openstack/charm-keystone
Code Issues Proposed changes
Juju Charm - Keystone
370 Commits 34 Branches 5 Tags 9.7 MiB
Python 99.7%
Shell 0.3%
f5fb058f9f
Go to file
Corey Bryant f5fb058f9f Amulet test fixes: 
* Makefile: Only run precise-icehouse and trusty-icehouse tests by default
    and increase test timeout
  * t/00-setup: Add more required dependencies
  * t/README: Mention charm-tools dependency
  * t/basic_deployment.py:
    - Specify use of unstable charms
    - Use dicts in add_services
    - Add re-authentication support due to restart test
    - KeystoneAdmin and KeystoneServiceAdmin were removed in revno 78 so
      remove them from test_roles().
    - Increase sleep time for restart test
    - Cleanup on test failure
2014-09-27 21:32:11 +00:00
hooks Sync with charm-helpers. 2014-09-26 16:46:55 +00:00
scripts Sync scripts/. 2013-04-09 11:35:51 -07:00
templates Support using ldap identity backend 2014-08-12 13:39:51 +08:00
tests Amulet test fixes: 2014-09-27 21:32:11 +00:00
unit_tests Add unit tests for db_changed hook processing allowed_units 2014-08-28 09:12:42 +01:00
.bzrignore Rebase 2014-07-25 09:13:49 +01:00
.coveragerc Add trivial test config 2014-03-31 11:18:06 +01:00
.project Merge ssl-everywhere branch (may break stuff) 2014-03-27 10:54:38 +00:00
.pydevproject Merge ssl-everywhere branch (may break stuff) 2014-03-27 10:54:38 +00:00
charm-helpers-hooks.yaml Resync to trunk helpers 2014-07-24 11:27:48 +01:00
charm-helpers-tests.yaml Move charm-helpers.yaml to charm-helpers-hooks.yaml and 2014-06-24 17:10:29 +00:00
config.yaml [heut2008,r=hopem] 2014-08-15 19:10:18 +01:00
copyright Add copyright 2011-12-23 17:55:37 -08:00
icon.svg Fix icon.svg. 2013-11-04 00:56:57 -08:00
Makefile Amulet test fixes: 2014-09-27 21:32:11 +00:00
metadata.yaml Merge hloeung's admin relation code into current trunk. 2014-05-06 14:13:30 +01:00
README.md README.md: Describe identity-admin and the intended use case. 2014-06-30 09:56:26 +12:00
setup.cfg Add trivial test config 2014-03-31 11:18:06 +01:00

README.md

This charm provides Keystone, the Openstack identity service. It's target platform is Ubuntu Precise + Openstack Essex. This has not been tested using Oneiric + Diablo.

It provides three interfaces.

- identity-service:  Openstack API endpoints request an entry in the 
  Keystone service catalog + endpoint template catalog.  When a relation
  is established, Keystone receives: service name, region, public_url,
  admin_url and internal_url.  It first checks that the requested service
  is listed as a supported service.  This list should stay updated to
  support current Openstack core services.  If the services is supported,
  a entry in the service catalog is created, an endpoint template is
  created and a admin token is generated.   The other end of the relation
  recieves the token as well as info on which ports Keystone is listening.

- keystone-service:  This is currently only used by Horizon/dashboard
  as its interaction with Keystone is different from other Openstack API
  servicies.  That is, Horizon requests a Keystone role and token exists.
  During a relation, Horizon requests its configured default role and
  Keystone responds with a token and the auth + admin ports on which
  Keystone is listening.

- identity-admin:  Charms use this relation to obtain the credentials
  for the admin user.  This is intended for charms that automatically
  provision users, tenants, etc. or that otherwise automate using the
  Openstack cluster deployment.

Keystone requires a database. By default, a local sqlite database is used. The charm supports relations to a shared-db via mysql-shared interface. When a new data store is configured, the charm ensures the minimum administrator credentials exist (as configured via charm configuration)

VIP is only required if you plan on multi-unit clusterming. The VIP becomes a highly-available API endpoint.