{"id":17209232,"url":"https://github.com/dixudx/keystone-docker","last_synced_at":"2025-04-13T22:35:51.753Z","repository":{"id":73264347,"uuid":"68269983","full_name":"dixudx/keystone-docker","owner":"dixudx","description":"Dockerfile for Building Openstack Keystone","archived":false,"fork":false,"pushed_at":"2018-09-18T02:58:20.000Z","size":48,"stargazers_count":15,"open_issues_count":0,"forks_count":18,"subscribers_count":4,"default_branch":"master","last_synced_at":"2025-02-06T02:23:04.752Z","etag":null,"topics":["apache","docker-image","dockerfile","keystone","mysql","openstack"],"latest_commit_sha":null,"homepage":null,"language":"Shell","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"apache-2.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/dixudx.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE.txt","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2016-09-15T05:52:53.000Z","updated_at":"2024-09-20T13:16:56.000Z","dependencies_parsed_at":null,"dependency_job_id":"dee565f8-72d2-463d-b7b3-8e8b7747c9a1","html_url":"https://github.com/dixudx/keystone-docker","commit_stats":null,"previous_names":[],"tags_count":1,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/dixudx%2Fkeystone-docker","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/dixudx%2Fkeystone-docker/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/dixudx%2Fkeystone-docker/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/dixudx%2Fkeystone-docker/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/dixudx","download_url":"https://codeload.github.com/dixudx/keystone-docker/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":240127071,"owners_count":19751936,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["apache","docker-image","dockerfile","keystone","mysql","openstack"],"created_at":"2024-10-15T02:51:05.883Z","updated_at":"2025-02-24T05:31:35.516Z","avatar_url":"https://github.com/dixudx.png","language":"Shell","funding_links":[],"categories":[],"sub_categories":[],"readme":"# Keystone Docker\n\n[![](https://images.microbadger.com/badges/version/stephenhsu/keystone.svg)](https://hub.docker.com/r/stephenhsu/keystone/ \"Get your own version badge on microbadger.com\")\n[![](https://images.microbadger.com/badges/image/stephenhsu/keystone.svg)](https://hub.docker.com/r/stephenhsu/keystone/)\n[![Docker Hub](http://img.shields.io/docker/pulls/stephenhsu/keystone.svg)](https://hub.docker.com/r/stephenhsu/keystone/)\n\nThis repo is used to host a bunldle to create a docker container (based on\n`Python 2.7.12`) running Keystone.\n\nKeystone is an OpenStack service that provides API client authentication,\nservice discovery, and distributed multi-tenant authorization by implementing\n[OpenStack’s Identity API](http://specs.openstack.org/openstack/keystone-specs/).\n\n\n# What can this docker image do ?\n\n* Running Keystone with **http** (default) or\n **https** (by passing `-e TLS_ENABLED=true`,\n see more in [Environment Variables Explanations](https://github.com/dixudx/keystone-docker#environment-variables-explanations)) enabled;\n* Uses the **Apache Web Server** with `mod_wsgi` to serve Identity service\n requests on port `5000` and `35357`;\n* Supports remote mysql database;\n* Utilizes **Memcached** to store tokens, reducing the burden of MySQL database;\n* Customizes/Builds your own Keystone docker image by editing the value\n of `KEYSTONE_VERSION` in `Dockerfile`;\n\n\n# How to get the image ?\n\n* just pull it from Dockerhub\n\n ```sh\n $ docker pull stephenhsu/keystone\n ```\n\n* Build your own Keystone version using Dockerfile\n\n You can find more [Keystone release version](https://github.com/openstack/keystone/releases#).\n\n ```sh\n $ git clone https://github.com/dixudx/keystone-docker\n $ cd keystone-docker\n $ # edit the value of KEYSTONE_VERSION to your favorite Keystone\n $ # release version\n $ vim Dockerfile\n $ docker build -t keystone:your_version ./\n ```\n\n **WARNING: Pay attention to the dependencies. You may need to specify\n dependency versions explicitly.**\n\n# How to run the container\n\n## Quick Start\n\nJust run\n\n```\n$ docker run -d -p 5000:5000 -p 35357:35357 --name my_keystone stephenhsu/keystone\n```\n\nNow you can access \u003chttp://localhost:5000\u003e and \u003chttp://localhost:35357\u003e.