Ask Your Question

More than one proxy keystone endpoints

asked 2014-01-21 18:13:23 -0500

garrett-s-page gravatar image

We're doing some POC activities around a swift cluster before we build it out. I've built a small openstack cluster with keystone on one node, and the swift proxy and storage on another node. I'm trying to add a new proxy to test SSL and S3 compatibility.

I've followed the instructions for adding a new proxy server, and if I use tempauth I can get it to work and I can see my containers and objects using swift -A <new proxy="" url=""> list. If I use cyberduck I can view my objects and containers if I use the keystone authentication URL.

My question is how do I make keystone aware of the new proxy? I would think I'd need to add a new endpoint for the new proxy in keystone, but I haven't seen any instructions that you need to do that. If I use keystone auth on the new proxy and attempt to access it via swift -A <new proxy="" url=""> -u tenant:user -K password list I get a 401 unauthorized error. So I'm not sure what I'm doing wrong.

edit retag flag offensive close merge delete

2 answers

Sort by ยป oldest newest most voted

answered 2014-05-08 06:16:16 -0500

blazesurfer gravatar image

updated 2014-05-08 06:19:11 -0500

So you can setup HAProxy(loadbalancer) and set your endpoint in keystone database to point to the Virtual IP possibly. i belive that might be an option (im rather green at this my self)

there is an entire section dedicated to HA in general in the documentation. is what i've been reading over

I'm currently looking at options to setup HA for keystone and proxy server.

hope that helps you out.

some one else might be able to correct this.. maybe you could use DNS roud-robin.. ie set proxy.yourdomain.blah and have a cname for both proxy-servers setup.. then use your keystone endpoint pointing to proxy.yourdomain.blah... i could be way off there but yer food for thought.

edit flag offensive delete link more

answered 2014-01-28 14:21:37 -0500

esedmehmet gravatar image


You can use swift -V 2 -A http://KEYSTONE_IP:5000/v2.0 -U admin:admin -K ADMIN stat

example URL :

edit flag offensive delete link more

Get to know Ask OpenStack

Resources for moderators

Question Tools

1 follower


Asked: 2014-01-21 18:13:23 -0500

Seen: 673 times

Last updated: May 08 '14