Add nova service user metadata Enable nova service user by default Change-Id: I42ac5f7b5ae54fb20ee2f1fd822ac76ee87c938a Related-Prod: PROD-27591 (cherry picked from commit e9ba5e4a951ec34521f1432f7b75c1b983ee8418) Add openstack service user soft param To configure the OpenStack services with service users globally Change-Id: Id5b1f4d199d3fc2d6abc623c7d2baf8d7bdab459 Related-Prod: PROD-27591, PROD-25985 (cherry picked from commit 0062ffe3c93b8360033e01e66e19dc2ff1d9b8ca)

commit: f8e71a5065e337b4f5b3bc6fc8813d20a6fe5052 [log] [tgz]
author: Oleksandr Bryndzii <obryndzii@mirantis.com> Tue Mar 05 17:16:48 2019 +0200
committer: Oleksandr Bryndzii <obryndzii@mirantis.com> Thu Mar 28 12:24:17 2019 +0200
tree: 9e71552c407ede6c8228f1e172988cc74fc2b0ea
parent: a224dd821a1cae0c30622c0f6b7b7069aaca1ba4 [diff]
diff --git a/defaults/openstack/init.yml b/defaults/openstack/init.yml
index e4f686b..e010e02 100644
--- a/defaults/openstack/init.yml
+++ b/defaults/openstack/init.yml

@@ -13,6 +13,7 @@
     openstack_share_service_host: ${_param:openstack_share_service_hostname}.${linux:system:domain}
     openstack_kmn_service_host: ${_param:openstack_kmn_service_hostname}.${linux:system:domain}
     openstack_telemetry_service_host: ${_param:openstack_telemetry_service_hostname}.${linux:system:domain}
+    openstack_service_user_enabled: True
     # SSL
     ceilometer_agent_ssl_enabled: False
     openstack_mysql_x509_enabled: False
@@ -40,12 +41,14 @@
     cinder_old_version: ${_param:openstack_old_version}
     cinder_version: ${_param:openstack_version}
     cinder_upgrade_enabled: ${_param:openstack_upgrade_enabled}
+    cinder_service_user_enabled: ${_param:openstack_service_user_enabled}
     # Nova
     nova_memcache_security_enabled: ${_param:openstack_memcache_security_enabled}
     nova_memcache_secret_key: ''
     nova_old_version: ${_param:openstack_old_version}
     nova_version: ${_param:openstack_version}
     nova_upgrade_enabled: ${_param:openstack_upgrade_enabled}
+    nova_service_user_enabled: ${_param:openstack_service_user_enabled}
     # Glance
     glance_memcache_security_enabled: ${_param:openstack_memcache_security_enabled}
     glance_memcache_secret_key: ''

diff --git a/nova/compute/cluster.yml b/nova/compute/cluster.yml
index 39fcd2d..4cc9ccf 100644
--- a/nova/compute/cluster.yml
+++ b/nova/compute/cluster.yml

@@ -42,6 +42,8 @@
         password: ${_param:keystone_nova_password}
         tenant: service
         protocol: ${_param:cluster_internal_protocol}
+      service_user:
+        enabled: ${_param:nova_service_user_enabled}
       barbican:
         enabled: ${_param:barbican_integration_enabled}
       message_queue:

diff --git a/nova/compute/single.yml b/nova/compute/single.yml
index ddcf583..e6b1a5b 100644
--- a/nova/compute/single.yml
+++ b/nova/compute/single.yml

@@ -43,6 +43,8 @@
         region: ${_param:openstack_region}
       barbican:
         enabled: ${_param:barbican_integration_enabled}
+      service_user:
+        enabled: ${_param:nova_service_user_enabled}
       message_queue:
         engine: rabbitmq
         host: ${_param:control_address}

diff --git a/nova/compute_ironic/cluster.yml b/nova/compute_ironic/cluster.yml
index a357ba8..7796fa1 100644
--- a/nova/compute_ironic/cluster.yml
+++ b/nova/compute_ironic/cluster.yml

@@ -25,6 +25,8 @@
         password: ${_param:keystone_nova_password}
         tenant: service
         protocol: ${_param:cluster_internal_protocol}
+      service_user:
+        enabled: ${_param:nova_service_user_enabled}
       message_queue:
         engine: rabbitmq
         port: 5672

diff --git a/nova/compute_ironic/single.yml b/nova/compute_ironic/single.yml
index fe5db6c..718ec59 100644
--- a/nova/compute_ironic/single.yml
+++ b/nova/compute_ironic/single.yml

@@ -25,6 +25,8 @@
         password: ${_param:keystone_nova_password}
         tenant: service
         protocol: ${_param:cluster_internal_protocol}
+      service_user:
+        enabled: ${_param:nova_service_user_enabled}
       message_queue:
         engine: rabbitmq
         port: 5672

diff --git a/nova/control/cluster.yml b/nova/control/cluster.yml
index 6591552..5533cf9 100644
--- a/nova/control/cluster.yml
+++ b/nova/control/cluster.yml

@@ -62,6 +62,8 @@
         password: ${_param:keystone_nova_password}
         tenant: service
         protocol: ${_param:cluster_internal_protocol}
+      service_user:
+        enabled: ${_param:nova_service_user_enabled}
       barbican:
         enabled: ${_param:barbican_integration_enabled}
       message_queue:

diff --git a/nova/control/single.yml b/nova/control/single.yml
index 9a0bc00..11a0f53 100644
--- a/nova/control/single.yml
+++ b/nova/control/single.yml

@@ -25,6 +25,8 @@
       identity:
         protocol: ${_param:cluster_internal_protocol}
         region: ${_param:openstack_region}
+      service_user:
+        enabled: ${_param:nova_service_user_enabled}
       network:
         protocol: ${_param:cluster_internal_protocol}
         region: ${_param:openstack_region}
commit	f8e71a5065e337b4f5b3bc6fc8813d20a6fe5052	[log] [tgz]
author	Oleksandr Bryndzii <obryndzii@mirantis.com>	Tue Mar 05 17:16:48 2019 +0200
committer	Oleksandr Bryndzii <obryndzii@mirantis.com>	Thu Mar 28 12:24:17 2019 +0200
tree	9e71552c407ede6c8228f1e172988cc74fc2b0ea
parent	a224dd821a1cae0c30622c0f6b7b7069aaca1ba4 [diff]