Make nova only use the nova account
Each service should only be using that service's user account within its configuration, in order to reduce the possible impact of credential leaks. Start with nova, other services will follow. Change-Id: I6b3fef5de05d5e0cc032b83a2ed834f1c997a048
This commit is contained in:
parent
b67c20eca5
commit
696dbdf045
@ -485,7 +485,7 @@ function create_nova_conf_neutron {
|
|||||||
local conf=${1:-$NOVA_CONF}
|
local conf=${1:-$NOVA_CONF}
|
||||||
iniset $conf neutron auth_type "password"
|
iniset $conf neutron auth_type "password"
|
||||||
iniset $conf neutron auth_url "$KEYSTONE_SERVICE_URI"
|
iniset $conf neutron auth_url "$KEYSTONE_SERVICE_URI"
|
||||||
iniset $conf neutron username "$Q_ADMIN_USERNAME"
|
iniset $conf neutron username nova
|
||||||
iniset $conf neutron password "$SERVICE_PASSWORD"
|
iniset $conf neutron password "$SERVICE_PASSWORD"
|
||||||
iniset $conf neutron user_domain_name "$SERVICE_DOMAIN_NAME"
|
iniset $conf neutron user_domain_name "$SERVICE_DOMAIN_NAME"
|
||||||
iniset $conf neutron project_name "$SERVICE_PROJECT_NAME"
|
iniset $conf neutron project_name "$SERVICE_PROJECT_NAME"
|
||||||
|
2
lib/nova
2
lib/nova
@ -640,7 +640,7 @@ function configure_placement_nova_compute {
|
|||||||
local conf=${1:-$NOVA_CONF}
|
local conf=${1:-$NOVA_CONF}
|
||||||
iniset $conf placement auth_type "password"
|
iniset $conf placement auth_type "password"
|
||||||
iniset $conf placement auth_url "$KEYSTONE_SERVICE_URI"
|
iniset $conf placement auth_url "$KEYSTONE_SERVICE_URI"
|
||||||
iniset $conf placement username placement
|
iniset $conf placement username nova
|
||||||
iniset $conf placement password "$SERVICE_PASSWORD"
|
iniset $conf placement password "$SERVICE_PASSWORD"
|
||||||
iniset $conf placement user_domain_name "$SERVICE_DOMAIN_NAME"
|
iniset $conf placement user_domain_name "$SERVICE_DOMAIN_NAME"
|
||||||
iniset $conf placement project_name "$SERVICE_TENANT_NAME"
|
iniset $conf placement project_name "$SERVICE_TENANT_NAME"
|
||||||
|
Loading…
Reference in New Issue
Block a user