<div dir="ltr"><div>I am trying to understand and use the keystone to keystone federation described here:</div><div><a href="https://github.com/openstack/keystone-specs/blob/master/specs/juno/keystone-to-keystone-federation.rst">https://github.com/openstack/keystone-specs/blob/master/specs/juno/keystone-to-keystone-federation.rst</a><br></div><div><br></div>It is mentioned that we can have one keystone as identity provider and to that we can add multiple service providers.<div>Say I have multiple cloud deployments and want to add these as service providers to that identity provider(keystone)</div><div>It is also mentioned that while we add a cloud implementer(openstack cloud in my case) to an identity provider, we need to add it as a region. So my query is that in my openstack deployment all the service endpoints should be created in a region? something like this:</div><div><div><br></div><div>+----------------------------------+-----------+-------------------------------------------+-------------------------------------------+-------------------------------------------+----------------------------------+</div><div>| id | region | publicurl | internalurl | adminurl | service_id |</div><div>+----------------------------------+-----------+-------------------------------------------+-------------------------------------------+-------------------------------------------+----------------------------------+</div><div>| 1055a76371bb445e890c4730905a6294 | regionOne | <a href="http://10.10.10.10:9292">http://10.10.10.10:9292</a> | <a href="http://10.10.10.10:9292">http://10.10.10.10:9292</a> | <a href="http://10.10.10.10:9292">http://10.10.10.10:9292</a> | 0d98f46857a046bb8efeb96c9f79e0a1 |</div></div><div><br></div><div><br></div><div><br></div><div><br></div><div><br></div><div><br></div><div><br></div></div><div class="gmail_extra"><br><div class="gmail_quote">On Sun, May 17, 2015 at 10:21 AM, Jesse Keating <span dir="ltr"><<a href="mailto:jlk@bluebox.net" target="_blank">jlk@bluebox.net</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div dir="ltr">I'm not sure I understand the question. Can you elaborate some more?</div><div class="gmail_extra"><br clear="all"><div><div><div dir="ltr"><div><div dir="ltr"><div><div dir="ltr"><br></div><div dir="ltr">- jlk</div></div></div></div></div></div></div>
<br><div class="gmail_quote"><div><div class="h5">On Sat, May 16, 2015 at 1:12 AM, Kanthi P <span dir="ltr"><<a href="mailto:pavuluri.kanthi@gmail.com" target="_blank">pavuluri.kanthi@gmail.com</a>></span> wrote:<br></div></div><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div><div class="h5"><div dir="ltr"><div dir="ltr">Hi,<div><br></div><div>I want to have multiple cloud service providers(of openstack) and a 3rd party identity provider, keystone in my deployment. </div><div>So essentially the endpoints of openstack, including keystone service with in each SP be created in a unique 'region' in the CSP deployment?</div><div><br></div><div>Thanks</div><div><br></div></div></div>
<br></div></div>_______________________________________________<br>
OpenStack-operators mailing list<br>
<a href="mailto:OpenStack-operators@lists.openstack.org" target="_blank">OpenStack-operators@lists.openstack.org</a><br>
<a href="http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-operators" target="_blank">http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-operators</a><br>
<br></blockquote></div><br></div>
<br>_______________________________________________<br>
OpenStack-operators mailing list<br>
<a href="mailto:OpenStack-operators@lists.openstack.org">OpenStack-operators@lists.openstack.org</a><br>
<a href="http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-operators" target="_blank">http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-operators</a><br>
<br></blockquote></div><br></div>