Can a single keystone support several data center? [closed]

Can keystone be used like this: one keystone,and two separate nova\swift\cinder etc.

and how to config it?

Yes, it is possible. All you need to do is, use the sane sql instance for all the keystone instances. Register each nova/cinder/swift as seperate region, so that they have their own endpoint.

How about security? Is keystone secure enough to get spread over different data centers?

Can you elaborate what do you mean by security? You can run run a instance of keystone in each DC and as long as they share the same sql, it will work. This is the simple approach for demonstration.

