Hi,
I am curious about current state of fed-cloud09.
I wanted to use ansible module os_server to spin up new VM in Fedora
Cloud, but I got error that ansible cannot connect to:
http://fedorainfracloud.org:8696/v2.0/networks
That was strange as 8696 should be an internal port for neutron. HAProxy
should listen on default port 9696, handle the ssl stuff, and then
forward it to localhost:8696 which should not be propagated to outside
networks.
(And indeed curl of
https://fedorainfracloud.org:9696/ works).
When I query endpoints I get:
# openstack catalog list
....
| neutron | network | RegionOne
|
| | | publicURL:
http://fedorainfracloud.org:8696/
|
| | | internalURL:
http://fedorainfracloud.org:8696/ |
| | | adminURL:
http://fedorainfracloud.org:8696/
This is strange, because in our
playbooks/hosts/fed-cloud09.cloud.fedoraproject.org.yml playbook we have:
- shell: source /root/keystonerc_admin && keystone service-list | grep
'neutron' | awk '{print $2}'
check_mode: no
changed_when: false
register: SERVICE_ID
- shell: source /root/keystonerc_admin && keystone endpoint-list |
grep {{SERVICE_ID.stdout}} | awk '{print $2}'
check_mode: no
changed_when: false
register: ENDPOINT_ID
- shell: source /root/keystonerc_admin && keystone endpoint-list |grep
{{SERVICE_ID.stdout}} |grep -v {{ controller_publicname }} && (keystone
endpoint-delete {{ENDPOINT_ID.stdout}} && keystone endpoint-create
--region 'RegionOne' --service {{SERVICE_ID.stdout}} --publicurl
'https://{{ controller_publicname }}:9696/' --adminurl 'https://{{
controller_publicname }}:9696/' --internalurl 'https://{{
controller_publicname }}:9696/' ) || true
Which should set publicURL to 9696. It seems that this is set for some
time (but was not for sure in past). I before I run the fed-cloud09
playbook (which itself can break a lot of stuff if some stuff was done
manually and not put in playbook) and change the public port to 9696
back (and generaly to ssl version for all services), whether there is
some reason I should not touch it?
Mirek