kolla-ansible

  1. Bug #1812864
  2. Comment #7

Comment 7 for bug 1812864

Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix merged to kolla-ansible (master)

Reviewed: https://review.opendev.org/676716
Committed: https://git.openstack.org/cgit/openstack/kolla-ansible/commit/?id=d54c8fbdccfd8145b65d0fcc50dc8628b37c1a88
Submitter: Zuul
Branch: master

commit d54c8fbdccfd8145b65d0fcc50dc8628b37c1a88
Author: Mark Goddard <email address hidden>
Date: Thu Aug 15 16:04:44 2019 +0100

    Use internal API for heat -> heat communication

    Heat has a new option (server_keystone_endpoint_type), which can be used
    to set the keystone endpoint used by instances to make callbacks to
    heat. This needs to be public, since we can't assume users have access
    to the internal API. However, the current method of setting
    [clients_heat] endpoint_type means that communication from heat to its
    own API (e.g. when a stack is a resource in another stack) uses the
    public network also, and this might not work if TLS is enabled.

    This change uses server_keystone_endpoint_type to keep instance traffic
    on the public API, and removes the [clients_heat] endpoint_type option
    to use the default in [clients] endpoint_type of internalURL.

    This feature was added to heat in https://review.opendev.org/#/c/650967.

    Change-Id: I932ea55a3c2a411557c34361db08bcb3a2b27eaf
    Closes-Bug: #1812864
    Related-Bug: #1762754
    Related-Bug: #1688331