As I see the documentation, wouldn’t it be more interesting to specify the URL / IP / Network we want for the dashboard or the assumptions are :
Users have a proxy doing the redirection
Users access the dashboard of the locally deployed Openstack
I may be more specific on my remark.
Usually when we deploy an Openstack the dashboard needs to be exposed on an accessible IP, maybe on management network. When we follow this documentation it appears that its on the internal deployed Network. Isn’t it a problem? Or has it been considered that.
For short, please can you add details to expose dashboard on the “external” network on the documentation?
Don’t hesitate to ask me if its still unclear.
The single-node quick start tutorial is completely sandboxed - no API’s or instances created are accessible from outside of the machine where MicroStack is installed. This is entirely intentional.
That said its pretty easy to perform an all-in-one install which is accessible outside of the machine; when providing the range of IP addresses for MetalLB during the bootstrap process provide a range from a subnet that the server is attached to, and do the same again when configuring the subnet and IP address range for access to instances.
In case of a multi-node deployment, you mean the whole both networks, mentioned on the guide, should be accessible from the outside, right?
Doesn’t it create a security issue that the API and management range are the same? Because we are publishing the range API publicly! Some deployment methods, such as OpenStack-Ansible, isolate the API range on a separate bridge.