Note
Before proceeding with the manual steps below, verify that you have performed the steps described in Apply maintenance updates.
[33721] Fixed the issue with forbidden requests to metadata from a VM due to the missing metadata secret in the Reclass model.
To apply the issue resolution:
Log in to the Salt Master node.
In classes/cluster/<cluster_name>/opencontrail/compute.yml, replace the
following pillar:
parameters:
_param:
opencontrail_compute_address: ${_param:tenant_address}
{%- if cookiecutter.get('kubernetes_enabled','False') == 'False' and cookiecutter.openstack_enabled == 'True' %}
{%- if cookiecutter.get('openstack_metadata_password_generated') %}
opencontrail:
compute:
metadata:
secret: ${_param:openstack_metadata_password_generated}
{%- endif %}
with:
parameters:
_param:
opencontrail_compute_address: ${_param:tenant_address}
{%- if cookiecutter.openstack_enabled == 'True' %}
opencontrail:
compute:
metadata:
secret: ${_param:openstack_metadata_password_generated}
Apply the opencontrail.compute state:
salt -C 'I@opencontrail:compute' state.apply opencontrail.compute exclude=opentonrail.client