df70e376ff
* Add sunbeam project template to run pep8, py3 tests * Add zuul.d/zuul.yaml to run pep8, py3, cover tests * Update charmcraft and requirements for each charm * Add global tox.ini to invoke fmt, pep8, py3, cover, build * Add gitreview file * Fix py3 test failures in ciner-ceph-k8s, glance-k8s, openstack-exporter * Add jobs for charm builds using files option so that job is invoked if files within the component are modified. Add charm builds to both check and gate pipeline. * Make function tests as part of global. Split the function tests into core, ceph, caas, misc mainly to accomodate function tests to run on 8GB. Add function tests as part of check pipeline. * Add zuul job to publish charms in promote pipeline Add charmhub token as secret that can be used to publish charms. Note: Charmhub token is generated with ttl of 90 days. * Run tox formatting * Make .gitignore, .jujuignore, .stestr.conf global and remove the files from all charms. * Make libs and templates global. Split libs to internal and external so that internal libs can adhere to sunbeam formatting styles. * Add script to copy common files necessary libs, config templates, stestr conf, jujuignore during py3 tests and charm builds. * Tests for keystone-ldap-k8s are commented due to intermittent bug LP#2045206 Change-Id: I804ca64182c109d16bd820ac00f129aa6dcf4496 |
||
|---|---|---|
| .. | ||
| src | ||
| tests | ||
| actions.yaml | ||
| charmcraft.yaml | ||
| config.yaml | ||
| CONTRIBUTING.md | ||
| LICENSE | ||
| metadata.yaml | ||
| README.md | ||
| requirements.txt | ||
keystone-k8s
Description
keystone-k8s is an operator to manage the Keystone identity service on a Kubernetes based environment.
Usage
Deployment
keystone-k8s is deployed using below command:
juju deploy keystone-k8s keystone --trust
Now connect the keystone operator to an existing database.
juju relate mysql:database keystone:database
Configuration
This section covers common and/or important configuration options. See file
config.yaml for the full list of options, along with their descriptions and
default values. See the Juju documentation for details
on configuring applications.
Actions
This section covers Juju actions supported by the charm.
Actions allow specific operations to be performed on a per-unit basis. To
display action descriptions run juju actions keystone. If the charm is not
deployed then see file actions.yaml.
Relations
The charm supports the following relations. They are primarily of use to developers:
-
identity-credentials: Used by charms to obtain Keystone credentials without creating a service catalogue entry. Set 'username' only on the relation and Keystone will set defaults and return authentication details. Possible relation settings:username: Username to be created.project: Project (tenant) name to be created. Defaults to service's project.domain: Keystone v3 domain the user will be created in. Defaults to the Default domain.
-
identity-service: Used by API endpoints to request an entry in the Keystone service catalogue and the endpoint template catalogue.When a relation is established Keystone receives the following data from the requesting API endpoint:
service_nameregionpublic_urladmin_urlinternal_url
Keystone verifies that the requested service is supported (the list of supported services should remain updated). The following will occur for a supported service:
- an entry in the service catalogue is created
- an endpoint template is created
- an admin token is generated.
The API endpoint receives the token and is informed of the ports that Keystone is listening on.
OCI Images
The charm by default uses ghcr.io/canonical/keystone:2023.2 image.
Contributing
Please see the Juju SDK docs for guidelines on enhancements to this charm following best practice guidelines, and CONTRIBUTING.md for developer guidance.
Bugs
Please report bugs on Launchpad.