[heat] keystone endpoint configuration

Jonathan Rosser jonathan.rosser at rd.bbc.co.uk
Wed Feb 20 18:40:13 UTC 2019

In openstack-ansible we are trying to help a number of our end users 
with their heat deployments, some of them in conjunction with magnum.

There is some uncertainty with how the following heat.conf sections 
should be configured:

auth_uri = ...

www_authenticate_uri = ...

It does not appear to be possible to define a set of internal or 
external keystone endpoints in heat.conf which allow the following:

  * The orchestration panels being functional in horizon
  * Deployers isolating internal openstack from external networks
  * Deployers using self signed/company cert on the external endpoint
  * Magnum deployments completing
  * Heat delivering an external endpoint at [1]
  * Heat delivering an external endpoint at [2]

There are a number of related bugs:


Any help we could get from the heat team to try to understand the root 
cause of these issues would be really helpful.




More information about the openstack-discuss mailing list