Unset keystone::public_endpoint

When public_endpoint parameter is set, keystone composes request urls from that parameter. However this can cause incorrect url detection especially for requests coming from admin endpoint, because we use different urls for each endpoints (admin/internal/public) in TripleO deployment. This patch unsets that public_endpoint parameter and makes keystone detect request urls by headers passed from haproxy. Closes-bug: #1889017 Depends-on: https://review.opendev.org/#/c/742349/ Change-Id: Ib5f017e95f961c04da3201d75ed17424e168b270
2020-07-27 08:40:48 +09:00 · 2020-07-27 08:40:48 +09:00 · ac50d6483d
parent 5b0d1434e9
commit ac50d6483d
1 changed files with 0 additions and 1 deletions
--- a/deployment/keystone/keystone-container-puppet.yaml
+++ b/deployment/keystone/keystone-container-puppet.yaml
@ -471,7 +471,6 @@ outputs:
            keystone::wsgi::apache::threads: 1
            keystone::db::database_db_max_retries: -1
            keystone::db::database_max_retries: -1
-            keystone::public_endpoint: {get_param: [EndpointMap, KeystonePublic, uri_no_suffix]}
            # NOTE: bind IP is found in hiera replacing the network name with the
            # local node IP for the given network; replacement examples
            # (eg. for internal_api):