Fuel for OpenStack

[library] add support for keystone ldap integration

Series newton
Bug #1379011

Bug #1379011 reported by Oleksii Aleksieiev on 2014-10-08

This bug affects 1 person

	Status	Importance	Assigned to	Milestone
Fuel for OpenStack	Invalid	Wishlist	Fuel Library (Deprecated)	Fuel for OpenStack 10.0
Mitaka	Won't Fix	Wishlist	Fuel Library (Deprecated)	Fuel for OpenStack 9.0
Newton	Invalid	Wishlist	Fuel Library (Deprecated)	Fuel for OpenStack 10.0

Bug Description

Community keystone puppet module allows to deploy keystone with storing identity in ldap backed.
Fuel should support setting ldap configuration on deployment stage at lease by changing settings.yaml.

Documentation about keystone with dap backend
http://docs.openstack.org/admin-guide-cloud/content/configuring-keystone-for-ldap-backend.html

puppet class for configuration keystone with dap backend
https://github.com/stackforge/puppet-keystone/blob/master/manifests/ldap.pp

Tags:

Revision history for this message

Tomasz 'Zen' Napierala (tzn) wrote on 2014-10-08:

We already have pretty fresh BP for that: https://blueprints.launchpad.net/fuel/+spec/fuel-with-existed-ldap

Changed in fuel:
status:	New → Confirmed
importance:	Undecided → Wishlist
assignee:	nobody → Fuel Library Team (fuel-library)

Revision history for this message

Dmitry Borodaenko (angdraug) wrote on 2014-10-08:

Looks like a duplicate of this blueprint: https://blueprints.launchpad.net/fuel/+spec/fuel-with-existed-ldap

If so, please work with blueprint authors to make sure your ideas are reflected in their spec.

Changed in fuel:
milestone:	none → next

Dmitry Pyzhov (dpyzhov) on 2015-06-01

Changed in fuel:
milestone:	next → 7.0

Revision history for this message

Sergii Golovatiuk (sgolovatiuk) wrote on 2015-08-05:

It's already possible with plugins. It's easy to write simple plugin to override keystone settings to use LDAP.

Changed in fuel:
assignee:	Fuel Library Team (fuel-library) → nobody

Sergii Golovatiuk (sgolovatiuk) on 2015-08-05

Changed in fuel:
status:	Confirmed → Won't Fix

Revision history for this message

Oleksii Aleksieiev (alexzzman) wrote on 2015-08-05:

was the plugin architecture fixed to make sure that fuel and plugin changes to keystone fongi will not revert the into different directions?

The main problem with plugins in 6,1 is that the changes are maid in post deployment step but there is a gap between changes to config made by fuel and changes made by plug so we have several minutes when keystone will work with default setting (without ldap).

Usually ldap used in big deployments and i think its not acceptable to have several minutes of downtime during each change apply.

Dmitry Pyzhov (dpyzhov) on 2015-10-12

Changed in fuel:
assignee:	nobody → Fuel Library Team (fuel-library)
milestone:	7.0 → 8.0
status:	Won't Fix → Confirmed
no longer affects:	fuel/8.0.x

Dmitry Pyzhov (dpyzhov) on 2015-10-22

tags:

added: area-library

Stanislaw Bogatkin (sbogatkin) on 2015-12-14

tags:

added: team-enhancements

Matthew Mosesohn (raytrac3r) on 2016-01-13

Changed in fuel:
milestone:	8.0 → 9.0

Matthew Mosesohn (raytrac3r) on 2016-02-05

tags:

added: feature

Revision history for this message

Michael Polenchuk (mpolenchuk) wrote on 2016-04-11:

Please refer to https://github.com/openstack/fuel-plugin-ldap

Revision history for this message

Peter Zhurba (pzhurba) wrote on 2016-05-13:

Due to inactivity, bug was closed. Feel free to reopen the bug by providing the requested information and set the bug status back to "New"

Report a bug

This report contains Public information

Everyone can see this information.

You are

Subscribing...

Edit bug mail

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.