Commit Graph

52 Commits

Author SHA1 Message Date
Samriddhi Jain c326ae0417 Fill in content in CLI Documentation
Added keystone-manage documentation from man pages
to the placeholder created for CLI Documentation.

Change-Id: I0e259c76d96c6479a6165c535bc49c032b2f41da
2017-08-08 21:58:50 +05:30
Samriddhi Jain 459f078d0c Reorganised keystone documentation structure
Divided the keystone docs into four categories, depending
upon the usage criteria: general information (which will
be common for all), developer documentation,
user documantation and operator documentation.

Change-Id: I2f5dd41acd9874739accc54c4f4fd69460b58334
2017-06-22 13:26:46 +05:30
David Stanek 928d23db02 Removed the deprecated pki_setup command
bp removed-as-of-pike

Change-Id: Ib39d21ed547e3be7a3a2c333a7193f990043a80b
2017-03-29 00:15:09 +00:00
Andreas Jaeger 82ae54c765 Fix keystone.o.o URL
Use docs.o.o - keystone.o.o is obsolete.

Change-Id: If1cb2ac2e8fd007de92fbd929eedd46e6fb376a0
2017-03-08 17:05:39 +01:00
Gage Hugo ebbc06ebb9 Fixed not in toctree warnings when building docs
This change fixes multiple issues of "WARNING: document isn't included
in any toctree" that were appearing when building "tox -edocs" by adding
the pages to the toctree in index.rst.

Change-Id: Iefc19e4aa8a950ffc35256e0fd22bb6bc7b3d2da
Partial-Bug: #1602422
2017-01-07 14:20:50 -06:00
Steve Martinelli 2edc392567 Update configuration.rst documentation
* landing page: increase toc depth for configuration for easier navigation
* landing page: move keystone-manage man page to bottom

* created common keystone-manage commands doc, so config and man page can
  reference

* moved the sample config files section up near config file section
* moved fernet token section up near token section
* moved token flush near token section
* moved endpoint policy and endpoint filter near catalog

* removed references to devstack files that do not exist
* removed references to experimental and stable status for stable features
* removed references to keystoneclient CLI

* removed IANA portions, not config related
* removed section about user CRUD on v2.0 API, not config related

* lots of minor cleanup with syntax and wording

Change-Id: Id814b70d626299ba0717d6759ec6be5e97645a39
2016-11-21 10:40:41 -05:00
Steve Martinelli 8a66ef6354 Remove support for PKI and PKIz tokens
This is the first step of several to remove PKI token support in
keystone. A large issue in removing PKI support is support for the
revocation list must be maintained.

This patch removes support for the token format, it's surrounding tests
and examples that are generated. Additionally, some wording has been
changed around the CLI and config options to make the distinction
between keys and certs used for PKI tokens and those used for getting
the revocation list (a list of tokens that are revoked, which is signed).

Future patches will:

- Remove the keystone-manage commands for generating certs

- Modify the revocation list (at /auth/tokens/OS-PKI/revoked) to return
a 403 if pki is not configured (instead of raising a 500). We cannot
remove the API as that would break an API contract.

- Options to configure PKI will be marked as deprecated

- If PKI is configured a normal signed list will be returned (same
behavior as today)

- Follow up patch to keystonemiddleware will make sure auth_token does
not rely on the revocation api at all.

Related-Bug: 1626778
Related-Bug: 1626779

Co-Authored-By: Boris Bobrov <bbobrov@mirantis.com>
bp removed-as-of-ocata
Change-Id: Icf1ebced44a675c88fb66a6c0431208ff5181574
2016-11-01 22:05:01 +00:00
Eric Brown d3ece04856 Update man page for Ocata release version and date
Sets the man page date and version to the release date of Ocata.

Change-Id: I3c2bc547130f5c61abbd009268b97520170cc535
2016-09-26 13:04:00 -07:00
Eric Brown 32af31f509 Few new commands missing from docs
The configuration and man page docs are missing some commands
noting the available options to the keystone-manage command.

Change-Id: Iba5efcf94e70f70bac899b8db377960fd35567d4
2016-09-02 08:17:21 -07:00
Eric Brown 2aee65c750 Add man page info for credential setup command
The man page of keystone-manage needs mention of the command
credential_setup.

partially-implements bp credential-encryption

Change-Id: I8c3ee9f1d738d96a51fb5a71cd475b20106e1d61
2016-08-29 14:32:03 -07:00
Boris Bobrov b1fdad9875 Add mapping_populate command
Fetching users from LDAP requires creating public ids for them.
id_mapping_api does that. Creating public ids is slow, because it
requires performing N INSERTs for N users, and there is no way to
work around that. It leads to very slow responses to queries like
"list users".

