64b6c9261e
Current folder name New folder name Book title ---------------------------------------------------------- basic-install DELETE cli-guide DELETE common common NEW admin-guide-cloud Cloud Administrators Guide docbkx-example DELETE openstack-block-storage-admin DELETE openstack-compute-admin DELETE openstack-config config-reference OpenStack Configuration Reference openstack-ha high-availability-guide OpenStack High Availabilty Guide openstack-image image-guide OpenStack Virtual Machine Image Guide openstack-install install-guide OpenStack Installation Guide openstack-network-connectivity-admin admin-guide-network OpenStack Networking Administration Guide openstack-object-storage-admin DELETE openstack-security security-guide OpenStack Security Guide openstack-training training-guide OpenStack Training Guide openstack-user user-guide OpenStack End User Guide openstack-user-admin user-guide-admin OpenStack Admin User Guide glossary NEW OpenStack Glossary bug: #1220407 Change-Id: Id5ffc774b966ba7b9a591743a877aa10ab3094c7 author: diane fleming
107 lines
3.8 KiB
XML
107 lines
3.8 KiB
XML
<?xml version="1.0" encoding="UTF-8"?>
|
|
<section xmlns="http://docbook.org/ns/docbook"
|
|
xmlns:xi="http://www.w3.org/2001/XInclude"
|
|
xmlns:xlink="http://www.w3.org/1999/xlink" version="5.0"
|
|
xml:id="keystone-configuration-file">
|
|
<title>Identity Configuration Files</title>
|
|
<variablelist>
|
|
<varlistentry><term>keystone.conf</term>
|
|
<listitem><para>The Identity Service
|
|
<filename>/etc/keystone/keystone.conf</filename> configuration
|
|
file is an INI-format file with sections.</para>
|
|
<para>The <literal>[DEFAULT]</literal> section configures general
|
|
configuration values.</para>
|
|
<para>Specific sections, such as the <literal>[sql]</literal> and
|
|
<literal>[ec2]</literal> sections, configure individual
|
|
services.</para>
|
|
<table rules="all">
|
|
<caption>keystone.conf file sections</caption>
|
|
<col width="30%"/>
|
|
<col width="70%"/>
|
|
<thead>
|
|
<tr>
|
|
<td>Section</td>
|
|
<td>Description</td>
|
|
</tr>
|
|
</thead>
|
|
<tbody>
|
|
<tr>
|
|
<td><literal>[DEFAULT]</literal></td>
|
|
<td>General configuration.</td>
|
|
</tr>
|
|
<tr>
|
|
<td><literal>[sql]</literal></td>
|
|
<td>Optional storage backend configuration.</td>
|
|
</tr>
|
|
<tr>
|
|
<td><literal>[ec2]</literal></td>
|
|
<td>Amazon EC2 authentication driver configuration.</td>
|
|
</tr>
|
|
<tr>
|
|
<td><literal>[s3]</literal></td>
|
|
<td>Amazon S3 authentication driver configuration.</td>
|
|
</tr>
|
|
<tr>
|
|
<td><literal>[identity]</literal></td>
|
|
<td>Identity Service system driver configuration.</td>
|
|
</tr>
|
|
<tr>
|
|
<td><literal>[catalog]</literal></td>
|
|
<td>Service catalog driver configuration.</td>
|
|
</tr>
|
|
<tr>
|
|
<td><literal>[token]</literal></td>
|
|
<td>Token driver configuration.</td>
|
|
</tr>
|
|
<tr>
|
|
<td><literal>[policy]</literal></td>
|
|
<td>Policy system driver configuration for RBAC.</td>
|
|
</tr>
|
|
<tr>
|
|
<td><literal>[signing]</literal></td>
|
|
<td>Cryptographic signatures for PKI based tokens.</td>
|
|
</tr>
|
|
<tr>
|
|
<td><literal>[ssl]</literal></td>
|
|
<td>SSL configuration.</td>
|
|
</tr>
|
|
</tbody>
|
|
</table>
|
|
<para>When you start the Identity Service, you can use the
|
|
<literal>--config-file</literal> parameter to specify a
|
|
configuration file.</para>
|
|
<para>If you do not specify a configuration file, the Identity
|
|
Service looks for the <filename>keystone.conf</filename>
|
|
configuration file in the following directories in the following
|
|
order:</para>
|
|
<orderedlist>
|
|
<listitem>
|
|
<para>
|
|
<literal>~/.keystone</literal>
|
|
</para>
|
|
</listitem>
|
|
<listitem>
|
|
<para>
|
|
<literal>~/</literal>
|
|
</para>
|
|
</listitem>
|
|
<listitem>
|
|
<para>
|
|
<literal>/etc/keystone</literal>
|
|
</para>
|
|
</listitem>
|
|
<listitem>
|
|
<para>
|
|
<literal>/etc</literal>
|
|
</para>
|
|
</listitem>
|
|
</orderedlist>
|
|
</listitem>
|
|
</varlistentry>
|
|
<varlistentry><term>keystone-paste.ini</term>
|
|
<listitem><para>The <filename>/etc/keystone/keystone-paste.ini</filename> file
|
|
configures the Identity Service WSGI middleware pipeline.</para></listitem>
|
|
</varlistentry>
|
|
</variablelist>
|
|
</section>
|