[Openstack] Swift and Keystone behind NAT Firewall
Pete Zaitcev
zaitcev at redhat.com
Thu Jun 12 22:16:04 UTC 2014
On Thu, 12 Jun 2014 09:52:59 +0100
Diogo Vieira <dfv at eurotux.com> wrote:
> Ok, I guess that might work, but I have one problem with that approach.
> For a service I'm developing I have to know the public URL for an object
> in the store. For that I use Keystone to find the endpoint of Swift and
> I get the internal ip. Is there a way for me to set a public endpoint
> or get the correct ip (the one accessible publicly) of the service?
I don't think any Swift client supports the public/private split,
even if you have in Keystone catalog. You have to set the external
IP (or preferably hostname, actually) in the endpoint descriptor
in Keystone.
The practical way to make the split is to use a hostname, and then
have internal DNS point to internal IP and and external to public IP.
The meaning of the final question is somewhat foggy, because you
have a complete control of what endpoint in Keystone lists.
-- Pete
More information about the Openstack
mailing list