[nova][tripleo][rpm-packaging][kolla][puppet][debian][osa] Nova enforces that no DB credentials are allowed for the nova-compute service

Thomas Goirand zigo at debian.org
Sat Nov 21 01:47:23 UTC 2020

On 11/18/20 8:24 PM, Dan Smith wrote:
> which things are
> _not_allowed_ to be set for a service (such as db credentials on the
> compute).

I still don't understand why this is forbidden.

Sure, I understand what people wrote: that it is a security problem.

Can't nova-compute just *ignore* the db credentials, and then everyone
is done with it, and moves on? That's a much more easy way to handle
this problem, IMO.


Thomas Goirand (zigo)

More information about the openstack-discuss mailing list