config-ref: include keystone tables
Include keystone configuration options in the Identity section. There is room for lots of improvements, but this first step will at least make the info available. Replace "Identity Service" with "Identity service" in the config-ref. Closes-Bug: #1277330 Change-Id: I2dfac169c89bdbecd67322923a6a84f2155c4150
This commit is contained in:
parent
4d72787ebb
commit
6a10e75a55
@ -1,114 +0,0 @@
|
||||
<?xml version="1.0" encoding="UTF-8"?>
|
||||
<section xmlns="http://docbook.org/ns/docbook"
|
||||
xmlns:xi="http://www.w3.org/2001/XInclude"
|
||||
xmlns:xlink="http://www.w3.org/1999/xlink" version="5.0"
|
||||
xml:id="keystone-configuration-file">
|
||||
<title>Identity Service configuration files</title>
|
||||
<variablelist>
|
||||
<varlistentry>
|
||||
<term>keystone.conf</term>
|
||||
<listitem>
|
||||
<para>The Identity Service
|
||||
<filename>/etc/keystone/keystone.conf</filename>
|
||||
configuration file is an INI-format file with
|
||||
sections.</para>
|
||||
<para>The <literal>[DEFAULT]</literal> section configures
|
||||
general configuration values.</para>
|
||||
<para>Specific sections, such as the <literal>[database]</literal>
|
||||
and <literal>[ec2]</literal> sections, configure individual
|
||||
services.</para>
|
||||
<table rules="all">
|
||||
<caption>keystone.conf file sections</caption>
|
||||
<col width="30%"/>
|
||||
<col width="70%"/>
|
||||
<thead>
|
||||
<tr>
|
||||
<th>Section</th>
|
||||
<th>Description</th>
|
||||
</tr>
|
||||
</thead>
|
||||
<tbody>
|
||||
<tr>
|
||||
<td><literal>[DEFAULT]</literal></td>
|
||||
<td>General configuration.</td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td><literal>[database]</literal></td>
|
||||
<td>Optional storage back-end configuration.</td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td><literal>[ec2]</literal></td>
|
||||
<td>Amazon EC2 authentication driver configuration.</td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td><literal>[s3]</literal></td>
|
||||
<td>Amazon S3 authentication driver configuration.</td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td><literal>[identity]</literal></td>
|
||||
<td>Identity Service system driver configuration.</td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td><literal>[catalog]</literal></td>
|
||||
<td>Service catalog driver configuration.</td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td><literal>[token]</literal></td>
|
||||
<td>Token driver configuration.</td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td><literal>[policy]</literal></td>
|
||||
<td>Policy system driver configuration for RBAC.</td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td><literal>[signing]</literal></td>
|
||||
<td>Cryptographic signatures for PKI based tokens.</td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td><literal>[ssl]</literal></td>
|
||||
<td>SSL configuration.</td>
|
||||
</tr>
|
||||
</tbody>
|
||||
</table>
|
||||
<para>When you start the Identity Service, you can use the
|
||||
<parameter>--config-file</parameter> parameter to specify
|
||||
a configuration file.</para>
|
||||
<para>If you do not specify a configuration file, the Identity
|
||||
Service looks for the <filename>keystone.conf</filename>
|
||||
configuration file in these directories in this
|
||||
order:</para>
|
||||
<orderedlist>
|
||||
<listitem>
|
||||
<para>
|
||||
<literal>~/.keystone</literal>
|
||||
</para>
|
||||
</listitem>
|
||||
<listitem>
|
||||
<para>
|
||||
<literal>~/</literal>
|
||||
</para>
|
||||
</listitem>
|
||||
<listitem>
|
||||
<para>
|
||||
<literal>/etc/keystone</literal>
|
||||
</para>
|
||||
</listitem>
|
