Bug 1311993

Summary:	[RFE] Backport keystone ldap integration functionality for director 7.x
Product:	Red Hat OpenStack	Reporter:	Ondrej <ochalups>
Component:	rhosp-director	Assignee:	Angus Thomas <athomas>
Status:	CLOSED WONTFIX	QA Contact:	Arik Chernetsky <achernet>
Severity:	medium	Docs Contact:
Priority:	unspecified
Version:	7.0 (Kilo)	CC:	athomas, dbecker, dcadzow, jcoufal, mburns, morazi, rhel-osp-director-maint, skinjo
Target Milestone:	---	Keywords:	FeatureBackport, FutureFeature
Target Release:	8.0 (Liberty)	Flags:	skinjo: needinfo? (athomas)
Hardware:	Unspecified
OS:	Unspecified
Whiteboard:
Fixed In Version:		Doc Type:	Enhancement
Doc Text:		Story Points:	---
Clone Of:		Environment:
Last Closed:	2016-02-25 14:47:17 UTC	Type:	Bug
Regression:	---	Mount Type:	---
Documentation:	---	CRM:
Verified Versions:		Category:	---
oVirt Team:	---	RHEL 7.3 requirements from Atomic Host:
Cloudforms Team:	---	Target Upstream Version:

Description Ondrej 2016-02-25 13:09:05 UTC

Description of problem:

RHOSP 8.0 is supposed to support functionality that allows Red Hat Director to deploy an Overcloud where Keystone is integrated with LDAP or AD.

Red Hat Director is unable to deploy an Overcloud where Keystone integrated with LDAP or Active Directory. For our enterprise Overclouds we have a central Identity system that must be used by Keystone (instead of a simple MySQL backend).

This is a key functionality that is not available out-of-the-box in RHOSP7 and needs to workaround by performing configuration changes in Overclouds deployed using Red Hat Director. This introduces risk when performing upgrades, hence the backport request. Possibly 7.4?


Version-Release number of selected component (if applicable):


How reproducible:


Steps to Reproduce:
1.
2.
3.

Actual results:
N/A

Expected results:
OSP-d 7.x be able to deploy OC keystone integrated to LDAP/AD

Additional info:

Comment 2 Mike Burns 2016-02-25 13:47:51 UTC

*** Bug 1311991 has been marked as a duplicate of this bug. ***

Comment 3 Jaromir Coufal 2016-02-25 14:46:20 UTC

LDAP/AD integration with director is not part of OSP8, therefor there cannot be any backport to OSP7 -> closing - won't fix.

Comment 5 Shinobu KINJO 2016-12-28 00:19:53 UTC

(In reply to Jaromir Coufal from comment #3)
> LDAP/AD integration with director is not part of OSP8, therefor there cannot
> be any backport to OSP7 -> closing - won't fix.

Integration with LDAP/AD via Director was not expected to OSP7 and 8. In OSP9(or 10) release, is this feature available?

Scenario would be:

 1. Build overcloud via director
 2. Integrate keystone with LDAP(or AD) via director(or manually)
 3. Update overcloud via director