UX Unable to operate cloud with default Public TLS settings via CLI from external nodes
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
Fuel for OpenStack |
Won't Fix
|
Wishlist
|
Evgeny Konstantinov |
Bug Description
Description of the environment:
All configurations
Steps to reproduce:
1. Deploy any configuration without changing Public TLS settings
2. Add new non-admin tenant and user.
3. Install python-novaclient to any non-cluster node
4. Do any nova command with minimal set of credential in args, for example:
nova --os-username demo --os-tenant-name demo --os-auth-url http://
Expected result:
+----+-
| ID | Name | Status | Task State | Power State | Networks |
+----+-
+----+-
Actual result:
ERROR: HTTPSConnection
Workaround:
Use *_ENDPOINT_
Default fqdn that is used as part of publicURL endpoints is managed by hosts file on nodes. Obviously nodes' hosts file is not the same at any external system.
summary: |
- Unable to operate cloud via CLI from external nodes + Unable to operate cloud with default Public TLS settings via CLI from + external nodes |
Changed in fuel: | |
assignee: | Fuel for Openstack (fuel) → Evgeny Konstantinov (evkonstantinov) |
AFAIK, external access is restricted to non admin ops only, see https:/ /bugs.launchpad .net/mos/ +bug/1362641.
Please elaborate the UX impact, why it is critical?
You can always ssh to controller node and issue any CLI command from there, so there is a w/a. Hence, UX impact is a high or less.