[opensuse-cloud] question keystone config [havana opensuse 13.1]
Hi, trying to install havana on suse 13.1 (using guide http://docs.openstack.org/trunk/install-guide/install/zypper/content/index.h... ) currently i have problem creating endpoint service in keystone (using mariadb as db) I can create service like keystone service-create --name=keystone --type=identity --description="Keystone Identity Service" WARNING: Bypassing authentication using a token & endpoint (authentication credentials are being ignored). +-------------+----------------------------------+ | Property | Value | +-------------+----------------------------------+ | description | Keystone Identity Service | | id | b2a8a8cb28c84a0e80ef2e71553d2929 | | name | keystone | | type | identity | +-------------+----------------------------------+ # my server hostname - control # if i follow guide and dont use --region switch then region is regionOne with lowercase r at begining - seems like error but not sure - tested both variants keystone endpoint-create --region RegionOne --service-id=$(keystone service-list | awk '/ identity / {print $2}') --publicurl=http://control:5000/v2.0 --internalurl=http://control:5000/v2.0 --adminurl=http://control:35357/v2.0 WARNING: Bypassing authentication using a token & endpoint (authentication credentials are being ignored). +-------------+----------------------------------+ | Property | Value | +-------------+----------------------------------+ | adminurl | http://control:35357/v2.0 | | id | b3df8778a97a4286be05de6b3714cf07 | | internalurl | http://control:5000/v2.0 | | publicurl | http://control:5000/v2.0 | | region | RegionOne | | service_id | b2a8a8cb28c84a0e80ef2e71553d2929 | +-------------+----------------------------------+ #verify keystone endpoint-list WARNING: Bypassing authentication using a token & endpoint (authentication credentials are being ignored). +----------------------------------+-----------+--------------------------+--------------------------+---------------------------+----------------------------------+ | id | region | publicurl | internalurl | adminurl | service_id | +----------------------------------+-----------+--------------------------+--------------------------+---------------------------+----------------------------------+ | b3df8778a97a4286be05de6b3714cf07 | RegionOne | http://control:5000/v2.0 | http://control:5000/v2.0 | http://control:35357/v2.0 | b2a8a8cb28c84a0e80ef2e71553d2929 | +----------------------------------+-----------+--------------------------+--------------------------+---------------------------+----------------------------------+ seems ok but tests keystone --os-username=admin --os-password=linux --os-auth-url=http://control:35357/v2.0 token-get //works and return value keystone --os-username=admin --os-password=xxxx --os-tenant-name=admin --os-auth-url=http://control:35357/v2.0 token-get Authorization Failed: Malformed endpoint URL (http://%SERVICE_HOST%:8774/v2/$(tenant_id)s), see ERROR log for details. (HTTP 500) # and if i restart keystone process then service and endpoint disapear / users , roles and other values persists control:~ # service openstack-keystone stop control:~ # service openstack-keystone start control:~ # keystone endpoint-list WARNING: Bypassing authentication using a token & endpoint (authentication credentials are being ignored). control:~ # keystone service-list WARNING: Bypassing authentication using a token & endpoint (authentication credentials are being ignored). Getting empty lists and nothing in mysql db tables Any idea what can be wrong ? Also missed one step in guide i have to do in begining cd /etc/keystone cp default_catalog.templates.sample default_catalog.templates Thank you Pavel -- To unsubscribe, e-mail: opensuse-cloud+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-cloud+owner@opensuse.org
Hi Pavel, thanks for your email. Let me just answer to one part of it: On 02/07/2014 05:14 PM, Pavel Souček wrote:
[...] Also missed one step in guide i have to do in begining cd /etc/keystone cp default_catalog.templates.sample default_catalog.templates
