Merge "config-ref: include keystone tables"

This commit is contained in:
Jenkins 2014-04-16 21:38:11 +00:00 committed by Gerrit Code Review
commit 2ef9797a58
6 changed files with 56 additions and 128 deletions

View File

@ -1,114 +0,0 @@
<?xml version="1.0" encoding="UTF-8"?>
<section xmlns="http://docbook.org/ns/docbook"
xmlns:xi="http://www.w3.org/2001/XInclude"
xmlns:xlink="http://www.w3.org/1999/xlink" version="5.0"
xml:id="keystone-configuration-file">
<title>Identity Service configuration files</title>
<variablelist>
<varlistentry>
<term>keystone.conf</term>
<listitem>
<para>The Identity Service
<filename>/etc/keystone/keystone.conf</filename>
configuration file is an INI-format file with
sections.</para>
<para>The <literal>[DEFAULT]</literal> section configures
general configuration values.</para>
<para>Specific sections, such as the <literal>[database]</literal>
and <literal>[ec2]</literal> sections, configure individual
services.</para>
<table rules="all">
<caption>keystone.conf file sections</caption>
<col width="30%"/>
<col width="70%"/>
<thead>
<tr>
<th>Section</th>
<th>Description</th>
</tr>
</thead>
<tbody>
<tr>
<td><literal>[DEFAULT]</literal></td>
<td>General configuration.</td>
</tr>
<tr>
<td><literal>[database]</literal></td>
<td>Optional storage back-end configuration.</td>
</tr>
<tr>
<td><literal>[ec2]</literal></td>
<td>Amazon EC2 authentication driver configuration.</td>
</tr>
<tr>
<td><literal>[s3]</literal></td>
<td>Amazon S3 authentication driver configuration.</td>
</tr>
<tr>
<td><literal>[identity]</literal></td>
<td>Identity Service system driver configuration.</td>
</tr>
<tr>
<td><literal>[catalog]</literal></td>
<td>Service catalog driver configuration.</td>
</tr>
<tr>
<td><literal>[token]</literal></td>
<td>Token driver configuration.</td>
</tr>
<tr>
<td><literal>[policy]</literal></td>
<td>Policy system driver configuration for RBAC.</td>
</tr>
<tr>
<td><literal>[signing]</literal></td>
<td>Cryptographic signatures for PKI based tokens.</td>
</tr>
<tr>
<td><literal>[ssl]</literal></td>
<td>SSL configuration.</td>
</tr>
</tbody>
</table>
<para>When you start the Identity Service, you can use the
<parameter>--config-file</parameter> parameter to specify
a configuration file.</para>
<para>If you do not specify a configuration file, the Identity
Service looks for the <filename>keystone.conf</filename>
configuration file in these directories in this
order:</para>
<orderedlist>
<listitem>
<para>
<literal>~/.keystone</literal>
</para>
</listitem>
<listitem>
<para>
<literal>~/</literal>
</para>
</listitem>
<listitem>
<para>
<literal>/etc/keystone</literal>
</para>
</listitem>
<listitem>
<para>
<literal>/etc</literal>
</para>
</listitem>
</orderedlist>
</listitem>
</varlistentry>
<varlistentry>
<term>keystone-paste.ini</term>
<listitem>
<para>The
<filename>/etc/keystone/keystone-paste.ini</filename> file
configures the Identity Service WSGI middleware
pipeline.</para>
</listitem>
</varlistentry>
</variablelist>
</section>

View File

@ -23,7 +23,7 @@
directory.</para>
</listitem>
<listitem>
<para>Related Image Service and Identity Service management
<para>Related Image Service and Identity service management
configuration files.</para>
</listitem>
</itemizedlist>
@ -41,7 +41,7 @@
<title>Configure authentication and authorization</title>
<para>There are different methods of authentication for the
OpenStack Compute project, including no authentication. The
preferred system is the OpenStack Identity Service, code-named
preferred system is the OpenStack Identity service, code-named
Keystone.</para>
<para>To customize authorization settings for Compute, use the
configuration options documented in

