From 696dbdf045cbf1c1525bb25c005ce767d1c9e9b8 Mon Sep 17 00:00:00 2001 From: "Dr. Jens Harbott" Date: Tue, 9 Jul 2024 16:36:37 +0200 Subject: [PATCH] Make nova only use the nova account Each service should only be using that service's user account within its configuration, in order to reduce the possible impact of credential leaks. Start with nova, other services will follow. Change-Id: I6b3fef5de05d5e0cc032b83a2ed834f1c997a048 --- lib/neutron | 2 +- lib/nova | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/lib/neutron b/lib/neutron index a8cc953b0e..da21d46079 100644 --- a/lib/neutron +++ b/lib/neutron @@ -485,7 +485,7 @@ function create_nova_conf_neutron { local conf=${1:-$NOVA_CONF} iniset $conf neutron auth_type "password" iniset $conf neutron auth_url "$KEYSTONE_SERVICE_URI" - iniset $conf neutron username "$Q_ADMIN_USERNAME" + iniset $conf neutron username nova iniset $conf neutron password "$SERVICE_PASSWORD" iniset $conf neutron user_domain_name "$SERVICE_DOMAIN_NAME" iniset $conf neutron project_name "$SERVICE_PROJECT_NAME" diff --git a/lib/nova b/lib/nova index 7c6ffb2239..35c6893763 100644 --- a/lib/nova +++ b/lib/nova @@ -640,7 +640,7 @@ function configure_placement_nova_compute { local conf=${1:-$NOVA_CONF} iniset $conf placement auth_type "password" iniset $conf placement auth_url "$KEYSTONE_SERVICE_URI" - iniset $conf placement username placement + iniset $conf placement username nova iniset $conf placement password "$SERVICE_PASSWORD" iniset $conf placement user_domain_name "$SERVICE_DOMAIN_NAME" iniset $conf placement project_name "$SERVICE_TENANT_NAME"