Ask Your Question
0

How do I expose Keystone to the public network?

asked 2015-10-06 19:25:24 -0500

Arador gravatar image

I have a mixed Private Cloud network consisting of Mirantis Openstack Kilo and VMWare 5.5 hosts.

I would like to test VMTurbo in these environment. I have it installed as a VM inside of VMWare and it is able to connect to the VCenter's without issue. The problem is when I try to connect it to Openstack. VMTurbo requires a connection be available for Keystone and since Keystone is connected only to the Private Management network, it is impossible for me to bring it into VMTurbo.

How do I expose the Keystone IP to the Public network so that I can connect VMTurbo? If this isn't possible, does anyone have a suggestion on how I can set things up so that I can administer both the Openstack and VMWare environments?

edit retag flag offensive close merge delete
add a comment

2 answers

Sort by ยป oldest newest most voted
0

answered 2015-10-10 18:01:07 -0500

germs gravatar image

Any chance you have a F5 or something of the like out in front? You could potentially configure a VIP there and NAT traffic from the vip to the private management network allowing you to expose Keystone to the public. (I would think you'll need to modify the publicURL for keystone as well to reflect the new IP once this is in place)

edit flag offensive delete link more
add a comment
0

answered 2015-10-13 16:51:10 -0500

Arador gravatar image

Yeah, I had thought of NAT, it wouldn't be an "elegant" solution though. It may be what I end up doing in the end as I am not seeing any other way to do it unless the companies that put out monitoring software drop their insistence on direct access to keystone instead of going through the API's like Horizon does.

Thank you.

edit flag offensive delete link more
add a comment

Your Answer

Please start posting anonymously - your entry will be published after you log in or create a new account.

Add Answer

Get to know Ask OpenStack

Resources for moderators

Question Tools

2 followers

subscribe to rss feed

Stats

Asked: 2015-10-06 19:25:24 -0500

Seen: 85 times

Last updated: Oct 13 '15

Related questions

cinder vmware

Nova-scheduler always uses default filters

Interface name too long in esxi [closed]

KVM VMs not seeing all allocated CPUs on boot

Implement solver-scheduler in nova

how do I modify esx vms using openstack api's?

openstack image-delete can not delete image

nova-compute stops running & throws ImportError: No module named vmwareapi

Keystone Connection failure ERROR: cliff.app Internal Server Error (HTTP 500)

issue after kilo1 kilo2 update -- unable to launch instances