Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Update cinder.conf defaults #257

Merged
merged 2 commits into from
Sep 8, 2023
Merged

Update cinder.conf defaults #257

merged 2 commits into from
Sep 8, 2023

Conversation

Akrog
Copy link
Contributor

@Akrog Akrog commented Sep 1, 2023

This patch updates the global defaults in 00-config.conf to:

  • Check service token roles in the KeyStone middleware.
  • Allow cloning of Glance image volumes when Glance is using Cinder as a backend.

Akrog added 2 commits September 1, 2023 12:01
@Akrog
Allow cloning when glance uses cinder as backend
93e45c3 
When Glance use Cinder as a backend we want create volume from image to
be more efficient and clone the original glance volume where the image
is instead of downloading the Glance image to local disk and then copy
the data to the new volume.

For that we need to tell Cinder that it's OK to do that with the Cinder
volumes using the `allowed_direct_url_schemes` configuration option.
@Akrog
Make keystone check the service tokens
03d2647 
When Cinder receives a service token in the header KeyStone middleware
checks that the token is valid, but it doesn't automatically check that
the role of the token is actually that of a service, for that it needs
to be explicitly told so.

This patch instructs KeyStone middleware to check the role of the
service token when it is present in a request using the
`service_token_roles_required` configuration option.
@openshift-ci openshift-ci bot added the approved label Sep 1, 2023
@Akrog
Copy link
Contributor Author

Akrog commented Sep 5, 2023

/retest

ASBishop
ASBishop approved these changes Sep 6, 2023
View reviewed changes
Copy link
Contributor

@ASBishop ASBishop left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

/lgtm

@openshift-ci openshift-ci bot added the lgtm label Sep 6, 2023
@openshift-ci
Copy link
Contributor

openshift-ci bot commented Sep 6, 2023

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: Akrog, ASBishop

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Needs approval from an approver in each of these files:

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

@Akrog
Copy link
Contributor Author

Akrog commented Sep 8, 2023

/retest

@openshift-merge-robot openshift-merge-robot merged commit 1b1e4ed into openstack-k8s-operators:main Sep 8, 2023
@SeanMooney SeanMooney mentioned this pull request Sep 20, 2023
Closed
ASBishop pushed a commit to ASBishop/cinder-operator that referenced this pull request Mar 11, 2024
@openshift-merge-robot
Merge pull request openstack-k8s-operators#257 from gibizer/nova-data…
3302433 
…plane-bump

Bump nova- and dataplane-operator
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@ASBishop ASBishop ASBishop approved these changes

@Sandeepyadav93 Sandeepyadav93 Awaiting requested review from Sandeepyadav93

Assignees

@ASBishop ASBishop

Labels
approved lgtm
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@Akrog @ASBishop @openshift-merge-robot