-settings-to-octavia-and-glance-tls-internal-5d8e46650b174626.yaml
@@ -0,0 +1,6 @@
+---
+fixes:
+  - |
+    Fixed an issue where if Octavia API or Glance API were deployed away from
+    the controller node with internal TLS, the service principals wouldn't be
+    created.