I'm not entirely sure yet whether this is a bug in CFME or whether this is a bug in OpenStack's installer. The problem is that the current OpenStack installer sets up the adminURL endpoints for services on a private network (e.g., 192.168.1.1). And, CFME uses the adminURL (via the Fog library) to access some pieces of information from the various OpenStack services. This issue was originally raised as a secondary discussion in bug #1252413. See the following comments for more details: * https://bugzilla.redhat.com/show_bug.cgi?id=1252413#c8 * https://bugzilla.redhat.com/show_bug.cgi?id=1252413#c9 * https://bugzilla.redhat.com/show_bug.cgi?id=1252413#c10 * https://bugzilla.redhat.com/show_bug.cgi?id=1252413#c11 * https://bugzilla.redhat.com/show_bug.cgi?id=1252413#c12 * https://bugzilla.redhat.com/show_bug.cgi?id=1252413#c13 * https://bugzilla.redhat.com/show_bug.cgi?id=1252413#c14 * https://bugzilla.redhat.com/show_bug.cgi?id=1252413#c15
I'll add below my first findings when adding a new Openstack cloud provider deployed with OSP-d. Refresh fails because CFME is unable to reach the Glance and Cinder adminURL endpoint: Service: image +-------------+----------------------------------+ | Property | Value | +-------------+----------------------------------+ | adminURL | http://172.18.0.10:9292/ | | id | 14e4e75dcbbd4cb8acbf4925a1f1c3a9 | | internalURL | http://172.18.0.10:9292/ | | publicURL | http://10.3.53.10:9292/ | | region | regionOne | +-------------+----------------------------------+ [root@osp-d-lab ~]# netstat -tupan | grep SYN tcp 0 1 10.3.59.198:49646 172.18.0.10:9292 SYN_SENT 6306/worker.rb Switched @openstack_endpoint_type to publicURL in /opt/rh/cfme-gemset/gems/fog-1.29.0/lib/fog/openstack/image.rb Cinder: Service: volume +-------------+-------------------------------------------------------------+ | Property | Value | +-------------+-------------------------------------------------------------+ | adminURL | http://172.17.0.10:8776/v1/204aca6abccd40a7a2311ed4309199f5 | | id | 26d8728ed4c042cdaddb8856d3bfebcd | | internalURL | http://172.17.0.10:8776/v1/204aca6abccd40a7a2311ed4309199f5 | | publicURL | http://10.3.53.10:8776/v1/204aca6abccd40a7a2311ed4309199f5 | | region | regionOne | +-------------+-------------------------------------------------------------+ [root@osp-d-lab ~]# netstat -tupan | grep SYN tcp 0 1 10.3.59.198:44034 172.17.0.10:8776 SYN_SENT 2632/worker.rb Switched @openstack_endpoint_type to publicURL in /opt/rh/cfme-gemset/gems/fog-1.29.0/lib/fog/openstack/volume.rb After spawning an instance the logs showed errors regarding Ceilometer: Ceilometer: Service: metering +-------------+----------------------------------+ | Property | Value | +-------------+----------------------------------+ | adminURL | http://172.17.0.10:8777/ | | id | 96ff2e1bd12042e5a0c0a1ec43f9753e | | internalURL | http://172.17.0.10:8777/ | | publicURL | http://10.3.53.10:8777/ | | region | regionOne | +-------------+----------------------------------+ Switched @openstack_endpoint_type to publicURL in /opt/rh/cfme-gemset/gems/fog-1.29.0/lib/fog/openstack/metering.rb In /opt/rh/cfme-gemset/gems/fog-1.29.0/lib/fog/openstack there are still identity.rb, baremetal.rb and planning.rb which are using the adminURL. Keystone currently works because all the endpoints are using a public IP (see BZ#1236136) but it will also change to use a private subnet for admin and internal API.
Hello guys, I also saw this issue on version 5.4 by adding an onpenstack provider. CloudFormation actually attack the url given by the user and list correctly all endpoint (public, admin and internal). Then it interrogate the adminURL for all the api, in my case, CloudForm has only access to public api so i had to change it buy editing code files : grep -rni publicURL /opt/rh/cfme-gemset/gems/fog-1.29.0/lib/fog/openstack /opt/rh/cfme-gemset/gems/fog-1.29.0/lib/fog/openstack/orchestration.rb:152: @openstack_endpoint_type = options[:openstack_endpoint_type] || 'publicURL' /opt/rh/cfme-gemset/gems/fog-1.29.0/lib/fog/openstack/identity.rb:195: @openstack_endpoint_type = options[:openstack_endpoint_type] || 'publicURL' /opt/rh/cfme-gemset/gems/fog-1.29.0/lib/fog/openstack/planning.rb:114: @openstack_endpoint_type = options[:openstack_endpoint_type] || 'publicURL' /opt/rh/cfme-gemset/gems/fog-1.29.0/lib/fog/openstack/baremetal.rb:266: @openstack_endpoint_type = options[:openstack_endpoint_type] || 'publicURL' /opt/rh/cfme-gemset/gems/fog-1.29.0/lib/fog/openstack/core.rb:100: endpoint_type = (options[:openstack_endpoint_type] || 'publicURL').to_s /opt/rh/cfme-gemset/gems/fog-1.29.0/lib/fog/openstack/core.rb:162: identity_url = identity_service['endpoints'].find{|s| s['publicURL']}['publicURL'] if identity_service /opt/rh/cfme-gemset/gems/fog-1.29.0/lib/fog/openstack/volume.rb:129: @openstack_endpoint_type = options[:openstack_endpoint_type] || 'publicURL' /opt/rh/cfme-gemset/gems/fog-1.29.0/lib/fog/openstack/image.rb:114: @openstack_endpoint_type = options[:openstack_endpoint_type] || 'publicURL' /opt/rh/cfme-gemset/gems/fog-1.29.0/lib/fog/openstack/metering.rb:107: @openstack_endpoint_type = options[:openstack_endpoint_type] || 'publicURL' /opt/rh/cfme-gemset/gems/fog-1.29.0/lib/fog/openstack/network.rb:248: @openstack_endpoint_type = options[:openstack_endpoint_type] || 'publicURL' /opt/rh/cfme-gemset/gems/fog-1.29.0/lib/fog/openstack/compute.rb:319: @openstack_endpoint_type = options[:openstack_endpoint_type] || 'publicURL' /opt/rh/cfme-gemset/gems/fog-1.29.0/lib/fog/openstack/storage.rb:91: @openstack_endpoint_type = options[:openstack_endpoint_type] || 'publicURL' Could be great to have the choice in the interface. Many thanks in advance. Kévin
https://github.com/ManageIQ/manageiq/pull/5169
*** This bug has been marked as a duplicate of bug 1276118 ***