Support option for Keystone PKIZ token provider
Keystone added support for a compressed token provider, PKIZ. This
change adds support to devstack. Set the KEYSTONE_TOKEN_FORMAT
option to "PKIZ" to configure Keystone to use it.
Change-Id: I123eef661c85cc805e950f1179b48e885078d40f
diff --git a/lib/keystone b/lib/keystone
index c4266b9..0bedaba 100644
--- a/lib/keystone
+++ b/lib/keystone
@@ -55,7 +55,7 @@
KEYSTONE_ASSIGNMENT_BACKEND=${KEYSTONE_ASSIGNMENT_BACKEND:-sql}
# Select Keystone's token format
-# Choose from 'UUID' and 'PKI'
+# Choose from 'UUID', 'PKI', or 'PKIZ'
KEYSTONE_TOKEN_FORMAT=${KEYSTONE_TOKEN_FORMAT:-PKI}
# Set Keystone interface configuration
@@ -204,6 +204,8 @@
if [[ "$KEYSTONE_TOKEN_FORMAT" = "UUID" ]]; then
iniset $KEYSTONE_CONF token provider keystone.token.providers.uuid.Provider
+ elif [[ "$KEYSTONE_TOKEN_FORMAT" = "PKIZ" ]]; then
+ iniset $KEYSTONE_CONF token provider keystone.token.providers.pkiz.Provider
fi
iniset $KEYSTONE_CONF database connection `database_connection_url keystone`
@@ -384,7 +386,7 @@
# Initialize keystone database
$KEYSTONE_DIR/bin/keystone-manage db_sync
- if [[ "$KEYSTONE_TOKEN_FORMAT" == "PKI" ]]; then
+ if [[ "$KEYSTONE_TOKEN_FORMAT" == "PKI" || "$KEYSTONE_TOKEN_FORMAT" == "PKIZ" ]]; then
# Set up certificates
rm -rf $KEYSTONE_CONF_DIR/ssl
$KEYSTONE_DIR/bin/keystone-manage pki_setup