Kilo changes for Keystone
Overview
########
This blueprint collects all the changes that are necessary to make the
Keystone playbook ready for Kilo.
Problem Description
-------------------
The configuration files need to be updated for Kilo.
Proposed Change
---------------
After an analysis of the changes between Juno and Kilo, I (sigmavirus24) have
come up with the following list of changes, all in the keystone.conf.j2
template:
New Options
+++++++++++
- ``[DEFAULT]
- ``[DEFAULT]
- ``[trust]
- ``[trust]/driver``
New Groups
++++++++++
- ``[oslo_
- ``[oslo_
- ``[oslo_
- ``[oslo_
- ``[resource]``
- ``[role]``
Moved Options
+++++++++++++
- ``[DEFAULT]
- ``[DEFAULT]
- ``[DEFAULT]
Deprecated Options
++++++++++++++++++
- ``[signing]
Changed Options
+++++++++++++++
- ``[token]
Recommended Values
++++++++++++++++++
- ``[token]
Playbook Impact
---------------
Minor impact localized to the keystone.conf template file.
Alternatives
------------
None.
Security Impact
---------------
None. Switching token hash algorighm from the MD5 default to SHA256 will improve security.
Performance Impact
------------------
None.
End User Impact
---------------
No user impacting changes.
Deployer Impact
---------------
No change.
Developer Impact
----------------
No change.
Dependencies
------------
If the MD5 token hashing is changed to use SHA256, then Horizon and other
services have to be changed in the same way.
Documentation Impact
-------
No changes to docs.
References
----------
os-ansible-
https:/
Current keystone example keystone.conf
https:/
Blueprint information
- Status:
- Complete
- Approver:
- None
- Priority:
- Undefined
- Drafter:
- Ian Cordasco
- Direction:
- Needs approval
- Assignee:
- None
- Definition:
- Obsolete
- Series goal:
- None
- Implementation:
- Unknown
- Milestone target:
- None
- Started by
- Completed by
- Kevin Carter
Related branches
Related bugs
Sprints
Whiteboard
Gerrit topic: https:/
Addressed by: https:/
Keystone config changes for Kilo
Work Items
Dependency tree
* Blueprints in grey have been implemented.