简体   繁体   中英

Deploy kolla-ansible OpenStask wuth LDAP integration

请告诉我如何使用带有 LDAP 集成的 Ansible Kolla 部署 OpenStack。

I know this is a bit old but was searching for the answer to this as well and ended up solving it.

You will need to create domain-specific configuration for LDAP authentication. This way you leave your default domain and projects alone with their built-in authentication and you will have a separate domain with all your projects that authenticate with LDAP.

Create a custom config file referencing your ${your_domain_name} in /etc/kolla/config/keystone/domains/keystone.${your_domain_name}.conf

Then in that file you set your driver to LDAP and define all your required LDAP configuration parameters as referenced in https://docs.openstack.org/keystone/latest/admin/configuration.html

[identity]
driver=ldap

[ldap]

# Your LDAP config settings go here

That is all you need to configure before deployment. After running the deploy and post-deploy jobs in Kolla, source the /etc/kolla/admin-openrc.sh file to get the admin credentials and create your domain that will authenticate with LDAP via the CLI:

openstack domain create ${your_domain_name}

After restarting the Keystone container, it should now have connected that domain to LDAP which can be confirmed via the CLI:

openstack user list --domain ${your_domain_name}

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM