Remove port 35357
This removes port 35357 for Keystone as will be done in [1] and changes all references to that port. I can't see that packstack will need to keep the support for both ports as done in TripleO recently [2]. [1] https://review.openstack.org/#/c/619257/ [2] https://review.openstack.org/#/c/627793/ Change-Id: I4b6dcd396e1e5e666e7429929240bca7aadbc3bb
This commit is contained in:
parent
eaf3c70182
commit
926bc175be
|
@ -776,7 +776,7 @@ def create_manifest(config, messages):
|
||||||
config['CONFIG_KEYSTONE_PUBLIC_URL_VERSIONLESS'] = "http://%s:5000/" % (
|
config['CONFIG_KEYSTONE_PUBLIC_URL_VERSIONLESS'] = "http://%s:5000/" % (
|
||||||
config['CONFIG_KEYSTONE_HOST_URL']
|
config['CONFIG_KEYSTONE_HOST_URL']
|
||||||
)
|
)
|
||||||
config['CONFIG_KEYSTONE_ADMIN_URL'] = "http://%s:35357" % (
|
config['CONFIG_KEYSTONE_ADMIN_URL'] = "http://%s:5000" % (
|
||||||
config['CONFIG_KEYSTONE_HOST_URL']
|
config['CONFIG_KEYSTONE_HOST_URL']
|
||||||
)
|
)
|
||||||
|
|
||||||
|
@ -786,6 +786,6 @@ def create_manifest(config, messages):
|
||||||
fw_details[key]['host'] = "ALL"
|
fw_details[key]['host'] = "ALL"
|
||||||
fw_details[key]['service_name'] = "keystone"
|
fw_details[key]['service_name'] = "keystone"
|
||||||
fw_details[key]['chain'] = "INPUT"
|
fw_details[key]['chain'] = "INPUT"
|
||||||
fw_details[key]['ports'] = ['5000', '35357']
|
fw_details[key]['ports'] = ['5000']
|
||||||
fw_details[key]['proto'] = "tcp"
|
fw_details[key]['proto'] = "tcp"
|
||||||
config['FIREWALL_KEYSTONE_RULES'] = fw_details
|
config['FIREWALL_KEYSTONE_RULES'] = fw_details
|
||||||
|
|
|
@ -25,8 +25,6 @@ class packstack::apache ()
|
||||||
|
|
||||||
# Keystone port
|
# Keystone port
|
||||||
apache::listen { '5000': }
|
apache::listen { '5000': }
|
||||||
# Keystone admin port
|
|
||||||
apache::listen { '35357': }
|
|
||||||
|
|
||||||
if hiera('CONFIG_CEILOMETER_INSTALL') == 'y' {
|
if hiera('CONFIG_CEILOMETER_INSTALL') == 'y' {
|
||||||
if hiera('CONFIG_CEILOMETER_SERVICE_NAME') == 'httpd' {
|
if hiera('CONFIG_CEILOMETER_SERVICE_NAME') == 'httpd' {
|
||||||
|
|
|
@ -14,7 +14,7 @@ class packstack::magnum ()
|
||||||
$magnum_url = "${magnum_protocol}://${magnum_host}:$magnum_port/v1"
|
$magnum_url = "${magnum_protocol}://${magnum_host}:$magnum_port/v1"
|
||||||
class { '::magnum::keystone::authtoken':
|
class { '::magnum::keystone::authtoken':
|
||||||
www_authenticate_uri => "${magnum_protocol}://${magnum_host}:5000/v3",
|
www_authenticate_uri => "${magnum_protocol}://${magnum_host}:5000/v3",
|
||||||
auth_url => "${magnum_protocol}://${magnum_host}:35357",
|
auth_url => "${magnum_protocol}://${magnum_host}:5000",
|
||||||
auth_version => 'v3',
|
auth_version => 'v3',
|
||||||
username => 'magnum',
|
username => 'magnum',
|
||||||
password => hiera('CONFIG_MAGNUM_KS_PW'),
|
password => hiera('CONFIG_MAGNUM_KS_PW'),
|
||||||
|
|
14
run_tests.sh
14
run_tests.sh
|
@ -117,20 +117,6 @@ if [ $(id -u) != 0 ]; then
|
||||||
$SUDO service sshd restart
|
$SUDO service sshd restart
|
||||||
fi
|
fi
|
||||||
|
|
||||||
# Sometimes keystone admin port is used as ephemeral port for other connections and gate jobs fail with httpd error 'Address already in use'.
|
|
||||||
# We reserve port 35357 at the beginning of the job execution to mitigate this issue as much as possible.
|
|
||||||
# Similar hack is done in devstack https://github.com/openstack-dev/devstack/blob/master/tools/fixup_stuff.sh#L53-L68
|
|
||||||
|
|
||||||
# Get any currently reserved ports, strip off leading whitespace
|
|
||||||
keystone_port=35357
|
|
||||||
reserved_ports=$(sysctl net.ipv4.ip_local_reserved_ports | awk -F'=' '{print $2;}' | sed 's/^ //')
|
|
||||||
|
|
||||||
if [[ -z "${reserved_ports}" ]]; then
|
|
||||||
$SUDO sysctl -w net.ipv4.ip_local_reserved_ports=${keystone_port}
|
|
||||||
else
|
|
||||||
$SUDO sysctl -w net.ipv4.ip_local_reserved_ports=${keystone_port},${reserved_ports}
|
|
||||||
fi
|
|
||||||
|
|
||||||
# Make swap configuration consistent
|
# Make swap configuration consistent
|
||||||
# TODO: REMOVE ME
|
# TODO: REMOVE ME
|
||||||
# https://review.openstack.org/#/c/300122/
|
# https://review.openstack.org/#/c/300122/
|
||||||
|
|
Loading…
Reference in New Issue