17ac571e7a
This patch adds the ability to configure Keystone as a Service Provider (SP) for a Federated Identity Provider (IdP). * New variables to configure Keystone as a service provider are now supported under a root `keystone_sp` variable. Example configurations can be seen in Keystone's defaults file. This configuration includes the list of identity providers and trusted dashboards. (At this time only one identity provider is supported). * Identity provider configuration includes the remote-to-local user mapping and the list of remote attributes the SP can obtain from the IdP. * Shibboleth is installed and configured in the Keystone containers when SP configuration is present. * Horizon is configured for SSO login DocImpact UpgradeImpact Implements: blueprint keystone-federation Change-Id: I78b3d740434ea4b3ca0bd9f144e4a07026be23c6 Co-Authored-By: Jesse Pretorius <jesse.pretorius@rackspace.co.uk> |
||
|---|---|---|
| defaults | ||
| files | ||
| handlers | ||
| library | ||
| meta | ||
| tasks | ||
| templates | ||
| CONTRIBUTING.rst | ||
| LICENSE | ||
| README.rst | ||
README.rst
OpenStack keystone
- tags
-
openstack, keystone, cloud, ansible
- category
-
*nix
Role to install keystone. This will install keystone using apache.
- This role will install the following:
-
- keystone
- apache2
- name: Installation and setup of Keystone
hosts: keystone_all
user: root
roles:
- { role: "os_keystone", tags: [ "os-keystone" ] }
vars:
external_lb_vip_address: 172.16.24.1
internal_lb_vip_address: 192.168.0.1
keystone_galera_address: "{{ internal_lb_vip_address }}"