
<html>

  <head>

    <meta http-equiv="Content-Type" content="text/html; charset=utf-8">

  </head>

  <body text="#000000" bgcolor="#FFFFFF">

    Sorry, found the way immediately:<br>

    <br>

    <pre style="background-color:#ffffff;color:#000000;font-family:'Menlo';font-size:9.0pt;">ks = identity.Client(<span style="color:#660099;">session </span>= auth, <span style="color:#660099;">interface</span>=<span style="color:#008080;font-weight:bold;">'public'</span>)</pre>

    <br>

    <br>

    <div class="moz-cite-prefix">On 11/5/18 6:12 PM, Volodymyr Litovka

      wrote:<br>

    </div>

    <blockquote type="cite"

      cite="mid:af9a9c52-b4ec-af4d-cdc7-e45e17282992@gmx.com">

      <meta http-equiv="content-type" content="text/html; charset=utf-8">

      Dear colleagues,<br>

      <br>

      I have the following configuration of endpoints:<br>

      <br>

      <tt>$ openstack endpoint list --service identity<br>

+----------------------------------+-----------+--------------+--------------+---------+-----------+--------------------------------+<br>

        | ID                               | Region    | Service Name |

        Service Type | Enabled | Interface |

        URL                            |<br>

+----------------------------------+-----------+--------------+--------------+---------+-----------+--------------------------------+<br>

        | 68a4eabc27474beeb6f08d986cca3263 | RegionOne | keystone     |

        identity     | True    | public    | <a

          class="moz-txt-link-freetext"

          href="http://controller-ext:5000/v3/" moz-do-not-send="true">http://controller-ext:5000/v3/</a>

        |<br>

        | 6fab7abe61e84463a05b4e58d8f7bb60 | RegionOne | keystone     |

        identity     | True    | internal  | <a

          class="moz-txt-link-freetext"

          href="http://controller:5000/v3/" moz-do-not-send="true">http://controller:5000/v3/</a>    

        |<br>

        | eb378df5949046a49661dad3c887677f | RegionOne | keystone     |

        identity     | True    | admin     | <a

          class="moz-txt-link-freetext"

          href="http://controller:5000/v3/" moz-do-not-send="true">http://controller:5000/v3/</a>    

        |<br>

+----------------------------------+-----------+--------------+--------------+---------+-----------+--------------------------------+</tt><br>

      <br>

      and want to explicitly use public endpoint (calling

      controller-ext, NOT controller) when doing API calls. Example of

      code:<br>

      <br>

      <pre style="background-color: rgb(255, 255, 255); font-family: "Menlo"; font-size: 9pt;">from keystoneauth1.identity import v3

from keystoneauth1 import session as authsession

from keystoneclient.v3 import client as identity


os_domain = 'default'

auth_url = '<a class="moz-txt-link-freetext" href="http://controller-ext:5000/v3" moz-do-not-send="true">http://controller-ext:5000/v3</a>'

os_username = 'admin'

os_password = 'adminpass'

project_name = 'admin'


password = v3.Password(auth_url=auth_url,

                       username=os_username,

                       password=os_password,

                       user_domain_name=os_domain,<span style="font-style: italic;">

</span><span style="font-style: italic;">                       </span>project_name=project_name,<span style="font-style: italic;">

</span><span style="font-style: italic;">                       </span>project_domain_name=os_domain)<span style="font-style: italic;">

</span><span style="font-style: italic;">

</span>auth = authsession.Session(auth=password)

ks = identity.Client(session = auth)


for ep in ks.endpoints.list():

<span style="font-style: italic;">    </span>pass

</pre>

      <br>

      returns an error since it tries to call 'controller' (which is

      internal address and isn't resolvable):<br>

      <br>

      <tt>keystoneauth1.exceptions.connection.ConnectFailure: Unable to

        establish connection to

        <a class="moz-txt-link-freetext"

href="http://controller:5000/v3/endpoints?endpoint_filter=service_type&endpoint_filter=interface"

          moz-do-not-send="true">http://controller:5000/v3/endpoints?endpoint_filter=service_type&endpoint_filter=interface</a>:

        HTTPConnectionPool(host='controller', port=5000): Max retries

        exceeded with url:

        /v3/endpoints?endpoint_filter=service_type&endpoint_filter=interface

        (Caused by

        NewConnectionError('<urllib3.connection.HTTPConnection object

        at 0x1063f1940>: Failed to establish a new connection: [Errno

        8] nodename nor servname provided, or not known',))</tt><br>

      <br>

      The question is: are there ways to implicitly point to 'public'

      (and whatever else) endpoint when working with identity service?<br>

      <br>

      Thank you.<br>

      <br>

      <pre class="moz-signature" cols="72">-- 

Volodymyr Litovka

  "Vision without Execution is Hallucination." -- Thomas Edison</pre>

    </blockquote>

    <br>

    <pre class="moz-signature" cols="72">-- 

Volodymyr Litovka

  "Vision without Execution is Hallucination." -- Thomas Edison</pre>

  </body>

</html>