||||
<listitem>
|
||||
<para>
|
||||
<literal>/etc</literal>
|
||||
</para>
|
||||
</listitem>
|
||||
</orderedlist>
|
||||
</listitem>
|
||||
</varlistentry>
|
||||
<varlistentry>
|
||||
<term>keystone-paste.ini</term>
|
||||
<listitem>
|
||||
<para>The
|
||||
<filename>/etc/keystone/keystone-paste.ini</filename> file
|
||||
configures the Identity Service WSGI middleware
|
||||
pipeline.</para>
|
||||
</listitem>
|
||||
</varlistentry>
|
||||
</variablelist>
|
||||
</section>
|
@ -23,7 +23,7 @@
|
||||
directory.</para>
|
||||
</listitem>
|
||||
<listitem>
|
||||
<para>Related Image Service and Identity Service management
|
||||
<para>Related Image Service and Identity service management
|
||||
configuration files.</para>
|
||||
</listitem>
|
||||
</itemizedlist>
|
||||
@ -41,7 +41,7 @@
|
||||
<title>Configure authentication and authorization</title>
|
||||
<para>There are different methods of authentication for the
|
||||
OpenStack Compute project, including no authentication. The
|
||||
preferred system is the OpenStack Identity Service, code-named
|
||||
preferred system is the OpenStack Identity service, code-named
|
||||
Keystone.</para>
|
||||
<para>To customize authorization settings for Compute, use the
|
||||
configuration options documented in
|
||||
|
@ -7,13 +7,55 @@
|
||||
xmlns:ns4="http://www.w3.org/2000/svg"
|
||||
xmlns:ns3="http://www.w3.org/1998/Math/MathML"
|
||||
xmlns:ns="http://docbook.org/ns/docbook">
|
||||
<title>Identity Service</title>
|
||||
<para>This chapter details the OpenStack Identity Service configuration
|
||||
<title>Identity service</title>
|
||||
<para>This chapter details the OpenStack Identity service configuration
|
||||
options. For installation prerequisites and step-by-step walkthroughs, see the
|
||||
<citetitle>OpenStack Installation Guide</citetitle> for your distribution (<link xlink:href="docs.openstack.org"
|
||||
>docs.openstack.org</link>) and <citetitle><link
|
||||
xlink:href="http://docs.openstack.org/admin-guide-cloud/content/">Cloud
|
||||
Administrator Guide</link></citetitle>.</para>
|
||||
<xi:include href="../common/section_identity-configure.xml"/>
|
||||
<xi:include href="../common/section_keystone-sample-conf-files.xml"/>
|
||||
|
||||
<section xml:id="keystone-configuration-file">
|
||||
<title>Identity service configuration file</title>
|
||||
<para>The Identity service is configured in the
|
||||
<filename>/etc/keystone/keystone.conf</filename> file.</para>
|
||||
<para>The following tables provide a comprehensive list of the Identity
|
||||
service options.</para>
|
||||
|
||||
<xi:include href="../common/tables/keystone-api.xml"/>
|
||||
<xi:include href="../common/tables/keystone-assignment.xml"/>
|
||||
<xi:include href="../common/tables/keystone-auth.xml"/>
|
||||
<xi:include href="../common/tables/keystone-cache.xml"/>
|
||||
<xi:include href="../common/tables/keystone-catalog.xml"/>
|
||||
<xi:include href="../common/tables/keystone-credential.xml"/>
|
||||
<xi:include href="../common/tables/keystone-database.xml"/>
|
||||
<xi:include href="../common/tables/keystone-debug.xml"/>
|
||||
<xi:include href="../common/tables/keystone-ec2.xml"/>
|
||||
<xi:include href="../common/tables/keystone-federation.xml"/>
|
||||
<xi:include href="../common/tables/keystone-identity.xml"/>
|
||||
<xi:include href="../common/tables/keystone-kvs.xml"/>
|
||||
<xi:include href="../common/tables/keystone-ldap.xml"/>
|
||||
<xi:include href="../common/tables/keystone-logging.xml"/>
|
||||
<xi:include href="../common/tables/keystone-memcache.xml"/>
|
||||
<xi:include href="../common/tables/keystone-misc.xml"/>
|
||||
