diff --git a/ansible/kolla-ansible.yml b/ansible/kolla-ansible.yml
index b4d5126df967949f5b190c5288094eb932e4de42..8c9b99211d8e6ef7295bf9bea06ed62dbe9b93db 100644
--- a/ansible/kolla-ansible.yml
+++ b/ansible/kolla-ansible.yml
@@ -95,13 +95,6 @@
- "{{ kayobe_config_path }}"
kolla_overcloud_inventory_search_paths: "{{ kolla_overcloud_inventory_search_paths_static + kayobe_env_search_paths }}"
kolla_ansible_certificates_path: "{{ kayobe_env_config_path }}/kolla/certificates"
- # NOTE: This differs from the default SELinux mode in kolla ansible,
- # which is permissive. The justification for using this mode is twofold:
- # 1. it avoids filling up the audit log
- # 2. it avoids an issue seen when using diskimage-builder in the bifrost
- # container.
- # We could look at making the SELinux mode configurable in future.
- kolla_selinux_state: disabled
kolla_inspector_dhcp_pool_start: "{{ inspection_net_name | net_inspection_allocation_pool_start }}"
kolla_inspector_dhcp_pool_end: "{{ inspection_net_name | net_inspection_allocation_pool_end }}"
kolla_inspector_netmask: "{{ inspection_net_name | net_mask }}"
diff --git a/ansible/roles/kolla-ansible/templates/kolla/globals.yml b/ansible/roles/kolla-ansible/templates/kolla/globals.yml
index 643a9e951cca0bb93a8d134aecb1fb4515a259f3..a9deedfd7725b6c147c3b80cde4632621a6345e7 100644
--- a/ansible/roles/kolla-ansible/templates/kolla/globals.yml
+++ b/ansible/roles/kolla-ansible/templates/kolla/globals.yml
@@ -519,31 +519,6 @@ ironic_inspector_kernel_cmdline_extras:
grafana_admin_username: "{{ grafana_local_admin_user_name }}"
{% endif %}
-#########################################
-# Bootstrap-servers - Host Configuration
-#########################################
-
-{% if kolla_selinux_state is not none %}
-selinux_state: {{ kolla_selinux_state }}
-{% endif %}
-
-# Kayobe performs creation of the Kolla Ansible user account, so there is no
-# need for Kolla Ansible to repeat this.
-create_kolla_user: false
-
-# User account to use for Kolla SSH access.
-kolla_user: "{{ kolla_ansible_user }}"
-
-# Primary group of Kolla SSH user.
-kolla_group: "{{ kolla_ansible_group }}"
-
-{% if kolla_ansible_target_venv %}
-virtualenv: {{ kolla_ansible_target_venv }}
-{% endif %}
-
-# Avoid disabling the firewall on CentOS, since we manage it in Kayobe.
-disable_firewall: "{% raw %}{{ ansible_facts.os_family == 'Debian' }}{% endraw %}"
-
{% if kolla_extra_globals %}
#######################
# Extra configuration
diff --git a/ansible/roles/kolla-ansible/tests/test-defaults.yml b/ansible/roles/kolla-ansible/tests/test-defaults.yml
index fe5fbda7adc5b9ee513f0a5cf67850782ebd2c04..f42353a3af49af1cdbbadf4c2406350cb90c2180 100644
--- a/ansible/roles/kolla-ansible/tests/test-defaults.yml
+++ b/ansible/roles/kolla-ansible/tests/test-defaults.yml
@@ -80,8 +80,6 @@
kolla_enable_tls_external: False
kolla_enable_tls_internal: False
openstack_logging_debug: False
- kolla_user: "kolla"
- kolla_group: "kolla"
- name: Validate variables are absent from globals.yml
assert:
diff --git a/ansible/roles/kolla-ansible/tests/test-extras.yml b/ansible/roles/kolla-ansible/tests/test-extras.yml
index 8f8576a62550ce2fc598d6eae5179b770f024108..3f9de186398c298cb5772cd7cd5ecd306586da25 100644
--- a/ansible/roles/kolla-ansible/tests/test-extras.yml
+++ b/ansible/roles/kolla-ansible/tests/test-extras.yml
@@ -238,8 +238,6 @@
globals_yml: "{{ lookup('file', temp_path ~ '/etc/kolla/globals.yml') | from_yaml }}"
expected_variables:
config_strategy: "COPY_ALWAYS"
- kolla_user: "fake-user"
- kolla_group: "fake-group"
kolla_base_distro: "fake-distro"
kolla_base_distro_version: "1.23"
openstack_release: "fake-release"