Now that I can run the TripleO version of Keystone via podman, I want to try running it in OpenShift.
Continue readingRunning the TripleO Keystone Container in OpenShift
Reply
Category Archives: Software
Official TripleO Keystone Images
My recent forays into running containerized Keystone images have been based on a Centos base image with RPMs installed on top of it. But TripleO does not run this way; it runs via containers. Some notes as I look into them.
Continue readingkeystone-db-init in OpenShift
Before I can run Keystone in a container, I need to initialize the database. This is as true for running in Kubernetes as it was using podman. Here’s how I got keystone-db-init to work.
Continue readingRunning as keystone
In order to run the various Keystone containers as the Keystone user, we can use the modification specified here.
oc new-app
The tools you use should help you grow from newbie to power user. OpenShift’s command line is one such tool. When getting started with Kubernetes development, the new-app option to the oc command line can help movbe you along the spectrum.
Continue readingReading keystone.conf in a container
Step 3 of the 12 Factor app is to store config in the environment. For Keystone, the set of configuration options is controlled by the keystone.conf file. In an earlier attempt at containerizing the scripts used to configure Keystone, I had passed an environment variable in to the script that would then be written to the configuration file. I realize now that I want the whole keystone.conf external to the application. This allow me to set any of the configuration options without changing the code in the container. More importantly, it allows me to make the configuration information immutable inside the container, so that the applications cannot be hacked to change their own configuration options.
Continue readingContainers from first principals
Computing is three things: calculation, movement, and storage. The rest is commentary.
Continue readingBuilding an OpenShift LDAP URL from FreeIPA
If you want to use LDAP authentication with OpenShift, you need to build an LDAP URL from the information you do have. Here are the steps.
Continue readingInjecting Parameters into container image
An earlier port hard coded the IP address and port used for MariaDB connections. I want to pull these out so I can pass them in on the command line when I create the client.
Continue readingLet’s Buildah Keystoneconfig
Buildah is a valuable tool in the container ecosystem. As an effort to get more familiar with it, and to finally get my hand-rolled version of Keystone to deploy on Kubernetes, I decided to work through building a couple of Keystone based containers with Buildah.
Continue reading