# Copyright 2021 Canonical Ltd. # See LICENSE file for licensing details. name: keystone-k8s summary: OpenStack identity service maintainer: Openstack Charmers description: | Keystone is an OpenStack project that provides Identity, Token, Catalog and Policy services for use specifically by projects in the OpenStack family. It implements OpenStack's Identity API. version: 3 bases: - name: ubuntu channel: 20.04/stable tags: - openstack - identity - misc source: https://opendev.org/openstack/charm-keystone-k8s issues: https://bugs.launchpad.net/charm-keystone-k8s provides: identity-service: interface: keystone identity-credentials: interface: keystone-credentials requires: database: interface: mysql_client limit: 1 ingress-internal: interface: ingress limit: 1 optional: true ingress-public: interface: ingress limit: 1 peers: peers: interface: keystone-peer storage: fernet-keys: type: filesystem description: | Persistent storage for the location of fernet keys minimum-size: 5M credential-keys: type: filesystem description: | Persistent storage for the location of credential keys minimum-size: 5M containers: # The primary container that runs the keystone services keystone: resource: keystone-image mounts: - storage: fernet-keys # The fernet keys used for generated tokens are stored here. With a # mounted storage option, the fernet keys are persisted across # container restarts. location: /etc/keystone/fernet-keys/ - storage: credential-keys # The credential keys used for generated credentials are stored here. # With a mounted storage option, the credential keys are persisted # across container restarts. location: /etc/keystone/credential-keys/ resources: keystone-image: type: oci-image description: OCI image for OpenStack Keystone # docker.io/kolla/ubuntu-binary-keystone:yoga upstream-source: docker.io/kolla/ubuntu-binary-keystone@sha256:05bc029e63ec06da8f5351f08196c549ecce371fc2236ea53dabb994f2e246b7