Add nova section

Cinder sometimes needs to communicate with nova,
for example to notify VMs when live-resizing a disk.
Under certain circumstances,
the autodetected authentication details don't work,
so we must add a dedicated section in the config
for the nova client with proper credentials.

This issue has been observed on victoria and newer,
hence the addition of cinder.conf for victoria.

Closes-Bug: #1939389

Co-authored-by: Samuel Walladge <samuel.walladge@canonical.com>

Change-Id: I6d44223b7c2863c6d9c62b46a41275fd360f92d1
(cherry picked from commit 024de3783f)

templates/parts/service-auth

@@ -0,0 +1,31 @@
+# Authentication type to load (string value)
+auth_type = password
+
+# Authentication URL (string value)
+auth_url = {{ auth_protocol }}://{{ auth_host }}:{{ auth_port }}
+
+# Username (string value)
+username = {{ admin_user }}
+
+# User's password (string value)
+password = {{ admin_password }}
+
+# Project name to scope to (string value)
+project_name = {{ admin_tenant_name }}
+
+
+{% if admin_domain_name -%}
+project_domain_name = {{ admin_domain_name }}
+user_domain_name = {{ admin_domain_name }}
+{% else -%}
+project_domain_name = default
+user_domain_name = default
+{% endif -%}
+
+{% if ca_cert_path -%}
+# PEM encoded Certificate Authority to use when verifying
+# HTTPs connections. (string value)
+cafile = {{ ca_cert_path }}
+{% endif -%}
+
+region_name = {{ region }}

templates/victoria/cinder.conf

@@ -0,0 +1,79 @@
+###############################################################################
+# [ WARNING ]
+# cinder configuration file maintained by Juju
+# local changes may be overwritten.
+###############################################################################
+[DEFAULT]
+rootwrap_config = /etc/cinder/rootwrap.conf
+api_paste_confg = /etc/cinder/api-paste.ini
+iscsi_helper = tgtadm
+verbose = {{ verbose }}
+debug = {{ debug }}
+use_syslog = {{ use_syslog }}
+auth_strategy = keystone
+state_path = /var/lib/cinder
+osapi_volume_workers = {{ workers }}
+
+{% if transport_url %}
+transport_url = {{ transport_url }}
+{% endif %}
+
+{% if use_internal_endpoints -%}
+swift_catalog_info = object-store:swift:internalURL
+keystone_catalog_info = identity:Identity Service:internalURL
+glance_catalog_info = image:glance:internalURL
+nova_catalog_info = compute:Compute Service:internalURL
+{% endif %}
+
+osapi_volume_listen = {{ bind_host }}
+{% if osapi_volume_listen_port -%}
+osapi_volume_listen_port = {{ osapi_volume_listen_port }}
+{% endif -%}
+
+{% if glance_api_servers -%}
+glance_api_servers = {{ glance_api_servers }}
+{% endif -%}
+
+{% if glance_api_version -%}
+glance_api_version = {{ glance_api_version }}
+{% endif -%}
+
+{% if region -%}
+os_region_name = {{ region }}
+{% endif -%}
+
+{% if user_config_flags -%}
+{% for key, value in user_config_flags.items() -%}
+{{ key }} = {{ value }}
+{% endfor -%}
+{% endif -%}
+
+volume_usage_audit_period = {{ volume_usage_audit_period }}
+
+{% if auth_host -%}
+cinder_internal_tenant_project_id = {{ admin_tenant_name }}
+cinder_internal_tenant_user_id = {{ admin_user }}
+{% endif -%}
+
+{% include "parts/backends" %}
+{% include "section-keystone-authtoken-mitaka" %}
+
+{% include "parts/section-database" %}
+
+{% include "section-oslo-messaging-rabbit-ocata" %}
+
+{% include "section-oslo-notifications" %}
+
+[oslo_concurrency]
+lock_path = /var/lock/cinder
+
+[keymgr]
+# XXX: hack to work around http://pad.lv/1516085
+#      will be superseded by SRU to cinder package
+encryption_auth_url = {{ service_protocol }}://{{ service_host }}:{{ service_port }}/v3
+
+{% include "section-oslo-middleware" %}
+
+[nova]
+{% include "parts/service-auth" %}
+

tests/bundles/focal-victoria.yaml

@@ -22,6 +22,7 @@ machines:
   '8':
   '9':
   '10':
+    constraints: mem=8192M
   '11':
 
 applications:
@@ -135,11 +136,12 @@ applications:
     num_units: 1
     constraints: mem=4G cores=4
     storage:
-      ephemeral-device: '10G'
+      ephemeral-device: '40G'
     options:
       config-flags: auto_assign_floating_ip=False
       enable-live-migration: false
-      aa-profile-mode: enforce
+      # disable apparmor because of https://bugs.launchpad.net/charm-nova-compute/+bug/1979812
+      # aa-profile-mode: enforce
       #ephemeral-device: /dev/vdb
       #ephemeral-unmount: /mnt
       debug: true
@@ -161,8 +163,17 @@ applications:
     to:
       - '11'
 
+  cinder-lvm:
+    charm: ch:cinder-lvm
+    options:
+      block-device: "/mnt/cinder-lvm-block|20G"
+    channel: wallaby/edge
+
 relations:
 
+  - - 'cinder:storage-backend'
+    - 'cinder-lvm:storage-backend'
+
   - - 'nova-compute:image-service'
     - 'glance:image-service'
 

tests/bundles/focal-wallaby.yaml

@@ -22,6 +22,7 @@ machines:
   '8':
   '9':
   '10':
+    constraints: mem=8192M
   '11':
 
 applications:
@@ -135,11 +136,12 @@ applications:
     num_units: 1
     constraints: mem=4G cores=4
     storage:
-      ephemeral-device: '10G'
+      ephemeral-device: '40G'
     options:
       config-flags: auto_assign_floating_ip=False
       enable-live-migration: false
-      aa-profile-mode: enforce
+      # disable apparmor because of https://bugs.launchpad.net/charm-nova-compute/+bug/1979812
+      # aa-profile-mode: enforce
       #ephemeral-device: /dev/vdb
       #ephemeral-unmount: /mnt
       debug: true
@@ -161,8 +163,18 @@ applications:
     to:
       - '11'
 
+  cinder-lvm:
+    charm: ch:cinder-lvm
+    options:
+      block-device: "/mnt/cinder-lvm-block|20G"
+      config-flags: "target_helper=lioadm"
+    channel: wallaby/edge
+
 relations:
 
+  - - 'cinder:storage-backend'
+    - 'cinder-lvm:storage-backend'
+
   - - 'nova-compute:image-service'
     - 'glance:image-service'