[DEFAULT] # A "shared secret" between keystone and other openstack services admin_token = ADMIN # The IP address of the network interface to listen on bind_host = 0.0.0.0 # The port number which the public service listens on public_port = 5000 # The port number which the public admin listens on admin_port = 35357 # The port number which the OpenStack Compute service listens on compute_port = 8774 # === Logging Options === # Print debugging output verbose = False # Print more verbose output # (includes plaintext request logging, potentially including passwords) debug = False # The directory to keep log files in (will be prepended to --logfile) log_file = /var/log/keystone/keystone.log # Use syslog for logging. use_syslog = False # syslog facility to receive log lines syslog_log_facility = LOG_LOCAL0 # If this option is specified, the logging configuration file specified is # used and overrides any other logging options specified. Please see the # Python logging module documentation for details on logging configuration # files. # log_config = /etc/keystone/logging.conf # A logging.Formatter log message format string which may use any of the # available logging.LogRecord attributes. # log_format = %(asctime)s %(levelname)8s [%(name)s] %(message)s # Format string for %(asctime)s in log records. # log_date_format = %Y-%m-%d %H:%M:%S # onready allows you to send a notification when the process is ready to serve # For example, to have it notify using systemd, one could set shell command: # onready = systemd-notify --ready # or a module with notify() method: # onready = keystone.common.systemd [sql] connection = mysql://keystone:password@localhost/keystone idle_timeout = 200 [identity] driver = keystone.identity.backends.sql.Identity [catalog] driver = keystone.catalog.backends.templated.TemplatedCatalog template_file = /etc/keystone/default_catalog.templates [token] driver = keystone.token.backends.kvs.Token # Amount of time a token should remain valid (in seconds) expiration = 86400 [policy] driver = keystone.policy.backends.rules.Policy [ec2] driver = keystone.contrib.ec2.backends.sql.Ec2 [ssl] [signing] token_format=UUID [ldap] # url = ldap://localhost # user = dc=Manager,dc=example,dc=com # password = None # suffix = cn=example,cn=com # use_dumb_member = False # user_tree_dn = ou=Users,dc=example,dc=com # user_objectclass = inetOrgPerson # user_id_attribute = cn # tenant_tree_dn = ou=Groups,dc=example,dc=com # tenant_objectclass = groupOfNames # tenant_id_attribute = cn # tenant_member_attribute = member # role_tree_dn = ou=Roles,dc=example,dc=com # role_objectclass = organizationalRole # role_id_attribute = cn # role_member_attribute = roleOccupant [filter:debug] paste.filter_factory = keystone.common.wsgi:Debug.factory [filter:token_auth] paste.filter_factory = keystone.middleware:TokenAuthMiddleware.factory [filter:admin_token_auth] paste.filter_factory = keystone.middleware:AdminTokenAuthMiddleware.factory [filter:xml_body] paste.filter_factory = keystone.middleware:XmlBodyMiddleware.factory [filter:json_body] paste.filter_factory = keystone.middleware:JsonBodyMiddleware.factory [filter:user_crud_extension] paste.filter_factory = keystone.contrib.user_crud:CrudExtension.factory [filter:crud_extension] paste.filter_factory = keystone.contrib.admin_crud:CrudExtension.factory [filter:ec2_extension] paste.filter_factory = keystone.contrib.ec2:Ec2Extension.factory [filter:s3_extension] paste.filter_factory = keystone.contrib.s3:S3Extension.factory [filter:url_normalize] paste.filter_factory = keystone.middleware:NormalizingFilter.factory [filter:stats_monitoring] paste.filter_factory = keystone.contrib.stats:StatsMiddleware.factory [filter:stats_reporting] paste.filter_factory = keystone.contrib.stats:StatsExtension.factory [app:public_service] paste.app_factory = keystone.service:public_app_factory [app:admin_service] paste.app_factory = keystone.service:admin_app_factory [pipeline:public_api] pipeline = stats_monitoring url_normalize token_auth admin_token_auth xml_body json_body debug ec2_extension user_crud_extension public_service [pipeline:admin_api] pipeline = stats_monitoring url_normalize token_auth admin_token_auth xml_body json_body debug stats_reporting ec2_extension s3_extension crud_extension admin_service [app:public_version_service] paste.app_factory = keystone.service:public_version_app_factory [app:admin_version_service] paste.app_factory = keystone.service:admin_version_app_factory [pipeline:public_version_api] pipeline = stats_monitoring url_normalize xml_body public_version_service [pipeline:admin_version_api] pipeline = stats_monitoring url_normalize xml_body admin_version_service [composite:main] use = egg:Paste#urlmap /v2.0 = public_api / = public_version_api [composite:admin] use = egg:Paste#urlmap /v2.0 = admin_api / = admin_version_api