Ask Your Question
0

How to use multiple ldap url in keystone.conf for HA

asked 2015-05-04 08:49:29 -0500

deeghuge gravatar image

updated 2015-05-04 09:25:13 -0500

SGPJ gravatar image

Hello,

I want to use LDAP HA with keystone. I have two LDAP server which are replica of each other. I want to specify both LDAP server in the keystone.conf so if one server fails request should go to send second LDAP server.

For example in generic ldap.conf we can specify the multiple LDAP server delimited by space URI <ldap[si]://[name[:port]] ...>

edit retag flag offensive close merge delete
add a comment

1 answer

Sort by ยป oldest newest most voted
1

answered 2015-05-04 10:29:23 -0500

uts9 gravatar image

updated 2015-05-04 12:25:09 -0500

In case of LDAP HA server, you need to configure the Virtual IP in your keystone configuration file. You can use HAProxy, Piranha etc for load balancing.

edit flag offensive delete link more

Comments

Thanks for the reply Does this means keystone does not support multiple ldap url in its configuration ? Sorry but i don't understand how to achieve same using HAProxy or any other load balancer.

deeghuge gravatar imagedeeghuge ( 2015-05-06 00:22:08 -0500 )edit

Not sure whether keystone.conf supports multiple LDAP urls. However in keystone/keystone/common/ldap/core.py I did not find any code block for parsing multiple LDAP urls.

uts9 gravatar imageuts9 ( 2015-05-06 01:13:35 -0500 )edit

Regarding HAProxy configuration you can follow the steps provided in this article. link text

uts9 gravatar imageuts9 ( 2015-05-06 01:13:44 -0500 )edit
add a comment

Your Answer

Please start posting anonymously - your entry will be published after you log in or create a new account.

Add Answer

Get to know Ask OpenStack

Resources for moderators

Question Tools

subscribe to rss feed

Stats

Asked: 2015-05-04 08:49:29 -0500

Seen: 485 times

Last updated: May 04 '15

Related questions

Why is tenant name immutable when using LDAP identity provider in Keystone?

packstack and remote mysql server [closed]

No module named simple

block non-admin user to grant admin role

authtoken expiry unlimited

Difference between keystone v3.0 and v2.0

moving keystone to another server

Keystone V3 in Kilo

show user with role ?

Keystone Service Unavailable 503