diff --git a/manifests/profile/base/nova/compute/libvirt.pp b/manifests/profile/base/nova/compute/libvirt.pp
index 6767f6b39..cc9beb6ad 100644
--- a/manifests/profile/base/nova/compute/libvirt.pp
+++ b/manifests/profile/base/nova/compute/libvirt.pp
@@ -40,24 +40,13 @@ class tripleo::profile::base::nova::compute::libvirt (
       }
     }
 
-    # TODO(emilien): Some work needs to be done in puppet-nova to separate nova-compute config
-    # when running libvirt and libvirt itself, so we allow micro-services deployments.
-    if str2bool(hiera('nova::use_ipv6', false)) {
-      $vncserver_listen = '::0'
-    } else {
-      $vncserver_listen = '0.0.0.0'
-    }
-
     if $rbd_ephemeral_storage {
       class { '::nova::compute::libvirt':
         libvirt_disk_cachemodes => ['network=writeback'],
         libvirt_hw_disk_discard => 'unmap',
-        vncserver_listen        => $vncserver_listen,
       }
     } else {
-      class { '::nova::compute::libvirt' :
-        vncserver_listen => $vncserver_listen,
-      }
+      include ::nova::compute::libvirt
     }
 
     include ::nova::compute::libvirt::qemu
diff --git a/releasenotes/notes/vncserver_listen-4417377cac38464c.yaml b/releasenotes/notes/vncserver_listen-4417377cac38464c.yaml
new file mode 100644
index 000000000..0c0f8eab0
--- /dev/null
+++ b/releasenotes/notes/vncserver_listen-4417377cac38464c.yaml
@@ -0,0 +1,7 @@
+---
+features:
+  - Configure VNC server to be binded on internal network interface on compute nodes.
+    This value comes from tripleo-heat-templates and is configured by default to use
+    an IP address from the internal API network.
+    We use the ServiceNetMap in tripleo-heat-templates to compute the IP address, and we won't
+    configure 0.0.0.0 anymore as it used to open the binding to any network, which is unsecure.