Access to keystone is denied for requests outside Fuel master node in CentOS7 (Fuel 8 build 310)
Bug #1521955 reported by
Mikhail Chernik
This bug affects 1 person
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
Fuel for OpenStack |
Fix Released
|
High
|
Ivan Suzdal |
Bug Description
Due to blocked access to keystone it is currently impossible to run e.g. scripts which use nailgun API from a host outside cluster on Fuel 8.0 build 310.
Following rules in keystone container blocks access:
26 48 2880 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 multiport ports 5000 ADDRTYPE match src-type LOCAL /* 047 keystone_local */
27 11 660 REJECT tcp -- * * 0.0.0.0/0 0.0.0.0/0 multiport ports 5000 /* 048 keystone_block_ext */ reject-with icmp-port-
tags: | added: area-mos |
Changed in fuel: | |
milestone: | none → 8.0 |
assignee: | nobody → MOS Keystone (mos-keystone) |
importance: | Undecided → Medium |
Changed in fuel: | |
assignee: | Mikhail Chernik (mchernik) → Fuel Library Team (fuel-library) |
status: | New → Confirmed |
tags: |
added: area-library removed: area-mos |
tags: | added: regression-8.0 |
Changed in fuel: | |
assignee: | Ivan Suzdal (isuzdal) → Dmitry Teselkin (teselkin-d) |
Changed in fuel: | |
assignee: | Dmitry Teselkin (teselkin-d) → Ivan Suzdal (isuzdal) |
To post a comment you must log in.
It has nothing with keystone. Please reassign to proper team. For example to those, who develops those scripts.