diff --git a/ansible/group_vars/all/compute b/ansible/group_vars/all/compute
index 120434154..bd771c31c 100644
--- a/ansible/group_vars/all/compute
+++ b/ansible/group_vars/all/compute
@@ -12,7 +12,7 @@ compute_bootstrap_user: "{{ lookup('env', 'USER') }}"
 # List of networks to which compute nodes are attached.
 compute_network_interfaces: >
   {{ (compute_default_network_interfaces +
-      compute_extra_network_interfaces) | unique | list }}
+      compute_extra_network_interfaces) | reject('none') | unique | list }}
 
 # List of default networks to which compute nodes are attached.
 compute_default_network_interfaces: >
diff --git a/ansible/group_vars/all/controllers b/ansible/group_vars/all/controllers
index b8ef9f05f..4d278a911 100644
--- a/ansible/group_vars/all/controllers
+++ b/ansible/group_vars/all/controllers
@@ -14,7 +14,7 @@ controller_network_interfaces: >
   {{ (controller_default_network_interfaces +
       controller_extra_network_interfaces +
       (controller_network_host_network_interfaces
-       if inventory_hostname in groups['network'] else [])) | unique | list }}
+       if inventory_hostname in groups['network'] else [])) | reject('none') | unique | list }}
 
 # List of default networks to which controller nodes are attached.
 controller_default_network_interfaces: >
@@ -36,7 +36,7 @@ controller_extra_network_interfaces: []
 controller_network_host_network_interfaces: >
   {{ ([public_net_name,
        tunnel_net_name] +
-      external_net_names) | unique | list }}
+      external_net_names) | reject('none') | unique | list }}
 
 ###############################################################################
 # Controller node BIOS configuration.
diff --git a/ansible/group_vars/all/monitoring b/ansible/group_vars/all/monitoring
index b89bd340c..d03e4f2ae 100644
--- a/ansible/group_vars/all/monitoring
+++ b/ansible/group_vars/all/monitoring
@@ -14,13 +14,13 @@ monitoring_network_interfaces: >
   {{ controller_network_interfaces | unique | list
      if inventory_hostname in groups['controllers'] else
      (monitoring_default_network_interfaces +
-      monitoring_extra_network_interfaces) | unique | list }}
+      monitoring_extra_network_interfaces) | reject('none') | unique | list }}
 
 # List of default networks to which monitoring nodes are attached.
 monitoring_default_network_interfaces: >
   {{ [admin_oc_net_name,
       internal_net_name,
-      public_net_name] | unique | list }}
+      public_net_name] | reject('none') | unique | list }}
 
 # List of extra networks to which monitoring nodes are attached.
 monitoring_extra_network_interfaces: []
diff --git a/ansible/group_vars/all/seed b/ansible/group_vars/all/seed
index 12620ae79..b53b1dbaf 100644
--- a/ansible/group_vars/all/seed
+++ b/ansible/group_vars/all/seed
@@ -12,13 +12,13 @@ seed_bootstrap_user: "{{ lookup('env', 'USER') }}"
 # List of networks to which seed nodes are attached.
 seed_network_interfaces: >
   {{ (seed_default_network_interfaces +
-      seed_extra_network_interfaces) | unique | list }}
+      seed_extra_network_interfaces) | reject('none') | unique | list }}
 
 # List of default networks to which seed nodes are attached.
 seed_default_network_interfaces: >
   {{ [admin_oc_net_name,
       oob_oc_net_name,
-      provision_oc_net_name] | unique | list }}
+      provision_oc_net_name] | reject('none') | unique | list }}
 
 # List of extra networks to which seed nodes are attached.
 seed_extra_network_interfaces: []
diff --git a/ansible/group_vars/all/seed-hypervisor b/ansible/group_vars/all/seed-hypervisor
index 506b4dbfe..0cacd4375 100644
--- a/ansible/group_vars/all/seed-hypervisor
+++ b/ansible/group_vars/all/seed-hypervisor
@@ -12,7 +12,7 @@ seed_hypervisor_bootstrap_user: "{{ lookup('env', 'USER') }}"
 # List of networks to which seed hypervisor nodes are attached.
 seed_hypervisor_network_interfaces: >
   {{ (seed_hypervisor_default_network_interfaces +
-      seed_hypervisor_extra_network_interfaces) | unique | list }}
+      seed_hypervisor_extra_network_interfaces) | reject('none') | unique | list }}
 
