Browse Source

nova/libvirt: switch vnc server binding

On compute nodes, instead of binding vnc server on 0.0.0.0, use the IP
address provided by libvirt's t-h-t profile (hiera).

Co-Authored-By: Juan Antonio Osorio Robles <jaosorior@redhat.com>
Depends-On: Ie377c09734e9f6170daa519aed69c53fc67c366b
Change-Id: If6b116b238a52144aad5e76c9edc7df6aa15313c
Closes-Bug: #1660099
Emilien Macchi 2 years ago
parent
commit
6556123395

+ 1
- 12
manifests/profile/base/nova/compute/libvirt.pp View File

@@ -40,24 +40,13 @@ class tripleo::profile::base::nova::compute::libvirt (
40 40
       }
41 41
     }
42 42
 
43
-    # TODO(emilien): Some work needs to be done in puppet-nova to separate nova-compute config
44
-    # when running libvirt and libvirt itself, so we allow micro-services deployments.
45
-    if str2bool(hiera('nova::use_ipv6', false)) {
46
-      $vncserver_listen = '::0'
47
-    } else {
48
-      $vncserver_listen = '0.0.0.0'
49
-    }
50
-
51 43
     if $rbd_ephemeral_storage {
52 44
       class { '::nova::compute::libvirt':
53 45
         libvirt_disk_cachemodes => ['network=writeback'],
54 46
         libvirt_hw_disk_discard => 'unmap',
55
-        vncserver_listen        => $vncserver_listen,
56 47
       }
57 48
     } else {
58
-      class { '::nova::compute::libvirt' :
59
-        vncserver_listen => $vncserver_listen,
60
-      }
49
+      include ::nova::compute::libvirt
61 50
     }
62 51
 
63 52
     include ::nova::compute::libvirt::qemu

+ 7
- 0
releasenotes/notes/vncserver_listen-4417377cac38464c.yaml View File

@@ -0,0 +1,7 @@
1
+---
2
+features:
3
+  - Configure VNC server to be binded on internal network interface on compute nodes.
4
+    This value comes from tripleo-heat-templates and is configured by default to use
5
+    an IP address from the internal API network.
6
+    We use the ServiceNetMap in tripleo-heat-templates to compute the IP address, and we won't
7
+    configure 0.0.0.0 anymore as it used to open the binding to any network, which is unsecure.

Loading…
Cancel
Save