python-keystone: Add apache vhost server.

This patch set configures an apache vhost server on port 8081 which will serve as the main authentication method and documents the change in README.keystone. Signed-off-by: Liam R. Howlett <Liam.Howlett@WindRiver.com>
author: Liam R. Howlett <Liam.Howlett@WindRiver.com> 2014-09-19 15:51:17 -0400
committer: Bruce Ashfield <bruce.ashfield@windriver.com> 2014-09-22 11:46:42 -0400
commit: bf51fa4f053a6aecb816ed7b4dcca64e9bd5b9b3 (patch)
tree: 02bdfd5520ab5c73183b2428baa42d686bb71d77 /meta-openstack/Documentation
parent: dcfac869bea8a501177c8419c8fd11c3ed03b21e (diff)
download: meta-cloud-services-bf51fa4f053a6aecb816ed7b4dcca64e9bd5b9b3.tar.gz
1 files changed, 83 insertions, 0 deletions
diff --git a/meta-openstack/Documentation/README.keystone b/meta-openstack/Documentation/README.keystone
new file mode 100644
index 0000000..f8da890
--- /dev/null
+++ b/meta-openstack/Documentation/README.keystone
@@ -0,0 +1,83 @@
+Summary
+=======
+This document is not intended to provide detail of how Keystone in general
+works, but rather it highlights how Keystone is integrated/configured into
+meta-cloud-services and also describes how Keystone is tested to ensure that
+Keystone Verification and Benchmarking components are working correctly.
+Keystone Overview
+==============
+Keystone provides authentication, authorization and service discovery 
+mechanisms via HTTP primarily for use by projects in the OpenStack family. It 
+is most commonly deployed as an HTTP interface to existing identity systems,
+such as LDAP.
+Keystone Deployment
+================
+Keystone is configured to use existing deployment (by using deployment
+configuration file /etc/keystone/keystone{.conf,paste.ini}).  In addition to the
+default configuration files, meta-cloud-services installs a custom httpd file
+apache configuration as /etc/apache2/conf.d/wsgi-keystone.conf along with
+adding the 8081 port to the default /etc/apache2/httpd.conf.  This file
+starts a vhost on port 8081 which will be the replacement for the default server
+running on port 35357 and 5000 in the future.
+Keystone Verification
+==================
+By default, Keystone verification performs the following steps:
+* git clone tempest source from upstream
+* setup virtualenv for this tempest
+* setup testr environment with virtualenv created above
+* create tempest.conf for this tempest
+* use testr and subunit.run module to run tempest
+However, meta-cloud-services already includes tempest which is also 
+configured/modified to have low failure/error testcases, therefore it's desired
+to use this tempest (without using virtualenv) instead of letting Rally to
+download tempest and running it on virtualenv.
+The option "existing_tempest_config" in /etc/keystone/keystone.conf can be used
+to configure Keystone to either use the existing tempest or to download from
+upstream.
+If the option "existing_tempest_config" is not set then Keystone follows the 
+default path.  If "existing_tempest_config" is set to absolute path of tempest
+config folder (which contains tempest "tools" and .testr.conf, e.g. 
+/etc/tempest) then Rally uses this existing tempest.  By default,
+"existing_tempest_config" is set to "/etc/tempest/".
+Build Configuration Options
+===========================
+To have Keystone and tempest included in final built image, include layer
+meta-openstack-controller-test-config into Controller build and
+layer meta-openstack-compute-test-config into Compute build.
