e7f5bfb7ae
This feature adds the ability to run Keystone in each Subcloud and implements a Distributed Service Catalog such that the Central Region Keystone ONLY contains the Identity endpoint for each subcloud. The DC Manager and DC Orchestration framework then does a 2 stage lookup to first procure a token from the subcloud and then use that for further communication with that subcloud. This delivery adds the following: - New DC Orch Identity Proxy SM service - Keystone manifest changes to run init_keystone in Subcloud to spawn a local Keystone instance - Modify System Controller Identity endpoints 5000 to 25000, i.e binding to DC-Orch-API-Proxy - DC Manager and DC Orch Changes to do a 2-stage lookup on subclouds (Distributed Service Catalog) - Cherry pick Endpoint Filter Group patches into Openstack client - Add Resource Sync for Keystone Users, Projects and Roles and reporting to DC Manager - Add Auditing for Keystone Users, Projects and Roles on Central Region and Subclouds - Lab Setup changes to configure Tenant users and projects against the Keystone DC Proxy (port 25000) so that these may be synced to subclouds. Story: 2002842 Task: 22785 Change-Id: I2db7610532d1835246b29bedf2cb719669f11935 Signed-off-by: Andy Ning <andy.ning@windriver.com> Signed-off-by: Jack Ding <jack.ding@windriver.com> |
||
|---|---|---|
| .. | ||
| centos | ||
| src | ||
| PKG_INFO | ||