 # List of default networks to which seed hypervisor nodes are attached.
 seed_hypervisor_default_network_interfaces: "{{ seed_default_network_interfaces }}"
diff --git a/ansible/group_vars/all/storage b/ansible/group_vars/all/storage
index d80572e0e..3deb1f3b3 100644
--- a/ansible/group_vars/all/storage
+++ b/ansible/group_vars/all/storage
@@ -27,7 +27,7 @@ storage_default_network_interfaces: >
   {{ [admin_oc_net_name,
       internal_net_name,
       storage_mgmt_net_name,
-      storage_net_name] | unique | list }}
+      storage_net_name] | reject('none') | unique | list }}
 
 # List of extra networks to which storage nodes are attached.
 storage_extra_network_interfaces: []
diff --git a/ansible/kolla-ansible.yml b/ansible/kolla-ansible.yml
index 580c823cd..ca9b85d71 100644
--- a/ansible/kolla-ansible.yml
+++ b/ansible/kolla-ansible.yml
@@ -213,6 +213,7 @@
   hosts: localhost
   tags:
     - kolla-ansible
+  gather_facts: true
   vars:
     # We need to reference configuration for the network node.
     # We pick the first host from the group for this. It is possible that at
diff --git a/ansible/kolla-openstack.yml b/ansible/kolla-openstack.yml
index dfeabbabf..e093406f5 100644
--- a/ansible/kolla-openstack.yml
+++ b/ansible/kolla-openstack.yml
@@ -109,6 +109,7 @@
             - { name: inspector, file: ironic-inspector.conf }
             - { name: ironic, file: ironic.conf }
             - { name: kafka, file: kafka.server.properties }
+            - { name: keystone, file: keystone.conf }
             - { name: magnum, file: magnum.conf }
             - { name: manila, file: manila.conf }
             - { name: mariadb, file: galera.cnf }
@@ -212,6 +213,7 @@
       kolla_extra_inspector: "{{ kolla_extra_config.inspector | default }}"
       kolla_extra_ironic: "{{ kolla_extra_config.ironic | default }}"
       kolla_extra_kafka: "{{ kolla_extra_config.kafka | default }}"
+      kolla_extra_keystone: "{{ kolla_extra_config.keystone | default }}"
       kolla_extra_magnum: "{{ kolla_extra_config.magnum | default }}"
       kolla_extra_manila: "{{ kolla_extra_config.manila | default }}"
       kolla_extra_mariadb: "{{ kolla_extra_config.mariadb | default }}"
diff --git a/ansible/roles/kolla-openstack/defaults/main.yml b/ansible/roles/kolla-openstack/defaults/main.yml
index dc5e3ebe9..368be6065 100644
--- a/ansible/roles/kolla-openstack/defaults/main.yml
+++ b/ansible/roles/kolla-openstack/defaults/main.yml
@@ -67,6 +67,15 @@ kolla_extra_grafana:
 kolla_enable_haproxy:
 
 ###############################################################################
+# Keystone configuration.
+
+# Whether to enable Keystone.
+kolla_enable_keystone:
+
+# Free form extra configuration to append to Keystone.conf
+kolla_extra_keystone:
+
+##############################################################################
 # Heat configuration.
 
