}
}
- # TODO(emilien): Some work needs to be done in puppet-nova to separate nova-compute config
- # when running libvirt and libvirt itself, so we allow micro-services deployments.
- if str2bool(hiera('nova::use_ipv6', false)) {
- $vncserver_listen = '::0'
- } else {
- $vncserver_listen = '0.0.0.0'
- }
-
if $rbd_ephemeral_storage {
class { '::nova::compute::libvirt':
libvirt_disk_cachemodes => ['network=writeback'],
libvirt_hw_disk_discard => 'unmap',
- vncserver_listen => $vncserver_listen,
}
} else {
- class { '::nova::compute::libvirt' :
- vncserver_listen => $vncserver_listen,
- }
+ include ::nova::compute::libvirt
}
include ::nova::compute::libvirt::qemu
--- /dev/null
+---
+features:
+ - Configure VNC server to be binded on internal network interface on compute nodes.
+ This value comes from tripleo-heat-templates and is configured by default to use
+ an IP address from the internal API network.
+ We use the ServiceNetMap in tripleo-heat-templates to compute the IP address, and we won't
+ configure 0.0.0.0 anymore as it used to open the binding to any network, which is unsecure.
Code Review / apex-puppet-tripleo.git / commitdiff