Ask Your Question

Revision history [back]

click to hide/show revision 1
initial version

"public" users leveraging OpenStack clients such as python-novaclient, python-neutronclient, python-cinderclient, etc., will need access to the 'publicURL' endpoint of the respective service, as well as public access to the Keystone service on port 5000. So the publicURL endpoint should be on a public network in that case. InternalURL and AdminURL for each service can remain on internal IP space in most, if not all, cases. Keystone is the only service I can think of offhand that leverages the AdminURL for certain commands, but those are really administrative commands and not necessarily ones you'd want accessible publicly.