openstack/openstack-ansible-os_keystone
Code Issues Proposed changes
741 Commits 10 Branches 20 Tags
Go to file
Clone
Open with VS Code Open with VSCodium Open with Intellij IDEA
Download ZIP Download TAR.GZ Download BUNDLE
Jonathan Rosser 8e1f7f4ad8 Fix loss of fernet and credential keys during Rocky to Stein upgrade 
This applies only to source based installations.

The introduction of smart-sources in [1] created a code path
which deletes the /etc/keystone directory before symlinking it
into the keystone venv and creating the necessary config files.

Unfortunatley this has the side effect of also deleting any fernet
and credential keys which pre-existed in the case of an upgrade from
Rocky. The original keys were deleted simulataneously across the whole
keystone_all group in a way which is makes them unrecoverable in
the absence of a backup taken by the operator.

This change simplifies the smart-sources code to always keep the
keystone config files and fernet keys in the host /etc/keystone.
This ensures that the lifecycle of the fernet keys is not coupled
to the lifecycle of the keystone venvs.

In addition, a task is added to rescue any keys which have been
created in the keystone venv by installations from the Stein
release-candidate.

[1] https://review.opendev.org/#/c/588960/

Closes-Bug: 1833414
Change-Id: Ide611fd3d88e352367220f05dbcf4186ac20319f
2019-06-20 15:46:28 +00:00
defaults
Replace git.openstack.org with opendev.org
2019-05-24 17:12:37 +00:00
doc
Replace git.openstack.org with opendev.org
2019-05-24 17:12:37 +00:00
examples
Remove keystone service user
2018-10-18 09:56:05 -07:00
files
add gentoo support to keystone
2019-02-26 09:04:07 -06:00
handlers
Set default address to wait for
2019-04-06 03:13:10 +00:00
library
Resolved Keystone Federation bugs
2017-02-07 21:01:09 -06:00
meta
Clarify supported SUSE versions
2019-05-27 07:15:23 +00:00
releasenotes
Merge "Replacing the HTTP protocal with HTTPS in jobs.yaml."
2019-04-24 20:15:02 +00:00
tasks
Fix loss of fernet and credential keys during Rocky to Stein upgrade
2019-06-20 15:46:28 +00:00
templates
Merge "Fix distro installs on Ubuntu"
2019-06-11 08:48:32 +00:00
tests
Replace git.openstack.org with opendev.org
2019-05-24 17:12:37 +00:00
vars
Fix distro installs on Ubuntu
2019-06-03 13:05:41 -07:00
zuul.d
Update uw_apache to run against bionic
2019-05-24 15:14:35 +00:00
.gitignore
Updated from OpenStack Ansible Tests
2018-10-02 14:53:27 +00:00
.gitreview
OpenDev Migration Patch
2019-04-19 19:36:31 +00:00
bindep.txt
Updated from OpenStack Ansible Tests
2019-05-09 11:34:48 +00:00
CONTRIBUTING.rst
[Trivial Fix] Replace Chinese punctuation with English punctuation
2018-09-06 10:36:48 +08:00
LICENSE
Updated role to be an independent role
2016-02-26 14:13:43 -06:00
manual-test.rc
Use centralised test scripts
2016-09-28 08:56:33 +01:00
README.rst
Replace git.openstack.org with opendev.org
2019-05-24 17:12:37 +00:00
run_tests.sh
Updated from OpenStack Ansible Tests
2019-05-09 11:34:48 +00:00
setup.cfg
Update mailinglist from dev to discuss
2018-12-05 09:16:39 +08:00
setup.py
Updated from global requirements
2017-03-02 11:51:52 +00:00
tox.ini
Replace git.openstack.org with opendev.org
2019-05-24 17:12:37 +00:00
Vagrantfile
Updated from OpenStack Ansible Tests
2019-05-09 11:34:48 +00:00

README.rst

Team and repository tags

image

OpenStack-Ansible keystone

Ansible role that installs and configures OpenStack Keystone. Keystone is installed behind the Apache webserver listening on port 5000 by default.

Documentation for the project can be found at: https://docs.openstack.org/openstack-ansible-os_keystone/latest/

Release notes for the project can be found at: https://docs.openstack.org/releasenotes/openstack-ansible-os_keystone/

The project source code repository is located at: https://opendev.org/openstack/openstack-ansible-os_keystone/

The project home is at: https://launchpad.net/openstack-ansible

The project bug tracker is located at: https://bugs.launchpad.net/openstack-ansible

Description
Role os_keystone for OpenStack-Ansible
Readme 11 MiB
Languages
Jinja 69.4%
Python 22%
Shell 8.6%