f125a8b892
This change addresses a long-standing issue in rST documentation imported from XML.
That import process added backslash escapes in front of various characters. The three
most common being '(', ')', and '_'.
These instances are removed.
Signed-off-by: Ron Stone <ronald.stone@windriver.com>
Change-Id: Id43a9337ffcd505ccbdf072d7b29afdb5d2c997e
61 lines
13 KiB
ReStructuredText
61 lines
13 KiB
ReStructuredText
|
|
.. chj1558616978053
|
|
.. _shared-configurations:
|
|
|
|
=====================
|
|
Shared Configurations
|
|
=====================
|
|
|
|
Shared configurations are |prod-long| system settings or services managed by
|
|
the System Controller and synchronized across all subclouds.
|
|
|
|
Synchronizations can be delayed slightly, depending on network traffic
|
|
conditions and the amount of information to be synchronized.
|
|
|
|
|prod| synchronizes configuration for selected attributes of system-wide
|
|
configurations (see :ref:`Table 1
|
|
<shared-configurations-shared-sys-configs>`) and synchronizes configuration
|
|
for resources of the Keystone Identity Service (see :ref:`Table 2
|
|
<shared-configurations-shared-keystone-configs>`).
|
|
|
|
|
|
.. _shared-configurations-shared-sys-configs:
|
|
|
|
|
|
.. table:: Table 1. Shared System Configurations
|
|
:widths: auto
|
|
|
|
+-----------------------------+--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
|
|
| Shared Configuration | Remarks |
|
|
+=============================+==============================================================================================================================================================================================================================================================================================================================================================+
|
|
| DNS IP addresses | Subclouds use the DNS servers specified at the System Controller. |
|
|
+-----------------------------+--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
|
|
| **sysadmin** Password | The **sysadmin** password may take up to 10 minutes to sync with the controller. The **sysadmin** password is not modified via the :command:`system` command. It is modified using the regular Linux :command:`passwd` command. |
|
|
+-----------------------------+--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
|
|
| Certificates | Subclouds use the Trusted |CA| certificates installed on the System Controller using the :command:`system certificate-install -m ssl_ca` command. |
|
|
+-----------------------------+--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
|
|
|
|
|
|
.. _shared-configurations-shared-keystone-configs:
|
|
|
|
|
|
.. table:: Table 2. Shared Platform Keystone Resource Configurations
|
|
:widths: auto
|
|
|
|
+---------------+--------------------------+--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
|
|
| Local Service | Shared Configuration | Remarks |
|
|
+===============+==========================+==================================================================================================================================================================================================================================================================================================================================================================================================================================================================================================================================================+
|
|
| Keystone | Users | To facilitate Single Sign-On across the entire |prod-dc|, and to enable centralized User Management, the Platform's Keystone's platform authentication identity resources are synced to the subclouds. If a new user, project, role or assignment, or changes to these resources are detected on the System Controller via Audit, they are automatically synced to the subclouds. If a subcloud is inaccessible or unmanaged at that time, then these resources and changes will be queued and synchronized once the subcloud becomes available. |
|
|
| | | |
|
|
| | Roles | The specific Keystone resources synchronized are: users, roles, projects, project roles, assignments, passwords and token revocation events. |
|
|
| | | |
|
|
| | Projects | |
|
|
| | | |
|
|
| | Project Role Assignments | |
|
|
| | | |
|
|
| | Passwords | |
|
|
| | | |
|
|
| | Token revocation events | |
|
|
+---------------+--------------------------+--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
|
|
|