Comment 16 for bug 1860743

Just circling back to this one; I know it has been a while, but it's still a pertinent issue.

> After doing this, I see that the "clear-unit-knownhost-cache" action is trying to connect to compute nodes through the live migration network but n-c-cs don't have an IP on that network. Also, n-c-c doesn't offer any bind for this.

Yes, the action ultimately uses `ssh-keyscan` to fetch the SSH host keys of the nova-compute hosts so that they can be populated across the cluster. In order to do this, the nova-cc unit running the ssh-keyscan needs to be able to reach the nova-compute hosts on some network.

Whether it needs to be on the libvirt-migration-network is more questionable. nova-cloud-controller has bindings for internal, public and admin, and nova-compute has bindings for internal and migration. As internal is used for console access (on nova-compute), maybe that same binding could be used for nova-cloud-controller?

Obviously, there could be a limitation that I've not considered here, so please feel free to criticise it! It may be that we should add the migration binding to nova-cc as the cleanest solution?