Bug 1271411

Summary: Unable to deploy internal api endpoint for keystone on a different network to admin api
Product: [Community] RDO Reporter: Graeme Gillies <ggillies>
Component: openstack-tripleo-heat-templatesAssignee: Tomas Sedovic <tsedovic>
Status: CLOSED EOL QA Contact: Shai Revivo <srevivo>
Severity: unspecified Docs Contact:
Priority: unspecified    
Version: LibertyCC: mcornea
Target Milestone: ---   
Target Release: Kilo   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2016-05-19 16:03:27 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Graeme Gillies 2015-10-13 23:38:20 UTC 
Hi,

At the moment when you deploy RDO using RDO-Manager/tripleo, the keystone internal api endpoint and admin api endpoint will get deployed on the ctlplane network.

Unfortunately there are situations where we would like the admin api endpoint to be deployed on the external network (for example, we want to do keystone admin commands from outside the ctlplane network).

If I have an environment file with the following

parameters:
  ServiceNetMap:
    NeutronTenantNetwork: tenant
    CeilometerApiNetwork: internal_api
    MongoDbNetwork: internal_api
    CinderApiNetwork: internal_api
    CinderIscsiNetwork: storage
    GlanceApiNetwork: storage
    GlanceRegistryNetwork: internal_api
    KeystoneAdminApiNetwork: external
    KeystonePublicApiNetwork: internal_api
    NeutronApiNetwork: internal_api
    HeatApiNetwork: internal_api
    NovaApiNetwork: internal_api
    NovaMetadataNetwork: internal_api
    NovaVncProxyNetwork: internal_api
    SwiftMgmtNetwork: storage_mgmt
    SwiftProxyNetwork: storage
    HorizonNetwork: internal_api
    MemcachedNetwork: internal_api
    RabbitMqNetwork: internal_api
    RedisNetwork: internal_api
    MysqlNetwork: internal_api
    CephClusterNetwork: storage_mgmt
    CephPublicNetwork: storage
    ControllerHostnameResolveNetwork: internal_api
    ComputeHostnameResolveNetwork: internal_api
    BlockStorageHostnameResolveNetwork: internal_api
    ObjectStorageHostnameResolveNetwork: internal_api
    CephStorageHostnameResolveNetwork: storage

This correctly puts the keystone admin endpoint on the external network, but also puts the keystone internal api endpoint on the external network as well, which is not desired. There should be a way to just put the admin api endpoint on whatever network I would like, while keeping the internal api endpoint on the internal_api or ctlplane network.

Regards,

Graeme
Comment 2 Chandan Kumar 2016-05-19 16:03:27 UTC 
This bug is against a Version which has reached End of Life.
If it's still present in supported release (http://releases.openstack.org), please update Version and reopen.