commit 81cbaa44337cd7ed979ff44acf00f3f584431ef6
Author: Dmitrii Shcherbakov <dmitrii.shcherbakov@canonical.com>
Date:   Thu Oct 8 18:20:38 2020 +0000

    Fix the Neutron OVN metadata service setup
    
    * Set the Nova metadata server address properly so that
      neutron-ovn-metadata-agents running on compute nodes forward the
      requests to the right place instead of trying to use 127.0.0.1;
    * generate a random secret instead of hard-coding one.
    
    Change-Id: I6525a4150808ef257bb7a8f49589c1151ca279b0

diff --git a/snap-overlay/bin/set-default-config.py b/snap-overlay/bin/set-default-config.py
index eeb86d4..b662707 100755
--- a/snap-overlay/bin/set-default-config.py
+++ b/snap-overlay/bin/set-default-config.py
@@ -79,6 +79,7 @@ def _setup_secrets():
             'config.credentials.neutron-password',
             'config.credentials.placement-password',
             'config.credentials.glance-password',
+            'config.credentials.ovn-metadata-proxy-shared-secret',
         ] if k not in existing_cred_keys
     })
 
diff --git a/snap-overlay/snap-openstack.yaml b/snap-overlay/snap-openstack.yaml
index 655fc83..dddff3e 100644
--- a/snap-overlay/snap-openstack.yaml
+++ b/snap-overlay/snap-openstack.yaml
@@ -108,6 +108,7 @@ setup:
     alerting_tag: 'config.alerting.tag'
     ovn_nb_connection: 'config.network.ovn-nb-connection'
     ovn_sb_connection: 'config.network.ovn-sb-connection'
+    ovn_metadata_proxy_shared_secret: 'config.credentials.ovn-metadata-proxy-shared-secret'
     setup_loop_based_cinder_lvm_backend: 'config.cinder.setup-loop-based-cinder-lvm-backend'
     lvm_backend_volume_group: 'config.cinder.lvm-backend-volume-group'
 entry_points:
diff --git a/snap-overlay/templates/neutron_ovn_metadata_agent.ini.j2 b/snap-overlay/templates/neutron_ovn_metadata_agent.ini.j2
index 2f0f674..ba10c54 100644
--- a/snap-overlay/templates/neutron_ovn_metadata_agent.ini.j2
+++ b/snap-overlay/templates/neutron_ovn_metadata_agent.ini.j2
@@ -1,5 +1,8 @@
 [DEFAULT]
-metadata_proxy_shared_secret = supersecret
+
+nova_metadata_host = {{ control_ip }}
+
+metadata_proxy_shared_secret = {{ ovn_metadata_proxy_shared_secret }}
 
 [ovs]
 ovsdb_connection = unix:{{ snap_common }}/run/openvswitch/db.sock
diff --git a/snap-overlay/templates/nova.conf.d.neutron.conf.j2 b/snap-overlay/templates/nova.conf.d.neutron.conf.j2
index 3cc31c6..1a717cb 100644
--- a/snap-overlay/templates/nova.conf.d.neutron.conf.j2
+++ b/snap-overlay/templates/nova.conf.d.neutron.conf.j2
@@ -10,4 +10,4 @@ project_name = service
 username = neutron
 password = {{ neutron_password }}
 service_metadata_proxy = True
-metadata_proxy_shared_secret = supersecret
+metadata_proxy_shared_secret = {{ ovn_metadata_proxy_shared_secret }}