By pre-creating these public ids we improve API users' experience.

Add keystone-manage mapping_populate command that creates id mapping entries
for users.

bp ldap-preprocessing
Partial-Bug: 1582585
Change-Id: I98f795854aee26f9e7f668372c47572d2b6d4f0f
2016-08-23 20:52:10 +00:00
Dolph Mathews 059f35302d keystone-manage doctor
This introduces a new keystone-manage command called 'doctor' which
attempts to diagnose and report on various ill-advised configurations
and deployment states.

The number of checks we could perform is basically endless, so this is
just a random sampling of checks to get the ball rolling. The idea is
that as new features are introduced, as default configurations change,
as we have new recommendations to make to deployers, etc, we can
implement new checks in keystone-manage doctor and communicate our
concerns directly to those operated affected deployments.

Change-Id: Ib6660c1a885c439ca03357870628b2ea52e39e9d
Implements: bp keystone-manage-doctor
2016-07-18 15:51:57 -07:00
Eric Brown 6bc084df0e Update the keystone-manage man page options
Several of the command line options don't match the current output
from keystone-manage -h.

Here's the output of keystone-manage to compare with the new man
page content:
http://paste.openstack.org/show/508828/

Change-Id: I60d212c5930fcd450745b10155b578faff0e4654
2016-06-07 21:03:35 -07:00
Eric Brown b2ee4a2a75 Update man page for Newton release
* Bump the version to 10
* Update the date of release

Change-Id: I6d8a6c6ef264740a065c8d24440fa95b5b5e1b3e
2016-06-02 14:42:35 -07:00
Steve Martinelli 20b851b240 Remove support for generating ssl certs
these config options and it's supporting command are only useful
when deploying keystone under eventlet, with that removed these
are redundant.

Change-Id: I7c602805bba2c658d3280811ed8919f78ed3aa0d
implements: bp removed-as-of-newton
2016-04-19 08:58:36 -03:00
Steve Martinelli ac039414ce Remove eventlet support
Eventlet has been deprecated since the Kilo release and is
being removed in Newton.

A follow on patch will be proposed to remove the [ssl] section
since it is now redundant.

Co-Authored-By: Grzegorz Grasza <grzegorz.grasza@intel.com>
Partially implements: bp removed-as-of-newton

Change-Id: I963d94bbd188dbb6eba68623a42c5bc3f2289da4
2016-04-18 18:07:28 +00:00
Steve Martinelli 0f306111fb deprecate pki_setup from keystone-manage
with PKI deprecated, we should also deprecate this command

bp: deprecated-as-of-mitaka
Closes-Bug: 1541201
Change-Id: If0600fc52084d1bb2acaadb05d858e4b69ff48eb
2016-02-04 22:54:17 -05:00
Steve Martinelli ec62601339 document the bootstrapping process
create docs on how to configure keystone with the new
keystone-manage bootstrap option.

implements bp: bootstrap

Change-Id: I4c7520cc68aadd49179e40e77b2d5058125edf00
2016-01-18 05:59:24 +00:00
Eric Brown 945e760964 Update man pages with Mitaka version and dates
The keystone-manage listed out-dated version and date. This patch
bumps the version to 9.0.0 and the release date of 4-7-16 according
to: http://docs.openstack.org/releases/schedules/mitaka.html

Note: keystone-all was untouched since it's being removed under the
      eventlet deprecation.

Change-Id: I2e9de4ca1d19d5ee62b3c761bea46d6d61445fd6
2016-01-07 00:14:30 -08:00
Eric Brown 53788e4ab6 Update man pages with liberty version and dates
Both keystone-all and keystone-manage listed out-dated versions
and dates.  This patch bumps the version to 8.0.0 and the release
date of 10-15-15 according to:
    https://wiki.openstack.org/wiki/Liberty_Release_Schedule

Change-Id: Ic389d4fded4579c7ebee2645e7150df4d12e48de
Closes-Bug: #1495645
2015-09-14 10:51:01 -07:00
Marek Denis 039b0bd9a9 Mapping Engine CLI
Implementation of a command line wrapped build on top of mapping engine.
Its main goal is checking effects of input parsed by RuleProcessor with
set of provided mapping rules. User must provide two files: a) rules
file with proper JSON with mapping rules (identical to those uploaded to
the server) b) a file with key-value set of environ-like parameters.

Basic usage:

$ keystone-manage mapping_engine --help
$ keystone-manage mapping_engine --rules <path> --input <path>

Upon successful execution program outputs to the stdout a JSON structure
with effective objects like user, group_ids and user_names.

