diff --git a/playbooks/roles/os_nova/defaults/main.yml b/playbooks/roles/os_nova/defaults/main.yml
index f3cf6672a2..4d2226f9e1 100644
--- a/playbooks/roles/os_nova/defaults/main.yml
+++ b/playbooks/roles/os_nova/defaults/main.yml
@@ -173,6 +173,8 @@ nova_cert_program_name: nova-cert
 ## Nova compute
 nova_enable_instance_password: True
 nova_compute_program_name: nova-compute
+# TODO: This defaults to 'False' upstream, we should set this to 'False' in Liberty
+nova_force_config_drive: True
 
 ## Nova conductor
 nova_conductor_program_name: nova-conductor
@@ -267,6 +269,10 @@ nova_ceph_client_uuid: 517a4663-3927-44bc-9ea7-4a90e1cd4c66
 #  "compute:create": ""
 #  "compute:create:attach_network": ""
 
+## libvirtd config options
+nova_libvirtd_listen_tls: 1
+nova_libvirtd_listen_tcp: 0
+nova_libvirtd_auth_tcp: sasl
 
 ## Service Names
 nova_service_names:
diff --git a/playbooks/roles/os_nova/tasks/nova_compute_kvm.yml b/playbooks/roles/os_nova/tasks/nova_compute_kvm.yml
index 10cf4bb64d..1910945bd6 100644
--- a/playbooks/roles/os_nova/tasks/nova_compute_kvm.yml
+++ b/playbooks/roles/os_nova/tasks/nova_compute_kvm.yml
@@ -28,4 +28,40 @@
   tags:
     - nova-kvm
 
+- name: Set libvirtd config
+  template: >
+    src=libvirtd.conf.j2
+    dest=/etc/libvirt/libvirtd.conf
+    owner="root"
+    group="root"
+    mode=0644
+  notify: Restart libvirt-bin
+  tags:
+    - nova-kvm
+    - nova-libvirt
+
+- name: Set libvirt runtime options
+  lineinfile:
+    dest: "/etc/default/libvirt-bin"
+    line: 'libvirtd_opts="-d -l"'
+    regexp: "^libvirtd_opts="
+    backup: "yes"
+  when: nova_libvirtd_listen_tcp == 1
+  notify: Restart libvirt-bin
+  tags:
+    - nova-kvm
+    - nova-libvirt
+
+- name: Set libvirt runtime options
+  lineinfile:
+    dest: "/etc/default/libvirt-bin"
+    line: 'libvirtd_opts="-d"'
+    regexp: "^libvirtd_opts="
+    backup: "yes"
+  when: nova_libvirtd_listen_tcp == 0
+  notify: Restart libvirt-bin
+  tags:
+    - nova-kvm
+    - nova-libvirt
+
 - include: nova_compute_kvm_virsh_net_remove.yml
diff --git a/playbooks/roles/os_nova/templates/libvirtd.conf.j2 b/playbooks/roles/os_nova/templates/libvirtd.conf.j2
new file mode 100644
index 0000000000..5ecf21b12f
--- /dev/null
+++ b/playbooks/roles/os_nova/templates/libvirtd.conf.j2
@@ -0,0 +1,10 @@
+# {{ ansible_managed }}
+
+listen_tls = {{ nova_libvirtd_listen_tls }}
+listen_tcp = {{ nova_libvirtd_listen_tcp }}
+unix_sock_group = "libvirtd"
+unix_sock_ro_perms = "0777"
+unix_sock_rw_perms = "0770"
+auth_unix_ro = "none"
+auth_unix_rw = "none"
+auth_tcp = "{{ nova_libvirtd_auth_tcp }}"
diff --git a/playbooks/roles/os_nova/templates/nova.conf.j2 b/playbooks/roles/os_nova/templates/nova.conf.j2
index 0b37bb138a..ea9ce76d7d 100644
--- a/playbooks/roles/os_nova/templates/nova.conf.j2
+++ b/playbooks/roles/os_nova/templates/nova.conf.j2
@@ -108,7 +108,7 @@ vif_plugging_is_fatal = False
 default_ephemeral_format = ext4
 
 # Configdrive
-force_config_drive = always
+force_config_drive = {{ nova_force_config_drive }}
 
 # Policy
 max_age = {{ nova_max_age }}