How to use multiple ldap url in keystone.conf for HA

asked 2015-05-04 08:49:29 -0600

deeghuge gravatar image

updated 2015-05-04 09:25:13 -0600

SGPJ gravatar image


I want to use LDAP HA with keystone. I have two LDAP server which are replica of each other. I want to specify both LDAP server in the keystone.conf so if one server fails request should go to send second LDAP server.

For example in generic ldap.conf we can specify the multiple LDAP server delimited by space URI <ldap[si]://[name[:port]] ...>

edit retag flag offensive close merge delete

1 answer

Sort by ยป oldest newest most voted

answered 2015-05-04 10:29:23 -0600

uts9 gravatar image

updated 2015-05-04 12:25:09 -0600

In case of LDAP HA server, you need to configure the Virtual IP in your keystone configuration file. You can use HAProxy, Piranha etc for load balancing.

edit flag offensive delete link more


Thanks for the reply Does this means keystone does not support multiple ldap url in its configuration ? Sorry but i don't understand how to achieve same using HAProxy or any other load balancer.

deeghuge gravatar imagedeeghuge ( 2015-05-06 00:22:08 -0600 )edit

Not sure whether keystone.conf supports multiple LDAP urls. However in keystone/keystone/common/ldap/ I did not find any code block for parsing multiple LDAP urls.

uts9 gravatar imageuts9 ( 2015-05-06 01:13:35 -0600 )edit

Regarding HAProxy configuration you can follow the steps provided in this article. link text

uts9 gravatar imageuts9 ( 2015-05-06 01:13:44 -0600 )edit

Get to know Ask OpenStack

Resources for moderators

Question Tools


Asked: 2015-05-04 08:49:29 -0600

Seen: 547 times

Last updated: May 04 '15