Mistral server should be able to operate with Keystone Identity API V2
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
Mistral |
Fix Released
|
High
|
Andras Kovi |
Bug Description
Mistral is currently able to operate only with Keystone Identity V3. This is a restriction that prohibits its application in many current deployments.
This bug aims to fix this inability only on the service execution level. This way, when the Mistral level authentication/
Solution description
1. Turn off pecan authentication in the server.
2. The client must authenticate. V2 or V3 does not matter.
3. The client receives the service catalog on login:
V2: http://
V3: http://
4. The client can forward this catalog to the server and the server can use it to create the OS service clients. The server seems to be partly set up for this option too: https:/
5. keystone_utils can be simply updated to have means to extract the endpoints from the catalog stored in the context, rather than going out to keystone.
Changed in mistral: | |
assignee: | nobody → Andras Kovi (akovi) |
Changed in mistral: | |
status: | New → In Progress |
Changed in mistral: | |
milestone: | none → newton-rc1 |
importance: | Undecided → High |
Changed in mistral: | |
milestone: | newton-rc1 → newton-rc2 |
Fix proposed to branch: master /review. openstack. org/354803
Review: https:/