 # Whether to enable Heat.
diff --git a/ansible/roles/kolla-openstack/molecule/enable-everything/molecule.yml b/ansible/roles/kolla-openstack/molecule/enable-everything/molecule.yml
index e36cb7b33..547745b98 100644
--- a/ansible/roles/kolla-openstack/molecule/enable-everything/molecule.yml
+++ b/ansible/roles/kolla-openstack/molecule/enable-everything/molecule.yml
@@ -54,6 +54,10 @@ provisioner:
         kolla_extra_kafka: |
           [extra-kafka.server.properties]
           foo=bar
+        kolla_enable_keystone: true
+        kolla_extra_keystone: |
+          [extra-keystone.conf]
+          foo=bar
         kolla_enable_magnum: true
         kolla_extra_magnum: |
           [extra-magnum.conf]
diff --git a/ansible/roles/kolla-openstack/molecule/enable-everything/tests/test_default.py b/ansible/roles/kolla-openstack/molecule/enable-everything/tests/test_default.py
index a8d224ef7..2766f2525 100644
--- a/ansible/roles/kolla-openstack/molecule/enable-everything/tests/test_default.py
+++ b/ansible/roles/kolla-openstack/molecule/enable-everything/tests/test_default.py
@@ -69,6 +69,7 @@ def test_service_config_directory(host, path):
      'ironic.conf',
      'ironic-inspector.conf',
      'kafka.server.properties',
+     'keystone.conf',
      'magnum.conf',
      'manila.conf',
      'neutron/ml2_conf.ini',
diff --git a/ansible/roles/kolla-openstack/tasks/config.yml b/ansible/roles/kolla-openstack/tasks/config.yml
index 374b0660b..324543d4a 100644
--- a/ansible/roles/kolla-openstack/tasks/config.yml
+++ b/ansible/roles/kolla-openstack/tasks/config.yml
@@ -23,6 +23,7 @@
     - { src: ironic.conf.j2, dest: ironic.conf, enabled: "{{ kolla_enable_ironic }}" }
     - { src: ironic-inspector.conf.j2, dest: ironic-inspector.conf, enabled: "{{ kolla_enable_ironic }}" }
     - { src: kafka.server.properties.j2, dest: kafka.server.properties, enabled: "{{ kolla_enable_kafka }}" }
+    - { src: keystone.conf.j2, dest: keystone.conf, enabled: "{{ kolla_enable_keystone }}" }
     - { src: magnum.conf.j2, dest: magnum.conf, enabled: "{{ kolla_enable_magnum }}" }
     - { src: manila.conf.j2, dest: manila.conf, enabled: "{{ kolla_enable_manila }}" }
     - { src: ml2_conf.ini.j2, dest: neutron/ml2_conf.ini, enabled: "{{ kolla_enable_neutron }}" }
diff --git a/ansible/roles/kolla-openstack/templates/keystone.conf.j2 b/ansible/roles/kolla-openstack/templates/keystone.conf.j2
new file mode 100644
index 000000000..753e98bb8
--- /dev/null
+++ b/ansible/roles/kolla-openstack/templates/keystone.conf.j2
@@ -0,0 +1,8 @@
+# {{ ansible_managed }}
+{% if kolla_extra_keystone %}
+#######################
+# Extra configuration
+#######################
+{{ kolla_extra_keystone }}
+{% endif %}
+
diff --git a/doc/source/configuration/kolla-ansible.rst b/doc/source/configuration/kolla-ansible.rst
index d32a8964d..650d39230 100644
--- a/doc/source/configuration/kolla-ansible.rst
+++ b/doc/source/configuration/kolla-ansible.rst
@@ -173,6 +173,7 @@ which files are supported.
    ``kafka.server.properties``     Kafka configuration.
    ``kafka/*``                     Extended Kafka configuration.
    ``keepalived/*``                Extended keepalived configuration.
+   ``keystone.conf``               Keystone configuration.
    ``keystone/*``                  Extended keystone configuration.
    ``magnum.conf``                 Magnum configuration.
    ``magnum/*``                    Extended magnum configuration.
diff --git a/etc/kayobe/kolla.yml b/etc/kayobe/kolla.yml
index aa3f4ffe2..9669f0d22 100644
--- a/etc/kayobe/kolla.yml
+++ b/etc/kayobe/kolla.yml
@@ -195,6 +195,7 @@
 #kolla_enable_ironic_pxe_uefi:
 #kolla_enable_iscsid:
 #kolla_enable_karbor:
+#kolla_enable_keystone:
 #kolla_enable_kuryr:
 #kolla_enable_magnum:
 #kolla_enable_manila:
diff --git a/releasenotes/notes/ignore-unconfigured-nets-93beaf96f43af1ed.yaml b/releasenotes/notes/ignore-unconfigured-nets-93beaf96f43af1ed.yaml
new file mode 100644
index 000000000..cfb046da8
--- /dev/null
+++ b/releasenotes/notes/ignore-unconfigured-nets-93beaf96f43af1ed.yaml
@@ -0,0 +1,9 @@
+---
+features:
+  - |
+    Adds support for skipping configuration of a network, by setting its name
+    to ``None``.  This is done in ``networks.yml`` as follows::
+
+        admin_oc_net_name:
+  - |
+    Adds support for custom configuration of ``keystone.conf``.