[meta-virtualization] Keystone is not working in meta-cloud-services Stable/juno

Bruce Ashfield bruce.ashfield at gmail.com
Thu Nov 27 21:57:02 PST 2014 

On Thu, Nov 27, 2014 at 12:17 PM, Srinivasa Rao Ragolu
<sragolu at mvista.com> wrote:
> Hi Bruce,
>
> Thank you so much for your quick reply.
>
> Regarding issue:
>
> 1) I am using lighttpd and apache2 is not running. I am eager to know , is
> there any link between apache2 and keystone?

There is a link, at least how we configure things. The keystone
project moved away
from using uwsgi standalone server to apache, since apache is obviously a more
performant and robust solution.

This commit makes the switch here:

commit 1c34736247f8ae18d054cfecfec54152bf27f1d9

Author: Liam R. Howlett <Liam.Howlett at WindRiver.com>

Date:   Fri Sep 19 15:52:17 2014 -0400


    keystone: Change packages configuration to use apache keystone.



    This commit changes all required configurations to use keystone running

    on apache.  The following packages configurations were modified for

    keystone running on apache:  python-neutron, python-nova, tempest,

            python-swift, python-rally, python-heat, python-glance,

            python-cinder, python-ceilmoeter, python-horizon.



    Signed-off-by: Liam R. Howlett <Liam.Howlett at WindRiver.com>

So yes .. you must have apache running if you want to use keystone services.

>
> 2) I observed keystone is running on 35357 port.
>     #netstat -nlp | grep 35357
>   But in the keystone and other service configurations of
> meta-cloud-services, port listed as 8081
>
> 3) If I use meta-cloud-services stable/juno branch as it is, keystone not
> able to authenticate itself and other services. Not able to create any
> users/services/tenants/roles.
>
> 4) I am sure some silly link I might have missed, but struggled a lot , but
> no luck.
>
> Finally I have changed all services and keystone to 35357 and 5000 and all
> are working fine.
>
> Could you please provide me clue to figure out the issue with 8081 port? and
> why keystone running on 35357 default?

See above .. they key is to use apache.

