Add a nova section to cinder configuration

Cinder needs to send notifications to nova when attached volumes are being extended. By default, cinder uses the client context for this, but nova requires admin privileges for this. So we configure cinder to use the nova service user instead. See also [0]. Added minor version bump for stable branch. (cherry picked from commit f6c6e8b180) [0] https://bugs.launchpad.net/openstack-ansible/+bug/1902914 Change-Id: Ib4c6820dd15ecfa3e3763c188e0a2cc322ecea55
2021-03-04 14:09:57 +01:00 · 2021-03-04 14:09:57 +01:00 · 4eda4565c0
parent bb9b634f17
commit 4eda4565c0
4 changed files with 16 additions and 3 deletions
--- a/attributes/cinder_conf.rb
+++ b/attributes/cinder_conf.rb
@ -15,6 +15,12 @@ default['openstack']['block-storage']['conf'].tap do |conf|
  conf['keystone_authtoken']['project_name'] = 'service'
  conf['keystone_authtoken']['user_domain_name'] = 'Default'
  conf['keystone_authtoken']['project_domain_name'] = 'Default'
+  conf['nova']['auth_type'] = 'password'
+  conf['nova']['region_name'] = node['openstack']['region']
+  conf['nova']['username'] = 'nova'
+  conf['nova']['project_name'] = 'service'
+  conf['nova']['user_domain_name'] = 'Default'
+  conf['nova']['project_domain_name'] = 'Default'

  conf['oslo_concurrency']['lock_path'] = '/var/lib/cinder/tmp'
 end
--- a/metadata.rb
+++ b/metadata.rb
@ -3,7 +3,7 @@ maintainer       'Chef OpenStack'
 maintainer_email 'openstack-discuss@lists.openstack.org'
 license          'Apache-2.0'
 description      'The OpenStack Advanced Volume Management service Cinder.'
-version          '19.1.0'
+version          '19.2.0'

 %w(ubuntu redhat centos).each do |os|
  supports os
--- a/recipes/cinder-common.rb
+++ b/recipes/cinder-common.rb
@ -57,6 +57,12 @@ node.default['openstack']['block-storage']['conf_secrets']
  .[]('keystone_authtoken')['password'] =
  get_password 'service', 'openstack-block-storage'

+if node['openstack']['block-storage']['conf']['nova']['auth_type'] == 'password'
+  node.default['openstack']['block-storage']['conf_secrets']
+  .[]('nova')['password'] =
+    get_password 'service', 'openstack-compute'
+end
+
 auth_url = identity_endpoint.to_s

 directory '/etc/cinder' do
@ -72,6 +78,7 @@ node.default['openstack']['block-storage']['conf'].tap do |conf|
  conf['DEFAULT']['osapi_volume_listen'] = cinder_api_bind_address
  conf['DEFAULT']['osapi_volume_listen_port'] = cinder_api_bind['port']
  conf['keystone_authtoken']['auth_url'] = auth_url
+  conf['nova']['auth_url'] = auth_url
 end

 # Todo(jr): Make this configurable depending on backend to be used
--- a/spec/api_spec.rb
+++ b/spec/api_spec.rb
@ -45,7 +45,7 @@ describe 'openstack-block-storage::api' do
            daemon_process: 'cinder-wsgi',
            group: 'cinder',
            log_dir: '/var/log/apache2',
-            run_dir: '/var/lock/apache2',
+            run_dir: '/var/lock',
            server_entry: '/usr/bin/cinder-wsgi',
            server_host: '127.0.0.1',
            server_port: '8776',
@ -61,7 +61,7 @@ describe 'openstack-block-storage::api' do
          %r{WSGIScriptAlias / /usr/bin/cinder-wsgi},
          %r{ErrorLog /var/log/apache2/cinder-wsgi_error.log},
          %r{CustomLog /var/log/apache2/cinder-wsgi_access.log combined},
-          %r{WSGISocketPrefix /var/lock/apache2},
+          %r{WSGISocketPrefix /var/lock},
        ].each do |line|
          expect(chef_run).to render_file(file).with_content(line)
        end