How to enable OIDC behind HAProxy in Kolla deployment [closed]

asked 2018-11-13 06:46:08 -0600

bjoernh gravatar image

Dear all,

we are using kolla-ansible to deploy OpenStack. At the same time, we have the requirement to integrate with a federation using OIDC. We followed the official OpenStack documentation, but are now stuck at the point where Horizon tries to redirect the client browser to the internal HAProxy endpoint (192.168.x.y), which is not available outside of our cluster. How can we influence the host part of the URL to contain the public facing endpoint?

Best regards, Björn

edit retag flag offensive reopen merge delete

Closed for the following reason question is off-topic or not relevant by bjoernh
close date 2019-09-17 08:09:06.568386

Comments

For future visitors, I ran in to this problem as well, and the solution was to set WEBSSO_KEYSTONE_URL to point to the public endpoint of Keystone. By default Kolla sets OPENSTACK_KEYSTONE_URL to be an internal endpoint.

jasonandersonatuchicago gravatar imagejasonandersonatuchicago ( 2019-10-21 16:25:06 -0600 )edit