Files

kevin df3edca7a6 Updated default fernet key usage

This change makes the use of fernet tokens production ready. The changes are
as follows:
  * Ensures that the keys are rotated on every playbook execution
  * Removes the need to sync keys back to a deployment host when distributing
    them to other keystone hosts.
  * Creates an autonomous key rotation process that can rotate on the following
    intervals [reboot, yearly, annually, monthly, weekly, daily, hourly] to all
    hosts from any keystone fernet host.
  * Fixes the section in `keystone.conf` which was named "fernet_key" instead
    of "fernet_token".

Change-Id: I50f6a852930728631f5c681a8aa0f1321d7424ac
Related-Bug: #1463569
Closes-Bug: #1468256

2015-06-30 09:54:31 -05:00

defaults

Updated default fernet key usage

2015-06-30 09:54:31 -05:00

files

Update Keystone config and policy for Kilo

2015-04-10 15:01:57 +00:00

handlers

Convert existing roles into galaxy roles

2015-02-18 10:56:25 +00:00

README.rst

OpenStack keystone

tags: openstack, keystone, cloud, ansible
category: *nix

Role to install keystone. This will install keystone using apache.

This role will install the following:

keystone
apache2

- name: Installation and setup of Keystone
  hosts: keystone_all
  user: root
  roles:
    - { role: "os_keystone", tags: [ "os-keystone" ] }
  vars:
    external_lb_vip_address: 172.16.24.1
    internal_lb_vip_address: 192.168.0.1
    keystone_galera_address: "{{ internal_lb_vip_address }}"