How to make all OpenStack endpoints available on same port number for clients ?
Issue
- In a normal OpenStack deployment, endpoints are running on different ports. e.g.:
https://cloud.example.de:8778
https://cloud.example.de:9696
https://cloud.example.de:8776/v2/%(project_id)s
https://cloud.example.de:8774/v2.1
https://cloud.example.de:5000/v3/
https://cloud.example.de:9292
https://cloud.example.de:8776/v3/%(project_id)s
-
These endpoints point to an haproxy.
-
For some of the customers it is not possible to access those ports because the customers are behind a cooperate firewall and outgoing traffic is restricted to ports 80 and 443.
-
Therefore need to find a way to make the endpoints available on same ports, restricted to 80 or 443 e.g.:
https://placement.cloud.example.de:443
https://neutron.cloud.example.de:443
https://cinderv2.cloud.example.de:443/v2/%(project_id)s
https://nova.cloud.example.de:443/v2.1
https://keystone.cloud.example.de:443/v3/
https://glance.cloud.example.de:443
https://cinderv3.cloud.example.de:443/v3/%(project_id)s
- These endpoints are pointing to the haproxy and requests are forwarded to the OpenStack services running on default ports. For example:
https://keystone.cloud.example.de:443/v3/ -> http://172.X.X.X:5000/v3/
Environment
- Red Hat OpenStack Platform
- Haproxy
