Revision history [back]

click to hide/show revision 1
initial version

Here is the documentation from OpenStack:

http://docs.openstack.org/high-availability-guide/content/s-keystone.html

We setup HA Keystone, however by default it isn't using SSL. You may want to use a load balancer that is able to apply SSL to your endpoint. You aren't really worried about keeping them all in sync as you are going to either have a MySQL back-end or you could use LDAP.

The harder configuration is going to be setting up MySQL HA that is available in each location so that you don't have tons of latency between user auths.

I would look into using geographic based DNS to send someone to the closest endpoint.