openstack/sunbeam-charms
Code Issues Proposed changes
5009f76997
sunbeam-charms/charms/keystone-k8s
History
Hemanth Nakkina 5009f76997 Add actions to regenerate password 
Add regenerate-password action to regenerate
passwords for admin, charm or service user.

Remove KeystonepasswordManager class.

Update zaza-smoke-test job to mandatory.

Change-Id: I542894149b533da4cba5371f7412d4cbcc21e305
2023-03-07 07:57:03 +05:30
..
lib/charms Use juju secrets for admin/service passwords 2023-03-06 11:50:14 +05:30
src Add actions to regenerate password 2023-03-07 07:57:03 +05:30
tests Add actions to regenerate password 2023-03-07 07:57:03 +05:30
.flake8 Initial commit just to share 2021-07-06 11:54:32 -07:00
.gitignore Restore libs 2021-10-15 11:39:39 +01:00
.gitreview Remove references to old github 2022-08-04 15:24:22 +05:30
.jujuignore Initial commit just to share 2021-07-06 11:54:32 -07:00
.stestr.conf Sync global tox, requirement files 2022-07-27 12:50:27 +05:30
.zuul.yaml Add actions to regenerate password 2023-03-07 07:57:03 +05:30
actions.yaml Add actions to regenerate password 2023-03-07 07:57:03 +05:30
charmcraft.yaml Rebase to Ubuntu 22.04 2022-11-05 13:43:05 +00:00
config.yaml Use juju secrets for fernet key rotation 2023-03-03 14:01:13 +05:30
CONTRIBUTING.md Switch to using mysql-k8s for database relation 2022-09-07 10:01:54 +09:30
fetch-libs.sh Update traefik ingress library to v1 2022-09-14 10:02:10 +05:30
LICENSE Initial commit just to share 2021-07-06 11:54:32 -07:00
metadata.yaml Upgrade charm to OpenStack Yoga 2022-11-22 09:32:27 +00:00
osci.yaml Upgrade charm to OpenStack Yoga 2022-11-22 09:32:27 +00:00
pyproject.toml Remove charmhelpers dependancy and add linters 2022-11-03 15:03:50 +00:00
README.md Switch to using mysql-k8s for database relation 2022-09-07 10:01:54 +09:30
rename.sh Add osci yaml 2022-09-08 15:42:20 +05:30
requirements.txt Use juju secrets for fernet key rotation 2023-03-03 14:01:13 +05:30
test-requirements.txt Refactor configure_charm 2023-03-03 06:41:28 +00:00
tox.ini Use juju secrets for fernet key rotation 2023-03-03 14:01:13 +05:30

README.md

keystone-k8s

Description

keystone-k8s is an operator to manage the Keystone identity service on a Kubernetes based environment.

Usage

Deployment

keystone-k8s is deployed using below command:

juju deploy keystone-k8s keystone --trust

Now connect the keystone operator to an existing database.

juju relate mysql:database keystone:database

Configuration

This section covers common and/or important configuration options. See file config.yaml for the full list of options, along with their descriptions and default values. See the Juju documentation for details on configuring applications.

Actions

This section covers Juju actions supported by the charm. Actions allow specific operations to be performed on a per-unit basis. To display action descriptions run juju actions keystone. If the charm is not deployed then see file actions.yaml.

Relations

The charm supports the following relations. They are primarily of use to developers:

  • identity-credentials: Used by charms to obtain Keystone credentials without creating a service catalogue entry. Set 'username' only on the relation and Keystone will set defaults and return authentication details. Possible relation settings:

    • username: Username to be created.
    • project: Project (tenant) name to be created. Defaults to service's project.
    • domain: Keystone v3 domain the user will be created in. Defaults to the Default domain.

  • identity-service: Used by API endpoints to request an entry in the Keystone service catalogue and the endpoint template catalogue.

    When a relation is established Keystone receives the following data from the requesting API endpoint:

    • service_name
    • region
    • public_url
    • admin_url
    • internal_url

    Keystone verifies that the requested service is supported (the list of supported services should remain updated). The following will occur for a supported service:

    1. an entry in the service catalogue is created
    2. an endpoint template is created
    3. an admin token is generated.

    The API endpoint receives the token and is informed of the ports that Keystone is listening on.

OCI Images

The charm by default uses docker.io/kolla/ubuntu-binary-keystone:xena image.

Contributing

Please see the Juju SDK docs for guidelines on enhancements to this charm following best practice guidelines, and CONTRIBUTING.md for developer guidance.

Bugs

Please report bugs on Launchpad.