commit e4dda729ef9670927978f49c9d21f160c0457efb
Author: Clark Boylan <email address hidden>
Date: Wed Nov 20 17:00:21 2013 -0800
Set keystone admin_bind_host to KEYSTONE_SERVICE_HOST
NOTE: squashed with follow-up Make admin_bind_host configurable
to avoid regression bug #1283803
On Linux ports 32768-61000 can be used by just about
anything needing a socket. Keystone's IANA assigned port is 35357.
Occasionally something else will be using port 35357 first because Linux
allows this. Workaround is to bind to port 127.0.0.1 instead of 0.0.0.0.
$KEYSTONE_SERVICE_HOST gets its value from $SERVICE_HOST which is set to
127.0.0.1 in the gate.
"Ephemeral (client) ports will *never* be sourced from 0.0.0.0, and are
uniquely identified by the full connection five-tuple (proto, src IP,
src port, dst IP, dst port) anyway, allowing them to overlap src IP/src
port as long as proto/dst IP/dst port are different. Thus it is up to
keystone/devstack to bind more appropriately and not use wildcard bind
addresses unless explicitly necessary for some reason. For example, in
the log output, the URLs are configured with dst IPs of 127.0.0.1
anyway, so binding explicitly to localhost would change nothing, while
skirting this particular edge case nicely." ~Evan Callicoat
This doesn't fix bug 1253482 it works around it while a better solution
is prepared (running keystone behind apache in devstack).
Co-Authored-By: Joe Gordon <email address hidden>
Change-Id: I112309661dadf8b753c3311182f82464d9d3595e
Related-bug: #1253482
(cherry picked from commit 6c57fbab26e40af5c5b19b46fb3da39341f34dab)
(cherry picked from commit 041fa712472d887550a540dd50ade546f847c6b4)
Reviewed: https:/ /review. openstack. org/93641 /git.openstack. org/cgit/ openstack- dev/devstack/ commit/ ?id=e4dda729ef9 670927978f49c9d 21f160c0457efb
Committed: https:/
Submitter: Jenkins
Branch: stable/havana
commit e4dda729ef96709 27978f49c9d21f1 60c0457efb
Author: Clark Boylan <email address hidden>
Date: Wed Nov 20 17:00:21 2013 -0800
Set keystone admin_bind_host to KEYSTONE_ SERVICE_ HOST
NOTE: squashed with follow-up Make admin_bind_host configurable
to avoid regression bug #1283803
On Linux ports 32768-61000 can be used by just about SERVICE_ HOST gets its value from $SERVICE_HOST which is set to
anything needing a socket. Keystone's IANA assigned port is 35357.
Occasionally something else will be using port 35357 first because Linux
allows this. Workaround is to bind to port 127.0.0.1 instead of 0.0.0.0.
$KEYSTONE_
127.0.0.1 in the gate.
"Ephemeral (client) ports will *never* be sourced from 0.0.0.0, and are devstack to bind more appropriately and not use wildcard bind
uniquely identified by the full connection five-tuple (proto, src IP,
src port, dst IP, dst port) anyway, allowing them to overlap src IP/src
port as long as proto/dst IP/dst port are different. Thus it is up to
keystone/
addresses unless explicitly necessary for some reason. For example, in
the log output, the URLs are configured with dst IPs of 127.0.0.1
anyway, so binding explicitly to localhost would change nothing, while
skirting this particular edge case nicely." ~Evan Callicoat
This doesn't fix bug 1253482 it works around it while a better solution
is prepared (running keystone behind apache in devstack).
Co-Authored-By: Joe Gordon <email address hidden> b753c3311182f82 464d9d3595e 5c5b19b46fb3da3 9341f34dab) 550a540dd50ade5 46f847c6b4)
Change-Id: I112309661dadf8
Related-bug: #1253482
(cherry picked from commit 6c57fbab26e40af
(cherry picked from commit 041fa712472d887