Fuel for OpenStack

Fuel with existed ldap

Registered by Chang-Yi Lee

Currently, Fuel cannot switch Keystone authentication backend from SQL to LDAP. Some of our customers already have their own authentication service and they prefer not to maintain two authentication services.
We could let customers to switch identity backend in create 'cluster wizard' or 'setting tab'. In that way, any customer can easily integrate their pre-existed LDAP while deploying Openstack by Fuel.

Blueprint information

Status:
Complete
Approver:
None
Priority:
Undefined
Drafter:
Rico Lin
Direction:
Needs approval
Assignee:
Rico Lin
Definition:
Review
Series goal:
Proposed for future
Implementation:
Implemented
Milestone target:
milestone icon next
Started by
Rico Lin
Completed by
Dmitry Borodaenko

Related branches

Sprints

Whiteboard

Gerrit topic: https://review.openstack.org/#q,topic:bp/fuel-with-existed-ldap,n,z

Addressed by: https://review.openstack.org/127118
    proposal of support Keystone with LDAP identity backend

Addressed by: https://review.openstack.org/144400
    Fuel keystone identity with existed ldap

Addressed by: https://review.openstack.org/148155
    Add LDAP/AD support in Fuel-library

Addressed by: https://review.openstack.org/187836
    Add ldap class and its configuration from hiera

Addressed by: https://review.openstack.org/188887
    Add structure function

Addressed by: https://review.openstack.org/188888
    Remove hardcoded system users in Keystone

Addressed by: https://review.openstack.org/197513
    Blueprint fuel-with-existed-ldap

Addressed by: https://review.openstack.org/203028
    add new subnet 'baremetal':

Addressed by: https://review.openstack.org/205030
    blueprint: fuel-with-existed-ldap

Gerrit topic: https://review.openstack.org/#q,topic:plugin,n,z

(?)

Work Items

Nearby

This blueprint contains Public information 
Everyone can see this information.
Edit subscription

Subscribers

No subscribers.