Richard, each container has access to a host directory for its config under /etc/kolla/<container>.
Albert:
"I've added client.nova to the cinder keyring in my heat cluster. I'll perform the Train->Ussuri upgrade now and report back."
I don't really understand what you mean there. I think you need to pick a path:
1. go with the upstream default for ussuri, and use ceph.client.cinder.keyring for both nova and cinder. Your cinder keyring does have 'profile rbd pool=vms', so I'm surprised it doesn't work. You might want to try using the rbd client with the cinder keyring to check which pools it can access. (https://linux.die.net/man/8/rbd, use --id cinder as before).
2. stay with separate keys for nova and cinder. Set ceph_nova_keyring in globals.yml to ceph.client.nova.keyring.
Richard, each container has access to a host directory for its config under /etc/kolla/ <container> .
Albert:
"I've added client.nova to the cinder keyring in my heat cluster. I'll perform the Train->Ussuri upgrade now and report back."
I don't really understand what you mean there. I think you need to pick a path:
1. go with the upstream default for ussuri, and use ceph.client. cinder. keyring for both nova and cinder. Your cinder keyring does have 'profile rbd pool=vms', so I'm surprised it doesn't work. You might want to try using the rbd client with the cinder keyring to check which pools it can access. (https:/ /linux. die.net/ man/8/rbd, use --id cinder as before).
2. stay with separate keys for nova and cinder. Set ceph_nova_keyring in globals.yml to ceph.client. nova.keyring.