diff --git a/manifests/compute/hypervisor.pp b/manifests/compute/hypervisor.pp
index 8e2004e1..9604d7f5 100644
--- a/manifests/compute/hypervisor.pp
+++ b/manifests/compute/hypervisor.pp
@@ -49,6 +49,13 @@
 #   You may have side effects (SElinux for example).
 #   Defaults to '/var/lib/nova/instances'
 #
+# [*nova_shell*]
+#   (optional) Full path of shell to run for nova user.
+#   To disable live migration & resize, set it to '/bin/nologin' or false.
+#   Otherwise, set the value to '/bin/bash'.
+#   Need to be a valid shell path.
+#   Defaults to false
+#
 class cloud::compute::hypervisor(
   $server_proxyclient_address = '127.0.0.1',
   $libvirt_type               = 'kvm',
@@ -63,6 +70,7 @@ class cloud::compute::hypervisor(
   $vm_rbd                     = false,
   $volume_rbd                 = false,
   $manage_tso                 = true,
+  $nova_shell                 = false,
   # when using NFS storage backend
   $nfs_enabled                = false,
   $nfs_device                 = false,
@@ -165,6 +173,16 @@ Host *
 "
   }
 
+  if $nova_shell {
+    ensure_resource ('user', 'nova', {
+      'ensure'     => 'present',
+      'system'     => true,
+      'home'       => '/var/lib/nova',
+      'managehome' => false,
+      'shell'      => $nova_shell,
+    })
+  }
+
   class { 'nova::compute':
     enabled         => true,
     vnc_enabled     => false,
diff --git a/spec/classes/cloud_compute_hypervisor_spec.rb b/spec/classes/cloud_compute_hypervisor_spec.rb
index e5efd7bb..003be0a4 100644
--- a/spec/classes/cloud_compute_hypervisor_spec.rb
+++ b/spec/classes/cloud_compute_hypervisor_spec.rb
@@ -81,6 +81,7 @@ describe 'cloud::compute::hypervisor' do
         :ks_spice_public_host                 => '10.0.0.2',
         :vm_rbd                               => false,
         :volume_rbd                           => false,
+        :nova_shell                           => false,
         :ks_nova_public_host                  => '10.0.0.1' }
     end
 
@@ -224,6 +225,10 @@ describe 'cloud::compute::hypervisor' do
       is_expected.to contain_class('ceilometer::agent::compute')
     end
 
+    it 'do not configure nova shell' do
+      is_expected.not_to contain_user('nova')
+    end
+
     it 'should not configure nova-compute for RBD backend' do
       is_expected.not_to contain_nova_config('libvirt/rbd_user').with('value' => 'cinder')
       is_expected.not_to contain_nova_config('libvirt/images_type').with('value' => 'rbd')
@@ -320,6 +325,21 @@ describe 'cloud::compute::hypervisor' do
       end
     end
 
+    context 'when managing nova shell' do
+      before :each do
+        params.merge!( :nova_shell => '/bin/bash')
+      end
+      it 'ensure nova shell is configured by Puppet' do
+        is_expected.to contain_user('nova').with(
+          :ensure     => 'present',
+          :system     => true,
+          :home       => '/var/lib/nova',
+          :managehome => false,
+          :shell      => '/bin/bash'
+        )
+      end
+    end
+
     context 'with RBD backend for instances and volumes on Debian plaforms' do
       before :each do
         facts.merge!( :osfamily => 'Debian',