Ask Your Question
0

How to use multiple ldap url in keystone.conf for HA

asked 2015-05-04 08:49:29 -0500

deeghuge gravatar image

updated 2015-05-04 09:25:13 -0500

SGPJ gravatar image

Hello,

I want to use LDAP HA with keystone. I have two LDAP server which are replica of each other. I want to specify both LDAP server in the keystone.conf so if one server fails request should go to send second LDAP server.

For example in generic ldap.conf we can specify the multiple LDAP server delimited by space URI <ldap[si]://[name[:port]] ...>

edit retag flag offensive close merge delete
add a comment

1 answer

Sort by ยป oldest newest most voted
1

answered 2015-05-04 10:29:23 -0500

uts9 gravatar image

updated 2015-05-04 12:25:09 -0500

In case of LDAP HA server, you need to configure the Virtual IP in your keystone configuration file. You can use HAProxy, Piranha etc for load balancing.

edit flag offensive delete link more

Comments

Thanks for the reply Does this means keystone does not support multiple ldap url in its configuration ? Sorry but i don't understand how to achieve same using HAProxy or any other load balancer.

deeghuge gravatar imagedeeghuge ( 2015-05-06 00:22:08 -0500 )edit

Not sure whether keystone.conf supports multiple LDAP urls. However in keystone/keystone/common/ldap/core.py I did not find any code block for parsing multiple LDAP urls.

uts9 gravatar imageuts9 ( 2015-05-06 01:13:35 -0500 )edit

Regarding HAProxy configuration you can follow the steps provided in this article. link text

uts9 gravatar imageuts9 ( 2015-05-06 01:13:44 -0500 )edit
add a comment

Your Answer

Please start posting anonymously - your entry will be published after you log in or create a new account.

Add Answer

Get to know Ask OpenStack

Resources for moderators

Question Tools

subscribe to rss feed

Stats

Asked: 2015-05-04 08:49:29 -0500

Seen: 529 times

Last updated: May 04 '15

Related questions

Deploying DevStack with LDAP error: oldRootPW

keystone API history page has disappeared

publicURL endpoint for orchestration not found [closed]

nova list shows printt as response

Gnocchi API responses 401 Unauthorised

HTTP 500 error while installing the keystone identity service (Mitaka)

openstack mitaka ubuntu identity v2 401

No connection adapters were found

keystone token flushing

Common.wsgi authorization failed