Deploying keystone with LDAP read-only backend fails
Bug #1607970 reported by
Kevin Metz
This bug affects 3 people
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
OpenStack Keystone Charm |
Triaged
|
Medium
|
Unassigned | ||
keystone (Juju Charms Collection) |
Invalid
|
Medium
|
Unassigned |
Bug Description
When deploying Keystone with a LDAP read-only backend, the keystone charm can't create tenants, services and endpoints. Instead, administrator is required to deploy with SQL read-write backend and then switch to LDAP read-only. Given the typical production environments a read-only LDAP backend is not unusual.
Changed in charm-keystone: | |
importance: | Undecided → Medium |
status: | New → Triaged |
Changed in keystone (Juju Charms Collection): | |
status: | Triaged → Invalid |
To post a comment you must log in.
The charm has "ldap-readonly" flag. What is missing to support read-only LDAP deployment? Issues in config options or the order of deployment?docs.openstack.org/developer/keystone/configuration.html#read-only-ldap
http://