View File

@ -7,13 +7,55 @@
xmlns:ns4="http://www.w3.org/2000/svg"
xmlns:ns3="http://www.w3.org/1998/Math/MathML"
xmlns:ns="http://docbook.org/ns/docbook">
<title>Identity Service</title>
<para>This chapter details the OpenStack Identity Service configuration
<title>Identity service</title>
<para>This chapter details the OpenStack Identity service configuration
options. For installation prerequisites and step-by-step walkthroughs, see the
<citetitle>OpenStack Installation Guide</citetitle> for your distribution (<link xlink:href="docs.openstack.org"
>docs.openstack.org</link>) and <citetitle><link
xlink:href="http://docs.openstack.org/admin-guide-cloud/content/">Cloud
Administrator Guide</link></citetitle>.</para>
<xi:include href="../common/section_identity-configure.xml"/>
<xi:include href="../common/section_keystone-sample-conf-files.xml"/>
<section xml:id="keystone-configuration-file">
<title>Identity service configuration file</title>
<para>The Identity service is configured in the
<filename>/etc/keystone/keystone.conf</filename> file.</para>
<para>The following tables provide a comprehensive list of the Identity
service options.</para>
<xi:include href="../common/tables/keystone-api.xml"/>
<xi:include href="../common/tables/keystone-assignment.xml"/>
<xi:include href="../common/tables/keystone-auth.xml"/>
<xi:include href="../common/tables/keystone-cache.xml"/>
<xi:include href="../common/tables/keystone-catalog.xml"/>
<xi:include href="../common/tables/keystone-credential.xml"/>
<xi:include href="../common/tables/keystone-database.xml"/>
<xi:include href="../common/tables/keystone-debug.xml"/>
<xi:include href="../common/tables/keystone-ec2.xml"/>
<xi:include href="../common/tables/keystone-federation.xml"/>
<xi:include href="../common/tables/keystone-identity.xml"/>
<xi:include href="../common/tables/keystone-kvs.xml"/>
<xi:include href="../common/tables/keystone-ldap.xml"/>
<xi:include href="../common/tables/keystone-logging.xml"/>
<xi:include href="../common/tables/keystone-memcache.xml"/>
<xi:include href="../common/tables/keystone-misc.xml"/>
<xi:include href="../common/tables/keystone-notification.xml"/>
<xi:include href="../common/tables/keystone-oauth.xml"/>
<xi:include href="../common/tables/keystone-os_inherit.xml"/>
<xi:include href="../common/tables/keystone-policy.xml"/>
<xi:include href="../common/tables/keystone-revoke.xml"/>
<xi:include href="../common/tables/keystone-security.xml"/>
<xi:include href="../common/tables/keystone-ssl.xml"/>
<xi:include href="../common/tables/keystone-stats.xml"/>
<xi:include href="../common/tables/keystone-token.xml"/>
<xi:include href="../common/tables/keystone-trust.xml"/>
<xi:include href="../common/tables/keystone-rpc.xml"/>
<xi:include href="../common/tables/keystone-amqp.xml"/>
<xi:include href="../common/tables/keystone-qpid.xml"/>
<xi:include href="../common/tables/keystone-rabbit.xml"/>
<xi:include href="../common/tables/keystone-zeromq.xml"/>
<xi:include href="../common/tables/keystone-redis.xml"/>
</section>
<xi:include href="identity/section_keystone-sample-conf-files.xml"/>
</chapter>

View File

@ -9,10 +9,10 @@
<title>keystone_policy.json</title>
<para>The <filename>keystone_policy.json</filename> file
defines additional access controls for the dashboard that
apply to the Identity Service.</para>
apply to the Identity service.</para>
<note>
<para>The <filename>keystone_policy.json</filename> file
must match the Identity Service
must match the Identity service
<filename>/etc/keystone/policy.json</filename>
policy file.</para>
</note>

View File

@ -3,7 +3,7 @@
xmlns:xi="http://www.w3.org/2001/XInclude"
xmlns:xlink="http://www.w3.org/1999/xlink" version="5.0"
xml:id="sample-configuration-files">
<title>Identity Service sample configuration files</title>
<title>Identity service sample configuration files</title>
<para>All the files in this section can be found in the <systemitem>/etc/keystone</systemitem>
directory.</para>
<section xml:id="section_keystone.conf">
@ -19,7 +19,7 @@
<title>keystone-paste.ini</title>
<para>The <filename>keystone-paste.ini</filename> file configures the
Web Service Gateway Interface (WSGI) middleware pipeline for
the Identity Service.
the Identity service.
</para>
<para>
<programlisting language="ini"><xi:include parse="text" href="http://git.openstack.org/cgit/openstack/keystone/plain/etc/keystone-paste.ini"/>
@ -41,7 +41,7 @@
<section xml:id="section_keystone-policy.json">
<title>policy.json</title>
<para>The <filename>policy.json</filename> file defines additional access controls that
apply to the Identity Service.</para>
apply to the Identity service.</para>
<para>
<programlisting language="json"><xi:include parse="text" href="http://git.openstack.org/cgit/openstack/keystone/plain/etc/policy.json"/>
</programlisting>

View File

@ -54,13 +54,13 @@
<td/>
</tr>
<tr>
<td>Identity Service (<literal>keystone</literal>)
<td>Identity service (<literal>keystone</literal>)
administrative endpoint</td>
<td>35357</td>
<td>adminurl</td>
</tr>
<tr>
<td>Identity Service public endpoint</td>
<td>Identity service public endpoint</td>
<td>5000</td>
<td>publicurl</td>
</tr>