Code Review / apex-tripleo-heat-templates.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | review | tree
raw | patch | inline | side by side (parent: b91f8cd)
Don't store Nova DB credentials on compute nodes
authorDan Prince <dprince@redhat.com>
Tue, 25 Nov 2014 20:02:00 +0000 (15:02 -0500)
committerDan Prince <dprince@redhat.com>
Mon, 8 Dec 2014 13:34:42 +0000 (08:34 -0500)
Remove NovaDSN from overcloud compute.

When using the Conductor the Nova compute service
does not need access to the database. This patch
removes all references to the Nova DSN in the overcloud
compute templates.

Change-Id: If75f480489b84002dd061c183dbee3572a8b63f1

compute-config.yaml patch | blob | history
compute.yaml patch | blob | history
nova-compute-config.yaml patch | blob | history
nova-compute-instance.yaml patch | blob | history
overcloud-source.yaml patch | blob | history
overcloud-without-mergepy.yaml patch | blob | history

diff --git a/compute-config.yaml b/compute-config.yaml
index a5bfab3..45bb8e1 100644 (file)
--- a/compute-config.yaml
+++ b/compute-config.yaml
@@ -12,7 +12,6 @@ resources:
         nova:
           compute_driver: { get_input: nova_compute_driver }
           compute_libvirt_type: { get_input: nova_compute_libvirt_type }
-          db: {get_input: nova_dsn}
           debug: {get_input: debug}
           host: {get_input: nova_api_host}
           public_ip: {get_input: nova_public_ip}
diff --git a/compute.yaml b/compute.yaml
index 45e1c87..e3f4470 100644 (file)
--- a/compute.yaml
+++ b/compute.yaml
@@ -196,8 +196,6 @@ parameters:
   NovaComputeLibvirtType:
     type: string
     default: ''
-  NovaDSN:
-    type: string
   NovaPassword:
     default: unset
     description: The password for the nova service account, used by nova-api.
@@ -260,7 +258,6 @@ resources:
         debug: {get_param: Debug}
         nova_compute_driver: {get_param: NovaComputeDriver}
         nova_compute_libvirt_type: {get_param: NovaComputeLibvirtType}
-        nova_dsn: {get_param: NovaDSN}
         nova_public_ip: {get_param: NovaPublicIP}
         nova_api_host: {get_param: NovaApiHost}
         nova_password: {get_param: NovaPassword}
diff --git a/nova-compute-config.yaml b/nova-compute-config.yaml
index a7708a2..b3ef600 100644 (file)
--- a/nova-compute-config.yaml
+++ b/nova-compute-config.yaml
@@ -7,7 +7,6 @@ resources:
         nova:
           compute_driver: { get_input: nova_compute_driver }
           compute_libvirt_type: { get_input: nova_compute_libvirt_type }
-          db: {get_input: nova_dsn}
           debug: {get_param: Debug}
           host: {get_input: nova_api_host}
           public_ip: {get_input: nova_public_ip}
diff --git a/nova-compute-instance.yaml b/nova-compute-instance.yaml
index 1b73e81..55f3a04 100644 (file)
--- a/nova-compute-instance.yaml
+++ b/nova-compute-instance.yaml
@@ -153,8 +153,6 @@ parameters:
   NovaComputeLibvirtType:
     type: string
     default: ''
-  NovaDSN:
-    type: string
   NovaImage:
     type: string
     default: overcloud-compute
@@ -210,7 +208,6 @@ resources:
       input_values:
         nova_compute_driver: {get_param: NovaComputeDriver}
         nova_compute_libvirt_type: {get_param: NovaComputeLibvirtType}
-        nova_dsn: {get_param: NovaDSN}
         nova_public_ip: {get_param: NovaPublicIP}
         nova_api_host: {get_param: NovaApiHost}
         nova_password: {get_param: NovaPassword}
diff --git a/overcloud-source.yaml b/overcloud-source.yaml
index 914f187..3089659 100644 (file)
--- a/overcloud-source.yaml
+++ b/overcloud-source.yaml
@@ -420,18 +420,12 @@ resources:
         NeutronHost: {get_attr: [ControlVirtualIP, fixed_ips, 0, ip_address]}
         GlanceHost: {get_attr: [ControlVirtualIP, fixed_ips, 0, ip_address]}
         RabbitHost: {get_attr: [ControlVirtualIP, fixed_ips, 0, ip_address]}
-        NovaDSN:
-          Fn::Join:
-            - ''
-            - - mysql://nova:unset@
-              - &compute_database_host {get_attr: [ControlVirtualIP, fixed_ips, 0, ip_address]}
-              - /nova
         NovaPublicIP: {get_attr: [PublicVirtualIP, fixed_ips, 0, ip_address]}
         CeilometerDSN:
           Fn::Join:
             - ''
             - - mysql://ceilometer:unset@
-              - *compute_database_host
+              - &compute_database_host {get_attr: [ControlVirtualIP, fixed_ips, 0, ip_address]}
               - /ceilometer
         NeutronDSN:
           Fn::Join:
diff --git a/overcloud-without-mergepy.yaml b/overcloud-without-mergepy.yaml
index c289120..dd7c263 100644 (file)
--- a/overcloud-without-mergepy.yaml
+++ b/overcloud-without-mergepy.yaml
@@ -577,17 +577,11 @@ resources:
           RabbitUserName: {get_param: RabbitUserName}
           SnmpdReadonlyUserName: {get_param: SnmpdReadonlyUserName}
           SnmpdReadonlyUserPassword: {get_param: SnmpdReadonlyUserPassword}
-          NovaDSN:
-            list_join:
-              - ''
-              - - mysql://nova:unset@
-                - &compute_database_host {get_attr: [ControlVirtualIP, fixed_ips, 0, ip_address]}
-                - /nova
           CeilometerDSN:
             list_join:
               - ''
               - - mysql://ceilometer:unset@
-                - *compute_database_host
+                - &compute_database_host {get_attr: [ControlVirtualIP, fixed_ips, 0, ip_address]}
                 - /ceilometer
           NeutronDSN:
             list_join: