commit 96ff912c822368cd00e1a77071f3cf6d54a54735
author Ramon Melero <rmelero@mirantis.com> Tue Aug 15 11:02:50 2017 -0500
committer Ramon Melero <rmelero@mirantis.com> Thu Aug 17 09:42:03 2017 -0500
tree 440a1418b1b71883bbf294d56bfe836e4c9e5ccc
parent b98f02a95f538d58fcaadb4694b6883dd55cfc48

LDAP packages are missing

When trying to add ldap configurations we get the following error first:

2017-08-15 15:29:20.130 9467 ERROR keystone.common.wsgi     import ldap.filter
2017-08-15 15:29:20.130 9467 ERROR keystone.common.wsgi ImportError: No module named ldap.filter

Fixed by installing python-ldap, then we get the following error:

2017-08-15 15:38:01.892 12591 ERROR keystone.common.wsgi     from keystone.identity.backends.ldap import common as common_ldap
2017-08-15 15:38:01.892 12591 ERROR keystone.common.wsgi   File "/usr/lib/python2.7/dist-packages/keystone/identity/backends/ldap/common.py", line 25, in <module>
2017-08-15 15:38:01.892 12591 ERROR keystone.common.wsgi     import ldappool
2017-08-15 15:38:01.892 12591 ERROR keystone.common.wsgi ImportError: No module named ldappool

fixed by adding python-ldappool

also found error in documentation syntax that was causing this:

local:
    Data failed to compile:
----------
    Rendering SLS 'base:keystone.server' failed: Jinja variable 'dict object' has no attribute 'description'
Change-Id: Iae36e803589ab2f9810d2cfaaf6b15e5a5bd0ee1

README.rst

diff --git a/README.rst b/README.rst
index 1e0e822..14403eb 100644
--- a/README.rst
+++ b/README.rst
@@ -202,16 +202,17 @@
     keystone:
       server:
         domain:
-          description: "Testing domain"
-          backend: ldap
-          assignment:
-            backend: sql
-          ldap:
-            url: "ldaps://idm.domain.com"
-            suffix: "dc=cloud,dc=domain,dc=com"
-            # Will bind as uid=keystone,cn=users,cn=accounts,dc=cloud,dc=domain,dc=com
-            uid: keystone
-            password: password
+          external:
+            description: "Testing domain"
+            backend: ldap
+            assignment:
+              backend: sql
+            ldap:
+              url: "ldaps://idm.domain.com"
+              suffix: "dc=cloud,dc=domain,dc=com"
+              # Will bind as uid=keystone,cn=users,cn=accounts,dc=cloud,dc=domain,dc=com
+              uid: keystone
+              password: password
 
 Using LDAP backend for default domain
 

keystone/server.sls

diff --git a/keystone/server.sls b/keystone/server.sls
index 0bee8a6..f8caa63 100644
--- a/keystone/server.sls
+++ b/keystone/server.sls
@@ -5,6 +5,14 @@
   pkg.installed:
   - names: {{ server.pkgs }}
 
+{%- if server.get('backend') == 'ldap' or server.get('domain',{}).itervalues() | selectattr('ldap') | list %}
+keystone_ldap_packages:
+  pkg.installed:
+  - names:
+    - python-ldap
+    - python-ldappool
+{% endif %}
+
 {%- if server.service_name in ['apache2', 'httpd'] %}
 {%- set keystone_service = 'apache_service' %}