Go to file

Miguel Grinberg 0f3dcf6e0e Keystone Federation Identity Provider Configuration

This change adds the bits necessary to configure Keystone as an
identity provider (IdP) for an external service provider (SP).

* New variables to configure Keystone as an identity provider are now
  supported under a root `keystone_idp` variable. Example configurations
  can be seen in Keystone's defaults file. This configuration includes
  the location of the signing certificate, authentication endpoints and
  list of allowed service providers.

* xmlsec1 is installed in the Keystone containers when IdP configuration
  is enabled.

* The IdP metadata and signing certiciate are generated and installed.

Implements: blueprint keystone-federation
Change-Id: I81455e593e3059633a55f7e341511d5ad9eba76f

2015-07-23 20:46:52 +01:00

defaults

Keystone Federation Identity Provider Configuration

2015-07-23 20:46:52 +01:00

files

Update Keystone config and policy for Kilo

2015-04-10 15:01:57 +00:00

handlers

Convert existing roles into galaxy roles

2015-02-18 10:56:25 +00:00

README.rst

OpenStack keystone

tags: openstack, keystone, cloud, ansible
category: *nix

Role to install keystone. This will install keystone using apache.

This role will install the following:

keystone
apache2

- name: Installation and setup of Keystone
  hosts: keystone_all
  user: root
  roles:
    - { role: "os_keystone", tags: [ "os-keystone" ] }
  vars:
    external_lb_vip_address: 172.16.24.1
    internal_lb_vip_address: 192.168.0.1
    keystone_galera_address: "{{ internal_lb_vip_address }}"