let openvswitch_db listener localhost

Openvswitch_db is not necessary to listener api_address.
Just let openvswitch_db listener localhost to avoid security issues.

Change-Id: If4912d90abae933a1ed9e2d14336b89b7c7179dd
Closes-Bug: #1712767
This commit is contained in:
Kuo-tung Kao 2017-08-24 16:40:23 +08:00
parent 61da0467f4
commit 5d22ea34c0
4 changed files with 4 additions and 4 deletions

View File

@ -22,4 +22,4 @@ interface_driver = openvswitch
[ovs] [ovs]
ovsdb_interface = native ovsdb_interface = native
ovsdb_connection = tcp:{{ api_interface_address }}:6640 ovsdb_connection = tcp:127.0.0.1:{{ ovsdb_port }}

View File

@ -19,4 +19,4 @@ extensions = fwaas
[ovs] [ovs]
ovsdb_interface = native ovsdb_interface = native
ovsdb_connection = tcp:{{ api_interface_address }}:6640 ovsdb_connection = tcp:127.0.0.1:{{ ovsdb_port }}

View File

@ -78,7 +78,7 @@ extensions = {{ neutron_agent_extensions|map(attribute='name')|join(',') }}
bridge_mappings = {% for bridge in neutron_bridge_name.split(',') %}physnet{{ loop.index0 + 1 }}:{{ bridge }}{% if not loop.last %},{% endif %}{% endfor %} bridge_mappings = {% for bridge in neutron_bridge_name.split(',') %}physnet{{ loop.index0 + 1 }}:{{ bridge }}{% if not loop.last %},{% endif %}{% endfor %}
{% endif %} {% endif %}
ovsdb_connection = tcp:{{ api_interface_address }}:6640 ovsdb_connection = tcp:127.0.0.1:{{ ovsdb_port }}
{% if enable_nova_fake | bool %} {% if enable_nova_fake | bool %}
integration_bridge = br-int-{{ item }} integration_bridge = br-int-{{ item }}
{% endif %} {% endif %}

View File

@ -1,5 +1,5 @@
{ {
"command": "start-ovsdb-server {{ api_interface_address }}", "command": "start-ovsdb-server 127.0.0.1",
"config_files": [ "config_files": [
{ {
"source": "{{ container_config_directory }}/start-ovsdb-server", "source": "{{ container_config_directory }}/start-ovsdb-server",