This bug requires different fixes depending on if the deployment is containerized or not.
Containerized deployment:
1. have kolla copy in the key files so that they are owned by the user in each container, e.g. nova, cinder, etc and chmod 600
- https://review.openstack.org/#/c/508975/
Non-containerized deployemtn:
2. update THT to indicate that the keys should be chmod 600 but also set ACLs for each user; e.g. nova, cinder, etc
- https://review.openstack.org/#/c/509020/
This bug requires different fixes depending on if the deployment is containerized or not.
Containerized deployment: /review. openstack. org/#/c/ 508975/
1. have kolla copy in the key files so that they are owned by the user in each container, e.g. nova, cinder, etc and chmod 600
- https:/
Non-containerized deployemtn: /review. openstack. org/#/c/ 509020/
2. update THT to indicate that the keys should be chmod 600 but also set ACLs for each user; e.g. nova, cinder, etc
- https:/
3. update puppet-ceph to that it supports ACLs /review. openstack. org/#/c/ 509021/
- https:/
The above are WIPs under revision