openstack/kolla-ansible
Code Issues Proposed changes

Remove priviledged mode for nova-api

Browse Source 
This only existed to add an iptables rule for nova-net related things.

Change-Id: I4e6c50d0908edde3b3cc68382f4466a828f377a5
Related-Bug: #1687187
This commit is contained in:
Sam Yaple 2017-07-28 12:43:34 -04:00
parent e9c4a5877d
commit c18615efd5
2 changed files with 0 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
ansible/roles/nova/defaults/main.yml
View File

@ -46,7 +46,6 @@ nova_services:
group: "nova-api" group: "nova-api"
image: "{{ nova_api_image_full }}" image: "{{ nova_api_image_full }}"
enabled: True enabled: True
privileged: True
volumes: volumes:
- "{{ node_config_directory }}/nova-api/:{{ container_config_directory }}/:ro" - "{{ node_config_directory }}/nova-api/:{{ container_config_directory }}/:ro"
- "/etc/localtime:/etc/localtime:ro" - "/etc/localtime:/etc/localtime:ro"

1
ansible/roles/nova/handlers/main.yml
View File

@ -85,7 +85,6 @@
common_options: "{{ docker_common_options }}" common_options: "{{ docker_common_options }}"
name: "{{ service.container_name }}" name: "{{ service.container_name }}"
image: "{{ service.image }}" image: "{{ service.image }}"
privileged: "{{ service.privileged | default(False) }}"
volumes: "{{ service.volumes|reject('equalto', '')|list }}" volumes: "{{ service.volumes|reject('equalto', '')|list }}"
when: when:
- action != "config" - action != "config"