Always check keystone using http The check to $service_port must be done using http. It's $KEYSTONE_SERVICE_PORT that may use either the http or https protocol. partial blueprint devstack-https Change-Id: I8ae081e9710c54396b765210336a7de331947086

commit: be4c953e5a46dc20401e217a23b206483f24d01b [log] [tgz]
author: Stanislaw Pitucha <stanislaw.pitucha@hp.com> Wed Jun 11 17:52:49 2014 +0100
committer: Stanislaw Pitucha <stanislaw.pitucha@hp.com> Wed Jun 25 16:17:17 2014 +0000
tree: ad768199d155b4fe379c0435cedb10bc44a692c2
parent: 4fcda870e65db81fc643fee799730cadd69441bb [diff] [blame]
diff --git a/lib/keystone b/lib/keystone
index 5fcd018..099d52f 100644
--- a/lib/keystone
+++ b/lib/keystone

@@ -446,7 +446,10 @@
     fi
 
     echo "Waiting for keystone to start..."
-    if ! timeout $SERVICE_TIMEOUT sh -c "while ! curl --noproxy '*' -k -s $KEYSTONE_AUTH_PROTOCOL://$SERVICE_HOST:$service_port/v$IDENTITY_API_VERSION/ >/dev/null; do sleep 1; done"; then
+    # Check that the keystone service is running. Even if the tls tunnel
+    # should be enabled, make sure the internal port is checked using
+    # unencryted traffic at this point.
+    if ! timeout $SERVICE_TIMEOUT sh -c "while ! curl --noproxy '*' -k -s http://$KEYSTONE_SERVICE_HOST:$service_port/v$IDENTITY_API_VERSION/ >/dev/null; do sleep 1; done"; then
         die $LINENO "keystone did not start"
     fi
commit	be4c953e5a46dc20401e217a23b206483f24d01b	[log] [tgz]
author	Stanislaw Pitucha <stanislaw.pitucha@hp.com>	Wed Jun 11 17:52:49 2014 +0100
committer	Stanislaw Pitucha <stanislaw.pitucha@hp.com>	Wed Jun 25 16:17:17 2014 +0000
tree	ad768199d155b4fe379c0435cedb10bc44a692c2
parent	4fcda870e65db81fc643fee799730cadd69441bb [diff] [blame]