From c18615efd54d57f89d1a81729099285ea1fca3a7 Mon Sep 17 00:00:00 2001
From: Sam Yaple <sam@yaple.net>
Date: Fri, 28 Jul 2017 12:43:34 -0400
Subject: [PATCH] Remove priviledged mode for nova-api

This only existed to add an iptables rule for nova-net related things.

Change-Id: I4e6c50d0908edde3b3cc68382f4466a828f377a5
Related-Bug: #1687187
---
 ansible/roles/nova/defaults/main.yml | 1 -
 ansible/roles/nova/handlers/main.yml | 1 -
 2 files changed, 2 deletions(-)

diff --git a/ansible/roles/nova/defaults/main.yml b/ansible/roles/nova/defaults/main.yml
index cb7e9c7446..f5d53aded3 100644
--- a/ansible/roles/nova/defaults/main.yml
+++ b/ansible/roles/nova/defaults/main.yml
@@ -46,7 +46,6 @@ nova_services:
     group: "nova-api"
     image: "{{ nova_api_image_full }}"
     enabled: True
-    privileged: True
     volumes:
       - "{{ node_config_directory }}/nova-api/:{{ container_config_directory }}/:ro"
       - "/etc/localtime:/etc/localtime:ro"
diff --git a/ansible/roles/nova/handlers/main.yml b/ansible/roles/nova/handlers/main.yml
index 8d6174e94e..a63d82107a 100644
--- a/ansible/roles/nova/handlers/main.yml
+++ b/ansible/roles/nova/handlers/main.yml
@@ -85,7 +85,6 @@
     common_options: "{{ docker_common_options }}"
     name: "{{ service.container_name }}"
     image: "{{ service.image }}"
-    privileged: "{{ service.privileged | default(False) }}"
     volumes: "{{ service.volumes|reject('equalto', '')|list }}"
   when:
     - action != "config"