...
|
...
|
@@ -1259,16 +1259,17 @@ if is_service_enabled g-reg; then
|
1259
|
1259
|
done
|
1260
|
1260
|
fi
|
1261
|
1261
|
|
1262
|
|
-# Create a randomized default value for the key manager's fixed_key
|
1263
|
|
-# NOTE(lyarwood): This is currently set to 36 as a workaround to the following
|
1264
|
|
-# libvirt bug that incorrectly pads passphrases that are a multiple of 16 bytes
|
1265
|
|
-# in length.
|
1266
|
|
-# Unable to use LUKS passphrase that is exactly 16 bytes long
|
1267
|
|
-# https://bugzilla.redhat.com/show_bug.cgi?id=1447297
|
|
1262
|
+# NOTE(lyarwood): By default use a single hardcoded fixed_key across devstack
|
|
1263
|
+# deployments. This ensures the keys match across nova and cinder across all
|
|
1264
|
+# hosts.
|
|
1265
|
+FIXED_KEY=${FIXED_KEY:-bae3516cc1c0eb18b05440eba8012a4a880a2ee04d584a9c1579445e675b12defdc716ec}
|
1268
|
1266
|
if is_service_enabled nova; then
|
1269
|
|
- key=$(generate_hex_string 36)
|
1270
|
|
- iniset $NOVA_CONF key_manager fixed_key "$key"
|
1271
|
|
- iniset $NOVA_CPU_CONF key_manager fixed_key "$key"
|
|
1267
|
+ iniset $NOVA_CONF key_manager fixed_key "$FIXED_KEY"
|
|
1268
|
+ iniset $NOVA_CPU_CONF key_manager fixed_key "$FIXED_KEY"
|
|
1269
|
+fi
|
|
1270
|
+
|
|
1271
|
+if is_service_enabled cinder; then
|
|
1272
|
+ iniset $CINDER_CONF key_manager fixed_key "$FIXED_KEY"
|
1272
|
1273
|
fi
|
1273
|
1274
|
|
1274
|
1275
|
# Launch the nova-api and wait for it to answer before continuing
|