Role os_keystone for OpenStack-Ansible
0f3dcf6e0e
This change adds the bits necessary to configure Keystone as an identity provider (IdP) for an external service provider (SP). * New variables to configure Keystone as an identity provider are now supported under a root `keystone_idp` variable. Example configurations can be seen in Keystone's defaults file. This configuration includes the location of the signing certificate, authentication endpoints and list of allowed service providers. * xmlsec1 is installed in the Keystone containers when IdP configuration is enabled. * The IdP metadata and signing certiciate are generated and installed. Implements: blueprint keystone-federation Change-Id: I81455e593e3059633a55f7e341511d5ad9eba76f |
||
|---|---|---|
| defaults | ||
| files | ||
| handlers | ||
| meta | ||
| tasks | ||
| templates | ||
| CONTRIBUTING.rst | ||
| LICENSE | ||
| README.rst | ||
OpenStack keystone
- tags
-
openstack, keystone, cloud, ansible
- category
-
*nix
Role to install keystone. This will install keystone using apache.
- This role will install the following:
-
- keystone
- apache2
- name: Installation and setup of Keystone
hosts: keystone_all
user: root
roles:
- { role: "os_keystone", tags: [ "os-keystone" ] }
vars:
external_lb_vip_address: 172.16.24.1
internal_lb_vip_address: 192.168.0.1
keystone_galera_address: "{{ internal_lb_vip_address }}"