2024.2 Series Release Notes

25.0.0

New Features

  • Added the new keystone::max_password_length parameter to configure the maximum allowed length for user passwords.

  • Add keystone::federation::openidc::additional_locations to specify additional Apache Location directives with mod_auth_openidc parameters.

  • Added new manage_resources (default to true) in keystone::bootstrap class that can be set to false to not manage resources created by bootstrap.

  • The following new parameters have been added to the keystone::cache class.

    • token_cache_time

    • credential_caching

    • credential_cache_time

    • application_credential_caching

    • application_credential_cache_time

  • The new keystone::rabbit_enable_cancel_on_failover parameter has been added.

  • Add keystone::federation::openidc:openidc_metadata_dir parameter to specify OIDCMetadataDir path instead of OIDCProviderMetadataURL . This may be required when multiple OIDC providers are used for the federation.

  • The new keystone::healthcheck::enable_by_file_paths parameter has been added.

  • Added database_slave_connection parameter to keystone::db class.

  • Added manage_package parameter to the keystone class.

  • The new keystone::list_limit parameter has been added.

  • The new keystone::notification_retry parameter has been added.

  • The new keystone::federation::openidc::openidc_redirect_uri parameter has been added.

  • The new keystone::rabbit_qos_prefetch_count parameter has been added.

  • The new keystone::bootstrap::service_description parameter has been added.

Upgrade Notes

  • If you’re setting bootstrap parameter in keystone::bootstrap class to false you now also need to set manage_resources to false to keep the same behaviour.

  • The deprecated keystone::messaging::amqp class has been removed.

Deprecation Notes

  • The keystone::logging::watch_log_file parameter has been deprecated.