Configure cinder's access to the nova API

Configure cinder to use the nova API's admin endpoint instead of the default public endpoint. Add the necessary auth credentials so that cinder can access nova's API as a privileged user, which is required for certain actions (see [1]). [1] https://git.openstack.org/cgit/openstack/cinder/tree/cinder/compute/nova.py#n86 Closes-Bug: #1802347 Depends-On: I925e25bcc352955560fc449fc5287e56beb12ca3 Depends-On: Ia357ea41f8472d47e266d853f120a14b767e880d Change-Id: Ic0eef51c1dafd4a1378f5317390e7c09f1d429cd
2018-11-08 13:43:17 -05:00 · 2018-11-08 13:43:17 -05:00 · f49ca18155
parent f4711fe4af
commit f49ca18155
1 changed files with 8 additions and 0 deletions
--- a/puppet/services/cinder-base.yaml
+++ b/puppet/services/cinder-base.yaml
@ -106,6 +106,10 @@ parameters:
        Messaging client subscriber parameter to specify
        an SSL connection to the messaging host.
    type: string
+  NovaPassword:
+    type: string
+    description: The password for the nova service and db account
+    hidden: true

 conditions:
  service_debug_unset: {equals : [{get_param: CinderDebug}, '']}
@ -149,3 +153,7 @@ outputs:
        cinder::cron::db_purge::age: {get_param: CinderCronDbPurgeAge}
        cinder::cron::db_purge::destination: {get_param: CinderCronDbPurgeDestination}
        cinder::glance::glance_api_servers: {get_param: [EndpointMap, GlanceInternal, uri]}
+        cinder::nova::interface: admin
+        cinder::nova::auth_type: password
+        cinder::nova::auth_url: {get_param: [EndpointMap, KeystoneInternal, uri]}
+        cinder::nova::password: {get_param: NovaPassword}