Implements: bp mapping-engine-tester
Change-Id: Ia4b2e617692ebb42693db6d335985dcb6a0969e1
2015-06-11 10:20:58 +02:00
liu-sheng 37f3a8ad54 Replace github reference by git.openstack.org and change a doc link
* Replace the github by openstack's official home git.openstack.org
* Also update the like of developer documentation of keystone

Change-Id: I60e8e914d9fa3be2cdfffe029e4c2432c07962e2
2015-05-07 10:08:10 +08:00
Lance Bragstad 7d8b6eb2ac Update man pages for the Kilo release
The current man pages for keystone-manage don't include commands relating to
Fernet setup, or the domain configuration upload.

Change-Id: Ifd208151470d8d39d3d4851557e45dc12d1a577b
Closes-Bug: #1441300
2015-04-07 19:01:29 +00:00
Brant Knudson 8bd1d844c5 Update man pages
The man pages were out of date.

Change-Id: I9ce00b06ce2df6fe4f12c3fbeae9ad5ddbdbb13d
Closes-Bug: #1366944
2014-09-08 14:31:38 -05:00
Christian Berendt 6b891e3303 fixed typos found by RETF rules in RST files
rules are avaialble at https://en.wikipedia.org/wiki/Wikipedia:AutoWikiBrowser/Typos

Change-Id: Ia2b0e226d3f682fcba59907eadeb2a2c84972175
2014-05-02 15:34:30 +02:00
Brant Knudson 40cff90166 Update oslo-incubator log.py to a01f79c
This updates the log module from oslo-incubator to
a01f79c3050962fd744239956e9654407d14ea1f

 $ git checkout a01f79c3050962fd744239956e9654407d14ea1f
 $ python update.py --nodeps --base keystone \
     --dest-dir ../keystone --modules log

This includes a fix for the deprecated logger that caused the
deprecated message to be printed multiple times rather than once.

Change-Id: I6174b064205adcdc9fb966a9e01eb5190b5b730e
Closes-Bug: #904307
Closes-Bug: #1266812
2014-02-21 10:10:54 -06:00
Brant Knudson a68e93dc2e Update man pages
The man pages were out of date.

To get the new man pages, I ran keystone-all -h and
keystone-manage -h and copy-pasted the output.

Change-Id: I6c6f6f9f56c2216cce300fcf24877b78b601db5d
2014-02-21 10:05:02 -06:00
Dolph Mathews db93d669ee clean up keystone-manage man page
- wrap literals with double backticks so things render in RST
- replace triple line breaks with double line breaks for consistency
- replace 'REST api' with 'HTTP API' because 2x pedantic

Change-Id: Ib28d0cea06f81b32ef985dfa74333693ef32ae46
2014-02-04 18:15:10 -06:00
damon-devops a0b69a35b7 fix grammar error in keystone-manage.rst
remove "through" from "with through the keystone REST api" and fix "keystone" to "Keystone" and "can not" to "cannot".

Change-Id: I1cc74b36cdb7de28be5dc4c3ee74922da8020804
Closes-Bug: #1273862
2014-02-05 00:09:42 +08:00
liu-sheng 518855b10a correct the document links in man documents
Keystone man documents "SEE ALSO" url shoud be keystone.openstack.org

Change-Id: Ic0ed7ad76903072d7bd1421215277d9dbb9c5775
2014-01-26 16:58:46 +08:00
Jenkins 2f75699719 Merge "Update man page version" 2013-09-26 08:23:32 +00:00
Brant Knudson 571e1eb36f Update man pages
Updates the man pages based on the latest oslo.config and
Keystone code. oslo.config is version 1.2.0.

To generate the man pages, ran

 tools/with_venv.sh bin/keystone-all -h

and copied the output to the man page. A couple of changes were
required because of the output formatting.
1) Escape * in *.config otherwise it's considered emphasis without
   end.
2) --log-file is split to separate lines which results in a space
   in the output, so put it back together.

Change-Id: Ic76b7eafd04551ec01a3c117b9d5a73471b1e4ce
2013-09-24 21:11:30 -05:00
Brant Knudson 4c90a523b9 Update man page version
Sets the version to version for Havana (2013.2) and sets the
date to the Havana release date (Oct 17 -
https://wiki.openstack.org/wiki/Havana_Release_Schedule ).

Change-Id: I4a6e88c61587b36f9d214e3f315f5588b20b6650
2013-09-24 20:54:34 -05:00
Sean Winn 0331f8a58a Changed header from LLC to Foundation based on trademark policies
Fixes: Bug 1214176

Change-Id: Ie937081a53d377671b8b88f422642c8131002f88
2013-09-05 15:03:32 -05:00
Brant Knudson f34fcbe7aa Update keystone-all man page
Regenerate the keystone-all man page by running keystone-all -h
and pasting the output.

