Enable keystone running under apache
Running Keystone under HTTPD in the recommended (and tested) configuration.
This will involve changes to the identity cookbook to allow keystone to be setup to run under apache.
The setup for this is doc here: http://
The apache keystone site file example is here: https:/
The work will be similar to the existing dashboard cookbook which uses the apache2 3.x cookbook resources. Since both of these cookbooks, identity and dashboard, will be setting up apache service, we need to be mindful of any conflicts or overlap.
Blueprint information
- Status:
- Complete
- Approver:
- JJ Asghar
- Priority:
- High
- Drafter:
- Mark Vanderwiel
- Direction:
- Approved
- Assignee:
- Mark Vanderwiel
- Definition:
- Approved
- Series goal:
- Accepted for liberty
- Implementation:
-
Implemented
- Milestone target:
-
liberty-rc1
- Started by
- Mark Vanderwiel
- Completed by
- Mark Vanderwiel
Related branches
Related bugs
Sprints
Whiteboard
Some considerations:
- only support for apache 2.4? (Yes, I think)
- use the web_app resource, but have site template to allow for listen addresses and ports
- use the selinux cookbook (don't do like dashboard does today)
- use the ssl certificate cookbook
- needs to be restarted and up and running for other cookbooks to use during deployments
Gerrit topic: https:/
Addressed by: https:/
Allow keystone under apache
Addressed by: https:/
Allow keystone under apache
Addressed by: https:/
Allow keystone under apache
Addressed by: https:/
update identity role for using apache as default
Work Items
Work items:
Use apache 3.1 cookbook (repo, dashboard and identity): DONE
Dependency upon apache2 cookbook: DONE
New template for site file to allow for configuration: DONE
Need to allow for SSL support: DONE
New recipe in identity cookbook to setup apache service: DONE
Needs to be tested and work with the dashboard cookbook: DONE
Change os-identity role to use server-apache by default in Liberty: TODO
Remove the old server recipe in M release: DONE