Set service_token_roles params for nova, glance and cinder PROD-32906 Change-Id: I2ad3d6d05c70d998c868419ffd588be7ab3ae8b0

commit: 000d2ff926b28aac50388ae0cca790b5dcb384cd [log] [tgz]
author: Ivan Berezovskiy <iberezovskiy@mirantis.com> Thu Aug 29 13:32:01 2019 +0400
committer: Ivan Berezovskiy <iberezovskiy@mirantis.com> Thu Aug 29 13:34:37 2019 +0400
tree: d3341707d2dee61b6658f35b7dbd9f605637cf3f
parent: cc9a8c70a7acc2e62a32b895269655532c6ed050 [diff]
diff --git a/cinder/control/cluster.yml b/cinder/control/cluster.yml
index f881efc..245c859 100644
--- a/cinder/control/cluster.yml
+++ b/cinder/control/cluster.yml

@@ -54,6 +54,8 @@
         user: ${_param:keystone_cinder_username}
         password: ${_param:keystone_cinder_password}
         protocol: ${_param:cluster_internal_protocol}
+        service_token_roles: admin
+        service_token_roles_required: true
       service_user:
         enabled: ${_param:cinder_service_user_enabled}
       glance:

diff --git a/cinder/control/single.yml b/cinder/control/single.yml
index 6ddbdd4..c3030e5 100644
--- a/cinder/control/single.yml
+++ b/cinder/control/single.yml

@@ -37,6 +37,8 @@
         password: ${_param:keystone_cinder_password}
         protocol: ${_param:internal_protocol}
         region: ${_param:openstack_region}
+        service_token_roles: admin
+        service_token_roles_required: true
       service_user:
         enabled: ${_param:cinder_service_user_enabled}
       barbican:

diff --git a/cinder/volume/local.yml b/cinder/volume/local.yml
index 3648ad9..425998d 100644
--- a/cinder/volume/local.yml
+++ b/cinder/volume/local.yml

@@ -38,6 +38,8 @@
         password: ${_param:keystone_cinder_password}
         host: ${_param:single_address}
         region: ${_param:openstack_region}
+        service_token_roles: admin
+        service_token_roles_required: true
       service_user:
         enabled: ${_param:cinder_service_user_enabled}
       cache:

diff --git a/cinder/volume/single.yml b/cinder/volume/single.yml
index 52ecaf1..220601c 100644
--- a/cinder/volume/single.yml
+++ b/cinder/volume/single.yml

@@ -49,6 +49,8 @@
         host: ${_param:openstack_control_address}
         protocol: ${_param:cluster_internal_protocol}
         region: ${_param:openstack_region}
+        service_token_roles: admin
+        service_token_roles_required: true
       service_user:
         enabled: ${_param:cinder_service_user_enabled}
       cache:

diff --git a/glance/control/cluster.yml b/glance/control/cluster.yml
index 763ad09..0eae619 100644
--- a/glance/control/cluster.yml
+++ b/glance/control/cluster.yml

@@ -55,6 +55,8 @@
         region: ${_param:openstack_region}
         tenant: service
         protocol: ${_param:cluster_internal_protocol}
+        service_token_roles: admin
+        service_token_roles_required: true
       barbican:
         enabled: ${_param:barbican_integration_enabled}
       message_queue:

diff --git a/glance/control/single.yml b/glance/control/single.yml
index 24e9c3f..160d26d 100644
--- a/glance/control/single.yml
+++ b/glance/control/single.yml

@@ -29,6 +29,8 @@
       identity:
         region: ${_param:openstack_region}
         protocol: ${_param:internal_protocol}
+        service_token_roles: admin
+        service_token_roles_required: true
       registry:
         protocol: ${_param:internal_protocol}
       barbican:

diff --git a/nova/compute/cluster.yml b/nova/compute/cluster.yml
index 94e4157..8a7b362 100644
--- a/nova/compute/cluster.yml
+++ b/nova/compute/cluster.yml

@@ -43,6 +43,8 @@
         password: ${_param:keystone_nova_password}
         tenant: service
         protocol: ${_param:cluster_internal_protocol}
+        service_token_roles: admin
+        service_token_roles_required: true
       service_user:
         enabled: ${_param:nova_service_user_enabled}
       barbican:

diff --git a/nova/compute/single.yml b/nova/compute/single.yml
index 287442e..44077a8 100644
--- a/nova/compute/single.yml
+++ b/nova/compute/single.yml

@@ -42,6 +42,8 @@
         tenant: service
         protocol: ${_param:cluster_internal_protocol}
         region: ${_param:openstack_region}
+        service_token_roles: admin
+        service_token_roles_required: true
       barbican:
         enabled: ${_param:barbican_integration_enabled}
       service_user:

diff --git a/nova/control/cluster.yml b/nova/control/cluster.yml
index e7f76fa..359d0d6 100644
--- a/nova/control/cluster.yml
+++ b/nova/control/cluster.yml

@@ -62,6 +62,8 @@
         password: ${_param:keystone_nova_password}
         tenant: service
         protocol: ${_param:cluster_internal_protocol}
+        service_token_roles: admin
+        service_token_roles_required: true
       service_user:
         enabled: ${_param:nova_service_user_enabled}
       barbican:

diff --git a/nova/control/single.yml b/nova/control/single.yml
index 0108af6..cbdfddb 100644
--- a/nova/control/single.yml
+++ b/nova/control/single.yml

@@ -26,6 +26,8 @@
       identity:
         protocol: ${_param:cluster_internal_protocol}
         region: ${_param:openstack_region}
+        service_token_roles: admin
+        service_token_roles_required: true
       service_user:
         enabled: ${_param:nova_service_user_enabled}
       network:
commit	000d2ff926b28aac50388ae0cca790b5dcb384cd	[log] [tgz]
author	Ivan Berezovskiy <iberezovskiy@mirantis.com>	Thu Aug 29 13:32:01 2019 +0400
committer	Ivan Berezovskiy <iberezovskiy@mirantis.com>	Thu Aug 29 13:34:37 2019 +0400
tree	d3341707d2dee61b6658f35b7dbd9f605637cf3f
parent	cc9a8c70a7acc2e62a32b895269655532c6ed050 [diff]