Ask Your Question

jamielennox's profile - activity

2013-12-11 23:54:04 -0600 answered a question Why keystone execute SQL statments so many times?

The problem is essentially that with the number of backends and backend combinations that keystone has that have to be isolated from each other we can't simply do a join across a whole bunch of tables.

For example a common situation is to have users stored in LDAP, but in might be SAML or some completely external mechanism, then have group membership and roles (the assignments backend) in SQL but again maybe not.

Having said that there are definetly some redundant look ups and it could be improved. There is some caching work going on that will reduce this impact.

2013-09-17 06:30:57 -0600 received badge  Teacher (source)
2013-09-15 18:59:26 -0600 answered a question What is the curl equivalent to keystone user-role-add

For future if you are looking for this sort of information the keystone CLI app has a --debug flag which will show you the HTTP traffic in both directions, and handily prints out the equivalent curl commands for your request.