starlingx/openstack-armada-app
Code Issues Proposed changes

Add service role to the Neutron user

Browse Source 
This change assigns the necessary service role to the Neutron user,
allowing live-migration in OpenStack. The operation
was blocked due to a policy restriction in Neutron.

Closes-Bug: https://bugs.launchpad.net/starlingx/+bug/2101182

Test Plan:
- PASS: Run build-pkgs -c -p openstack-helm,stx-openstack-helm-fluxcd
- PASS: Build stx-openstack tarball.
- PASS: Verify neutron user role: admin,service
- PASS: Apply stx-openstack tarball.
- PASS: Create a VM.
- PASS: Do a live-migration.

Change-Id: I5937aa54e7682db76335f6e788823bc37bfd7a85
Signed-off-by: vrochalo <vinicius.rochalobo@windriver.com>
This commit is contained in:
vrochalo
2025-03-07 16:12:17 -03:00
committed by Vinícius Fernando Rocha Lobo
parent 9e5ab9a6c1
commit 8a40e8dccd
2 changed files with 33 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

32
openstack-helm/debian/deb_folder/patches/0020-Add-service-role-to-neutron-policy.patch Normal file
View File

@@ -0,0 +1,32 @@
From 5daa31fc86b59e2dbbad43f4b57caa93fd622454 Mon Sep 17 00:00:00 2001
From: vrochalo <vinicius.rochalobo@windriver.com>
Date: Fri, 7 Mar 2025 11:42:17 -0300
Subject: [PATCH] Add service role to neutron policy
Temporary openstack-helm patch bringing the code fix [1] for the reported launchpad [2].
Since OpenStack 2023.2, Neutron user needs to be migrated to service accounts.
[1] https://github.com/openstack/openstack-helm/commit/5708319cd8acf4edbe31d8416da52b89e8a97fd5
[2] https://bugs.launchpad.net/openstack-helm/+bug/2078002
Signed-off-by: vrochalo <vinicius.rochalobo@windriver.com>
---
neutron/values.yaml | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/neutron/values.yaml b/neutron/values.yaml
index b7a5560d..8a40e41b 100644
--- a/neutron/values.yaml
+++ b/neutron/values.yaml
@@ -2448,7 +2448,7 @@ endpoints:
user_domain_name: default
project_domain_name: default
neutron:
- role: admin
+ role: admin,service
region_name: RegionOne
username: neutron
password: password
--
2.34.1

1
openstack-helm/debian/deb_folder/patches/series
View File

@@ -17,3 +17,4 @@
0017-Add-pre-apply-cleanup-Job-to-STX-O-Helm-charts.patch
0018-Define-values-for-NetApp-volume-backend.patch
0019-Add-cluster-host-ip-env-var-to-nova.patch
0020-Add-service-role-to-neutron-policy.patch