diff options
author | Jenkins <jenkins@review.openstack.org> | 2017-08-14 23:01:54 +0000 |
---|---|---|
committer | Gerrit Code Review <review@openstack.org> | 2017-08-14 23:01:54 +0000 |
commit | adf6802f91986e33e9d6c5e710aca01db674dc40 (patch) | |
tree | 4a5c8f0b7529e09ec66113b865bd7a052493d984 /manifests/profile/base/cinder | |
parent | 8505a2dc0edeb4da8c02d68c7229c36800392cca (diff) | |
parent | 5ae3fab74381403cc76525ba3ff63a60836c17c1 (diff) |
Merge "Fix legacy nova/cinder encryption key manager configuration"
Diffstat (limited to 'manifests/profile/base/cinder')
-rw-r--r-- | manifests/profile/base/cinder/api.pp | 11 |
1 files changed, 10 insertions, 1 deletions
diff --git a/manifests/profile/base/cinder/api.pp b/manifests/profile/base/cinder/api.pp index 54880ad..892e4ed 100644 --- a/manifests/profile/base/cinder/api.pp +++ b/manifests/profile/base/cinder/api.pp @@ -43,6 +43,12 @@ # (Optional) Whether TLS in the internal network is enabled or not. # Defaults to hiera('enable_internal_tls', false) # +# [*keymgr_api_class*] +# (Optional) The encryption key manager API class. The default value +# ensures Cinder's legacy key manager is enabled when no hiera value is +# specified. +# Defaults to hiera('cinder::api::keymgr_api_class', 'cinder.keymgr.conf_key_mgr.ConfKeyManager') +# # [*step*] # (Optional) The current step in deployment. See tripleo-heat-templates # for more details. @@ -53,6 +59,7 @@ class tripleo::profile::base::cinder::api ( $certificates_specs = hiera('apache_certificates_specs', {}), $cinder_api_network = hiera('cinder_api_network', undef), $enable_internal_tls = hiera('enable_internal_tls', false), + $keymgr_api_class = hiera('cinder::api::keymgr_api_class', 'cinder.keymgr.conf_key_mgr.ConfKeyManager'), $step = Integer(hiera('step')), ) { if $::hostname == downcase($bootstrap_node) { @@ -75,7 +82,9 @@ class tripleo::profile::base::cinder::api ( } if $step >= 4 or ($step >= 3 and $sync_db) { - include ::cinder::api + class { '::cinder::api': + keymgr_api_class => $keymgr_api_class, + } include ::apache::mod::ssl class { '::cinder::wsgi::apache': ssl_cert => $tls_certfile, |