kolla-ansible/docker/keystone/Dockerfile.j2
Dave Walker (Daviey) 37b95f2ade Add LDAP support to keystone Dockerfile
Currently, the keystone docker image doesn't support LDAP/AD
which is a common to manage users and group for identity
management and authentication.

This change adds ldappool to the builds.

Change-Id: Ida5a58f6c57cd173642f0a801dc9ecd84ded55e8
Closes-Bug: #1600586
Signed-off-by: Dave Walker (Daviey) <email@daviey.com>
2016-07-10 12:34:14 +01:00

76 lines
2.6 KiB
Django/Jinja

FROM {{ namespace }}/{{ image_prefix }}openstack-base:{{ tag }}
MAINTAINER {{ maintainer }}
{% if install_type == 'binary' %}
{% if base_distro in ['fedora', 'centos', 'oraclelinux', 'rhel'] %}
RUN yum -y install openstack-keystone \
python-keystoneclient \
httpd \
mod_wsgi \
python-ldappool \
&& yum clean all
RUN mkdir -p /var/www/cgi-bin/keystone \
&& cp -a /usr/share/keystone/keystone.wsgi /var/www/cgi-bin/keystone/main \
&& cp -a /usr/share/keystone/keystone.wsgi /var/www/cgi-bin/keystone/admin \
&& sed -i -r 's,^(Listen 80),#\1,' /etc/httpd/conf/httpd.conf
{% elif base_distro in ['ubuntu'] %}
RUN apt-get -y install --no-install-recommends \
keystone \
apache2 \
libapache2-mod-wsgi \
python-ldappool \
&& apt-get clean
RUN mkdir -p /var/www/cgi-bin/keystone \
&& cp -a /usr/share/keystone/wsgi.py /var/www/cgi-bin/keystone/main \
&& cp -a /usr/share/keystone/wsgi.py /var/www/cgi-bin/keystone/admin \
&& echo > /etc/apache2/ports.conf
{% endif %}
{% elif install_type == 'source' %}
{% if base_distro in ['fedora', 'centos', 'oraclelinux', 'rhel'] %}
RUN yum -y install \
httpd \
mod_wsgi \
python-ldappool \
&& yum clean all \
&& sed -i -r 's,^(Listen 80),#\1,' /etc/httpd/conf/httpd.conf
{% elif base_distro in ['ubuntu', 'debian'] %}
RUN apt-get -y install --no-install-recommends \
apache2 \
libapache2-mod-wsgi \
python-ldappool \
&& echo > /etc/apache2/ports.conf \
&& apt-get clean
{% endif %}
ADD keystone-archive /keystone-source
RUN ln -s keystone-source/* keystone \
&& useradd --user-group keystone \
&& /var/lib/kolla/venv/bin/pip --no-cache-dir install --upgrade -c requirements/upper-constraints.txt /keystone \
&& mkdir -p /etc/keystone /var/www/cgi-bin/keystone /var/log/apache2 /home/keystone \
&& cp -r /keystone/etc/* /etc/keystone/ \
&& cp /var/lib/kolla/venv/bin/keystone-wsgi-admin /var/www/cgi-bin/keystone/admin \
&& cp /var/lib/kolla/venv/bin/keystone-wsgi-public /var/www/cgi-bin/keystone/main \
&& chown -R keystone: /etc/keystone /var/www/cgi-bin/keystone /var/log/apache2 /home/keystone
{% endif %}
RUN usermod -a -G kolla keystone \
&& chown -R keystone: /var/www/cgi-bin/keystone \
&& chmod 755 /var/www/cgi-bin/keystone/*
COPY keystone_bootstrap.sh /usr/local/bin/kolla_keystone_bootstrap
COPY extend_start.sh /usr/local/bin/kolla_extend_start
RUN chmod 755 /usr/local/bin/kolla_extend_start /usr/local/bin/kolla_keystone_bootstrap
{{ include_footer }}