domain-specific drivers experimental in havana

Related-Bug: 1218094 Related-Bug: 1217017 Change-Id: I5fecaa8c6531b2b38c914908ecff8a33de67857c
openstack · Sep 9, 2013 · 160b969 · 160b969
1 parent 8d2f53c
commit 160b969
Show file tree

Hide file tree

Showing 2 changed files with 21 additions and 8 deletions.
diff --git a/doc/source/configuration.rst b/doc/source/configuration.rst
@@ -87,6 +87,14 @@ order:
 PasteDeploy configuration file is specified by the ``config_file`` parameter in ``[paste_deploy]`` section of the primary configuration file. If the parameter
 is not an absolute path, then Keystone looks for it in the same directories as above. If not specified, WSGI pipeline definitions are loaded from the primary configuration file.
 
+Domain-specific Drivers
+-----------------------
+
+.. WARNING::
+
+    This feature is experimental and unsupported in Havana (with several known
+    issues that will not be fixed). Feedback welcome for Icehouse!
+
 Keystone supports the option (disabled by default) to specify identity driver
 configurations on a domain by domain basis, allowing, for example, a specific
 domain to have its own LDAP or SQL server. This is configured by specifying the
@@ -96,15 +104,16 @@ following options::
  domain_specific_drivers_enabled = True
  domain_config_dir = /etc/keystone/domains
 
-Setting ``domain_specific_drivers_enabled`` to True will enable this feature, causing
-keystone to look in the ``domain_config_dir`` for config files of the form::
+Setting ``domain_specific_drivers_enabled`` to ``True`` will enable this
+feature, causing Keystone to look in the ``domain_config_dir`` for config files
+of the form::
 
  keystone.<domain_name>.conf
 
-Options given in the domain specific configuration file will override those in the
-primary configuration file for the specified domain only. Domains without a specific
-configuration file will continue to use the options from the primary configuration
-file.
+Options given in the domain specific configuration file will override those in
+the primary configuration file for the specified domain only. Domains without a
+specific configuration file will continue to use the options from the primary
+configuration file.
 
 Authentication Plugins
 ----------------------

diff --git a/keystone/identity/core.py b/keystone/identity/core.py
@@ -167,8 +167,12 @@ def domains_configured(f):
     def wrapper(self, *args, **kwargs):
         if (not self.domain_configs.configured and
                 CONF.identity.domain_specific_drivers_enabled):
-                    self.domain_configs.setup_domain_drivers(
-                        self.driver, self.assignment_api)
+            LOG.warning(_(
+                'Running an experimental and unsupported configuration '
+                '(domain_specific_drivers_enabled = True); '
+                'this will result in known issues.'))
+            self.domain_configs.setup_domain_drivers(
+                self.driver, self.assignment_api)
         return f(self, *args, **kwargs)
     return wrapper