openstack
/
openstack-ansible-os_keystone
Code Issues Proposed changes
Role os_keystone for OpenStack-Ansible
460 Commits 8 Branches 17 Tags 11 MiB
Jinja 69.1%
Python 22.2%
Shell 8.7%
Go to file
Kevin Carter 5d47236c89 Correct fernet token sync race condition 
The fernet token rotation is subject to a race condition when using
aggressive rotation in a high volume, high traffic, high capacity cloud.
This change addresses the potential race condition by converting our
fernet token sync method from rsync to scp and by sorting the fernet
keys in reverse version ordering. This will ensure that the key with
the highest index is always synchronized first and will ensure that
the underlying file structure of a given target node always remains
intact during a sync operation.

Related-Bug: 1816927
Change-Id: I9087d953f7dabe04a2ad19af6121dae71544e5b2
Signed-off-by: Kevin Carter <kevin@cloudnull.com>
(cherry picked from commit 28a0c5abbf)
 		2019-02-26 08:25:04 +00:00
defaults Add memcache flushing handler on db migrations 2018-10-25 13:22:21 +00:00
doc Update URLs in documents according to document migration 2017-07-19 09:32:03 +08:00
examples Do not log passwords 2018-04-17 10:22:27 +00:00
handlers Add memcache flushing handler on db migrations 2018-10-25 13:22:21 +00:00
library Resolved Keystone Federation bugs 2017-02-07 21:01:09 -06:00
meta Remove galera_client meta-dependency 2018-09-19 13:26:15 +00:00
releasenotes Use correct variable for sso_callback_template deployment 2018-06-14 02:33:39 +00:00
tasks Ensure that LDAP config is deployed on all keystone hosts 2018-12-11 16:19:50 +00:00
templates Correct fernet token sync race condition 2019-02-26 08:25:04 +00:00
tests Clean up role tests 2018-09-14 14:08:50 -06:00
vars Define cache_timeout variable 2018-09-17 15:54:40 +01:00
zuul.d Clean up role tests 2018-09-14 14:08:50 -06:00
.gitignore Updated from OpenStack Ansible Tests 2017-06-22 15:19:39 +00:00
.gitreview Update .gitreview for stable/pike 2017-08-18 07:59:29 +00:00
CONTRIBUTING.rst Updated role to be an independent role 2016-02-26 14:13:43 -06:00
LICENSE Updated role to be an independent role 2016-02-26 14:13:43 -06:00
README.rst Update URLs in documents according to document migration 2017-07-19 09:32:03 +08:00
Vagrantfile Updated from OpenStack Ansible Tests 2017-07-28 15:00:34 +00:00
bindep.txt Updated from OpenStack Ansible Tests 2017-10-13 14:50:26 +00:00
manual-test.rc Use centralised test scripts 2016-09-28 08:56:33 +01:00
run_tests.sh Updated from OpenStack Ansible Tests 2017-11-01 20:45:02 +00:00
setup.cfg Update URL home-page in documents according to document migration 2017-07-14 03:21:58 +00:00
setup.py Updated from global requirements 2017-03-02 11:51:52 +00:00
test-requirements.txt Updated from global requirements 2017-07-27 19:17:35 +00:00
tox.ini Clean up role tests 2018-09-14 14:08:50 -06:00

README.rst

Team and repository tags

image

OpenStack-Ansible keystone

Ansible role that installs and configures OpenStack Keystone. Keystone is installed behind the Apache webserver listening on port 5000 and port 35357 by default.

Documentation for the project can be found at: https://docs.openstack.org/openstack-ansible-os_keystone/latest/ The project home is at: http://launchpad.net/openstack-ansible