nothing works when only externalURL available
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
python-keystoneclient |
Invalid
|
Medium
|
Unassigned |
Bug Description
I have a deployment where adminURL and internalURL are both available from internal network only. When I try to connect from an "external" network, I see the this error:
>>> from keystoneclient.v2_0 import client
>>> USERNAME, PASSWORD, TENANT, AUTH_URL = 'eye', 'secret', 'rally', 'http://
>>> keystone = client.
>>> keystone.
Traceback (most recent call last):
File "<stdin>", line 1, in <module>
File "keystoneclient
tenant_list = self._list(
File "keystoneclient
resp, body = self.client.
File "keystoneclient
return self._cs_
File "keystoneclient
return self.request(url, method, **kwargs)
File "keystoneclient
resp = super(HTTPClient, self).request(url, method, **kwargs)
File "keystoneclient
return self.session.
File "keystoneclient
return func(*args, **kwargs)
File "keystoneclient
resp = self._send_
File "keystoneclient
raise exceptions.
keystoneclient.
172.18.200.192 is "external" network
192.168.0.0 is internal network
That's by design. The :35357/v2.0/ is assumed to be a deployer-only management API on a secure network. In a real deployment, you should not assume that end users on the public internet should be able to access it, for example.