Add necessary parameters for encrypted volumes support

If barbican is set, it will configure cinder and nova-compute with
the necessary parameters to enable encrypted volumes to be created if
requested.

Change-Id: Id13811cf8e090706c590ffff46c237ff8131efd9

diff --git a/puppet/services/barbican-api.yaml b/puppet/services/barbican-api.yaml
index ab6b0ec..b266674 100644 (file)
--- a/puppet/services/barbican-api.yaml
+++ b/puppet/services/barbican-api.yaml
@@ -128,3 +128,17 @@ outputs:
           barbican::keystone::auth::password: {get_param: BarbicanPassword}
           barbican::keystone::auth::region: {get_param: KeystoneRegion}
           barbican::keystone::auth::tenant: 'service'
+        nova_compute:
+          nova::compute::keymgr_api_class: >
+            castellan.key_manager.barbican_key_manager.BarbicanKeyManager
+          nova::compute::barbican_endpoint:
+            get_param: [EndpointMap, BarbicanInternal, uri]
+          nova::compute::barbican_auth_endpoint:
+            get_param: [EndpointMap, KeystoneV3Internal, uri]
+        cinder_api:
+          cinder::api::keymgr_api_class: >
+            castellan.key_manager.barbican_key_manager.BarbicanKeyManager
+          cinder::api::keymgr_encryption_api_url:
+            get_param: [EndpointMap, BarbicanInternal, uri]
+          cinder::api::keymgr_encryption_auth_url:
+            get_param: [EndpointMap, KeystoneV3Internal, uri]