metadata agent nova.conf uses admin endpoint for auth_url

Bug #1771709 reported by Xav Paice on 2018-05-17
This bug affects 1 person
Affects Status Importance Assigned to Milestone
OpenStack neutron-gateway charm

Bug Description

We have a cloud where the public and admin endpoint addresses are on a separate network to most other services. The neutron-gateway units do not have an address on those networks, but do have an address which can reach the 'internal' endpoint.

In nova.conf, the nova-api-metadata.service (as configured by the neutron-gateway charm) has auth_url set to use the admin endpoint. This is not reachable.

We need to find a way to set that to use the internal endpoint for keystone.

Other charms which do have a use-internal-endpoints setting also seem to use the admin endpoint for auth_url, and the public endpoint for auth_uri (where set).

Xav Paice (xavpaice) wrote :

If I understand this correctly, the Keystone charm uses 'service_hostname': resolve_address(ADMIN) to set the relation data, which reflects right through to the neutron-gateway charm via the neutron-api charm and the identity relation there.

If we were to add an option to the keystone charm to supply the internal as well as admin hostname, we could then use the 'use-internal-endpoints' to collect the internal auth url address.

Pete Vander Giessen (petevg) wrote :

Agree that this is a useful feature. Added to wishlist for the charm!

Changed in charm-neutron-gateway:
importance: Undecided → Wishlist
status: New → Triaged
To post a comment you must log in.
This report contains Public information  Edit
Everyone can see this information.

Other bug subscribers