Comment 18 for bug 1716344

I am also seeing nova-api attempting to use the keystone public endpoint when /v2.1/os-quota-sets is called on my Pike deployment. This is not valid in my environment; the API must use the internal endpoint to reach keystone. When the public endpoint is used, the connection sits in SYN_SENT state in netstat until it times out after a minute or two.

Hacking the endpoint_filter at https://github.com/openstack/nova/blob/d536bec9fc098c9db8d46f39aab30feb0783e428/nova/api/openstack/identity.py#L43-L46 to include interface=internal fixes the issue.

Unless I am mistaken this issue still exists in master:
https://github.com/openstack/nova/blob/ef4000a0d326deb004843ee51d18030224c5630f/nova/api/openstack/identity.py#L33-L35