Merge "Give ironic-inspector system scope `all
`"
This commit is contained in:
commit
5a9e268453
ansible/roles/ironic
releasenotes/notes
@ -370,6 +370,9 @@ ironic_ks_user_roles:
|
|||||||
- project: "service"
|
- project: "service"
|
||||||
user: "{{ ironic_inspector_keystone_user }}"
|
user: "{{ ironic_inspector_keystone_user }}"
|
||||||
role: "service"
|
role: "service"
|
||||||
|
- system: "all"
|
||||||
|
user: "{{ ironic_inspector_keystone_user }}"
|
||||||
|
role: "service"
|
||||||
|
|
||||||
####################
|
####################
|
||||||
# TLS
|
# TLS
|
||||||
|
@ -29,14 +29,13 @@ rabbit_quorum_queue = true
|
|||||||
{% if ironic_enable_keystone_integration | bool %}
|
{% if ironic_enable_keystone_integration | bool %}
|
||||||
auth_url = {{ keystone_internal_url }}
|
auth_url = {{ keystone_internal_url }}
|
||||||
auth_type = password
|
auth_type = password
|
||||||
project_domain_id = {{ default_project_domain_id }}
|
|
||||||
user_domain_id = {{ default_user_domain_id }}
|
user_domain_id = {{ default_user_domain_id }}
|
||||||
project_name = service
|
|
||||||
username = {{ ironic_inspector_keystone_user }}
|
username = {{ ironic_inspector_keystone_user }}
|
||||||
password = {{ ironic_inspector_keystone_password }}
|
password = {{ ironic_inspector_keystone_password }}
|
||||||
valid_interfaces = internal
|
valid_interfaces = internal
|
||||||
cafile = {{ openstack_cacert }}
|
cafile = {{ openstack_cacert }}
|
||||||
region_name = {{ openstack_region_name }}
|
region_name = {{ openstack_region_name }}
|
||||||
|
system_scope = all
|
||||||
{% else %}
|
{% else %}
|
||||||
auth_type = none
|
auth_type = none
|
||||||
endpoint_override = {{ ironic_internal_endpoint }}
|
endpoint_override = {{ ironic_internal_endpoint }}
|
||||||
|
@ -0,0 +1,12 @@
|
|||||||
|
---
|
||||||
|
upgrade:
|
||||||
|
- |
|
||||||
|
The ``ironic-inspector`` service user is now assigned the system scope
|
||||||
|
``all``. If you have overridden the default list of role assignments, you
|
||||||
|
should make this change too.
|
||||||
|
fixes:
|
||||||
|
- |
|
||||||
|
The ``ironic-inspector`` service user is now assigned the system scope
|
||||||
|
``all``. This allows it to create baremetal ports during node inspection
|
||||||
|
again.
|
||||||
|
`LP#2064655 <https://bugs.launchpad.net/kolla-ansible/+bug/2064655>`__
|
Loading…
x
Reference in New Issue
Block a user