Charm and exporter are lacking support of OS_INTERFACE to specify endpoint to be used

[exceptorr]

Problem statement: Exporter cannot reach to Keystone or another endpoints from catalog list, if their public endpoints is unaccessible from exporter - and there is no way to customize desired endpoint. Example: Exporter is deployed on container which contains only "internal" network, so even if it will reach Keystone on its internal FQDN/IP instead of public one - it will not be able to connect to another services since lack of connectivity on public endpoints.

As prometheus-openstack-exporter uses openstack client, when it queries keystone catalog it retrieves "public" endpoints by default (https://github.com/openstack/osc-lib/commit/c500b637033cdf442231684079b041c9e37488fc) even if an admin keystone endpoint is specified in the config. To override this behavior, OS_INTERFACE needs to be passed to openstack-client and this is currently not supported neither by the prometheus-openstack-exporter nor by the exporter itself.

Currently, the only way to avoid this is expose exporter on public interface, which can be unacceptable in certain circumstances.

[jamonation]

I ran into this as well. It turns out for my purposes, even when everything is setup to use the public interface, the exporter makes some requests to admin endpoints. Since the public interfaces are using a public TLS certificate, but the internal endpoints are self-signed, I get errors like this partway through metrics collection:

https://10.x.x.x:35357/v3/projects: [SSL: CERTIFICATE_VERIFY_FAILED]

So while my issue is different in terms of manifestation than the one that is reported here, both would be solved by accepting and honoring OS_INTERFACE as a setting.