\n\n## Login into Keystone container\n\nAfter the container is up,\n\n```sh\n$ docker exec -it my_keystone bash\n$ # Inside the container\nroot@26bd2b8a8a60 /root # source openrc\nroot@26bd2b8a8a60 /root # openstack user list\n+----------------------------------+-------+\n| ID | Name |\n+----------------------------------+-------+\n| 609170cf45f64de68c4815c1f6e337b2 | admin |\n+----------------------------------+-------+\n```\n\n**Note**: *You can also copy the `/root/openrc` to your other servers. After replacing\n`OS_AUTH_URL` to the corresponding url, you can access the keystone service\nfrom other servers after sourcing it.*\n\n## Environment Variables Explanations\n\n| Environment Variables | Default Value | Editable when starting a container | Description |\n|------------------------------------|---------------|---------------------------------------------------------|--------------------------------------------------------------------------------------------------|\n| KEYSTONE_VERSION | 9.1.0 | False. Built in Dockerfile unless rebuilding the image. | The release version of Keystone.You can find more at https://github.com/openstack/keystone/tags. |\n| KEYSTONE_ADMIN_PASSWORD | passw0rd | True | The Keystone admin user password; |\n| KEYSTONE_DB_ROOT_PASSWD | passw0rd | False. Built in Dockerfile unless rebuilding the image. | Keystone MySQL (default localhost) database root user password; |\n| KEYSTONE_DB_PASSWD | passw0rd | True | Keystone MySQL (default localhost) database keystone user password; |\n| TLS_ENABLED | false | True | Whether to enable tls/https; |\n| KEYSTONE_DB_HOST | | True | MySQL remote database host; Combined with KEYSTONE_DB_ROOT_PASSWD_IF_REMOTED |\n| KEYSTONE_DB_ROOT_PASSWD_IF_REMOTED | | True | MySQL remote database root user password; Combined with KEYSTONE_DB_HOST |\n\n## CSR (Certificate Signing Request) Environment Variables\n\nIf you've enabled `TLS_ENABLED` (with `-e TLS_ENABLED=true`), below environment\nvariables have to be noticed. You can just ignore them if you\ndon't want to make any further customizations.\n\n| Environment Name | Default Value | Meaning | Example |\n|------------------|---------------|---------------------|-----------------|\n| CONUTRY | NULL | Country | GB |\n| STATE | NULL | State | London |\n| LOCALITY | NULL | Location | London |\n| ORG | NULL | Organization | Global Security |\n| ORG_UNIT | NULL | Organizational Unit | IT Department |\n| CN | The Hostname | Common Name | example.com |\n\n**Note**: *Be aware of `CN` (the default value is `$hostname`). You'd better\nnot change it to other value.*\n\n\n## Example 1: Running with TLS enabled\n\n```sh\n$ docker run -d -p 5000:5000 -p 35357:35357 -e TLS_ENABLED=true \\\n -h mykeystone.com --name my_keystone_tls stephenhsu/keystone\n```\n\n## Example 2: Running with remote MySQL database\n\n```sh\n$ docker run -d -p 5000:5000 -p 35357:35357 -e KEYSTONE_DB_HOST=192.168.100.202 \\\n -e KEYSTONE_DB_ROOT_PASSWD_IF_REMOTED=your_password \\\n -h mykeystone.com --name my_keystone_db stephenhsu/keystone\n```\n\n## Example 3: Accessing the Apache Certificate File\n\n```sh\n$ mkdir -p ./apache/\n$ docker run -d -p 5000:5000 -p 35357:35357 -v `pwd`/apache/:/etc/apache2 \\\n -h mykeystone.com --name my_keystone_ca stephenhsu/keystone\n```\n\n## Example 4: Customize your Keystone configuration\n\n```sh\n$ git clone https://github.com/dixudx/keystone-docker.git\n$ cd keystone-docker\n# then modify all related configurations in folder ./etc\n# especially ./etc/keystone.conf\n$ docker run -d -p 5000:5000 -p 35357:35357 -v `pwd`/etc/:/etc/keystone/ \\\n -h mykeystone.com --name my_keystone_ca stephenhsu/keystone\n```\n\nYou can copy `/root/openrc` in your container to your host server,\nand replace `OS_CACERT` to this `$pwd/apache/ssl/apache.crt`\n(replace `$pwd` with your real directory path).\nSo that you access the keystone services using openstack python client\n( `pip install python-openstackclient` ) from outer of the the container.\n\n**Note**: *On your host server,\nyou may also need to add `mykeystone.com` to `/etc/hosts`.*\n\n\n# Reference\n\n* [Keystone, the OpenStack Identity Service](http://docs.openstack.org/developer/keystone/)\n* [Installing Keystone](http://docs.openstack.org/developer/keystone/installing.html)\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fdixudx%2Fkeystone-docker","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fdixudx%2Fkeystone-docker","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fdixudx%2Fkeystone-docker/lists"}