Update nova::compute::libvirt for bug 1720787
Nova compute was missed in the backporting of the related patch. This resulted in the correct acls for the nova user not being applied. This patch adds code missed by patch https://review.openstack.org/#/c/517347/ Change-Id: Ie968e6abc6969c37be0a62ac45999093120673d4 Related-Bug: 1720787
This commit is contained in:
parent
f9929aec65
commit
74760363a0
|
@ -18,12 +18,17 @@
|
|||
#
|
||||
# === Parameters
|
||||
#
|
||||
# [*nova_rbd_client_name*]
|
||||
# (optional) name of RBD client
|
||||
# defaults to hiera('nova::compute::rbd::libvirt_rbd_user')
|
||||
#
|
||||
# [*step*]
|
||||
# (Optional) The current step in deployment. See tripleo-heat-templates
|
||||
# for more details.
|
||||
# Defaults to hiera('step')
|
||||
#
|
||||
class tripleo::profile::base::nova::compute::libvirt (
|
||||
$nova_rbd_client_name = hiera('nova::compute::rbd::libvirt_rbd_user','openstack'),
|
||||
$step = hiera('step'),
|
||||
) {
|
||||
if $step >= 4 {
|
||||
|
@ -38,6 +43,12 @@ class tripleo::profile::base::nova::compute::libvirt (
|
|||
class { '::nova::compute::rbd':
|
||||
libvirt_rbd_secret_key => $client_keys[$client_user]['secret'],
|
||||
}
|
||||
exec{ "exec-setfacl-${nova_rbd_client_name}-nova":
|
||||
path => ['/bin', '/usr/bin'],
|
||||
command => "setfacl -m u:nova:r-- /etc/ceph/ceph.client.${nova_rbd_client_name}.keyring",
|
||||
unless => "getfacl /etc/ceph/ceph.client.${nova_rbd_client_name}.keyring | grep -q user:nova:r--",
|
||||
}
|
||||
Ceph::Key<| title == "client.${nova_rbd_client_name}" |> -> Exec["exec-setfacl-${nova_rbd_client_name}-nova"]
|
||||
}
|
||||
|
||||
if $rbd_ephemeral_storage {
|
||||
|
|
Loading…
Reference in New Issue