Please tell me how deploy OpenStack with Ansible Kolla with LDAP integration.
Deploy kolla-ansible OpenStask wuth LDAP integration
974 Views Asked by Andrey At
1
There are 1 best solutions below
Related Questions in OPENSTACK
- Script shell execution failing escaping problem
- How can I upload a tar.bz2 file to Openstack Swift Object storage container using Python Swift Client?
- How do I check users inside my openstack project using openstack.cloud ansible collection?
- backup issue about openstack disk
- How to Expose OpenStack Instances to Local Host Physical Network?
- Using AWS Cloudwatch Agent to Monitor Openstack IaaS cloud
- Terraform floating ip check
- How to use Auth token in Openstack Ansible Module
- python yaml openstack how to access element of one group
- There was a problem using openstack4j for domain level authentication
- Openstack: Terraform multiple Instances with additional Disks - for_each list(object)
- Terraform: openstack_compute_instance_v2 assign multiple networks dinamically
- Issues with bash scripting syntax in Jenkins pipeline
- Imported python package unrecognized submodule
- How can I assign a port to VM without ip in openstack?
Related Questions in KEYSTONE
- Keystone connection fail
- Keystone and Cloudinary
- keystone command not found
- import error no module named cmd.manage
- "Unauthorized: The request you have made requires authentication. (HTTP 401)" on Fiware Horizon
- Create a custom role in Openstack to provide read-only access for a single tenant?
- Devstack Juno: ImportError: No module named persistence.backends.sql
- How to create a makefile for Keystone library using cmake?
- OpenStack Ansible
- 401 Unauthorized when using s3 API for Swift Openstack
- Unauthorized error when using OpenStack API, can't get authentication token from keystone
- Mongoose pre.save() async middleware not working on record creation
- Setup public rule in keystone policy file
- Can not start keystone service
- Keystone: How to get context type based on defined lists?
Related Questions in OPENSTACK-HORIZON
- How to resolve "Unable to resolve host" in OpenStack Yoga?
- noVNC Console not working on Charmed Openstack
- Openstack SSH keypair (public key) not being authorized or imported into instance
- Conflict occurred attempting to store application_credential - Duplicate entry found with name monitoring
- Devstack installation fails : stack.sh failed Error on exit
- Stay authenticated longer in OpenStack Horizon
- devstack/stackrc:833 Could not determine host ip address. See local.conf for suggestions on setting HOST_IP
- cloud-init instance cloud config runcmd commands not executed in openstack
- Install Openstack on single node
- Unable to Create Active Volume in OpenStack
- Deploy kolla-ansible OpenStask wuth LDAP integration
- Ping to Floating IP of an OpenStack instance answers with Request timeout for icmp_seq
- Openstack Compute API Update Server Tags
- Target WSGI script '/usr/share/openstack-dashboard/openstack_dashboard/wsgi.py' cannot be loaded as Python module
- Microstack/Openstack VMs access on public/physical network
Trending Questions
- UIImageView Frame Doesn't Reflect Constraints
- Is it possible to use adb commands to click on a view by finding its ID?
- How to create a new web character symbol recognizable by html/javascript?
- Why isn't my CSS3 animation smooth in Google Chrome (but very smooth on other browsers)?
- Heap Gives Page Fault
- Connect ffmpeg to Visual Studio 2008
- Both Object- and ValueAnimator jumps when Duration is set above API LvL 24
- How to avoid default initialization of objects in std::vector?
- second argument of the command line arguments in a format other than char** argv or char* argv[]
- How to improve efficiency of algorithm which generates next lexicographic permutation?
- Navigating to the another actvity app getting crash in android
- How to read the particular message format in android and store in sqlite database?
- Resetting inventory status after order is cancelled
- Efficiently compute powers of X in SSE/AVX
- Insert into an external database using ajax and php : POST 500 (Internal Server Error)
Popular Questions
- How do I undo the most recent local commits in Git?
- How can I remove a specific item from an array in JavaScript?
- How do I delete a Git branch locally and remotely?
- Find all files containing a specific text (string) on Linux?
- How do I revert a Git repository to a previous commit?
- How do I create an HTML button that acts like a link?
- How do I check out a remote Git branch?
- How do I force "git pull" to overwrite local files?
- How do I list all files of a directory?
- How to check whether a string contains a substring in JavaScript?
- How do I redirect to another webpage?
- How can I iterate over rows in a Pandas DataFrame?
- How do I convert a String to an int in Java?
- Does Python have a string 'contains' substring method?
- How do I check if a string contains a specific word?
I know this is a bit old but was searching for the answer to this as well and ended up solving it.
You will need to create domain-specific configuration for LDAP authentication. This way you leave your default domain and projects alone with their built-in authentication and you will have a separate domain with all your projects that authenticate with LDAP.
Create a custom config file referencing your
${your_domain_name}in/etc/kolla/config/keystone/domains/keystone.${your_domain_name}.confThen in that file you set your driver to LDAP and define all your required LDAP configuration parameters as referenced in https://docs.openstack.org/keystone/latest/admin/configuration.html
That is all you need to configure before deployment. After running the
deployandpost-deployjobs in Kolla, source the/etc/kolla/admin-openrc.shfile to get the admin credentials and create your domain that will authenticate with LDAP via the CLI:After restarting the Keystone container, it should now have connected that domain to LDAP which can be confirmed via the CLI: