Bug 1271411 - Unable to deploy internal api endpoint for keystone on a different network to admin api
Unable to deploy internal api endpoint for keystone on a different network to...
Product: RDO
Classification: Community
Component: openstack-tripleo-heat-templates (Show other bugs)
Unspecified Unspecified
unspecified Severity unspecified
: ---
: Kilo
Assigned To: Tomas Sedovic
Shai Revivo
Depends On:
  Show dependency treegraph
Reported: 2015-10-13 19:38 EDT by Graeme Gillies
Modified: 2016-05-19 12:03 EDT (History)
1 user (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Last Closed: 2016-05-19 12:03:27 EDT
Type: Bug
Regression: ---
Mount Type: ---
Documentation: ---
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Attachments (Terms of Use)

  None (edit)
Description Graeme Gillies 2015-10-13 19:38:20 EDT

At the moment when you deploy RDO using RDO-Manager/tripleo, the keystone internal api endpoint and admin api endpoint will get deployed on the ctlplane network.

Unfortunately there are situations where we would like the admin api endpoint to be deployed on the external network (for example, we want to do keystone admin commands from outside the ctlplane network).

If I have an environment file with the following

    NeutronTenantNetwork: tenant
    CeilometerApiNetwork: internal_api
    MongoDbNetwork: internal_api
    CinderApiNetwork: internal_api
    CinderIscsiNetwork: storage
    GlanceApiNetwork: storage
    GlanceRegistryNetwork: internal_api
    KeystoneAdminApiNetwork: external
    KeystonePublicApiNetwork: internal_api
    NeutronApiNetwork: internal_api
    HeatApiNetwork: internal_api
    NovaApiNetwork: internal_api
    NovaMetadataNetwork: internal_api
    NovaVncProxyNetwork: internal_api
    SwiftMgmtNetwork: storage_mgmt
    SwiftProxyNetwork: storage
    HorizonNetwork: internal_api
    MemcachedNetwork: internal_api
    RabbitMqNetwork: internal_api
    RedisNetwork: internal_api
    MysqlNetwork: internal_api
    CephClusterNetwork: storage_mgmt
    CephPublicNetwork: storage
    ControllerHostnameResolveNetwork: internal_api
    ComputeHostnameResolveNetwork: internal_api
    BlockStorageHostnameResolveNetwork: internal_api
    ObjectStorageHostnameResolveNetwork: internal_api
    CephStorageHostnameResolveNetwork: storage

This correctly puts the keystone admin endpoint on the external network, but also puts the keystone internal api endpoint on the external network as well, which is not desired. There should be a way to just put the admin api endpoint on whatever network I would like, while keeping the internal api endpoint on the internal_api or ctlplane network.


Comment 2 Chandan Kumar 2016-05-19 12:03:27 EDT
This bug is against a Version which has reached End of Life.
If it's still present in supported release (http://releases.openstack.org), please update Version and reopen.

Note You need to log in before you can comment on or make changes to this bug.