Open Stack

Hi,


I was looking at this class in the keystone module:

keystone::disable_admin_token_auth

..which suggests:

# After this class is run,
# future puppet runs must have an openrc file with valid keystone v3
# admin credentials in /root/openrc available



So when I change the openrc file from the v2 to v3 keystone endpoint,
puppet runs then fail with various openstack provider errors.

e.g.

Error: Could not prefetch keystone_service provider 'openstack': Execution
of '/usr/bin/openstack service list --quiet --format csv --long' returned
2: openstack: 'service' is not an openstack command. See 'openstack --help'.
Did you mean one of these?
  resource member create
  resource member delete
  resource member list
  resource member show
  resource member update
  server add security group
  server add volume
  server create
  server delete
  server dump create
  server image create
  server list
  server lock
  server migrate
  server pause
  server reboot
  server rebuild
  server remove security group
  server remove volume
  server rescue
  server resize
  server resume
  server set
  server shelve
  server show
  server ssh
  server start
  server stop
  server suspend
  server unlock
  server unpause
  server unrescue
  server unset
  server unshelve (tried 44, for a total of 170 seconds)


..and..

Error:
/Stage[main]/Neutron::Keystone::Auth/Keystone::Resource::Service_identity[neutron]/Keystone_user[neutron]:
Could not evaluate: Execution of '/usr/bin/openstack domain list --quiet
--format csv' returned 2: openstack: 'domain' is not an openstack command.
See 'openstack --help'.
Did you mean one of these?
  command list
  container create
  container delete
  container list
  container save
  container set
  container show
  container unset (tried 44, for a total of 170 seconds)



The v3 openrc file I have in place, works fine when just using the
openstack cli, which makes the situation all the more strange :)   Here it
is for reference:

#!/bin/sh
export OS_NO_CACHE='true'
export OS_TENANT_NAME='admin'
export OS_USERNAME='admin'
export OS_PASSWORD='supersecret'
export OS_AUTH_URL='http://1.2.3.4:5000/v3/'
export OS_AUTH_STRATEGY='keystone'
export OS_IDENTITY_API_VERSION="3"
export OS_REGION_NAME='openstack'
export OS_USER_DOMAIN_NAME='default'
export OS_PROJECT_DOMAIN_NAME='default'
export CINDER_ENDPOINT_TYPE='publicURL'
export GLANCE_ENDPOINT_TYPE='publicURL'
export KEYSTONE_ENDPOINT_TYPE='publicURL'
export NOVA_ENDPOINT_TYPE='publicURL'
export NEUTRON_ENDPOINT_TYPE='publicURL'



Can anyone advise how the openrc file should be formatted ?

Thanks!




Cheers,
Just

-- 


Notice:  This email is confidential and may contain copyright material of 
members of the Ocado Group. Opinions and views expressed in this message 
may not necessarily reflect the opinions and views of the members of the 
Ocado Group. 

 

If you are not the intended recipient, please notify us immediately and 
delete all copies of this message. Please note that it is your 
responsibility to scan this message for viruses. 

 

Fetch and Sizzle are trading names of Speciality Stores Limited and Fabled 
is a trading name of Marie Claire Beauty Limited, both members of the Ocado 
Group.

 

References to the “Ocado Group” are to Ocado Group plc (registered in 
England and Wales with number 7098618) and its subsidiary undertakings (as 
that expression is defined in the Companies Act 2006) from time to time. 
 The registered office of Ocado Group plc is Titan Court, 3 Bishops Square, 
Hatfield Business Park, Hatfield, Herts. AL10 9NE.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openstack.org/pipermail/openstack-operators/attachments/20161110/aed19a62/attachment.html>