How to make all OpenStack endpoints available on same port number for clients ?

Updated 2018-08-27T12:15:18+00:00

Issue

  • In a normal OpenStack deployment, endpoints are running on different ports. e.g.:
https://cloud.example.de:8778
https://cloud.example.de:9696
https://cloud.example.de:8776/v2/%(project_id)s
https://cloud.example.de:8774/v2.1
https://cloud.example.de:5000/v3/
https://cloud.example.de:9292
https://cloud.example.de:8776/v3/%(project_id)s
  • These endpoints point to an haproxy.

  • For some of the customers it is not possible to access those ports because the customers are behind a cooperate firewall and outgoing traffic is restricted to ports 80 and 443.

  • Therefore need to find a way to make the endpoints available on same ports, restricted to 80 or 443 e.g.:

https://placement.cloud.example.de:443
https://neutron.cloud.example.de:443
https://cinderv2.cloud.example.de:443/v2/%(project_id)s
https://nova.cloud.example.de:443/v2.1
https://keystone.cloud.example.de:443/v3/
https://glance.cloud.example.de:443
https://cinderv3.cloud.example.de:443/v3/%(project_id)s
  • These endpoints are pointing to the haproxy and requests are forwarded to the OpenStack services running on default ports. For example:
https://keystone.cloud.example.de:443/v3/ -> http://172.X.X.X:5000/v3/

Environment

  • Red Hat OpenStack Platform
  • Haproxy

Subscriber content preview. For full access to the Red Hat Knowledgebase, please log in.

Not a subscriber? Learn more about the benefits of Red Hat Subscriptions.

Close

Welcome! Check out the Getting Started with Red Hat page for quick tours and guides for common tasks.