We removed that from the Guide, it should not be needed: https://review.openstack.org/#/c/66275/ Andreas -- Andreas Jaeger aj@{suse.com,opensuse.org} Twitter: jaegerandi SUSE LINUX Products GmbH, Maxfeldstr. 5, 90409 Nürnberg, Germany GF: Jeff Hawn,Jennifer Guild,Felix Imendörffer,HRB16746 (AG Nürnberg) GPG fingerprint = 93A3 365E CE47 B889 DF7F FED1 389A 563C C272 A126 -- To unsubscribe, e-mail: opensuse-cloud+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-cloud+owner@opensuse.org
Hi, finaly got keystone up and running, but imho there is error in guide or in default suse distribution files. So cause of error is /etc/keystone/keystone.conf default catalog section looks like (using file based catalog) [catalog] template_file = /etc/keystone/default_catalog.templates driver = keystone.catalog.backends.templated.TemplatedCatalog # dynamic, sql-based backend (supports API/CLI-based management commands) # driver = keystone.catalog.backends.sql.Catalog what need to be done is comment out template + driver directive and enable sql one like this [catalog] # template_file = /etc/keystone/default_catalog.templates # driver = keystone.catalog.backends.templated.TemplatedCatalog # dynamic, sql-based backend (supports API/CLI-based management commands) driver = keystone.catalog.backends.sql.Catalog after this modification all works as expected - so someone have to decide and modify distribution files or suse guide for this Best regards Pavel 2014-02-10 14:11 GMT+01:00 Andreas Jaeger <aj@suse.com>:
Hi Pavel,
thanks for your email. Let me just answer to one part of it:
On 02/07/2014 05:14 PM, Pavel Souček wrote:
[...] Also missed one step in guide i have to do in begining cd /etc/keystone cp default_catalog.templates.sample default_catalog.templates
We removed that from the Guide, it should not be needed:
https://review.openstack.org/#/c/66275/
Andreas -- Andreas Jaeger aj@{suse.com,opensuse.org} Twitter: jaegerandi SUSE LINUX Products GmbH, Maxfeldstr. 5, 90409 Nürnberg, Germany GF: Jeff Hawn,Jennifer Guild,Felix Imendörffer,HRB16746 (AG Nürnberg) GPG fingerprint = 93A3 365E CE47 B889 DF7F FED1 389A 563C C272 A126
-- Pavel Souček -- To unsubscribe, e-mail: opensuse-cloud+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-cloud+owner@opensuse.org
Hi, Le vendredi 21 février 2014, à 10:55 +0100, Pavel Souček a écrit :
Hi, finaly got keystone up and running, but imho there is error in guide or in default suse distribution files. So cause of error is /etc/keystone/keystone.conf default catalog section looks like (using file based catalog)
[catalog] template_file = /etc/keystone/default_catalog.templates driver = keystone.catalog.backends.templated.TemplatedCatalog # dynamic, sql-based backend (supports API/CLI-based management commands) # driver = keystone.catalog.backends.sql.Catalog
what need to be done is comment out template + driver directive and enable sql one like this
[catalog] # template_file = /etc/keystone/default_catalog.templates # driver = keystone.catalog.backends.templated.TemplatedCatalog # dynamic, sql-based backend (supports API/CLI-based management commands) driver = keystone.catalog.backends.sql.Catalog
after this modification all works as expected - so someone have to decide and modify distribution files or suse guide for this
That was already fixed in the package in January, and with AJ's patch, the user guide should be correct now. Vincent
Best regards
Pavel
2014-02-10 14:11 GMT+01:00 Andreas Jaeger <aj@suse.com>:
Hi Pavel,
thanks for your email. Let me just answer to one part of it:
On 02/07/2014 05:14 PM, Pavel Souček wrote:
[...] Also missed one step in guide i have to do in begining cd /etc/keystone cp default_catalog.templates.sample default_catalog.templates
We removed that from the Guide, it should not be needed:
https://review.openstack.org/#/c/66275/
Andreas -- Andreas Jaeger aj@{suse.com,opensuse.org} Twitter: jaegerandi SUSE LINUX Products GmbH, Maxfeldstr. 5, 90409 Nürnberg, Germany GF: Jeff Hawn,Jennifer Guild,Felix Imendörffer,HRB16746 (AG Nürnberg) GPG fingerprint = 93A3 365E CE47 B889 DF7F FED1 389A 563C C272 A126
-- Pavel Souček -- To unsubscribe, e-mail: opensuse-cloud+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-cloud+owner@opensuse.org
-- Les gens heureux ne sont pas pressés. -- To unsubscribe, e-mail: opensuse-cloud+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-cloud+owner@opensuse.org
participants (3)
-
Andreas Jaeger -
Pavel Souček -
Vincent Untz