openstack-manuals/doc/config-reference/ch_identityconfigure.xml
Brian Moss b724143b9d Fix links to Cloud Admin Guide
Fixes links in the Config Ref Guide to the Cloud
Admin Guide that changed after the RST conversion
of that guide.

backport: kilo
Change-Id: I30e5ce1b6b02e89eeb94fee01ea83b1a40a0fd23
2015-08-25 12:03:35 +10:00

97 lines
5.1 KiB
XML

<?xml version="1.0" encoding="UTF-8"?>
<chapter xmlns="http://docbook.org/ns/docbook"
xmlns:xi="http://www.w3.org/2001/XInclude"
xmlns:xlink="http://www.w3.org/1999/xlink"
version="5.0"
xml:id="ch_configuring-openstack-identity">
<title>Identity service</title>
<para>This chapter details the OpenStack Identity service configuration
options. For installation prerequisites and step-by-step walkthroughs, see the
<citetitle>OpenStack Installation Guide</citetitle> for your distribution (<link xlink:href="http://docs.openstack.org"
>docs.openstack.org</link>) and <citetitle><link
xlink:href="http://docs.openstack.org/admin-guide-cloud/">Cloud
Administrator Guide</link></citetitle>.</para>
<section xml:id="section_keystone-cache">
<title>Caching layer</title>
<para>Identity supports a caching layer that is above the
configurable subsystems, such as token or assignment. The
majority of the caching configuration options are set in the
<literal>[cache]</literal> section. However, each section that
has the capability to be cached usually has a
<option>caching</option> option that will toggle caching for that
specific section. By default, caching is globally disabled.
Options are as follows:</para>
<xi:include href="../common/tables/keystone-cache.xml"/>
<para>Current functional backends are:</para>
<itemizedlist>
<listitem><para><literal>dogpile.cache.memcached</literal> - Memcached backend using
the standard python-memcached library</para></listitem>
<listitem><para><literal>dogpile.cache.pylibmc</literal> - Memcached backend using
the pylibmc library</para></listitem>
<listitem><para><literal>dogpile.cache.bmemcached</literal> - Memcached using
python-binary-memcached library.</para></listitem>
<listitem><para><literal>dogpile.cache.redis</literal> - Redis backend</para></listitem>
<listitem><para><literal>dogpile.cache.dbm</literal> - Local DBM file backend</para></listitem>
<listitem><para><literal>dogpile.cache.memory</literal> - In-memory cache, not
suitable for use outside of testing as it does not cleanup it's
internal cache on cache expiration and does not share cache
between processes. This means that caching and cache invalidation
will not be consistent or reliable.</para>
</listitem>
<listitem><para><literal>dogpile.cache.mongo</literal> - MongoDB as caching
backend.</para></listitem>
</itemizedlist>
</section>
<section xml:id="keystone-configuration-file">
<title>Identity service configuration file</title>
<para>The Identity service is configured in the
<filename>/etc/keystone/keystone.conf</filename> file.</para>
<para>The following tables provide a comprehensive list of the Identity
service options.</para>
<xi:include href="../common/tables/keystone-api.xml"/>
<xi:include href="../common/tables/keystone-assignment.xml"/>
<xi:include href="../common/tables/keystone-auth.xml"/>
<xi:include href="../common/tables/keystone-auth_token.xml"/>
<xi:include href="../common/tables/keystone-ca.xml"/>
<xi:include href="../common/tables/keystone-catalog.xml"/>
<xi:include href="../common/tables/keystone-common.xml"/>
<xi:include href="../common/tables/keystone-cors.xml"/>
<xi:include href="../common/tables/keystone-credential.xml"/>
<xi:include href="../common/tables/keystone-database.xml"/>
<xi:include href="../common/tables/keystone-debug.xml"/>
<xi:include href="../common/tables/keystone-domain.xml"/>
<xi:include href="../common/tables/keystone-federation.xml"/>
<xi:include href="../common/tables/keystone-fernet_tokens.xml"/>
<xi:include href="../common/tables/keystone-identity.xml"/>
<xi:include href="../common/tables/keystone-kvs.xml"/>
<xi:include href="../common/tables/keystone-ldap.xml"/>
<xi:include href="../common/tables/keystone-logging.xml"/>
<xi:include href="../common/tables/keystone-mapping.xml"/>
<xi:include href="../common/tables/keystone-memcache.xml"/>
<xi:include href="../common/tables/keystone-oauth.xml"/>
<xi:include href="../common/tables/keystone-os_inherit.xml"/>
<xi:include href="../common/tables/keystone-policy.xml"/>
<xi:include href="../common/tables/keystone-revoke.xml"/>
<xi:include href="../common/tables/keystone-role.xml"/>
<xi:include href="../common/tables/keystone-saml.xml"/>
<xi:include href="../common/tables/keystone-security.xml"/>
<xi:include href="../common/tables/keystone-token.xml"/>
<xi:include href="../common/tables/keystone-trust.xml"/>
<xi:include href="../common/tables/keystone-rpc.xml"/>
<xi:include href="../common/tables/keystone-amqp.xml"/>
<xi:include href="../common/tables/keystone-qpid.xml"/>
<xi:include href="../common/tables/keystone-rabbitmq.xml"/>
<xi:include href="../common/tables/keystone-zeromq.xml"/>
<xi:include href="../common/tables/keystone-redis.xml"/>
</section>
<xi:include href="identity/section_keystone-sample-conf-files.xml"/>
<xi:include href="conf-changes/keystone.xml"/>
</chapter>