[Openstack-security] [Bug 1567694] Re: nova's neutron client auth_uri uses admin
Morgan Fainberg
morgan.fainberg at gmail.com
Mon Apr 18 17:35:29 UTC 2016
In keystone V3 (please keep sticking with v3!) the routes are the same
between admin and public (the distinction was a v2-specific construct in
keystone). It should be 100% safe to use either endpoint under v3.
For v2, I am unsure if this is working with something specific in the
eksytone crud API vs strictly auth.
--
You received this bug notification because you are a member of OpenStack
Security, which is subscribed to OpenStack.
https://bugs.launchpad.net/bugs/1567694
Title:
nova's neutron client auth_uri uses admin
Status in OpenStack Compute (nova):
New
Bug description:
looking at default config from various projects, including nova's own
CI
/etc/nova/nova.conf:
[neutron]
auth_url = http://localhost/35357/v3
however when compared to other projects, they use the non-admin
keystone port (5000) and the auth version(v3) for auth.
It is confusing if this is necessary because the client needs access
to the keystone admin api's or if we are simply just holding over some
old config lore.
Can we document what the actual requirement for this url is?
is is only for auth?
does it really need the keystone admin port?
To manage notifications about this bug go to:
https://bugs.launchpad.net/nova/+bug/1567694/+subscriptions
More information about the Openstack-security
mailing list