the API endpoint URL aren't FQDN inside the APIserver

Bug #1951437 reported by Frank Gemein
10
This bug affects 2 people
Affects Status Importance Assigned to Milestone
skyline apiserver
New
Wishlist
Unassigned

Bug Description

Most functions fail due to ssl errors because the apiserver translates the API endpoints from fqdn to plain ipv4.
e.g.
"SSL_do_handshake() failed (SSL: error:1409442E:SSL routines:ssl3_read_bytes:tlsv1 alert protocol [...]
GET /api/openstack/regionone/cinder/v3/ [...] upstream: "https://10.42.XXX.XX:8776/v3/ "

and so on. my skyline.yml
"keystone_url: https://api.occ1.xxx.xxx.xxx.de:5000" works, I can log in and the endpoints are correct, except it has to be FQDN, not numbers.

Steps to reproduce:
environment is openstack wallaby
HA-Setup with an HAproxy cluster providing API Access.
all public API is HTTPs, BUT with ssl terminated on the haproxy!

If there was a variable to tell skyline to either not translate FQDN or to use internal API for the endpoints in question, this would be perfect.

best regards

Frank

Revision history for this message
Shuai Qian (iauhsnaiq) wrote :

Thanks for your reporting, this definately is necessary feature and we would consider if supporting that in the future version.

Boxiang Zhu (bxzhu-5355)
Changed in skyline-apiserver:
importance: Undecided → Wishlist
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.