kolla-ansible

Cannot set session persistence on external keystone endpoint

Bug #1904454 reported by Bartosz Bezak on 2020-11-16

This bug affects 1 person

Affects		Status	Importance	Assigned to	Milestone
	kolla-ansible	Triaged	Wishlist	Unassigned

Bug Description

Keystone federation using mod_auth_mellon needs to redirect back to the same keystone server. Therefore in multinode environment keystone external endpoint needs cookie for session persistence. Without it, mod_aut_mellon callback goes to endless loop.

as per - https://access.redhat.com/documentation/en-us/red_hat_openstack_platform/16.1/html/federate_with_identity_service/steps#step-18-use-proxy-persistence-for-keystone-on-each-controller

Tags:

Mark Goddard (mgoddard) on 2020-11-17

Changed in kolla-ansible:
importance:	Undecided → Wishlist
status:	New → Triaged
tags:	added: keystone
tags:	added: federation

Report a bug

This report contains Public information

Everyone can see this information.

You are

Subscribing...

Edit bug mail

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.