+Keystone Built-In Unit Tests
+=========================
+This section describes how to run Keystone built-in unit
+tests which are located at:
+    /usr/lib64/python2.7/site-packages/keystone/tests
+To run Keystone built-in unit test with nosetests:
+    $ cd /usr/lib64/python2.7/site-packages/keystone/tests
+    $ nosetests -v
+References
+==========
+https://wiki.openstack.org/wiki/Keystone
author	Liam R. Howlett <Liam.Howlett@WindRiver.com>	2014-09-19 15:51:17 -0400
committer	Bruce Ashfield <bruce.ashfield@windriver.com>	2014-09-22 11:46:42 -0400
commit	bf51fa4f053a6aecb816ed7b4dcca64e9bd5b9b3 (patch)
tree	02bdfd5520ab5c73183b2428baa42d686bb71d77 /meta-openstack/Documentation
parent	dcfac869bea8a501177c8419c8fd11c3ed03b21e (diff)
download	meta-cloud-services-bf51fa4f053a6aecb816ed7b4dcca64e9bd5b9b3.tar.gz

diff --git a/meta-openstack/Documentation/README.keystone b/meta-openstack/Documentation/README.keystone new file mode 100644 index 0000000..f8da890 --- /dev/null +++ b/meta-openstack/Documentation/README.keystone
@@ -0,0 +1,83 @@
	1	Summary
	2	=======
	3
	4	This document is not intended to provide detail of how Keystone in general
	5	works, but rather it highlights how Keystone is integrated/configured into
	6	meta-cloud-services and also describes how Keystone is tested to ensure that
	7	Keystone Verification and Benchmarking components are working correctly.
	8
	9
	10	Keystone Overview
	11	==============
	12
	13	Keystone provides authentication, authorization and service discovery
	14	mechanisms via HTTP primarily for use by projects in the OpenStack family. It
	15	is most commonly deployed as an HTTP interface to existing identity systems,
	16	such as LDAP.
	17
	18	Keystone Deployment
	19	================
	20
	21	Keystone is configured to use existing deployment (by using deployment
	22	configuration file /etc/keystone/keystone{.conf,paste.ini}). In addition to the
	23	default configuration files, meta-cloud-services installs a custom httpd file
	24	apache configuration as /etc/apache2/conf.d/wsgi-keystone.conf along with
	25	adding the 8081 port to the default /etc/apache2/httpd.conf. This file
	26	starts a vhost on port 8081 which will be the replacement for the default server
	27	running on port 35357 and 5000 in the future.
	28
	29
	30	Keystone Verification
	31	==================
	32
	33	By default, Keystone verification performs the following steps:
	34
	35	* git clone tempest source from upstream
	36	* setup virtualenv for this tempest
	37	* setup testr environment with virtualenv created above
	38	* create tempest.conf for this tempest
	39	* use testr and subunit.run module to run tempest
	40
	41	However, meta-cloud-services already includes tempest which is also
	42	configured/modified to have low failure/error testcases, therefore it's desired
	43	to use this tempest (without using virtualenv) instead of letting Rally to
	44	download tempest and running it on virtualenv.
	45
	46
	47	The option "existing_tempest_config" in /etc/keystone/keystone.conf can be used
	48	to configure Keystone to either use the existing tempest or to download from
	49	upstream.
	50
	51	If the option "existing_tempest_config" is not set then Keystone follows the
	52	default path. If "existing_tempest_config" is set to absolute path of tempest
	53	config folder (which contains tempest "tools" and .testr.conf, e.g.
	54	/etc/tempest) then Rally uses this existing tempest. By default,
	55	"existing_tempest_config" is set to "/etc/tempest/".
	56
	57
	58	Build Configuration Options
	59	===========================
	60
	61	To have Keystone and tempest included in final built image, include layer
	62	meta-openstack-controller-test-config into Controller build and
	63	layer meta-openstack-compute-test-config into Compute build.
	64
	65
	66	Keystone Built-In Unit Tests
	67	=========================
	68
	69	This section describes how to run Keystone built-in unit
	70	tests which are located at:
	71
	72	/usr/lib64/python2.7/site-packages/keystone/tests
	73
	74	To run Keystone built-in unit test with nosetests:
	75
	76	$ cd /usr/lib64/python2.7/site-packages/keystone/tests
	77	$ nosetests -v
	78
	79
	80	References
	81	==========
	82
	83	https://wiki.openstack.org/wiki/Keystone