Browse code
blueprint devstack-support-for-keystone-mixbackend
Added KEYSTONE_ASSIGNMENT_BACKEND to support mixed backend
Modified code for KEYSTONE_IDENTITY_BACKEND according to comments.
Implemented the check for variables instead of case statements.
UPD: Removed arrays.
UPD2: fixed spacing issues
Change-Id: Ie92eed1fb5be5f875ef6633ede9c9e08daf6bf4f
Implements: devstack-support-for-keystone-mixbackend
Alex Rudenko authored on 2013/09/01 23:26:03Showing 1 changed files
| 1 | 1 |
old mode 100644 |
| 2 | 2 |
new mode 100755 |
| ... | ... |
@@ -44,6 +44,12 @@ KEYSTONE_CATALOG=$KEYSTONE_CONF_DIR/default_catalog.templates |
| 44 | 44 |
# Select the backend for Tokens |
| 45 | 45 |
KEYSTONE_TOKEN_BACKEND=${KEYSTONE_TOKEN_BACKEND:-sql}
|
| 46 | 46 |
|
| 47 |
+# Select the backend for Identity |
|
| 48 |
+KEYSTONE_IDENTITY_BACKEND=${KEYSTONE_IDENTITY_BACKEND:-sql}
|
|
| 49 |
+ |
|
| 50 |
+# Select the backend for Assignment |
|
| 51 |
+KEYSTONE_ASSIGNMENT_BACKEND=${KEYSTONE_ASSIGNMENT_BACKEND:-sql}
|
|
| 52 |
+ |
|
| 47 | 53 |
# Select Keystone's token format |
| 48 | 54 |
# Choose from 'UUID' and 'PKI' |
| 49 | 55 |
KEYSTONE_TOKEN_FORMAT=${KEYSTONE_TOKEN_FORMAT:-PKI}
|
| ... | ... |
@@ -63,10 +69,14 @@ KEYSTONE_SERVICE_PROTOCOL=${KEYSTONE_SERVICE_PROTOCOL:-$SERVICE_PROTOCOL}
|
| 63 | 63 |
# Set the tenant for service accounts in Keystone |
| 64 | 64 |
SERVICE_TENANT_NAME=${SERVICE_TENANT_NAME:-service}
|
| 65 | 65 |
|
| 66 |
+# valid identity backends as per dir keystone/identity/backends |
|
| 67 |
+KEYSTONE_VALID_IDENTITY_BACKENDS=kvs,ldap,pam,sql |
|
| 68 |
+ |
|
| 69 |
+# valid assignment backends as per dir keystone/identity/backends |
|
| 70 |
+KEYSTONE_VALID_ASSIGNMENT_BACKENDS=kvs,ldap,sql |
|
| 66 | 71 |
|
| 67 | 72 |
# Functions |
| 68 | 73 |
# --------- |
| 69 |
- |
|
| 70 | 74 |
# cleanup_keystone() - Remove residual data files, anything left over from previous |
| 71 | 75 |
# runs that a clean run would need to clean up |
| 72 | 76 |
function cleanup_keystone() {
|
| ... | ... |
@@ -116,8 +126,14 @@ function configure_keystone() {
|
| 116 | 116 |
iniset $KEYSTONE_CONF DEFAULT member_role_name "_member_" |
| 117 | 117 |
fi |
| 118 | 118 |
|
| 119 |
- if [[ "$KEYSTONE_IDENTITY_BACKEND" == "ldap" ]]; then |
|
| 120 |
- iniset $KEYSTONE_CONF identity driver "keystone.identity.backends.ldap.Identity" |
|
| 119 |
+ # check if identity backend is valid |
|
| 120 |
+ if [[ "$KEYSTONE_VALID_IDENTITY_BACKENDS" =~ "$KEYSTONE_IDENTITY_BACKEND" ]]; then |
|
| 121 |
+ iniset $KEYSTONE_CONF identity driver "keystone.identity.backends.$KEYSTONE_IDENTITY_BACKEND.Identity" |
|
| 122 |
+ fi |
|
| 123 |
+ |
|
| 124 |
+ # check if assignment backend is valid |
|
| 125 |
+ if [[ "$KEYSTONE_VALID_ASSIGNMENT_BACKENDS" =~ "$KEYSTONE_ASSIGNMENT_BACKEND" ]]; then |
|
| 126 |
+ iniset $KEYSTONE_CONF assignment driver "keystone.assignment.backends.$KEYSTONE_ASSIGNMENT_BACKEND.Assignment" |
|
| 121 | 127 |
fi |
| 122 | 128 |
|
| 123 | 129 |
# Set the URL advertised in the ``versions`` structure returned by the '/' route |