From eebe32a1284cfeb07c03213c93fbd823592812f9 Mon Sep 17 00:00:00 2001
From: Will Szumski <will@stackhpc.com>
Date: Thu, 14 Nov 2024 10:21:32 +0000
Subject: [PATCH 1/2] Update docs for client.cinder to support COW snapshots

This is to support copy on write snapshots:

```
Performing standard snapshot because direct snapshot failed: no write permission on storage pool images: nova.exception.Forbidden: no write permission on storage pool images
```

when using ceph for nova ephemeral storage. My preferrence is for a
standardised configuration rather than another if you use this feature,
do this.
---
 doc/source/configuration/cephadm.rst                   |  2 +-
 etc/kayobe/environments/aufn-ceph/cephadm.yml          |  2 +-
 etc/kayobe/environments/ci-multinode/cephadm.yml       |  2 +-
 ...ons-on-images-for-cinder-user-3154b995916ee27e.yaml | 10 ++++++++++
 4 files changed, 13 insertions(+), 3 deletions(-)
 create mode 100644 releasenotes/notes/adjust-ceph-permissions-on-images-for-cinder-user-3154b995916ee27e.yaml

diff --git a/doc/source/configuration/cephadm.rst b/doc/source/configuration/cephadm.rst
index 6f44eb765..7dfaaad40 100644
--- a/doc/source/configuration/cephadm.rst
+++ b/doc/source/configuration/cephadm.rst
@@ -243,7 +243,7 @@ for Cinder, Cinder backup, Glance, and Nova in Kolla Ansible.
      - name: client.cinder
        caps:
          mon: "profile rbd"
-         osd: "profile rbd pool=volumes, profile rbd pool=vms, profile rbd-read-only pool=images"
+         osd: "profile rbd pool=volumes, profile rbd pool=vms, profile rbd pool=images"
          mgr: "profile rbd pool=volumes, profile rbd pool=vms"
      - name: client.cinder-backup
        caps:
diff --git a/etc/kayobe/environments/aufn-ceph/cephadm.yml b/etc/kayobe/environments/aufn-ceph/cephadm.yml
index 2b8457dca..52ebe77b9 100644
--- a/etc/kayobe/environments/aufn-ceph/cephadm.yml
+++ b/etc/kayobe/environments/aufn-ceph/cephadm.yml
@@ -46,7 +46,7 @@ cephadm_keys:
   - name: client.cinder
     caps:
       mon: "profile rbd"
-      osd: "profile rbd pool=volumes, profile rbd pool=vms, profile rbd-read-only pool=images"
+      osd: "profile rbd pool=volumes, profile rbd pool=vms, profile rbd pool=images"
       mgr: "profile rbd pool=volumes, profile rbd pool=vms"
     state: present
   - name: client.cinder-backup
diff --git a/etc/kayobe/environments/ci-multinode/cephadm.yml b/etc/kayobe/environments/ci-multinode/cephadm.yml
index 7885a5735..7095ea70c 100644
--- a/etc/kayobe/environments/ci-multinode/cephadm.yml
+++ b/etc/kayobe/environments/ci-multinode/cephadm.yml
@@ -47,7 +47,7 @@ cephadm_keys:
   - name: client.cinder
     caps:
       mon: "profile rbd"
-      osd: "profile rbd pool=volumes, profile rbd pool=vms, profile rbd-read-only pool=images"
+      osd: "profile rbd pool=volumes, profile rbd pool=vms, profile rbd pool=images"
       mgr: "profile rbd pool=volumes, profile rbd pool=vms"
     state: present
   - name: client.cinder-backup
diff --git a/releasenotes/notes/adjust-ceph-permissions-on-images-for-cinder-user-3154b995916ee27e.yaml b/releasenotes/notes/adjust-ceph-permissions-on-images-for-cinder-user-3154b995916ee27e.yaml
new file mode 100644
index 000000000..3ad148e5c
--- /dev/null
+++ b/releasenotes/notes/adjust-ceph-permissions-on-images-for-cinder-user-3154b995916ee27e.yaml
@@ -0,0 +1,10 @@
+---
+fixes:
+  - |
+    Adjusts the documented permissions for the images pool for the cinder user.
+    This is to support copy on write snaphots of vms using ceph backed
+    ephemeral storage. Existing deployments will need to manually adjust these
+    values using the CLI (the collection is currently not smart enough to do this):
+    ``ceph auth caps client.cinder mon 'profile rbd' osd 'profile rbd
+    pool=volumes, profile rbd pool=vms, profile rbd pool=images' mgr 'profile
+    rbd pool=volumes, profile rbd pool=vms'``.

From db739c22d8989b5fdb224e6620cf4455264b80e6 Mon Sep 17 00:00:00 2001
From: Will Szumski <will@stackhpc.com>
Date: Thu, 14 Nov 2024 11:01:30 +0000
Subject: [PATCH 2/2] Update
 releasenotes/notes/adjust-ceph-permissions-on-images-for-cinder-user-3154b995916ee27e.yaml

Co-authored-by: Alex-Welsh <112560678+Alex-Welsh@users.noreply.github.com>
---
 ...ermissions-on-images-for-cinder-user-3154b995916ee27e.yaml | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/releasenotes/notes/adjust-ceph-permissions-on-images-for-cinder-user-3154b995916ee27e.yaml b/releasenotes/notes/adjust-ceph-permissions-on-images-for-cinder-user-3154b995916ee27e.yaml
index 3ad148e5c..be142c63c 100644
--- a/releasenotes/notes/adjust-ceph-permissions-on-images-for-cinder-user-3154b995916ee27e.yaml
+++ b/releasenotes/notes/adjust-ceph-permissions-on-images-for-cinder-user-3154b995916ee27e.yaml
@@ -1,8 +1,8 @@
 ---
 fixes:
   - |
-    Adjusts the documented permissions for the images pool for the cinder user.
-    This is to support copy on write snaphots of vms using ceph backed
+    Adjusts the documented permissions for the images pool for the Cinder user.
+    This is to support copy on write snapshots of VMs using Ceph backed
     ephemeral storage. Existing deployments will need to manually adjust these
     values using the CLI (the collection is currently not smart enough to do this):
     ``ceph auth caps client.cinder mon 'profile rbd' osd 'profile rbd