This effectively adds barbican-api to the deployment in scenario002
and uses it to provide encrypted volumes for cinder that a nova
instance boots from in the test.
Change-Id: I132e346755fb49c9563247b4404be06b97f77872
resource_registry:
OS::TripleO::Controller::Net::SoftwareConfig: ../common/net-config-multinode.yaml
OS::TripleO::Compute::Net::SoftwareConfig: ../common/net-config-multinode.yaml
+ OS::TripleO::Services::BarbicanApi: /usr/share/openstack-tripleo-heat-templates/puppet/services/barbican-api.yaml
parameter_defaults:
ControllerServices:
- OS::TripleO::Services::SwiftProxy
- OS::TripleO::Services::SwiftStorage
- OS::TripleO::Services::SwiftRingBuilder
+ - OS::TripleO::Services::BarbicanApi
ControllerExtraConfig:
nova::compute::libvirt::services::libvirt_virt_type: qemu
nova::compute::libvirt::libvirt_virt_type: qemu
router_id: { get_resource: router }
subnet_id: { get_resource: private_subnet }
+ luks_volume_type:
+ type: OS::Cinder::VolumeType
+ properties:
+ name: LUKS
+
+ encrypted_volume_type:
+ type: OS::Cinder::EncryptedVolumeType
+ properties:
+ volume_type: {get_resource: luks_volume_type}
+ provider: nova.volume.encryptors.luks.LuksEncryptor
+ cipher: aes-xts-plain64
+ control_location: front-end
+ key_size: 256
+
volume1:
type: OS::Cinder::Volume
+ depends_on: encrypted_volume_type
properties:
name: Volume1
image: { get_param: image }
size: 1
+ volume_type: {get_resource: luks_volume_type}
server1:
type: OS::Nova::Server
Code Review / apex-tripleo-heat-templates.git / commitdiff