Don't store Nova DB credentials on compute nodes
Remove NovaDSN from overcloud compute. When using the Conductor the Nova compute service does not need access to the database. This patch removes all references to the Nova DSN in the overcloud compute templates. Change-Id: If75f480489b84002dd061c183dbee3572a8b63f1
This commit is contained in:
parent
b91f8cd492
commit
dfec68afbe
|
@ -12,7 +12,6 @@ resources:
|
|||
nova:
|
||||
compute_driver: { get_input: nova_compute_driver }
|
||||
compute_libvirt_type: { get_input: nova_compute_libvirt_type }
|
||||
db: {get_input: nova_dsn}
|
||||
debug: {get_input: debug}
|
||||
host: {get_input: nova_api_host}
|
||||
public_ip: {get_input: nova_public_ip}
|
||||
|
|
|
@ -196,8 +196,6 @@ parameters:
|
|||
NovaComputeLibvirtType:
|
||||
type: string
|
||||
default: ''
|
||||
NovaDSN:
|
||||
type: string
|
||||
NovaPassword:
|
||||
default: unset
|
||||
description: The password for the nova service account, used by nova-api.
|
||||
|
@ -260,7 +258,6 @@ resources:
|
|||
debug: {get_param: Debug}
|
||||
nova_compute_driver: {get_param: NovaComputeDriver}
|
||||
nova_compute_libvirt_type: {get_param: NovaComputeLibvirtType}
|
||||
nova_dsn: {get_param: NovaDSN}
|
||||
nova_public_ip: {get_param: NovaPublicIP}
|
||||
nova_api_host: {get_param: NovaApiHost}
|
||||
nova_password: {get_param: NovaPassword}
|
||||
|
|
|
@ -7,7 +7,6 @@ resources:
|
|||
nova:
|
||||
compute_driver: { get_input: nova_compute_driver }
|
||||
compute_libvirt_type: { get_input: nova_compute_libvirt_type }
|
||||
db: {get_input: nova_dsn}
|
||||
debug: {get_param: Debug}
|
||||
host: {get_input: nova_api_host}
|
||||
public_ip: {get_input: nova_public_ip}
|
||||
|
|
|
@ -153,8 +153,6 @@ parameters:
|
|||
NovaComputeLibvirtType:
|
||||
type: string
|
||||
default: ''
|
||||
NovaDSN:
|
||||
type: string
|
||||
NovaImage:
|
||||
type: string
|
||||
default: overcloud-compute
|
||||
|
@ -210,7 +208,6 @@ resources:
|
|||
input_values:
|
||||
nova_compute_driver: {get_param: NovaComputeDriver}
|
||||
nova_compute_libvirt_type: {get_param: NovaComputeLibvirtType}
|
||||
nova_dsn: {get_param: NovaDSN}
|
||||
nova_public_ip: {get_param: NovaPublicIP}
|
||||
nova_api_host: {get_param: NovaApiHost}
|
||||
nova_password: {get_param: NovaPassword}
|
||||
|
|
|
@ -420,18 +420,12 @@ resources:
|
|||
NeutronHost: {get_attr: [ControlVirtualIP, fixed_ips, 0, ip_address]}
|
||||
GlanceHost: {get_attr: [ControlVirtualIP, fixed_ips, 0, ip_address]}
|
||||
RabbitHost: {get_attr: [ControlVirtualIP, fixed_ips, 0, ip_address]}
|
||||
NovaDSN:
|
||||
Fn::Join:
|
||||
- ''
|
||||
- - mysql://nova:unset@
|
||||
- &compute_database_host {get_attr: [ControlVirtualIP, fixed_ips, 0, ip_address]}
|
||||
- /nova
|
||||
NovaPublicIP: {get_attr: [PublicVirtualIP, fixed_ips, 0, ip_address]}
|
||||
CeilometerDSN:
|
||||
Fn::Join:
|
||||
- ''
|
||||
- - mysql://ceilometer:unset@
|
||||
- *compute_database_host
|
||||
- &compute_database_host {get_attr: [ControlVirtualIP, fixed_ips, 0, ip_address]}
|
||||
- /ceilometer
|
||||
NeutronDSN:
|
||||
Fn::Join:
|
||||
|
|
|
@ -577,17 +577,11 @@ resources:
|
|||
RabbitUserName: {get_param: RabbitUserName}
|
||||
SnmpdReadonlyUserName: {get_param: SnmpdReadonlyUserName}
|
||||
SnmpdReadonlyUserPassword: {get_param: SnmpdReadonlyUserPassword}
|
||||
NovaDSN:
|
||||
list_join:
|
||||
- ''
|
||||
- - mysql://nova:unset@
|
||||
- &compute_database_host {get_attr: [ControlVirtualIP, fixed_ips, 0, ip_address]}
|
||||
- /nova
|
||||
CeilometerDSN:
|
||||
list_join:
|
||||
- ''
|
||||
- - mysql://ceilometer:unset@
|
||||
- *compute_database_host
|
||||
- &compute_database_host {get_attr: [ControlVirtualIP, fixed_ips, 0, ip_address]}
|
||||
- /ceilometer
|
||||
NeutronDSN:
|
||||
list_join:
|
||||
|
|
Loading…
Reference in New Issue