Don't store Nova DB credentials on compute nodes

Remove NovaDSN from overcloud compute. When using the Conductor the Nova compute service does not need access to the database. This patch removes all references to the Nova DSN in the overcloud compute templates. Change-Id: If75f480489b84002dd061c183dbee3572a8b63f1
author: Dan Prince <dprince@redhat.com> 2014-11-25 15:02:00 -0500
committer: Dan Prince <dprince@redhat.com> 2014-12-08 08:34:42 -0500
commit: dfec68afbe99d7bba43b62304b220d8a238a8730 (patch)
tree: c0410eb1ef5ee3bfa25511101784573e32c30241
parent: b91f8cd4928d82a84ac291cd5320b9952a01c4ae (diff)
6 files changed, 2 insertions, 22 deletions
diff --git a/compute-config.yaml b/compute-config.yaml
index a5bfab34..45bb8e1e 100644
--- a/compute-config.yaml
+++ b/compute-config.yaml
@@ -12,7 +12,6 @@ resources:
         nova:
           compute_driver: { get_input: nova_compute_driver }
           compute_libvirt_type: { get_input: nova_compute_libvirt_type }
-          db: {get_input: nova_dsn}
           debug: {get_input: debug}
           host: {get_input: nova_api_host}
           public_ip: {get_input: nova_public_ip}
diff --git a/compute.yaml b/compute.yaml
index 45e1c87f..e3f44700 100644
--- a/compute.yaml
+++ b/compute.yaml
@@ -196,8 +196,6 @@ parameters:
   NovaComputeLibvirtType:
     type: string
     default: ''
-  NovaDSN:
-    type: string
   NovaPassword:
     default: unset
     description: The password for the nova service account, used by nova-api.
@@ -260,7 +258,6 @@ resources:
         debug: {get_param: Debug}
         nova_compute_driver: {get_param: NovaComputeDriver}
         nova_compute_libvirt_type: {get_param: NovaComputeLibvirtType}
-        nova_dsn: {get_param: NovaDSN}
         nova_public_ip: {get_param: NovaPublicIP}
         nova_api_host: {get_param: NovaApiHost}
         nova_password: {get_param: NovaPassword}
diff --git a/nova-compute-config.yaml b/nova-compute-config.yaml
index a7708a2e..b3ef6000 100644
--- a/nova-compute-config.yaml
+++ b/nova-compute-config.yaml
@@ -7,7 +7,6 @@ resources:
         nova:
           compute_driver: { get_input: nova_compute_driver }
           compute_libvirt_type: { get_input: nova_compute_libvirt_type }
-          db: {get_input: nova_dsn}
           debug: {get_param: Debug}
           host: {get_input: nova_api_host}
           public_ip: {get_input: nova_public_ip}
diff --git a/nova-compute-instance.yaml b/nova-compute-instance.yaml
index 1b73e812..55f3a04b 100644
--- a/nova-compute-instance.yaml
+++ b/nova-compute-instance.yaml
@@ -153,8 +153,6 @@ parameters:
   NovaComputeLibvirtType:
     type: string
     default: ''
-  NovaDSN:
-    type: string
   NovaImage:
     type: string
     default: overcloud-compute
@@ -210,7 +208,6 @@ resources:
       input_values:
         nova_compute_driver: {get_param: NovaComputeDriver}
         nova_compute_libvirt_type: {get_param: NovaComputeLibvirtType}
-        nova_dsn: {get_param: NovaDSN}
         nova_public_ip: {get_param: NovaPublicIP}
         nova_api_host: {get_param: NovaApiHost}
         nova_password: {get_param: NovaPassword}
diff --git a/overcloud-source.yaml b/overcloud-source.yaml
index 914f1872..30896598 100644
--- a/overcloud-source.yaml
+++ b/overcloud-source.yaml
@@ -420,18 +420,12 @@ resources:
         NeutronHost: {get_attr: [ControlVirtualIP, fixed_ips, 0, ip_address]}
         GlanceHost: {get_attr: [ControlVirtualIP, fixed_ips, 0, ip_address]}
         RabbitHost: {get_attr: [ControlVirtualIP, fixed_ips, 0, ip_address]}
-        NovaDSN:
-          Fn::Join:
-            - ''
-            - - mysql://nova:unset@
-              - &compute_database_host {get_attr: [ControlVirtualIP, fixed_ips, 0, ip_address]}
-              - /nova
         NovaPublicIP: {get_attr: [PublicVirtualIP, fixed_ips, 0, ip_address]}
         CeilometerDSN:
           Fn::Join:
             - ''
             - - mysql://ceilometer:unset@
-              - *compute_database_host
+              - &compute_database_host {get_attr: [ControlVirtualIP, fixed_ips, 0, ip_address]}
               - /ceilometer
         NeutronDSN:
           Fn::Join:
diff --git a/overcloud-without-mergepy.yaml b/overcloud-without-mergepy.yaml
index c2891204..dd7c2639 100644
--- a/overcloud-without-mergepy.yaml
+++ b/overcloud-without-mergepy.yaml
@@ -577,17 +577,11 @@ resources:
           RabbitUserName: {get_param: RabbitUserName}
           SnmpdReadonlyUserName: {get_param: SnmpdReadonlyUserName}
           SnmpdReadonlyUserPassword: {get_param: SnmpdReadonlyUserPassword}
-          NovaDSN:
-            list_join:
-              - ''
-              - - mysql://nova:unset@
-                - &compute_database_host {get_attr: [ControlVirtualIP, fixed_ips, 0, ip_address]}
-                - /nova
           CeilometerDSN:
             list_join:
               - ''
               - - mysql://ceilometer:unset@
-                - *compute_database_host
+                - &compute_database_host {get_attr: [ControlVirtualIP, fixed_ips, 0, ip_address]}
                 - /ceilometer
           NeutronDSN:
             list_join:
author	Dan Prince <dprince@redhat.com>	2014-11-25 15:02:00 -0500
committer	Dan Prince <dprince@redhat.com>	2014-12-08 08:34:42 -0500
commit	dfec68afbe99d7bba43b62304b220d8a238a8730 (patch)
tree	c0410eb1ef5ee3bfa25511101784573e32c30241
parent	b91f8cd4928d82a84ac291cd5320b9952a01c4ae (diff)