From 926bc175be89885e646f8632ac51029f30f3f6cb Mon Sep 17 00:00:00 2001 From: Tobias Urdin Date: Mon, 7 Jan 2019 16:23:09 +0100 Subject: [PATCH] Remove port 35357 This removes port 35357 for Keystone as will be done in [1] and changes all references to that port. I can't see that packstack will need to keep the support for both ports as done in TripleO recently [2]. [1] https://review.openstack.org/#/c/619257/ [2] https://review.openstack.org/#/c/627793/ Change-Id: I4b6dcd396e1e5e666e7429929240bca7aadbc3bb --- packstack/plugins/keystone_100.py | 4 ++-- .../puppet/modules/packstack/manifests/apache.pp | 2 -- .../puppet/modules/packstack/manifests/magnum.pp | 2 +- run_tests.sh | 14 -------------- 4 files changed, 3 insertions(+), 19 deletions(-) diff --git a/packstack/plugins/keystone_100.py b/packstack/plugins/keystone_100.py index 2f5cf86eb..b0df9e6d5 100644 --- a/packstack/plugins/keystone_100.py +++ b/packstack/plugins/keystone_100.py @@ -776,7 +776,7 @@ def create_manifest(config, messages): config['CONFIG_KEYSTONE_PUBLIC_URL_VERSIONLESS'] = "http://%s:5000/" % ( config['CONFIG_KEYSTONE_HOST_URL'] ) - config['CONFIG_KEYSTONE_ADMIN_URL'] = "http://%s:35357" % ( + config['CONFIG_KEYSTONE_ADMIN_URL'] = "http://%s:5000" % ( config['CONFIG_KEYSTONE_HOST_URL'] ) @@ -786,6 +786,6 @@ def create_manifest(config, messages): fw_details[key]['host'] = "ALL" fw_details[key]['service_name'] = "keystone" fw_details[key]['chain'] = "INPUT" - fw_details[key]['ports'] = ['5000', '35357'] + fw_details[key]['ports'] = ['5000'] fw_details[key]['proto'] = "tcp" config['FIREWALL_KEYSTONE_RULES'] = fw_details diff --git a/packstack/puppet/modules/packstack/manifests/apache.pp b/packstack/puppet/modules/packstack/manifests/apache.pp index 5b21126aa..6013d8bab 100644 --- a/packstack/puppet/modules/packstack/manifests/apache.pp +++ b/packstack/puppet/modules/packstack/manifests/apache.pp @@ -25,8 +25,6 @@ class packstack::apache () # Keystone port apache::listen { '5000': } - # Keystone admin port - apache::listen { '35357': } if hiera('CONFIG_CEILOMETER_INSTALL') == 'y' { if hiera('CONFIG_CEILOMETER_SERVICE_NAME') == 'httpd' { diff --git a/packstack/puppet/modules/packstack/manifests/magnum.pp b/packstack/puppet/modules/packstack/manifests/magnum.pp index 1ad2ab3c3..8eec82806 100644 --- a/packstack/puppet/modules/packstack/manifests/magnum.pp +++ b/packstack/puppet/modules/packstack/manifests/magnum.pp @@ -14,7 +14,7 @@ class packstack::magnum () $magnum_url = "${magnum_protocol}://${magnum_host}:$magnum_port/v1" class { '::magnum::keystone::authtoken': www_authenticate_uri => "${magnum_protocol}://${magnum_host}:5000/v3", - auth_url => "${magnum_protocol}://${magnum_host}:35357", + auth_url => "${magnum_protocol}://${magnum_host}:5000", auth_version => 'v3', username => 'magnum', password => hiera('CONFIG_MAGNUM_KS_PW'), diff --git a/run_tests.sh b/run_tests.sh index c95d8a0f0..f43ecdc21 100755 --- a/run_tests.sh +++ b/run_tests.sh @@ -117,20 +117,6 @@ if [ $(id -u) != 0 ]; then $SUDO service sshd restart fi -# Sometimes keystone admin port is used as ephemeral port for other connections and gate jobs fail with httpd error 'Address already in use'. -# We reserve port 35357 at the beginning of the job execution to mitigate this issue as much as possible. -# Similar hack is done in devstack https://github.com/openstack-dev/devstack/blob/master/tools/fixup_stuff.sh#L53-L68 - -# Get any currently reserved ports, strip off leading whitespace -keystone_port=35357 -reserved_ports=$(sysctl net.ipv4.ip_local_reserved_ports | awk -F'=' '{print $2;}' | sed 's/^ //') - -if [[ -z "${reserved_ports}" ]]; then - $SUDO sysctl -w net.ipv4.ip_local_reserved_ports=${keystone_port} -else - $SUDO sysctl -w net.ipv4.ip_local_reserved_ports=${keystone_port},${reserved_ports} -fi - # Make swap configuration consistent # TODO: REMOVE ME # https://review.openstack.org/#/c/300122/