diff options
author | Jenkins <jenkins@review.openstack.org> | 2017-02-06 22:49:51 +0000 |
---|---|---|
committer | Gerrit Code Review <review@openstack.org> | 2017-02-06 22:49:51 +0000 |
commit | 3c125d3c760690e0f5de25b7d27188514571332f (patch) | |
tree | 211f7ec1a8ae01d3a83a29cc1e10948f898512ef | |
parent | 22c5d341776c02dfafab1f58f68a852da34f3692 (diff) | |
parent | 6556123395c14f21de31e844426e541c141ffaaa (diff) |
Merge "nova/libvirt: switch vnc server binding"
-rw-r--r-- | manifests/profile/base/nova/compute/libvirt.pp | 13 | ||||
-rw-r--r-- | releasenotes/notes/vncserver_listen-4417377cac38464c.yaml | 7 |
2 files changed, 8 insertions, 12 deletions
diff --git a/manifests/profile/base/nova/compute/libvirt.pp b/manifests/profile/base/nova/compute/libvirt.pp index 6767f6b..cc9beb6 100644 --- a/manifests/profile/base/nova/compute/libvirt.pp +++ b/manifests/profile/base/nova/compute/libvirt.pp @@ -40,24 +40,13 @@ class tripleo::profile::base::nova::compute::libvirt ( } } - # TODO(emilien): Some work needs to be done in puppet-nova to separate nova-compute config - # when running libvirt and libvirt itself, so we allow micro-services deployments. - if str2bool(hiera('nova::use_ipv6', false)) { - $vncserver_listen = '::0' - } else { - $vncserver_listen = '0.0.0.0' - } - if $rbd_ephemeral_storage { class { '::nova::compute::libvirt': libvirt_disk_cachemodes => ['network=writeback'], libvirt_hw_disk_discard => 'unmap', - vncserver_listen => $vncserver_listen, } } else { - class { '::nova::compute::libvirt' : - vncserver_listen => $vncserver_listen, - } + include ::nova::compute::libvirt } include ::nova::compute::libvirt::qemu diff --git a/releasenotes/notes/vncserver_listen-4417377cac38464c.yaml b/releasenotes/notes/vncserver_listen-4417377cac38464c.yaml new file mode 100644 index 0000000..0c0f8ea --- /dev/null +++ b/releasenotes/notes/vncserver_listen-4417377cac38464c.yaml @@ -0,0 +1,7 @@ +--- +features: + - Configure VNC server to be binded on internal network interface on compute nodes. + This value comes from tripleo-heat-templates and is configured by default to use + an IP address from the internal API network. + We use the ServiceNetMap in tripleo-heat-templates to compute the IP address, and we won't + configure 0.0.0.0 anymore as it used to open the binding to any network, which is unsecure. |