Change-Id: I12e7fa08a1cdb1994843d9f0966b0e08d688a071
2013-08-30 15:15:35 -05:00
Dolph Mathews 08cd635c5b Drop support for diablo to essex migrations
This removes support for the following legacy-related commands:

    $ keystone-manage export_legacy_catalog
    $ keystone-manage import_legacy
    $ keystone-manage import_nova_auth

DocImpact

Change-Id: If7277e912f11c9bf3bec15f9addd848e0774f14f
2013-08-28 13:27:32 -05:00
Brant Knudson 552f8832b4 Clean up keystone-manage man page
Several warnings were generated from keystone-manage when
building docs. Also, the options without a description
didn't display correctly in the rendered result.

Also, I added a description for the new db_version subcommand.

To generate the new option list, I ran keystone-manage --help
and copy-pasted the options into the doc.

Change-Id: I1a405ca03d894c9c3e0f6b3bfccc9bcfcce1302d
2013-08-23 13:29:05 -05:00
Tom Fifield 512f678344 Update references with new Mailing List location
Yesterday, openstack@lists.launchpad.org was migrated with
all users to openstack@list.openstack.org.

This patch updates references to the old mailing list with the
new, to ensure that people encountering them don't accidentally
try and join the old list!

Change-Id: I0f8a91a361647a87fab9a1392d56a815f4d66eac
2013-07-29 08:59:50 -07:00
Brant Knudson 793b8eba9d Clean up keystone-all.rst
This change fixes warnings and errors from
doc/source/man/keystone-all.rst when generating documentation.

Change-Id: Ie33b2600f28c517644730b2371ce34ca2e73b7a5
2013-06-26 21:22:00 +00:00
Jamie Lennox ff76a1b5cd Implement Token Flush via keystone-manage.
Creates a cli entry 'token_flush' which removes all expired tokens.

Fixes: bug 1032633
Implements: blueprint keystone-manage-token-flush
Change-Id: I47eab99b577ff9e9ee74fee08e18fd07c4af5aad
2013-05-21 10:14:12 +10:00
Jamie Lennox 28ef9cdcc6 Generate HTTPS certificates with ssl_setup.
Extracts common OpenSSL functionality from pki_setup and adds a new cli
command ssl_setup which re-uses this base to generate SSL certificates
for https.

Change-Id: Ia34827583bcdfbd871133250681010e642271f07
Fixes: bug 1155361
2013-04-11 14:41:15 +10:00
Dolph Mathews 83e989fa35 Cleaned up keystone-all --help output
- Added a missing space: mayuse -> may use
- Removed default values from help messages, which were appearing as
  None, and should be added by argparse anyway
- Updated man pages

Change-Id: I471a1aaff40398488e19f91a16bd91d2d17db61d
2013-02-12 11:19:39 -06:00
Jenkins c252b05fc6 Merge "add --config-dir=DIR for keystone-all option" 2012-10-24 05:38:15 +00:00
Jenkins 2d1fa1f276 Merge "Add --config-dir=DIR in OPTIONS" 2012-10-24 05:38:08 +00:00
long-wang 029cd2be67 add --config-dir=DIR for keystone-all option
Change-Id: I0c9e1fdc05714a11accd2845fa031ac8e09b1028
2012-10-13 21:45:59 +08:00
long-wang f7169c1127 Add --config-dir=DIR in OPTIONS
Change-Id: I51c426bdc0610b59aeecc4512c797e709021eb14
2012-10-13 21:38:03 +08:00
Adam Young bc155af827 Document PKI configuration and management
Bug 1064585

Change-Id: I2faf2d998a208218635e10c24cae06768934d494
2012-10-10 16:13:08 -04:00
wanglong d061599928 Fix the wrong infomation in keystone-manage.rst
Change-Id: I63d789b15361c74d11531646c30fd45f111e236c
2012-07-15 22:49:26 +08:00
Alan Pevec 79f5f7cf99 fix man page build
there was an obsolete man_pages in conf.py
sync keystone-all man page with keystone-all -h output

Change-Id: Ie136d30d0ea647082459ae35720e48742aa2b722
2012-06-22 19:39:45 +02:00
Dolph Mathews e05bc6a6ed Diablo to Essex migration docs (bug 934328)
- Also includes notes to address bug 947060

Change-Id: I2756457861f3e84334a7d37aed31372a3b02dd40
2012-03-09 14:42:34 -06:00