IHA uses compute public endpoint by default and is not overridable

Fix proposed to branch: master
Review: https://review.openstack.org/595558

Reviewed: https://review.openstack.org/595558
Committed: https://git.openstack.org/cgit/openstack/tripleo-heat-templates/commit/?id=1bdefbe59d6f933773cbc366c57c5887ebf18833
Submitter: Zuul
Branch: master

commit 1bdefbe59d6f933773cbc366c57c5887ebf18833
Author: Michele Baldessari <email address hidden>
Date: Thu Aug 23 11:22:53 2018 +0200

    IHA Default the compute endpoint check script to internal

    Currently we instantiate a novaclient.client Client object without explicitely
    passing any endpoint_type in kwargs. The Client object defaults to using
    'publicURL': https://github.com/openstack/python-novaclient/blob/stable/queens/novaclient/client.py#L116

    In some environments the access to publicURL is not desired and likely the wrong default.
    So this needs to be a) configureable and b) default to internalURL when nothing is specified.

    We make this configurable by leveraging the os_interface key in the
    placement section of nova.conf as that is what specifies the endpoint
    type since ocata: https://docs.openstack.org/releasenotes/nova/ocata.html#other-notes

    We also check for the existance of the [placement]/valid_interface key
    and will use that instead if it is present as it is the proper
    recommended way to get this information as of queens (see
    https://review.openstack.org/#/c/492247/). Since it is a list
    of preferred endpoint URLs, we take the first one.

    Tested by making sure via tcpdump that the internal_url was being hit
    after restarting the nova_compute container with the patched code:
    (overcloud) [stack@undercloud-0 ~]$ openstack endpoint list |grep comput
    | 8ad225f34170467a84513c5b447662dc | regionOne | nova | compute | True | admin | http://172.17.1.16:8774/v2.1 |
    | 9a15e824601f43629b03ec99589c3d83 | regionOne | nova | compute | True | internal | http://172.17.1.16:8774/v2.1 |
    | c5b964700daf4abfac5060432debdbe3 | regionOne | nova | compute | True | public | https://10.0.0.101:13774/v2.1 |

    [root@compute-0 ~]# tcpdump -i any -nn host 172.17.1.16 and port 8774
    09:29:57.824687 IP 172.17.1.10.37254 > 172.17.1.16.8774: Flags [S], seq 3520534439, win 29200, options [mss 1460,sackOK,TS val 564789919 ecr 0,nop,wscale 7], length 0
    09:29:57.824946 ethertype IPv4, IP 172.17.1.16.8774 > 172.17.1.10.37254: Flags [S.], seq 3844540290, ack 3520534440, win 28960, options [mss 1460,sackOK,TS val 564810385 ecr 564789919,nop,wscale 7], length 0
    09:29:57.824946 IP 172.17.1.16.8774 > 172.17.1.10.37254: Flags [S.], seq 3844540290, ack 3520534440, win 28960, options [mss 1460,sackOK,TS val 564810385 ecr 564789919,nop,wscale 7], length 0

    Change-Id: Ifbb40e2a2222c229fd71eca2c4c36daa448e492d
    Closes-Bug: #1788584

Fix proposed to branch: stable/queens
Review: https://review.openstack.org/595903

Reviewed: https://review.openstack.org/595903
Committed: https://git.openstack.org/cgit/openstack/tripleo-heat-templates/commit/?id=18710ec8d7b74f5d93f1ddc9b7c4cdd951ac0934
Submitter: Zuul
Branch: stable/queens

commit 18710ec8d7b74f5d93f1ddc9b7c4cdd951ac0934
Author: Michele Baldessari <email address hidden>
Date: Thu Aug 23 11:22:53 2018 +0200

    IHA Default the compute endpoint check script to internal

    Currently we instantiate a novaclient.client Client object without explicitely
    passing any endpoint_type in kwargs. The Client object defaults to using
    'publicURL': https://github.com/openstack/python-novaclient/blob/stable/queens/novaclient/client.py#L116

    In some environments the access to publicURL is not desired and likely the wrong default.
    So this needs to be a) configureable and b) default to internalURL when nothing is specified.

    We make this configurable by leveraging the os_interface key in the
    placement section of nova.conf as that is what specifies the endpoint
    type since ocata: https://docs.openstack.org/releasenotes/nova/ocata.html#other-notes

    We also check for the existance of the [placement]/valid_interface key
    and will use that instead if it is present as it is the proper
    recommended way to get this information as of queens (see
    https://review.openstack.org/#/c/492247/). Since it is a list
    of preferred endpoint URLs, we take the first one.

    Tested by making sure via tcpdump that the internal_url was being hit
    after restarting the nova_compute container with the patched code:
    (overcloud) [stack@undercloud-0 ~]$ openstack endpoint list |grep comput
    | 8ad225f34170467a84513c5b447662dc | regionOne | nova | compute | True | admin | http://172.17.1.16:8774/v2.1 |
    | 9a15e824601f43629b03ec99589c3d83 | regionOne | nova | compute | True | internal | http://172.17.1.16:8774/v2.1 |
    | c5b964700daf4abfac5060432debdbe3 | regionOne | nova | compute | True | public | https://10.0.0.101:13774/v2.1 |

    [root@compute-0 ~]# tcpdump -i any -nn host 172.17.1.16 and port 8774
    09:29:57.824687 IP 172.17.1.10.37254 > 172.17.1.16.8774: Flags [S], seq 3520534439, win 29200, options [mss 1460,sackOK,TS val 564789919 ecr 0,nop,wscale 7], length 0
    09:29:57.824946 ethertype IPv4, IP 172.17.1.16.8774 > 172.17.1.10.37254: Flags [S.], seq 3844540290, ack 3520534440, win 28960, options [mss 1460,sackOK,TS val 564810385 ecr 564789919,nop,wscale 7], length 0
    09:29:57.824946 IP 172.17.1.16.8774 > 172.17.1.10.37254: Flags [S.], seq 3844540290, ack 3520534440, win 28960, options [mss 1460,sackOK,TS val 564810385 ecr 564789919,nop,wscale 7], length 0

    Change-Id: Ifbb40e2a2222c229fd71eca2c4c36daa448e492d
    Closes-Bug: #1788584
    (cherry picked from commit 1bdefbe59d6f933773cbc366c57c5887ebf18833)

This issue was fixed in the openstack/tripleo-heat-templates 9.0.0.0rc1 release candidate.

This issue was fixed in the openstack/tripleo-heat-templates 8.0.6 release.