Configure cinder's access to the nova API

Configure cinder to use the nova API's admin endpoint instead of the default public endpoint. Add the necessary auth credentials so that cinder can access nova's API as a privileged user, which is required for certain actions (see [1]). [1] https://git.openstack.org/cgit/openstack/cinder/tree/cinder/compute/nova.py#n86 Closes-Bug: #1802347 Depends-On: I925e25bcc352955560fc449fc5287e56beb12ca3 Depends-On: Ia357ea41f8472d47e266d853f120a14b767e880d Change-Id: Ic0eef51c1dafd4a1378f5317390e7c09f1d429cd (cherry picked from commit f49ca18155)
2018-11-08 13:43:17 -05:00 · 2018-11-08 13:43:17 -05:00 · c7e16c3e7a
parent 3e641e196a
commit c7e16c3e7a
1 changed files with 8 additions and 0 deletions
--- a/puppet/services/cinder-base.yaml
+++ b/puppet/services/cinder-base.yaml
@ -102,6 +102,10 @@ parameters:
        Messaging client subscriber parameter to specify
        an SSL connection to the messaging host.
    type: string
+  NovaPassword:
+    type: string
+    description: The password for the nova service and db account
+    hidden: true

 conditions:
  service_debug_unset: {equals : [{get_param: CinderDebug}, '']}
@ -144,3 +148,7 @@ outputs:
        cinder::cron::db_purge::age: {get_param: CinderCronDbPurgeAge}
        cinder::cron::db_purge::destination: {get_param: CinderCronDbPurgeDestination}
        cinder::glance::glance_api_servers: {get_param: [EndpointMap, GlanceInternal, uri]}
+        cinder::nova::interface: admin
+        cinder::nova::auth_type: password
+        cinder::nova::auth_url: {get_param: [EndpointMap, KeystoneInternal, uri]}
+        cinder::nova::password: {get_param: NovaPassword}