Bruce

>
> Thanks,
> Srinivas.
>
> On Thu, Nov 27, 2014 at 9:04 PM, Bruce Ashfield <bruce.ashfield at gmail.com>
> wrote:
>>
>> On Thu, Nov 27, 2014 at 1:03 AM, Srinivasa Rao Ragolu
>> <sragolu at mvista.com> wrote:
>> > Hi All,
>> >
>> > I am new to this forum. Please help me in solving this issue with
>> > stable/juno keystone. I have taken meta-cloud-services of stable/juno
>> >
>> > http://git.yoctoproject.org/cgit/cgit.cgi/meta-cloud-services/commit/?id=382e7184e5a23ebfeb2fd9ec432e6545170fee7d
>> >
>>
>> It's hard to say .. but I can say that everything works fine here. I
>> never push an
>> untested change:
>>
>> root at controller:~# uname -a
>> Linux controller 3.14.19-yocto-standard #1 SMP PREEMPT Tue Oct 14
>> 16:50:12 EDT 2014 x86_64 GNU/Linux
>> root at controller:~# keystone user-list
>> WARNING: Bypassing authentication using a token & endpoint
>> (authentication credentials are being ignored).
>>
>> +----------------------------------+------------+---------+-----------------------+
>> |                id                |    name    | enabled |
>> email         |
>>
>> +----------------------------------+------------+---------+-----------------------+
>> | e48cedc717d34becb8a92d93b5415a23 |   admin    |   True  |
>> admin at domain.com   |
>> | 7b30fcde558a488c95c6d11b92d8fd07 |  alt_demo  |   True  |
>> alt_demo at domain.com  |
>> | 3c06691847264c8bafcf7887bb536136 |  barbican  |   True  |
>> barbican at domain.com  |
>> | 260cbb94ea144801b9078de84dd9f629 | ceilometer |   True  |
>> ceilometer at domain.com |
>> | c4c25a5b3867438eb34bfe3ac660bcbb |   cinder   |   True  |
>> cinder at domain.com   |
>> | c6ab4e229fcd43e8b7f2ec19c8f6d3f0 |    demo    |   True  |
>> demo at domain.com    |
>> | e3e8c2b5532b4b828a00fef1e25809b7 |   glance   |   True  |
>> glance at domain.com   |
>> | 2a9ee8d459354f71b30a1504f79cd1b8 |    heat    |   True  |
>> heat at domain.com    |
>> | 7e348b3f0077493381aaa372dd7d13bd |  neutron   |   True  |
>> neutron at domain.com  |
>> | 4f93bd7ebd38460c93768801ff257f83 |    nova    |   True  |
>> nova at domain.com    |
>> | b3fc4205fe7b4e9bbcaa39b078bc1e8b |   swift    |   True  |
>> swift at domain.com   |
>> | e924b0717bf947538be9f678a6f7e252 |   trove    |   True  |
>> trove at domain.com   |
>>
>> +----------------------------------+------------+---------+-----------------------+
>>
>> Have you checked the apache logs ? Is keystone-all running ? Is this the
>> first
>> boot, or a secondary boot ?
>>
>> Bruce
>>
>> > After booting openstack-image-controller, ran
>> > /etc/keystone/service-user-setup
>> >
>> > after that any keystone or openstack service commands giving below
>> > errors.
>> >
>> > root at controller:/etc/keystone# keystone user-list
>> > WARNING: Bypassing authentication using a token & endpoint
>> > (authentication
>> > credentials are being ignored).
>> > Unable to establish connection to
>> > http://controller:8081/keystone/admin/v2.0/users
>> >
>> > root at controller:/etc/keystone# keystone --debug user-list
>> > WARNING: Bypassing authentication using a token & endpoint
>> > (authentication
>> > credentials are being ignored).
>> > DEBUG:keystoneclient.session:REQ: curl -i -X GET
>> > http://controller:8081/keystone/admin/v2.0/users -H "User-Agent:
>> > python-keystoneclient" -H "X-Auth-Token:
>> > {SHA1}5baa61e4c9b93f3f0682250b6cf8331b7ee68fd8"
>> > INFO:requests.packages.urllib3.connectionpool:Starting new HTTP
>> > connection
>> > (1): controller
>> > Unable to establish connection to
>> > http://controller:8081/keystone/admin/v2.0/users
>> >
>> >
>> > my environment variables are
>> > root at controller:/etc/keystone# env
>> > TERM=xterm
>> > SHELL=/bin/sh
>> > SSH_CLIENT=192.168.7.220 54638 22
>> > SSH_TTY=/dev/pts/0
>> > USER=root
>> > MAIL=/var/mail/root
>> > PATH=/usr/local/bin:/usr/bin:/bin:/usr/local/sbin:/usr/sbin:/sbin
>> > PWD=/etc/keystone
>> > OS_PASSWORD=password
>> > EDITOR=/bin/vi
>> > TZ=UTC
>> > PS1=\u@\h:\w\$
>> > OS_AUTH_URL=http://controller:8081/keystone/main/v2.0/
>> > OS_USERNAME=admin
>> > SHLVL=1
>> > HOME=/home/root
>> > OS_TENANT_NAME=admin
>> > LOGNAME=root
>> > SSH_CONNECTION=192.168.7.220 54638 192.168.7.2 22
>> > SERVICE_ENDPOINT=http://controller:8081/keystone/admin/v2.0
>> > SERVICE_TOKEN=password
>> > _=/usr/bin/env
>> > OLDPWD=/home/root
>> >
>> >
>> > keystone.conf is
>> > # The port number which the public service listens on
>> > # public_port = 5000
>> >
>> > # The port number which the public admin listens on
>> > # admin_port = 35357
>> > admin_endpoint = http://192.168.7.2:8081/keystone/admin/
>> > public_endpoint = http://192.168.7.2:8081/keystone/main/
>> >
>> >
>> > I will be really thankful, if you could guide me.
>> >
>> > Thanks,
>> > Srinivas.
>> >
>> >
>> >
>> > --
>> > _______________________________________________
>> > meta-virtualization mailing list
>> > meta-virtualization at yoctoproject.org
>> > https://lists.yoctoproject.org/listinfo/meta-virtualization
>> >
>>
>>
>>
>> --
>> "Thou shalt not follow the NULL pointer, for chaos and madness await
>> thee at its end"
>
>



-- 
"Thou shalt not follow the NULL pointer, for chaos and madness await
thee at its end"

More information about the meta-virtualization mailing list