Description of problem: When using haproxy with SSL termination in front of neutron, neutron will return version URL's with http:// prefix instead of https://. This causes API clients to fail. Version-Release number of selected component (if applicable): python-neutron-2015.1.0-1.el7 How reproducible: Steps to Reproduce: 1. Configure HAproxy in front of Neutron with SSL termination (so client talks to neutron over SSL, HAproxy talks to Neutron over plain HTTP) 2. curl https://openstack-api.example.com:9696 Actual results: {"versions": [{"status": "CURRENT", "id": "v2.0", "links": [{"href": "http://openstack-api.example.com:9696/v2.0", "rel": "self"}]}]} Expected results: {"versions": [{"status": "CURRENT", "id": "v2.0", "links": [{"href": "https://openstack-api.example.com:9696/v2.0", "rel": "self"}]}]} Additional info: I patched this issue in /usr/lib/python2.7/site-packages/neutron/api/views/versions.py: def get_view_builder(req): base_url = req.application_url if req.environ.get('HTTP_X_FORWARDED_PROTO', None) != None: base_url = base_url.replace('http://', 'https://') return ViewBuilder(base_url) Then neutron returns the proper https URL. The X-Forwarded-Proto header is inserted by haproxy. Note: this issue is present in other openstack api's as well but can be worked around by setting public_endpoint explicitly. This option is not available in neutron however.
This bug is against a Version which has reached End of Life. If it's still present in supported release (http://releases.openstack.org), please update Version and reopen.