How to make all OpenStack endpoints available on same port number for clients ?
Issue
- In a normal OpenStack deployment, endpoints are running on different ports. e.g.:
https://cloud.example.de:8778
https://cloud.example.de:9696
https://cloud.example.de:8776/v2/%(project_id)s
https://cloud.example.de:8774/v2.1
https://cloud.example.de:5000/v3/
https://cloud.example.de:9292
https://cloud.example.de:8776/v3/%(project_id)s
-
These endpoints point to an haproxy.
-
For some of the customers it is not possible to access those ports because the customers are behind a cooperate firewall and outgoing traffic is restricted to ports 80 and 443.
-
Therefore need to find a way to make the endpoints available on same ports, restricted to 80 or 443 e.g.:
https://placement.cloud.example.de:443
https://neutron.cloud.example.de:443
https://cinderv2.cloud.example.de:443/v2/%(project_id)s
https://nova.cloud.example.de:443/v2.1
https://keystone.cloud.example.de:443/v3/
https://glance.cloud.example.de:443
https://cinderv3.cloud.example.de:443/v3/%(project_id)s
- These endpoints are pointing to the haproxy and requests are forwarded to the OpenStack services running on default ports. For example:
https://keystone.cloud.example.de:443/v3/ -> http://172.X.X.X:5000/v3/
Environment
- Red Hat OpenStack Platform
- Haproxy
Subscriber exclusive content
A Red Hat subscription provides unlimited access to our knowledgebase of over 48,000 articles and solutions.
Welcome! Check out the Getting Started with Red Hat page for quick tours and guides for common tasks.
