Ask Your Question
0

Difference between keystone v3.0 and v2.0

asked 2015-02-01 01:21:06 -0500

Veena gravatar image

Hi, What is the major difference between keystone v3.0 and v2.0? Am building a new NFVO application on top of OpenStack, which version of keystone I should use for authentication purpose? What will be the difference in design and implementation for both versions? I read from some posts that v2.0 will be deprecated in future release. If so, will all other services support v3.0? Will there be any code change in other services like nova to support keystone v3.0?

Please share your thoughts.

Thanks,

-Veena

edit retag flag offensive close merge delete
add a comment

1 answer

Sort by ยป oldest newest most voted
0

answered 2015-02-01 16:07:31 -0500

sfcloudman gravatar image

updated 2015-02-01 16:07:47 -0500

Both apis are fully documented:

http://developer.openstack.org/api-re...

http://developer.openstack.org/api-re...

For authentication you can use any version you want.

V3 has support for Domains which V2 doesnt. https://wiki.openstack.org/wiki/Domains

If you are using the keystone cli client then there should be no changes in api needed. Plus v2 apis are a subset of v3 apis so everything should work without requiring any changes to your api.

edit flag offensive delete link more

Comments

Thanks sfcloudman for the info. Are there any new auth protocols implemented or concerns on the performance of security provided in v3.0?

Veena gravatar imageVeena ( 2015-02-01 23:16:09 -0500 )edit

Auth protocols are pluggable in keystone so they are independent of the api version.

Here is a great link for developers that talks about the difference between v2 and v3. http://docs.openstack.org/developer/k...

Ultimately v3 is a superset of v2 so you should have no concerns.

sfcloudman gravatar imagesfcloudman ( 2015-02-02 00:01:47 -0500 )edit

Thanks for the suggestions sfcloudman, it helped me.

Veena gravatar imageVeena ( 2015-02-02 00:25:31 -0500 )edit
add a comment

Your Answer

Please start posting anonymously - your entry will be published after you log in or create a new account.

Add Answer

Get to know Ask OpenStack

Resources for moderators

Question Tools

1 follower

subscribe to rss feed

Stats

Asked: 2015-02-01 01:21:06 -0500

Seen: 1,183 times

Last updated: Feb 01 '15

Related questions

Why do I get errors when I run https://raw.github.com/mseknibilel/OpenStack-Grizzly-Install-Guide/master/KeystoneScripts/keystone_basic.sh? [closed]

Is it possible to add SSL to keystone API ?

Projects created not listing in dashboard

Keystone user-role-add : HTTP 409

API calls routed to wrong service endpoint

keystone os-auth1 request token error

keystone - unable to establish connection

keystone-manage db_sync won't create tables in mysql?

HA MySQL Galera -- Keystone failed to connect [closed]

swift user role not listed