Book Image

Production Ready OpenStack - Recipes for Successful Environments

By : Arthur Berezin
Book Image

Production Ready OpenStack - Recipes for Successful Environments

By: Arthur Berezin

Overview of this book

OpenStack is the most popular open source cloud platform used by organizations building internal private clouds and by public cloud providers. OpenStack is designed in a fully distributed architecture to provide Infrastructure as a Service, allowing us to maintain a massively scalable cloud infrastructure. OpenStack is developed by a vibrant community of open source developers who come from the largest software companies in the world. The book provides a comprehensive and practical guide to the multiple uses cases and configurations that OpenStack supports. This book simplifies the learning process by guiding you through how to install OpenStack in a single controller configuration. The book goes deeper into deploying OpenStack in a highly available configuration. You'll then configure Keystone Identity Services using LDAP, Active Directory, or the MySQL identity provider and configure a caching layer and SSL. After that, you will configure storage back-end providers for Glance and Cinder, which will include Ceph, NFS, Swift, and local storage. Then you will configure the Neutron networking service with provider network VLANs, and tenant network VXLAN and GRE. Also, you will configure Nova's Hypervisor with KVM, and QEMU emulation, and you will configure Nova's scheduler filters and weights. Finally, you will configure Horizon to use Apache HTTPD and SSL, and you will customize the dashboard's appearance.
Table of Contents (16 chapters)
Production Ready OpenStack - Recipes for Successful Environments
Credits
About the Author
About the Reviewers
www.PacktPub.com
Preface
Index

Configuring Keystone with Microsoft Active Directory and LDAP


Typically, most organizations use Microsoft Active Directory as an organization user directory and identity management system, when Active Directory is responsible for authenticating and authorizing users and applications. While deploying OpenStack, Keystone can leverage Microsoft Active Directory as a centralized identity management system, so all the organization's user accounts are stored in a single directory and OpenStack can retrieve existing users' accounts.

Getting ready

In this section, we will configure Keystone to use an existing Microsoft Active Directory in a Ready Only LDAP configuration. In this configuration, Keystone will be able to retrieve user accounts from Microsoft Active Directory without requiring to make any change with Active Directory Schema or user accounts.

In this configuration, Keystone uses Microsoft Active Directory to store user accounts, and MariaDB server to store assignments of roles, domains...