Ask Your Question
0

Difference between keystone v3.0 and v2.0

asked 2015-02-01 01:21:06 -0600

Veena gravatar image

Hi, What is the major difference between keystone v3.0 and v2.0? Am building a new NFVO application on top of OpenStack, which version of keystone I should use for authentication purpose? What will be the difference in design and implementation for both versions? I read from some posts that v2.0 will be deprecated in future release. If so, will all other services support v3.0? Will there be any code change in other services like nova to support keystone v3.0?

Please share your thoughts.

Thanks,

-Veena

edit retag flag offensive close merge delete
add a comment

1 answer

Sort by ยป oldest newest most voted
0

answered 2015-02-01 16:07:31 -0600

sfcloudman gravatar image

updated 2015-02-01 16:07:47 -0600

Both apis are fully documented:

http://developer.openstack.org/api-re...

http://developer.openstack.org/api-re...

For authentication you can use any version you want.

V3 has support for Domains which V2 doesnt. https://wiki.openstack.org/wiki/Domains

If you are using the keystone cli client then there should be no changes in api needed. Plus v2 apis are a subset of v3 apis so everything should work without requiring any changes to your api.

edit flag offensive delete link more

Comments

Thanks sfcloudman for the info. Are there any new auth protocols implemented or concerns on the performance of security provided in v3.0?

Veena gravatar imageVeena ( 2015-02-01 23:16:09 -0600 )edit

Auth protocols are pluggable in keystone so they are independent of the api version.

Here is a great link for developers that talks about the difference between v2 and v3. http://docs.openstack.org/developer/k...

Ultimately v3 is a superset of v2 so you should have no concerns.

sfcloudman gravatar imagesfcloudman ( 2015-02-02 00:01:47 -0600 )edit

Thanks for the suggestions sfcloudman, it helped me.

Veena gravatar imageVeena ( 2015-02-02 00:25:31 -0600 )edit
add a comment

Get to know Ask OpenStack

Resources for moderators

Question Tools

1 follower

subscribe to rss feed

Stats

Asked: 2015-02-01 01:21:06 -0600

Seen: 1,246 times

Last updated: Feb 01 '15

Related questions

keystone and heat integration

os-auth-url or env[OS_AUTH_URL]

Find which keystone API version is supported

keystone design documents

Keystone stopped working

Openstack cli authentication saml

No handlers could be found for logger "keystoneclient.client" Invalid user / password (HTTP 401)

Keystone-manage command not found.

Devstack installation failure

Keystone and Nova Users