tripleo

  1. Bug #1720787
  2. Comment #3

Comment 3 for bug 1720787

Revision history for this message
John Fulton (jfulton-org) wrote :

This bug requires different fixes depending on if the deployment is containerized or not.

Containerized deployment:
1. have kolla copy in the key files so that they are owned by the user in each container, e.g. nova, cinder, etc and chmod 600
- https://review.openstack.org/#/c/508975/

Non-containerized deployemtn:
2. update THT to indicate that the keys should be chmod 600 but also set ACLs for each user; e.g. nova, cinder, etc
- https://review.openstack.org/#/c/509020/

3. update puppet-ceph to that it supports ACLs
- https://review.openstack.org/#/c/509021/

The above are WIPs under revision