Description of problem:
TripleO allows users to configure domain-specific backends via the KeystoneLDAPBackendConfigs THT parameter. These options end up being configuration values in a file mounted into the container (/etc/keystone/domain/keystone.$DOMAIN.conf).
If the end users attempts to remove the configuration file by renaming it on the host and restarting the container, the original file is still present in the container.
Steps to Reproduce:
1. Deploy the overcloud with a domain-specific backend
2. Update the domain configuration file on the controller to a different name (/var/lib/config-data/puppet-generated/keystone/etc/keystone/domains/keystone.AD.conf.bak).
3. Restart the keystone container
4. View the /etc/keystone/domains directory and verify the original domain configuration file is still present
The /etc/keystone/domains directory in the container contains stale configuration files.
The contents of /etc/keystone/domains maps to /var/lib/config-data/puppet-generated/keystone/etc/keystone/domains/
I talked to the tripleo community and we tried a quick patch to see if if helped , but it was unsuccessful in removing stale files.
We may be able to pick-up this approach and iterate on it, though.