Bug 1268056 - [RFE] Request for keystone V3 support with RadosGW
[RFE] Request for keystone V3 support with RadosGW
Status: CLOSED ERRATA
Product: Red Hat Ceph Storage
Classification: Red Hat
Component: RGW (Show other bugs)
1.2.3
Unspecified Linux
medium Severity medium
: rc
: 2.0
Assigned To: Matt Benjamin (redhat)
shilpa
Bara Ancincova
: FutureFeature
: 1259258 1274082 1335963 (view as bug list)
Depends On:
Blocks: 1322504 1335963
  Show dependency treegraph
 
Reported: 2015-10-01 13:12 EDT by Mike Hackett
Modified: 2017-07-30 11:57 EDT (History)
17 users (show)

See Also:
Fixed In Version:
Doc Type: Enhancement
Doc Text:
.Keystone 3 authentication is now supported Red Hat Ceph Storage now supports OpenStack Keystone 3 authentication. As a result, users can use Keystone 3 to authenticate to the Ceph Object Gateway. For details, see the https://access.redhat.com/documentation/en/red-hat-ceph-storage/2/single/using-keystone-to-authenticate-ceph-object-gateway-users[Using Keystone to Authenticate Ceph Object Gateway Users] guide.
Story Points: ---
Clone Of:
: 1335963 (view as bug list)
Environment:
Last Closed: 2016-08-23 15:27:58 EDT
Type: Bug
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)


External Trackers
Tracker ID Priority Status Summary Last Updated
Ceph Project Bug Tracker 13303 None None None Never
Ceph Project Bug Tracker 8052 None None None Never

  None (edit)
Description Mike Hackett 2015-10-01 13:12:35 EDT
1. Proposed title of this feature request  
   Request for keystone V3 support with RadosGW

2. Who is the customer behind the request? Daniel van der Ster
    Account: National College of Ireland / Nci
    Account #: 	846298
      
    TAM customer: no
    SRM customer: no  
    Strategic: no  
      
    3. What is the nature and description of the request?  
        
Would like integration between RadosGW and Keystone V3
        
    4. Why does the customer need this? 
Keystone can now support more rational user authentication protocols and deals with the concept of domains much better, service accounts now stay in an sql backed 'default' domain and multiple domains and protocols are now supported (ldap, saml, openid, adfs). non-default users are stored in an id_mapping table in the keystone database, with a userid that contains a domain id - keystone version 2  cannot decipher these tokens and therefore radosgw cannot see that the user has an acceptable role (Member, swiftoperator etc.)
      
 

      
    5. Is there already an existing RFE upstream or in Red Hat Bugzilla?  
http://tracker.ceph.com/issues/8052
http://tracker.ceph.com/issues/13303


   6. Is the sales team involved in this request and do they have any additional input?  
No
      
    7. List any affected packages or components. 
OSP Juno on rhel 6.5
RHCS 1.2.3
Comment 2 Ken Dreyer (Red Hat) 2015-10-21 17:42:36 EDT
*** Bug 1274082 has been marked as a duplicate of this bug. ***
Comment 12 Ken Dreyer (Red Hat) 2016-05-10 16:35:10 EDT
*** Bug 1259258 has been marked as a duplicate of this bug. ***
Comment 30 shilpa 2016-08-02 05:01:37 EDT
Feature has been verified and the doc text looks fine.
Comment 32 errata-xmlrpc 2016-08-23 15:27:58 EDT
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHBA-2016:1755
Comment 33 Ken Dreyer (Red Hat) 2016-09-26 16:57:02 EDT
*** Bug 1335963 has been marked as a duplicate of this bug. ***

Note You need to log in before you can comment on or make changes to this bug.