From 621822bed73b5ad0fbe6b0de9f2857c9966c8c04 Mon Sep 17 00:00:00 2001 From: Martin Magr Date: Tue, 4 Jun 2013 21:50:29 +0200 Subject: [PATCH] Removed SQL password in sql_connection for compute hosts Change-Id: I0cfa9a92cef0aabfa346db4f2fe6ede3aed4eada Fixes: rhbz#966325 --- packstack/plugins/nova_300.py | 15 +++++++++++++++ packstack/puppet/templates/nova_common.pp | 2 +- 2 files changed, 16 insertions(+), 1 deletion(-) diff --git a/packstack/plugins/nova_300.py b/packstack/plugins/nova_300.py index 106af8b4a..91e716e05 100644 --- a/packstack/plugins/nova_300.py +++ b/packstack/plugins/nova_300.py @@ -424,8 +424,23 @@ def createvncproxymanifest(config): def createcommonmanifest(config): + dirty = controller.CONF["CONFIG_NOVA_COMPUTE_HOSTS"].split(",") + compnodes = [i.strip() for i in dirty if i.strip()] + conductor = config['CONFIG_NOVA_CONDUCTOR_HOST'] + dbhost = config['CONFIG_MYSQL_HOST'] + for manifestfile, marker in manifestfiles.getFiles(): if manifestfile.endswith("_nova.pp"): + host, manifest = manifestfile.split('_', 1) + host = host.strip() + + if host != conductor and host in compnodes: + perms = "nova" + else: + perms = "nova:%(CONFIG_NOVA_DB_PW)s" % config + config['CONFIG_NOVA_SQL_CONN'] = ("mysql://%s@%s/nova" + % (perms, dbhost)) + data = getManifestTemplate("nova_common.pp") appendManifestFile(os.path.split(manifestfile)[1], data) diff --git a/packstack/puppet/templates/nova_common.pp b/packstack/puppet/templates/nova_common.pp index 18e9e3b37..565c4de35 100644 --- a/packstack/puppet/templates/nova_common.pp +++ b/packstack/puppet/templates/nova_common.pp @@ -9,7 +9,7 @@ nova_config{ class {"nova": glance_api_servers => "%(CONFIG_GLANCE_HOST)s:9292", - sql_connection => "mysql://nova:%(CONFIG_NOVA_DB_PW)s@%(CONFIG_MYSQL_HOST)s/nova", + sql_connection => "%(CONFIG_NOVA_SQL_CONN)s", qpid_hostname => "%(CONFIG_QPID_HOST)s", rpc_backend => 'nova.openstack.common.rpc.impl_qpid', verbose => 'True',