Ask Your Question

Public endpoints

asked 2016-08-15 07:26:47 -0600

holo gravatar image

I have noob question. If im configuring public cloud, should all services be configured with public endpoints exposed to public network or is it enough to do this only for keyston api and rest services will be "talking" internally?


edit retag flag offensive close merge delete

1 answer

Sort by ยป oldest newest most voted

answered 2016-08-15 08:12:45 -0600

james-denton gravatar image

"public" users leveraging OpenStack clients such as python-novaclient, python-neutronclient, python-cinderclient, etc., will need access to the 'publicURL' endpoint of the respective service, as well as public access to the Keystone service on port 5000. So the publicURL endpoint should be on a public network in that case. InternalURL and AdminURL for each service can remain on internal IP space in most, if not all, cases. Keystone is the only service I can think of offhand that leverages the AdminURL for certain commands, but those are really administrative commands and not necessarily ones you'd want accessible publicly.

edit flag offensive delete link more

Get to know Ask OpenStack

Resources for moderators

Question Tools

1 follower


Asked: 2016-08-15 07:26:47 -0600

Seen: 262 times

Last updated: Aug 15 '16