347f5434b3
It is using a trigger tripleo::profile::base::keystone::ldap_backend_enable in puppet-tripleo
who will call a define in puppet-keysone ldap_backend.pp.
Given the following environment:
parameter_defaults:
KeystoneLDAPDomainEnable: true
KeystoneLDAPBackendConfigs:
tripleoldap:
url: ldap://192.0.2.250
user: cn=openstack,ou=Users,dc=redhat,dc=example,dc=com
password: Secrete
suffix: dc=redhat,dc=example,dc=com
user_tree_dn: ou=Users,dc=redhat,dc=example,dc=com
user_filter: "(memberOf=cn=OSuser,ou=Groups,dc=redhat,dc=example,dc=com)"
user_objectclass: person
user_id_attribute: cn
user_allow_create: false
user_allow_update: false
user_allow_delete: false
ControllerExtraConfig:
nova::keystone::authtoken::auth_version: v3
cinder::keystone::authtoken::auth_version: v3
It would then create a domain called tripleoldap with an LDAP
configuration as defined by the hash. The parameters from the
hash are defined by the keystone::ldap_backend resource in
puppet-keystone.
More backends can be added as more entries to that hash.
This also enables multi-domain support for horizon.
Closes-Bug: 1677603
Co-Authored-By: Juan Antonio Osorio Robles <jaosorior@redhat.com>
Depends-On: I1593c6a33ed1a0ea51feda9dfb6e1690eaeac5db
Change-Id: I6c815e4596d595bfa2a018127beaf21249a10643
Signed-off-by: Cyril Lopez <cylopez@redhat.com>
Team and repository tags
tripleo-heat-templates
Heat templates to deploy OpenStack using OpenStack.
- Free software: Apache license
- Documentation: http://docs.openstack.org/developer/tripleo-docs
- Source: http://git.openstack.org/cgit/openstack/tripleo-heat-templates
- Bugs: http://bugs.launchpad.net/tripleo
Features
The ability to deploy a multi-node, role based OpenStack deployment using OpenStack Heat. Notable features include:
- Choice of deployment/configuration tooling: puppet, (soon) docker
- Role based deployment: roles for the controller, compute, ceph, swift, and cinder storage
- physical network configuration: support for isolated networks, bonding, and standard ctlplane networking
Directories
A description of the directory layout in TripleO Heat Templates.
- environments: contains heat environment files that can be used with -e
on the command like to enable features, etc.
- extraconfig: templates used to enable 'extra' functionality. Includes
functionality for distro specific registration and upgrades.
- firstboot: example first_boot scripts that can be used when initially
creating instances.
- network: heat templates to help create isolated networks and ports
- puppet: templates mostly driven by configuration with puppet. To use these
templates you can use the overcloud-resource-registry-puppet.yaml.
- validation-scripts: validation scripts useful to all deployment
configurations
Service testing matrix
The configuration for the CI scenarios will be defined in tripleo-heat-templates/ci/ and should be executed according to the following table:
| - | scenario001 | scenario002 | scenario003 | scenario004 | multinode-nonha |
|---|---|---|---|---|---|
| keystone |
|
|
|
|
|
| glance |
|
|
|
swift + rbd |
|
| cinder |
|
|
|
||
| heat |
|
|
|
|
|
| mysql |
|
|
|
|
|
| neutron |
|
|
|
|
|
| rabbitmq |
|
|
|
|
|
| mongodb |
|
|
|||
| redis |
|
||||
| haproxy |
|
|
|
|
|
| keepalived |
|
|
|
|
|
| memcached |
|
|
|
|
|
| pacemaker |
|
|
|
|
|
| nova |
|
|
|
|
|
| ntp |
|
|
|
|
|
| snmp |
|
|
|
|
|
| timezone |
|
|
|
|
|
| sahara |
|
||||
| mistral |
|
||||
| swift |
|
|
|||
| aodh |
|
||||
| ceilometer |
|
||||
| gnocchi |
|
||||
| panko |
|
||||
| barbican |
|
||||
| zaqar |
|
||||
| ec2api |
|
||||
| cephrgw |
|
|
|||
| tacker |
|
||||
| congress |
|
||||
| cephmds |
|
||||
| manila |
|