feature: identity-backend subordinate relation for v3 domains
Bug #1645803 reported by
Matt Rae
This bug affects 8 people
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
OpenStack Keystone Charm |
Fix Released
|
High
|
James Page | ||
keystone (Juju Charms Collection) |
Invalid
|
High
|
James Page |
Bug Description
Currently the keystone charm has options to configure an ldap backend for identity. When enabling keystone v3, it is also possible to enable backends per domain. Requesting a feature to allow configuring the identity backend for domains.
/etc/keystone/
[identity]
domain_
Then for the domain (DOMAIN_NAME) we want to use ldap as a backend, create the file:
/etc/keystone/
This can include [ldap] section which defines the ldap configuration for this domain
http://
Changed in keystone (Juju Charms Collection): | |
importance: | Wishlist → High |
milestone: | none → 17.01 |
tags: | added: bootstack openstack sts v3 |
Changed in keystone (Juju Charms Collection): | |
milestone: | 17.01 → none |
Changed in keystone (Juju Charms Collection): | |
assignee: | nobody → James Page (james-page) |
status: | Triaged → In Progress |
milestone: | none → 17.01 |
Changed in keystone (Juju Charms Collection): | |
status: | In Progress → Fix Committed |
Changed in charm-keystone: | |
assignee: | nobody → James Page (james-page) |
importance: | Undecided → High |
status: | New → Fix Committed |
Changed in keystone (Juju Charms Collection): | |
status: | Fix Committed → Invalid |
Changed in charm-keystone: | |
milestone: | none → 17.02 |
Changed in charm-keystone: | |
status: | Fix Committed → Fix Released |
To post a comment you must log in.
We should support additional domain backends using subordinate charms, and a new container scoped relation on the keystone charm
This would allow different LDAP/<insert backend here> backends to be configured and integrated in the same keystone installation.