From 8120c2df17935381a243831f5e4675822d3c9b43 Mon Sep 17 00:00:00 2001
From: Takashi Kajinami <tkajinam@redhat.com>
Date: Mon, 27 Jul 2020 08:40:48 +0900
Subject: [PATCH] Unset keystone::public_endpoint

When public_endpoint parameter is set, keystone composes request urls
from that parameter. However this can cause incorrect url detection
especially for requests coming from admin endpoint, because we use
different urls for each endpoints (admin/internal/public) in TripleO
deployment.

This patch unsets that public_endpoint parameter and makes keystone
detect request urls by headers passed from haproxy.

Closes-bug: #1889017
Depends-on: https://review.opendev.org/#/c/742412/
Change-Id: Ib5f017e95f961c04da3201d75ed17424e168b270
(cherry picked from commit ac50d6483da28748877ce2f1ac2d42ec4cc04b8b)
(cherry picked from commit 09f524e7094d2ed976cf1cfb4236acf081b80081)
---
 deployment/keystone/keystone-container-puppet.yaml | 1 -
 1 file changed, 1 deletion(-)

diff --git a/deployment/keystone/keystone-container-puppet.yaml b/deployment/keystone/keystone-container-puppet.yaml
index 9ed3c0e660..ab32e6cd23 100644
--- a/deployment/keystone/keystone-container-puppet.yaml
+++ b/deployment/keystone/keystone-container-puppet.yaml
@@ -460,7 +460,6 @@ outputs:
                   - 5000
                   - 13000
                   - {get_param: [EndpointMap, KeystoneAdmin, port]}
-            keystone::public_endpoint: {get_param: [EndpointMap, KeystonePublic, uri_no_suffix]}
             # NOTE: bind IP is found in hiera replacing the network name with the
             # local node IP for the given network; replacement examples
             # (eg. for internal_api):