<xi:include href="../common/tables/keystone-notification.xml"/>
|
||||
<xi:include href="../common/tables/keystone-oauth.xml"/>
|
||||
<xi:include href="../common/tables/keystone-os_inherit.xml"/>
|
||||
<xi:include href="../common/tables/keystone-policy.xml"/>
|
||||
<xi:include href="../common/tables/keystone-revoke.xml"/>
|
||||
<xi:include href="../common/tables/keystone-security.xml"/>
|
||||
<xi:include href="../common/tables/keystone-ssl.xml"/>
|
||||
<xi:include href="../common/tables/keystone-stats.xml"/>
|
||||
<xi:include href="../common/tables/keystone-token.xml"/>
|
||||
<xi:include href="../common/tables/keystone-trust.xml"/>
|
||||
|
||||
<xi:include href="../common/tables/keystone-rpc.xml"/>
|
||||
<xi:include href="../common/tables/keystone-amqp.xml"/>
|
||||
<xi:include href="../common/tables/keystone-qpid.xml"/>
|
||||
<xi:include href="../common/tables/keystone-rabbit.xml"/>
|
||||
<xi:include href="../common/tables/keystone-zeromq.xml"/>
|
||||
<xi:include href="../common/tables/keystone-redis.xml"/>
|
||||
</section>
|
||||
|
||||
<xi:include href="identity/section_keystone-sample-conf-files.xml"/>
|
||||
</chapter>
|
||||
|
@ -9,10 +9,10 @@
|
||||
<title>keystone_policy.json</title>
|
||||
<para>The <filename>keystone_policy.json</filename> file
|
||||
defines additional access controls for the dashboard that
|
||||
apply to the Identity Service.</para>
|
||||
apply to the Identity service.</para>
|
||||
<note>
|
||||
<para>The <filename>keystone_policy.json</filename> file
|
||||
must match the Identity Service
|
||||
must match the Identity service
|
||||
<filename>/etc/keystone/policy.json</filename>
|
||||
policy file.</para>
|
||||
</note>
|
||||
|
@ -3,7 +3,7 @@
|
||||
xmlns:xi="http://www.w3.org/2001/XInclude"
|
||||
xmlns:xlink="http://www.w3.org/1999/xlink" version="5.0"
|
||||
xml:id="sample-configuration-files">
|
||||
<title>Identity Service sample configuration files</title>
|
||||
<title>Identity service sample configuration files</title>
|
||||
<para>All the files in this section can be found in the <systemitem>/etc/keystone</systemitem>
|
||||
directory.</para>
|
||||
<section xml:id="section_keystone.conf">
|
||||
@ -19,7 +19,7 @@
|
||||
<title>keystone-paste.ini</title>
|
||||
<para>The <filename>keystone-paste.ini</filename> file configures the
|
||||
Web Service Gateway Interface (WSGI) middleware pipeline for
|
||||
the Identity Service.
|
||||
the Identity service.
|
||||
</para>
|
||||
<para>
|
||||
<programlisting language="ini"><xi:include parse="text" href="http://git.openstack.org/cgit/openstack/keystone/plain/etc/keystone-paste.ini"/>
|
||||
@ -41,10 +41,10 @@
|
||||
<section xml:id="section_keystone-policy.json">
|
||||
<title>policy.json</title>
|
||||
<para>The <filename>policy.json</filename> file defines additional access controls that
|
||||
apply to the Identity Service.</para>
|
||||
apply to the Identity service.</para>
|
||||
<para>
|
||||
<programlisting language="json"><xi:include parse="text" href="http://git.openstack.org/cgit/openstack/keystone/plain/etc/policy.json"/>
|
||||
</programlisting>
|
||||
</para>
|
||||
</section>
|
||||
</section>
|
||||
</section>
|
@ -54,13 +54,13 @@
|
||||
<td/>
|
||||
</tr>
|
||||
<tr>
|
||||
<td>Identity Service (<literal>keystone</literal>)
|
||||
<td>Identity service (<literal>keystone</literal>)
|
||||
administrative endpoint</td>
|
||||
<td>35357</td>
|
||||
<td>adminurl</td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td>Identity Service public endpoint</td>
|
||||
<td>Identity service public endpoint</td>
|
||||
<td>5000</td>
|
||||
<td>publicurl</td>
|
||||
</tr>
|
||||
|
Loading…
Reference in New Issue
Block a user