Dear colleagues,

I have the following configuration of endpoints:

$ openstack endpoint list --service identity
+----------------------------------+-----------+--------------+--------------+---------+-----------+--------------------------------+
| ID                               | Region    | Service Name | Service Type | Enabled | Interface | URL                            |
+----------------------------------+-----------+--------------+--------------+---------+-----------+--------------------------------+
| 68a4eabc27474beeb6f08d986cca3263 | RegionOne | keystone     | identity     | True    | public    | http://controller-ext:5000/v3/ | | 6fab7abe61e84463a05b4e58d8f7bb60 | RegionOne | keystone     | identity     | True    | internal  | http://controller:5000/v3/     | | eb378df5949046a49661dad3c887677f | RegionOne | keystone     | identity     | True    | admin     | http://controller:5000/v3/     |
+----------------------------------+-----------+--------------+--------------+---------+-----------+--------------------------------+

and want to explicitly use public endpoint (calling controller-ext, NOT controller) when doing API calls. Example of code:

from keystoneauth1.identity import v3
from keystoneauth1 import session as authsession
from keystoneclient.v3 import client as identity

os_domain = 'default'
auth_url = 'http://controller-ext:5000/v3'
os_username = 'admin'
os_password = 'adminpass'
project_name = 'admin'

password = v3.Password(auth_url=auth_url,
                       username=os_username,
                       password=os_password,
                       
user_domain_name=os_domain,project_name=project_name,project_domain_name=os_domain)auth
 = authsession.Session(auth=password)
ks = identity.Client(session = auth)

for ep in ks.endpoints.list():
pass


returns an error since it tries to call 'controller' (which is internal address and isn't resolvable):

keystoneauth1.exceptions.connection.ConnectFailure: Unable to establish connection to http://controller:5000/v3/endpoints?endpoint_filter=service_type&endpoint_filter=interface: HTTPConnectionPool(host='controller', port=5000): Max retries exceeded with url: /v3/endpoints?endpoint_filter=service_type&endpoint_filter=interface (Caused by NewConnectionError('<urllib3.connection.HTTPConnection object at 0x1063f1940>: Failed to establish a new connection: [Errno 8] nodename nor servname provided, or not known',))

The question is: are there ways to implicitly point to 'public' (and whatever else) endpoint when working with identity service?

Thank you.

--
Volodymyr Litovka
  "Vision without Execution is Hallucination." -- Thomas Edison

_______________________________________________
Mailing list: http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
Post to     : openstack@lists.openstack.org
Unsubscribe : http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack

Reply via email to