Message definition (ReleaseNotes/Kilo )
* XML support in Keystone has been removed as of Kilo. When upgrading from Juno to Kilo, it is recommended that references to XML and XmlBodyMiddleware be removed from the [https://github.com/openstack/keystone/blob/master/etc/keystone-paste.ini Keystone Paste configuration]. This includes removing the XML middleware filters and the references from the public_api, admin_api, api_v3, public_version_api, admin_version_api and any other pipelines that may contain the XML filters. * All previous extensions (OS-FEDERATION, OS-OAUTH1, OS-ENDPOINT-POLICY and OS-EP-FILTER) are now enabled by default, and are [http://docs.openstack.org/developer/keystone/extensions.html correspondingly marked] as either "experimental" or "stable". * [http://specs.openstack.org/openstack/openstack-specs/specs/no-downward-sql-migration.html SQL Schema Downgrades are no longer supported]. This change is the result of evaluation that downward SQL migrations are not well tested and become increasingly difficult to support with the volume of data-change that occurs in many of the migrations. * The following python libraries are now required: [https://pypi.python.org/pypi/cryptography cryptography], [https://pypi.python.org/pypi/msgpack-python msgpack-python], [https://pypi.python.org/pypi/pysaml2 pysaml2] and [https://pypi.python.org/pypi/oauthlib oauthlib]. * <code>keystone.middleware.RequestBodySizeLimiter</code> is now deprecated in favor of <code>oslo_middleware.sizelimit.RequestBodySizeLimiter</code> and will be removed in Liberty. * Eventlet-specific configuration options such as <code>public_bind_host</code>, <code>bind_host</code>, <code>admin_bind_host</code>, <code>admin_port</code>, <code>public_port</code>, <code>public_workers</code>, <code>admin_workers</code>, <code>tcp_keepalive</code>, <code>tcp_keepidle</code> have been moved from the <code>[DEFAULT]</code> configuration section to a new configuration section called <code>[eventlet_server]</code>. Similarly, Eventlet-specific SSL configuration options such as <code>enable</code>, <code>certfile</code>, <code>keyfile</code>, <code>ca_certs</code>, <code>cert_required</code> have been moved from the <code>[ssl]</code> configuration section to a new configuration section called <code>[eventlet_server_ssl]</code>. * <code>keystone.token.backends.sql</code> has been removed in favor of <code>keystone.token.persistence.backends.sql</code>. * <code>keystone.token.backends.kvs</code> has been removed in favor of <code>keystone.token.persistence.backends.kvs</code>. * <code>keystone.token.backends.memcache</code> has been removed in favor of <code>keystone.token.persistence.backends.memcache</code>. * <code>keystone.assignment.backends.kvs</code> has been removed in favor of <code>keystone.assignment.backends.sql</code>. * <code>keystone.identity.backends.kvs</code> has been removed in favor of <code>keystone.identity.backends.sql</code>. * <code>keystone.contrib.stats.core.StatsMiddleware</code> has been removed in favor of external tooling. * <code>keystone.catalog.backends.templated.TemplatedCatalog</code> has been removed in favor of <code>keystone.catalog.backends.templated.Catalog</code>. * <code>keystone.contrib.access.core.AccessLogMiddleware</code> has been removed in favor of external access logging. * <code>keystone.trust.backends.kvs</code> has been removed in favor of <code>keystone.trust.backends.sql</code>. * <code>[catalog] endpoint_substitution_whitelist</code> has been removed from <code>keystone.conf</code> as part of a related security hardening effort. * <code>[signing] token_format</code> has been removed from <code>keystone.conf</code> in favor of <code>[token] provider</code>.
* XML support in Keystone has been removed as of Kilo. When upgrading from Juno to Kilo, it is recommended that references to XML and XmlBodyMiddleware be removed from the [https://github.com/openstack/keystone/blob/master/etc/keystone-paste.ini Keystone Paste configuration]. This includes removing the XML middleware filters and the references from the public_api, admin_api, api_v3, public_version_api, admin_version_api and any other pipelines that may contain the XML filters.
* All previous extensions (OS-FEDERATION, OS-OAUTH1, OS-ENDPOINT-POLICY and OS-EP-FILTER) are now enabled by default, and are [http://docs.openstack.org/developer/keystone/extensions.html correspondingly marked] as either "experimental" or "stable".
* [http://specs.openstack.org/openstack/openstack-specs/specs/no-downward-sql-migration.html SQL Schema Downgrades are no longer supported]. This change is the result of evaluation that downward SQL migrations are not well tested and become increasingly difficult to support with the volume of data-change that occurs in many of the migrations.
* The following python libraries are now required: [https://pypi.python.org/pypi/cryptography cryptography], [https://pypi.python.org/pypi/msgpack-python msgpack-python], [https://pypi.python.org/pypi/pysaml2 pysaml2] and [https://pypi.python.org/pypi/oauthlib oauthlib].
* <code>keystone.middleware.RequestBodySizeLimiter</code> is now deprecated in favor of <code>oslo_middleware.sizelimit.RequestBodySizeLimiter</code> and will be removed in Liberty.
* Eventlet-specific configuration options such as <code>public_bind_host</code>, <code>bind_host</code>, <code>admin_bind_host</code>, <code>admin_port</code>, <code>public_port</code>, <code>public_workers</code>, <code>admin_workers</code>, <code>tcp_keepalive</code>, <code>tcp_keepidle</code> have been moved from the <code>[DEFAULT]</code> configuration section to a new configuration section called <code>[eventlet_server]</code>. Similarly, Eventlet-specific SSL configuration options such as <code>enable</code>, <code>certfile</code>, <code>keyfile</code>, <code>ca_certs</code>, <code>cert_required</code> have been moved from the <code>[ssl]</code> configuration section to a new configuration section called <code>[eventlet_server_ssl]</code>.
* <code>keystone.token.backends.sql</code> has been removed in favor of <code>keystone.token.persistence.backends.sql</code>.
* <code>keystone.token.backends.kvs</code> has been removed in favor of <code>keystone.token.persistence.backends.kvs</code>.
* <code>keystone.token.backends.memcache</code> has been removed in favor of <code>keystone.token.persistence.backends.memcache</code>.
* <code>keystone.assignment.backends.kvs</code> has been removed in favor of <code>keystone.assignment.backends.sql</code>.
* <code>keystone.identity.backends.kvs</code> has been removed in favor of <code>keystone.identity.backends.sql</code>.
* <code>keystone.contrib.stats.core.StatsMiddleware</code> has been removed in favor of external tooling.
* <code>keystone.catalog.backends.templated.TemplatedCatalog</code> has been removed in favor of <code>keystone.catalog.backends.templated.Catalog</code>.
* <code>keystone.contrib.access.core.AccessLogMiddleware</code> has been removed in favor of external access logging.
* <code>keystone.trust.backends.kvs</code> has been removed in favor of <code>keystone.trust.backends.sql</code>.
* <code>[catalog] endpoint_substitution_whitelist</code> has been removed from <code>keystone.conf</code> as part of a related security hardening effort.
* <code>[signing] token_format</code> has been removed from <code>keystone.conf</code> in favor of <code>[token] provider</code>.