aboutsummaryrefslogtreecommitdiffstats
path: root/releasenotes/notes
diff options
context:
space:
mode:
authorCyril Lopez <cylopez@redhat.com>2017-03-30 15:54:32 +0200
committerJuan Antonio Osorio Robles <jaosorior@redhat.com>2017-04-05 17:41:01 +0300
commitb8388e378a9151bccbac0db0478b1ef5d1e2e3fb (patch)
treece2751f3bd5e66b616f564f64c7f36b1e2ae88db /releasenotes/notes
parent6f19cb59f3f401dd34637b065eb779035a96b763 (diff)
Add a trigger to call ldap_backend define
Ldap_backend is a define so we need a resource to talk it. If ldap_backend_enable set by tripleo-heat-templates, we call the ldap_backend as a resource. Given an environment such as the following: parameter_defaults: KeystoneLdapDomainEnable: true KeystoneLDAPBackendConfigs: tripleoldap: url: ldap://192.0.2.250 user: cn=openstack,ou=Users,dc=redhat,dc=example,dc=com password: Secrete suffix: dc=redhat,dc=example,dc=com user_tree_dn: ou=Users,dc=redhat,dc=example,dc=com user_filter: "(memberOf=cn=OSuser,ou=Groups,dc=redhat,dc=example,dc=com)" user_objectclass: person user_id_attribute: cn user_allow_create: false user_allow_update: false user_allow_delete: false ControllerExtraConfig: nova::keystone::authtoken::auth_version: v3 cinder::keystone::authtoken::auth_version: v3 It would then create a domain called tripleoldap with an LDAP configuration as defined by the hash. The parameters from the hash are defined by the keystone::ldap_backend resource in puppet-keystone. More backends can be added as more entries to that hash. Partial-Bug: 1677603 Co-Authored-By: Juan Antonio Osorio Robles <jaosorior@redhat.com> Co-Authored-By: Guillaume Coré <gucore@redhat.com> Signed-off-by: Cyril Lopez <cylopez@redhat.com> Change-Id: I1593c6a33ed1a0ea51feda9dfb6e1690eaeac5db
Diffstat (limited to 'releasenotes/notes')
-rw-r--r--releasenotes/notes/add-ldap-backend-48e875e971343e2a.yaml5
1 files changed, 5 insertions, 0 deletions
diff --git a/releasenotes/notes/add-ldap-backend-48e875e971343e2a.yaml b/releasenotes/notes/add-ldap-backend-48e875e971343e2a.yaml
new file mode 100644
index 0000000..0fb9271
--- /dev/null
+++ b/releasenotes/notes/add-ldap-backend-48e875e971343e2a.yaml
@@ -0,0 +1,5 @@
+---
+features:
+ - Add keystone::ldap_backend call as resource when is trigged to setup a LDAP
+ backend as keystone domain. This allows per-domain LDAP backends for
+ keystone.