← Back to team overview

yahoo-eng-team team mailing list archive

  1. yahoo-eng-team team
  2. Mailing list archive
  3. Message #35616

[Bug 1472285] Re: set default domain dynamically

  Thread PreviousDate PreviousThread Next 
Default domain is a "forward compat" feature necessary to let V2
continue to work in  a V3 aware keystone.

The default domain is a very important domain, and should be part of the
core configuration.  Changing that on the fly will change the meaning of
the V2 tokens, and is not something to be done lightly.

In the future, I would like to drop default domain, but that can only be
done after V2 is deprecated.

I realize making config changes like this is painful for Puppet, but it
is correct based on the way the web servers work.

Probably not going to fix.

** Changed in: keystone
       Status: Incomplete => Opinion

** Changed in: keystone
   Importance: Undecided => Wishlist

-- 
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to Keystone.
https://bugs.launchpad.net/bugs/1472285

Title:
  set default domain dynamically

Status in Keystone:
  Opinion

Bug description:
  In order to set the default_domain_id, Keystone must first be running,
  and you must issue a domain create command to create the default
  domain and retrieve the id of the domain in order to set it in
  keystone.conf, then restart Keystone for the change to take effect.
  This causes problems for puppet based installers because puppet does
  not want to restart Keystone more than once.

  Instead, what would be preferable is the ability to set the
  default_domain_id dynamically.

  For example, when using `openstack`, add an option `--default-
  domain`::

      $ openstack domain create defdomain --enable --description 'my
  default domain' --default-domain

  This would create the domain and make it the default domain, without
  having to restart Keystone for the change in default_domain_id to take
  effect.

  It doesn't have to be implemented this way, just a suggestion, but the
  method to set the default_domain_id should be exposed via the
  `openstack` cli.

To manage notifications about this bug go to:
https://bugs.launchpad.net/keystone/+bug/1472285/+subscriptions

References

  Thread PreviousDate PreviousThread Next