Ask Your Question
0

How to use multiple ldap url in keystone.conf for HA

asked 2015-05-04 08:49:29 -0600

deeghuge gravatar image

updated 2015-05-04 09:25:13 -0600

SGPJ gravatar image

Hello,

I want to use LDAP HA with keystone. I have two LDAP server which are replica of each other. I want to specify both LDAP server in the keystone.conf so if one server fails request should go to send second LDAP server.

For example in generic ldap.conf we can specify the multiple LDAP server delimited by space URI <ldap[si]://[name[:port]] ...>

edit retag flag offensive close merge delete
add a comment

1 answer

Sort by ยป oldest newest most voted
1

answered 2015-05-04 10:29:23 -0600

uts9 gravatar image

updated 2015-05-04 12:25:09 -0600

In case of LDAP HA server, you need to configure the Virtual IP in your keystone configuration file. You can use HAProxy, Piranha etc for load balancing.

edit flag offensive delete link more

Comments

Thanks for the reply Does this means keystone does not support multiple ldap url in its configuration ? Sorry but i don't understand how to achieve same using HAProxy or any other load balancer.

deeghuge gravatar imagedeeghuge ( 2015-05-06 00:22:08 -0600 )edit

Not sure whether keystone.conf supports multiple LDAP urls. However in keystone/keystone/common/ldap/core.py I did not find any code block for parsing multiple LDAP urls.

uts9 gravatar imageuts9 ( 2015-05-06 01:13:35 -0600 )edit

Regarding HAProxy configuration you can follow the steps provided in this article. link text

uts9 gravatar imageuts9 ( 2015-05-06 01:13:44 -0600 )edit
add a comment

Your Answer

Please start posting anonymously - your entry will be published after you log in or create a new account.

Add Answer

Get to know Ask OpenStack

Resources for moderators

Question Tools

subscribe to rss feed

Stats

Asked: 2015-05-04 08:49:29 -0600

Seen: 507 times

Last updated: May 04 '15

Related questions

keystone user-create error while using LDAP

Keystone authentication failure in a HA Setup

Unable to start keystone

How to change Keystone

How do I restart a devstack VM?

keystone via httpd and remote_user

conflict occurred attempting to store project

OSAD Install - KeyStone HTTPS

Is is possible to configure Keystone and AD for password authorization only?

Keystone integration with Microsoft Active Directory