← Back to team overview

yahoo-eng-team team mailing list archive

[Bug 1253482] Re: Keystone default port in linux local ephemeral port range. Devstack should shift range.

 

Given that 35357 is keystone's IANA assigned port, I don't think it's
reasonable to expect keystone to change ports in the short term. In the
long term (after dropping API v2 support), keystone will be deployable
on any one port. Using 35357 theoretically aids discoverability a tiny
bit, but there are other means of discoverability that we can
investigate in the future (such as RFC 2782).

** Changed in: keystone
       Status: New => Won't Fix

-- 
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to Keystone.
https://bugs.launchpad.net/bugs/1253482

Title:
  Keystone default port in linux local ephemeral port range. Devstack
  should shift range.

Status in devstack - openstack dev environments:
  New
Status in OpenStack Identity (Keystone):
  Triaged

Bug description:
  The linux ip port local range is 32768 to 61000 as reported by sysctl:

  $ sysctl -a | grep ip_local_port_range
  net.ipv4.ip_local_port_range = 32768	61000

  Keystone's default port as assigned by IANA is 35357. It is therefore
  possible that keystone will fail to start because some application has
  a socket open on port 35357. We believe this is the case logged at
  http://logs.openstack.org/09/57509/2/gate/gate-tempest-devstack-vm-
  large-ops/1171354/logs/screen-key.txt.gz?level=TRACE.

  To fix this devstack should shift the ephemeral port range to 49152 to
  61000 to avoid IANA port allocations and to avoid linux private port
  ranges.

  Additionally keystone should document this fact so that deployers are
  aware of this and know to work around the funny linux default range.

To manage notifications about this bug go to:
https://bugs.launchpad.net/devstack/+bug/1253482/+subscriptions