Ask Your Question

why does keystone have admin port while other services dont

asked 2014-09-18 02:54:01 -0500

kevin gravatar image

updated 2014-09-18 03:57:14 -0500

while creating keystone endpoints i noticed that for keystone there is admin port 35357 while for all other services there is only one port.Why only kestone has two ports one for admin and other for generic. What is the significance of this port 35357 and why not separate admin ports for other services.

edit retag flag offensive close merge delete

1 answer

Sort by ยป oldest newest most voted

answered 2014-09-18 03:15:27 -0500

sushma-korati gravatar image

updated 2014-09-18 03:15:54 -0500

Keystone service has types of ports admin and public. And as the name says, the admin port is reuiqred when we do admin activities like creating a tenant, registering a user/service, creating endpoints etc. Where as the public port is used for authentication, getting tokens.

Generally the port 35357 is not open for all. Means if we need to do any admin activities, then we can do it only from a machine where keystone is running.

edit flag offensive delete link more



thanks,why only keystone has a separate admin port,admin url exist for all services but all listen on same port but keystone listens on 2 ports one for admin and other for non admin.

kevin gravatar imagekevin ( 2014-09-18 03:55:39 -0500 )edit

the admin port is generally not open for all the users, i.e, telnet to 35357 will not work from all the machines by default. Only datacenter people have access to it and they can add users and services. For restricting this access keystone has two types of ports.

sushma-korati gravatar imagesushma-korati ( 2014-09-18 04:09:21 -0500 )edit

Get to know Ask OpenStack

Resources for moderators

Question Tools

1 follower


Asked: 2014-09-18 02:54:01 -0500

Seen: 302 times

Last updated: Sep 18 '14