openstack-manuals/doc/config-reference/ch_identityconfigure.xml
Gauvain Pocentek b46b6dd5a3 config-ref: include oslo.middleware options
Change-Id: Idd61531c8a9196172020c315ac665fa641cb3428
Closes-Bug: #1452454
2015-05-07 11:42:51 +02:00

98 lines
5.2 KiB
XML

<?xml version="1.0" encoding="UTF-8"?>
<chapter xmlns="http://docbook.org/ns/docbook"
xmlns:xi="http://www.w3.org/2001/XInclude"
xmlns:xlink="http://www.w3.org/1999/xlink"
version="5.0"
xml:id="ch_configuring-openstack-identity">
<title>Identity service</title>
<para>This chapter details the OpenStack Identity service configuration
options. For installation prerequisites and step-by-step walkthroughs, see the
<citetitle>OpenStack Installation Guide</citetitle> for your distribution (<link xlink:href="http://docs.openstack.org"
>docs.openstack.org</link>) and <citetitle><link
xlink:href="http://docs.openstack.org/admin-guide-cloud/content/">Cloud
Administrator Guide</link></citetitle>.</para>
<section xml:id="section_keystone-cache">
<title>Caching layer</title>
<para>Identity supports a caching layer that is above the
configurable subsystems, such as token or assignment. The
majority of the caching configuration options are set in the
<literal>[cache]</literal> section. However, each section that
has the capability to be cached usually has a
<option>caching</option> option that will toggle caching for that
specific section. By default, caching is globally disabled.
Options are as follows:</para>
<xi:include href="../common/tables/keystone-cache.xml"/>
<para>Current functional backends are:</para>
<itemizedlist>
<listitem><para><literal>dogpile.cache.memcached</literal> - Memcached backend using
the standard python-memcached library</para></listitem>
<listitem><para><literal>dogpile.cache.pylibmc</literal> - Memcached backend using
the pylibmc library</para></listitem>
<listitem><para><literal>dogpile.cache.bmemcached</literal> - Memcached using
python-binary-memcached library.</para></listitem>
<listitem><para><literal>dogpile.cache.redis</literal> - Redis backend</para></listitem>
<listitem><para><literal>dogpile.cache.dbm</literal> - Local DBM file backend</para></listitem>
<listitem><para><literal>dogpile.cache.memory</literal> - In-memory cache, not
suitable for use outside of testing as it does not cleanup it's
internal cache on cache expiration and does not share cache
between processes. This means that caching and cache invalidation
will not be consistent or reliable.</para>
</listitem>
<listitem><para><literal>dogpile.cache.mongo</literal> - MongoDB as caching
backend.</para></listitem>
</itemizedlist>
</section>
<section xml:id="keystone-configuration-file">
<title>Identity service configuration file</title>
<para>The Identity service is configured in the
<filename>/etc/keystone/keystone.conf</filename> file.</para>
<para>The following tables provide a comprehensive list of the Identity
service options.</para>
<xi:include href="../common/tables/keystone-api.xml"/>
<xi:include href="../common/tables/keystone-assignment.xml"/>
<xi:include href="../common/tables/keystone-auth.xml"/>
<xi:include href="../common/tables/keystone-auth_token.xml"/>
<xi:include href="../common/tables/keystone-ca.xml"/>
<xi:include href="../common/tables/keystone-catalog.xml"/>
<xi:include href="../common/tables/keystone-common.xml"/>
<xi:include href="../common/tables/keystone-credential.xml"/>
<xi:include href="../common/tables/keystone-database.xml"/>
<xi:include href="../common/tables/keystone-debug.xml"/>
<xi:include href="../common/tables/keystone-domain.xml"/>
<xi:include href="../common/tables/keystone-ec2.xml"/>
<xi:include href="../common/tables/keystone-federation.xml"/>
<xi:include href="../common/tables/keystone-fernet_tokens.xml"/>
<xi:include href="../common/tables/keystone-identity.xml"/>
<xi:include href="../common/tables/keystone-kvs.xml"/>
<xi:include href="../common/tables/keystone-ldap.xml"/>
<xi:include href="../common/tables/keystone-logging.xml"/>
<xi:include href="../common/tables/keystone-mapping.xml"/>
<xi:include href="../common/tables/keystone-memcache.xml"/>
<xi:include href="../common/tables/keystone-oauth.xml"/>
<xi:include href="../common/tables/keystone-os_inherit.xml"/>
<xi:include href="../common/tables/keystone-oslo_middleware.xml"/>
<xi:include href="../common/tables/keystone-policy.xml"/>
<xi:include href="../common/tables/keystone-revoke.xml"/>
<xi:include href="../common/tables/keystone-role.xml"/>
<xi:include href="../common/tables/keystone-saml.xml"/>
<xi:include href="../common/tables/keystone-security.xml"/>
<xi:include href="../common/tables/keystone-token.xml"/>
<xi:include href="../common/tables/keystone-trust.xml"/>
<xi:include href="../common/tables/keystone-rpc.xml"/>
<xi:include href="../common/tables/keystone-amqp.xml"/>
<xi:include href="../common/tables/keystone-qpid.xml"/>
<xi:include href="../common/tables/keystone-rabbitmq.xml"/>
<xi:include href="../common/tables/keystone-zeromq.xml"/>
<xi:include href="../common/tables/keystone-redis.xml"/>
</section>
<xi:include href="identity/section_keystone-sample-conf-files.xml"/>
<xi:include href="../common/tables/keystone-conf-changes.xml"/>
</chapter>