tripleo-heat-templates/deployment/nova
Alan Bishop 0ba612d07d Deploy separate glance-api services for OSSN-0090
This patch adopts the recommendation outlined in  OSSN-0090 [1], in
which two instances of the glance-api service are deployed:
- A "user facing" glance-api service, accessible via the Public
  keystone endpoint.
- An "internal facing only" service, accessible via the Admin and
  Internal keystone endpoints.

The user facing instance is configured so it does not report any image
location information. This is achieved by configuring glance-api.conf
with the show_image_direct_url and show_multiple_locations set to False.

The internal service operates on a separate TCP port (defaults to 9293)
with its own glance-api.conf that configures show_image_direct_url and
show_multiple_locations set to True.

In order for cinder and nova to have access to the image location data,
both services are configured to access glance via the internal service.

[1] https://wiki.openstack.org/wiki/OSSN/OSSN-0090

stable/zed:
  Backports include I456b4235242cae125f5ad4cd9cc7415f2699462c, which
  fixed a typo in the original patch.

Closes-Bug: #1822540
Depends-On: https://review.opendev.org/c/openstack/puppet-tripleo/+/865874
Depends-On: https://review.opendev.org/c/openstack/tripleo-common/+/865873
Change-Id: Id093613f9d410eb3fe5564a724c0f75275eeb4e8
(cherry picked from commit d60969cb55)
2023-01-09 06:48:57 -08:00
..
nova-api-container-puppet.yaml Merge "Use python to template cell urls" 2022-10-28 19:44:36 +00:00
nova-apidb-client-puppet.yaml Simplify mysql users creation 2021-09-15 12:23:30 +02:00
nova-az-config.yaml Merge "Nova AZ: Remove unused AdminPassword" 2022-10-25 19:44:13 +00:00
nova-base-puppet.yaml Deploy separate glance-api services for OSSN-0090 2023-01-09 06:48:57 -08:00
nova-compute-common-container-puppet.yaml Fix typos in comments and parameter descriptions 2022-08-03 17:07:11 +05:30
nova-compute-container-puppet.yaml Merge "Add missing hidden tags for password/credential/private keys" 2022-10-26 07:30:00 +00:00
nova-conductor-container-puppet.yaml Enable CAP_AUDIT_WRITE for some containers/steps 2022-10-03 13:31:59 +02:00
nova-db-client-puppet.yaml Simplify mysql users creation 2021-09-15 12:23:30 +02:00
nova-ironic-container-puppet.yaml Merge "nova-ironic: Fix selinux denial when relabeling /var/lib/nova" 2022-09-30 10:36:14 +00:00
nova-libvirt-common.yaml Correct label for /run/libvirt 2022-09-08 17:05:02 +02:00
nova-libvirt-guests-container-puppet.yaml Role specific container support 2022-01-21 14:18:02 -07:00
nova-manager-container-puppet.yaml Role specific container support 2022-01-21 14:18:02 -07:00
nova-metadata-container-puppet.yaml Filter excluded nodes from ansible delegates 2022-09-20 12:54:22 +09:00
nova-migration-target-container-puppet.yaml Merge "Add missing hidden tags for password/credential/private keys" 2022-10-26 07:30:00 +00:00
nova-modular-libvirt-container-puppet.yaml Merge "Fix logs permissions for swtpm" into stable/zed 2022-12-06 23:02:11 +00:00
nova-scheduler-container-puppet.yaml Filter excluded nodes from ansible delegates 2022-09-20 12:54:22 +09:00
nova-vnc-proxy-container-puppet.yaml Filter excluded nodes from ansible delegates 2022-09-20 12:54:22 +09:00