Setting up driver aliases for keystone domains
Issue: Starting from pike, keystone fails to initialize drivers
by full path. Error from the log:
ImportError: (u'Unable to find %(name)r driver in
%(namespace)r.', {'namespace': 'keystone.identity', 'name':
'keystone.identity.backends.ldap.Identity'})
Fix: Use driver aliases taken from keystone egg entry_points.txt
Change-Id: I1dbf916741bd84d4a5e8963d0bfced2b786ac512
diff --git a/README.rst b/README.rst
index 6e4d1cc..aad2c64 100644
--- a/README.rst
+++ b/README.rst
@@ -214,6 +214,26 @@
uid: keystone
password: password
+Use driver aliases for drivers instead of class path's
+
+.. code-block:: yaml
+
+ keystone:
+ server:
+ domain:
+ test:
+ description: "Test domain"
+ backend: ldap
+ assignment:
+ backend: sql
+ driver: sql
+ identity:
+ backend: ldap
+ driver: keystone.identity.backends.ldap.Identity
+ ldap:
+ url: "ldaps://idm.domain.com"
+ ...
+
Using LDAP backend for default domain
.. code-block:: yaml
diff --git a/keystone/files/keystone.domain.conf b/keystone/files/keystone.domain.conf
index 46408eb..1b75eba 100644
--- a/keystone/files/keystone.domain.conf
+++ b/keystone/files/keystone.domain.conf
@@ -7,18 +7,26 @@
{%- endif %}
[identity]
-{%- if domain.get("backend", "sql") == "ldap" %}
-driver = keystone.identity.backends.ldap.Identity
+{%- if domain.get('identity',{}).driver is defined %}
+driver = {{ domain.identity.driver }}
{%- else %}
+{%- if domain.get("backend", "sql") == "ldap" %}
+driver = keystone.identity.backends.ldap.Identity
+{%- else %}
driver = keystone.identity.backends.sql.Identity
+{%- endif %}
{%- endif %}
{%- if domain.get('identity',{}).list_limit is defined %}
list_limit = {{ domain.identity.list_limit }}
{%- endif %}
[assignment]
-{%- if domain.get("assignment", {}).get("backend", "sql") == "ldap" %}
-driver = keystone.assignment.backends.ldap.Assignment
+{%- if domain.get('assignment',{}).driver is defined %}
+driver = {{ domain.assignment.driver }}
{%- else %}
+{%- if domain.get("assignment", {}).get("backend", "sql") == "ldap" %}
+driver = keystone.assignment.backends.ldap.Assignment
+{%- else %}
driver = keystone.assignment.backends.sql.Assignment
+{%- endif %}
{%- endif %}
diff --git a/tests/pillar/single_domain.sls b/tests/pillar/single_domain.sls
index 68872b3..ec86a26 100644
--- a/tests/pillar/single_domain.sls
+++ b/tests/pillar/single_domain.sls
@@ -39,10 +39,14 @@
enabled: false
domain:
testing:
- description: "Testing domain"
+ description: "Test domain"
backend: ldap
+ identity:
+ backend: ldap
+ driver: ldap
assignment:
backend: sql
+ driver: keystone.assignment.backends.sql.Assignment
ldap:
url: "ldaps://idm.domain.com"
suffix: "dc=cloud,dc=domain,dc=com"