Merge "Revert "Make libvirt safe again""
diff --git a/nova/compute/cluster.yml b/nova/compute/cluster.yml
index e8b29cc..5d0e6a1 100644
--- a/nova/compute/cluster.yml
+++ b/nova/compute/cluster.yml
@@ -1,6 +1,5 @@
classes:
- service.nova.compute.kvm
-- service.iptables.server
parameters:
_param:
nova_vncproxy_url: https://${_param:cluster_public_host}:6080
@@ -95,15 +94,3 @@
public_key: ${_param:nova_compute_ssh_public}
private_key: ${_param:nova_compute_ssh_private}
my_ip: ${_param:single_address}
- libvirt:
- uri: qemu+unix:///system?socket=/var/run/libvirt/libvirt-sock
- iptables:
- service:
- enabled: true
- chain:
- INPUT:
- rules:
- # deny any connections to libvirt port
- - destination_port: 16509
- protocol: tcp
- jump: DROP
\ No newline at end of file
diff --git a/nova/compute/single.yml b/nova/compute/single.yml
index d5126df..b915145 100644
--- a/nova/compute/single.yml
+++ b/nova/compute/single.yml
@@ -2,7 +2,6 @@
- nova
classes:
- service.nova.compute.kvm
-- service.iptables.server
parameters:
_param:
nova_vncproxy_url: https://${_param:cluster_public_host}:6080
@@ -91,15 +90,3 @@
public_key: ${_param:nova_compute_ssh_public}
private_key: ${_param:nova_compute_ssh_private}
my_ip: ${_param:single_address}
- libvirt:
- uri: qemu+unix:///system?socket=/var/run/libvirt/libvirt-sock
- iptables:
- service:
- enabled: true
- chain:
- INPUT:
- rules:
- # deny any connections to libvirt port
- - destination_port: 16509
- protocol: tcp
- jump: DROP
\ No newline at end of file