Hi,
I’m using chameleon cloud with many students around Europe and one of the recurring problems is related to the firewall setting in the hosting university.
It seems to me that the problem is related to the fact that KVM@TACC needs to connect to this URL:
https://kvm.tacc.chameleoncloud.org:5000
Is there a reason why this port since it seems something unusual by sys admin point of view?
Thanks,
M
Hello,
OpenStack Keystone (Identity) runs on port 5000, which I agree is a bit strange from a sys admin point of view. Keystone is used in the login auth flow for a user as part of federated authentication. OpenStack would need to support path-based routing for their services like Keystone to expose the different API endpoints behind a single, more standard, port like 443.
I hope this helps provide some context.
Paul
Investigating further, newer versions of OpenStack have added support for path-based routing that would enable this. That means it may be something we can enable in the future to help alleviate cases like this.