Remove port 35357
This removes port 35357 for Keystone as will be done in [1] and changes all references to that port. I can't see that packstack will need to keep the support for both ports as done in TripleO recently [2]. [1] https://review.openstack.org/#/c/619257/ [2] https://review.openstack.org/#/c/627793/ Change-Id: I4b6dcd396e1e5e666e7429929240bca7aadbc3bb
This commit is contained in:
parent
eaf3c70182
commit
926bc175be
|
@ -776,7 +776,7 @@ def create_manifest(config, messages):
|
|||
config['CONFIG_KEYSTONE_PUBLIC_URL_VERSIONLESS'] = "http://%s:5000/" % (
|
||||
config['CONFIG_KEYSTONE_HOST_URL']
|
||||
)
|
||||
config['CONFIG_KEYSTONE_ADMIN_URL'] = "http://%s:35357" % (
|
||||
config['CONFIG_KEYSTONE_ADMIN_URL'] = "http://%s:5000" % (
|
||||
config['CONFIG_KEYSTONE_HOST_URL']
|
||||
)
|
||||
|
||||
|
@ -786,6 +786,6 @@ def create_manifest(config, messages):
|
|||
fw_details[key]['host'] = "ALL"
|
||||
fw_details[key]['service_name'] = "keystone"
|
||||
fw_details[key]['chain'] = "INPUT"
|
||||
fw_details[key]['ports'] = ['5000', '35357']
|
||||
fw_details[key]['ports'] = ['5000']
|
||||
fw_details[key]['proto'] = "tcp"
|
||||
config['FIREWALL_KEYSTONE_RULES'] = fw_details
|
||||
|
|
|
@ -25,8 +25,6 @@ class packstack::apache ()
|
|||
|
||||
# Keystone port
|
||||
apache::listen { '5000': }
|
||||
# Keystone admin port
|
||||
apache::listen { '35357': }
|
||||
|
||||
if hiera('CONFIG_CEILOMETER_INSTALL') == 'y' {
|
||||
if hiera('CONFIG_CEILOMETER_SERVICE_NAME') == 'httpd' {
|
||||
|
|
|
@ -14,7 +14,7 @@ class packstack::magnum ()
|
|||
$magnum_url = "${magnum_protocol}://${magnum_host}:$magnum_port/v1"
|
||||
class { '::magnum::keystone::authtoken':
|
||||
www_authenticate_uri => "${magnum_protocol}://${magnum_host}:5000/v3",
|
||||
auth_url => "${magnum_protocol}://${magnum_host}:35357",
|
||||
auth_url => "${magnum_protocol}://${magnum_host}:5000",
|
||||
auth_version => 'v3',
|
||||
username => 'magnum',
|
||||
password => hiera('CONFIG_MAGNUM_KS_PW'),
|
||||
|
|
14
run_tests.sh
14
run_tests.sh
|
@ -117,20 +117,6 @@ if [ $(id -u) != 0 ]; then
|
|||
$SUDO service sshd restart
|
||||
fi
|
||||
|
||||
# Sometimes keystone admin port is used as ephemeral port for other connections and gate jobs fail with httpd error 'Address already in use'.
|
||||
# We reserve port 35357 at the beginning of the job execution to mitigate this issue as much as possible.
|
||||
# Similar hack is done in devstack https://github.com/openstack-dev/devstack/blob/master/tools/fixup_stuff.sh#L53-L68
|
||||
|
||||
# Get any currently reserved ports, strip off leading whitespace
|
||||
keystone_port=35357
|
||||
reserved_ports=$(sysctl net.ipv4.ip_local_reserved_ports | awk -F'=' '{print $2;}' | sed 's/^ //')
|
||||
|
||||
if [[ -z "${reserved_ports}" ]]; then
|
||||
$SUDO sysctl -w net.ipv4.ip_local_reserved_ports=${keystone_port}
|
||||
else
|
||||
$SUDO sysctl -w net.ipv4.ip_local_reserved_ports=${keystone_port},${reserved_ports}
|
||||
fi
|
||||
|
||||
# Make swap configuration consistent
|
||||
# TODO: REMOVE ME
|
||||
# https://review.openstack.org/#/c/300122/
|
||||
|
|
Loading…
Reference in New Issue