From 9b82c0f557cd77fc54f8d07eab849eb3d91118d8 Mon Sep 17 00:00:00 2001 From: Bharat Kunwar Date: Sun, 28 Jun 2020 12:13:07 +0100 Subject: [PATCH] Use public interface for Magnum client and trustee Keystone interface While all other clients should use internalURL, the Magnum client itself and Keystone interface for trustee credentials should be publicly accessible (upstream default when no config is specified) since instances need to be able to reach them. Closes-Bug: #1885420 Change-Id: I74359cec7147a80db24eb4aa4156c35d31a026bf (cherry picked from commit 78bb5942649507f4340e562ce8fa2a766ca2bc4e) --- ansible/roles/magnum/templates/magnum.conf.j2 | 3 ++- ...clients-in-magnum-use-internalURL-af3ad82af71a88c6.yaml | 7 +++---- 2 files changed, 5 insertions(+), 5 deletions(-) diff --git a/ansible/roles/magnum/templates/magnum.conf.j2 b/ansible/roles/magnum/templates/magnum.conf.j2 index a7d948937e..2ed2b2cd5f 100644 --- a/ansible/roles/magnum/templates/magnum.conf.j2 +++ b/ansible/roles/magnum/templates/magnum.conf.j2 @@ -25,7 +25,7 @@ default_docker_volume_type = {{ default_docker_volume_type }} [magnum_client] region_name = {{ openstack_region_name }} -endpoint_type = internalURL +endpoint_type = publicURL [heat_client] region_name = {{ openstack_region_name }} @@ -84,6 +84,7 @@ trustee_domain_admin_password = {{ magnum_keystone_password }} trustee_domain_admin_name = {{ magnum_trustee_domain_admin }} trustee_domain_name = {{ magnum_trustee_domain }} trustee_keystone_region_name = {{ openstack_region_name }} +trustee_keystone_interface = public cluster_user_trust = {{ enable_cluster_user_trust }} [oslo_concurrency] diff --git a/releasenotes/notes/clients-in-magnum-use-internalURL-af3ad82af71a88c6.yaml b/releasenotes/notes/clients-in-magnum-use-internalURL-af3ad82af71a88c6.yaml index 0cfbd32ecf..eb5293a37c 100644 --- a/releasenotes/notes/clients-in-magnum-use-internalURL-af3ad82af71a88c6.yaml +++ b/releasenotes/notes/clients-in-magnum-use-internalURL-af3ad82af71a88c6.yaml @@ -1,7 +1,6 @@ --- fixes: - | - In line with clients for other services used by Magnum, it now uses - endpoint_type = internalURL also for Magnum itself, Cinder and Octavia - clients. In the same tune, these services also use the globally defined - `openstack_region_name`. + In line with clients for other services used by Magnum, Cinder and Octavia + also use endpoint_type = internalURL. In the same tune, these services also + use the globally defined `openstack_region_name`.