Snap package for Keystone
Go to file
OpenDev Sysadmins 78ce49cf96 OpenDev Migration Patch
This commit was bulk generated and pushed by the OpenDev sysadmins
as a part of the Git hosting and code review systems migration
detailed in these mailing list posts:

http://lists.openstack.org/pipermail/openstack-discuss/2019-March/003603.html
http://lists.openstack.org/pipermail/openstack-discuss/2019-April/004920.html

Attempts have been made to correct repository namespaces and
hostnames based on simple pattern matching, but it's possible some
were updated incorrectly or missed entirely. Please reach out to us
via the contact information listed at https://opendev.org/ with any
questions you may have.
2019-04-19 19:51:57 +00:00
patches Switch back to strict confinement 2017-06-22 00:30:20 +00:00
snap Connect admin/public ports to correct sockets 2017-06-22 15:34:30 +00:00
tests In test cleanup, only delete DB if it exists 2017-10-25 16:21:15 -04:00
.gitignore Added config files to snap. 2017-08-10 19:28:29 +00:00
.gitreview OpenDev Migration Patch 2019-04-19 19:51:57 +00:00
CONTRIBUTING.rst s/nova/keystone cut and paste error 2017-06-23 11:41:06 +02:00
LICENSE Hygiene tidy 2016-11-24 16:33:10 +00:00
README.md Update README snap install command 2017-08-09 17:05:25 -04:00
bindep.txt Switch to classic confinement 2017-03-16 15:22:38 +00:00
requirements.txt Log file updates for keystone and uwsgi 2017-01-04 09:17:03 +00:00
snapcraft.yaml Add support for keystone memcache deployments 2017-10-13 07:41:14 -04:00
tox.ini Updated proxy env var passthrough in tox.ini 2017-08-08 13:17:38 +00:00

README.md

Keystone Snap

This repository contains the source code of the snap for the OpenStack Identity service, Keystone.

Installing this snap

The keystone snap can be installed directly from the snap store:

sudo snap install --channel=ocata/edge keystone

The keystone snap is working towards publication across tracks for OpenStack releases. The edge channel for each track will contain the tip of the OpenStack project's master or stable branch, with the beta, candidate, and stable channels being reserved for released versions. The same version will be published progressively to beta, then candidate, and then stable once CI validation completes for the channel. This should result in an experience such as:

sudo snap install --channel=ocata/stable keystone
sudo snap install --channel=pike/edge keystone

Configuring keystone

The keystone snap gets its default configuration from the following $SNAP and $SNAP_COMMON locations:

/snap/keystone/current/etc/
└── keystone
    ├── keystone.conf
    └── ...

/var/snap/keystone/common/etc/
├── keystone
│   └── keystone.conf.d
│       └── keystone-snap.conf
├── nginx
│   ├── snap
│   │   ├── nginx.conf
│   │   └── sites-enabled
│   │       └── keystone.conf
└── uwsgi
    └── snap
        └── keystone.ini

The keystone snap supports configuration updates via its $SNAP_COMMON writable area. The default keystone configuration can be overridden as follows:

/var/snap/keystone/common/etc/
├── keystone
│   ├── keystone.conf.d
│   │   ├── keystone-snap.conf
│   │   ├── database.conf
│   │   └── rabbitmq.conf
│   └── keystone.conf
├── nginx
│   ├── snap
│   │   ├── nginx.conf
│   │   └── sites-enabled
│   │       └── keystone.conf
│   ├── nginx.conf
│   ├── sites-enabled
│   │   └── keystone.conf
└── uwsgi
    ├── snap
    │   └── keystone.ini
    └── keystone.ini

The keystone configuration can be overridden or augmented by writing configuration snippets to files in the keystone.conf.d directory.

Alternatively, keystone configuration can be overridden by adding a full keystone.conf file to the keystone/ directory. If overriding in this way, you'll need to either point this config file at additional config files located in $SNAP, or add those to $SNAP_COMMON as well.

The keystone nginx configuration can be overridden by adding an nginx/nginx.conf and new site config files to the nginx/sites-enabled directory. In this case the nginx/nginx.conf file would include that sites-enabled directory. If nginx/nginx.conf exists, nginx/snap/nginx.conf will no longer be used.

The keystone uwsgi configuration can be overridden similarly by adding a uwsgi/keystone.ini file. If uwsgi/keystone.ini exists, uwsgi/snap/keystone.ini will no longer be used.

Logging keystone

The services for the keystone snap will log to its $SNAP_COMMON writable area: /var/snap/keystone/common/log.

Restarting keystone services

To restart all keystone services:

sudo systemctl restart snap.keystone.*

or an individual service can be restarted by dropping the wildcard and specifying the full service name.

Building the keystone snap

Simply clone this repository and then install and run snapcraft:

git clone https://github.com/openstack/snap-keystone
sudo apt install snapcraft
cd snap-keystone
snapcraft

Support

Please report any bugs related to this snap at: Launchpad.

Alternatively you can find the OpenStack Snap team in #openstack-snaps on Freenode IRC.