Setting a DNS name for the compute API

By means of the Compute API traffic type, Virtuozzo Hybrid Infrastructure exposes a public endpoint that listens to OpenStack API requests. By default, it points to the IP address of the management node (or to its virtual IP address if high availability is enabled).

In some cases, you need to modify all public endpoints to use the domain name resolvable to the management node IP address (or its virtual IP), for example, to secure OpenStack API traffic with an SSL certificate without the subjectAltName field or to make the Kubernetes service access the compute API via the DNS name.

To modify all public endpoints to use the domain name

Use the following command:

vinfra service compute set [--endpoint-hostname <hostname>]

--endpoint-hostname <hostname>: Use the given hostname for a public endpoint. Specify an empty value in quotes to use the raw IP.

For example, to use dns-name.example for public endpoints, run:

# vinfra service compute set --endpoint-hostname dns-name.example
+---------+--------------------------------------+
| Field   | Value                                |
+---------+--------------------------------------+
| task_id | 534391a2-946a-4406-8dc0-756f161cd595 |
+---------+--------------------------------------+

Wait until the task is complete:

# vinfra task show 534391a2-946a-4406-8dc0-756f161cd595
+---------+------------------------------------------------------------------+
| Field   | Value                                                            |
+---------+------------------------------------------------------------------+
| details |                                                                  |
| name    | backend.presentation.compute.tasks.ReconfigureComputeClusterTask |
| result  |                                                                  |
| state   | success                                                          |
| task_id | 534391a2-946a-4406-8dc0-756f161cd595                             |
+---------+------------------------------------------------------------------+

To check that the domain name is used instead of the management node IP address:

Generate or regenerate the admin OpenRC script:
```
# kolla-ansible post-deploy
```
Run the script:
```
# source /etc/kolla/admin-openrc.sh
```

List the public endpoints:

# openstack --insecure endpoint list | grep public
| 5a845b4b<...> | <...> | https://dns-name.example:8780                    |
| 7d901686<...> | <...> | https://dns-name.example:8776/v2/%(tenant_id)s   |
| 44aa0f53<...> | <...> | https://dns-name.example:8774/v2.1/%(tenant_id)s |
| 0e6d3a39<...> | <...> | https://dns-name.example:9292                    |
| 0b906e51<...> | <...> | https://dns-name.example:9696                    |
| 1b68ac7c<...> | <...> | https://dns-name.example:8776/v3/%(tenant_id)s   |
| d80af756<...> | <...> | https://dns-name.example:8004/v1/%(tenant_id)s   |
| d0e8c7da<...> | <...> | https://dns-name.example:5000/v3                 |