[Openstack] Openstack Kilo Fresh install on Centos7 Create Keystone Service Error
BUTTS, Darren (Darren)** CTR **
darren.butts at alcatel-lucent.com
Thu May 28 06:34:14 UTC 2015
Matt
I am going through the install yet again and I noticed that and granted it could be nothing but in the documentation the user prompt appears to be different at the point of creating the service. Should I be logging in as keystone user at this point in order to run the create service ?
Darren
From: Matt Kassawara [mailto:mkassawara at gmail.com]
Sent: 26 May 2015 21:45
To: Mehdi BADAOUI
Cc: BUTTS, Darren (Darren)** CTR **; openstack at lists.openstack.org
Subject: Re: [Openstack] Openstack Kilo Fresh install on Centos7 Create Keystone Service Error
Please stop with the misinformation. Kilo was released on April 30th and the RDO packages several weeks later. In this particular case, I see no reason to use Juno or avoid using Apache in front of keystone.
Darren,
This almost seems like a DNS issue. Do the contents of /etc/hosts, Apache "ServerName" directive, and network configuration match up?
On Tue, May 26, 2015 at 10:58 AM, Mehdi BADAOUI <mehdiuniv at gmail.com<mailto:mehdiuniv at gmail.com>> wrote:
Darren,
Send me your logs please?
Regards,
2015-05-26 17:53 GMT+02:00 BUTTS, Darren (Darren)** CTR ** <darren.butts at alcatel-lucent.com<mailto:darren.butts at alcatel-lucent.com>>:
Mehdi
I thought Kilo had been officially released sorry for any misunderstanding. I will look into using Juno however it would be good to understand perhaps why this is happening in Kilo for this fresh installation as I am following the documentation so not really sure where it is going wrong.
Thanks
Darren
From: Mehdi BADAOUI [mailto:mehdiuniv at gmail.com<mailto:mehdiuniv at gmail.com>]
Sent: 26 May 2015 15:58
To: BUTTS, Darren (Darren)** CTR **
Cc: Matt Kassawara; openstack at lists.openstack.org<mailto:openstack at lists.openstack.org>
Subject: Re: [Openstack] Openstack Kilo Fresh install on Centos7 Create Keystone Service Error
I think it's better to use Juno version, KILO is not a final version.
And for your problem, i propose:
1- Delete Keystone database
#mysql - u root -p
password:
mysql> show databases;
mysql> DROP DATABASE keystone;
mysql> exit
2- Create a new database "keystone"
mysql -u root -p
mysql> CREATE DATABASE keystone;
mysql> GRANT ALL PRIVILEGES ON keystone.* TO 'keystone'@'%' IDENTIFIED BY 'keystone_dbpass';
mysql> quit
3- in keystone.conf
admin_token= <results of command openssl rand –hex 10>
connection = mysql://keystone:keystone_pass@server_ip/keystone
4- Export variable
export OS_SERVICE_TOKEN= <same results of admin_token in keystone.conf >
export OS_SERVICE_ENDPOINT=http://server_ip:35357/v2.0
5- Create admin user........
keystone tenant-create --name=admin --description="Admin Tenant"
keystone tenant-create --name=service --description="Service Tenant"
keystone user-create --name=admin --pass=ADMIN --email=admin at example.com<http://example.com>
keystone role-create --name=admin
keystone user-role-add --user=admin --tenant=admin --role=admin
6- Create keystone service
keystone service-create --name=keystone --type=identity --description="Keystone Identity Service"
7- Create keystone endpoint
keystone endpoint-create --service=keystone --publicurl=http://10.0.0.1:5000/v2.0 --internalurl=http://10.0.0.1:5000/v2.0 --adminurl=http://10.0.0.1:35357/v2.0
8- Unset the exported values
unset OS_SERVICE_TOKEN
unset OS_SERVICE_ENDPOINT
9- Create a file named creds and add the following lines
export OS_USERNAME=admin
export OS_PASSWORD=ADMIN
export OS_TENANT_NAME=admin
export OS_AUTH_URL=http://server_ip:35357/v2.0
10 - Source the file
source creds
11- Test the keysone setup
keystone token-get
keystone user-list
Good luck,
2015-05-26 16:44 GMT+02:00 BUTTS, Darren (Darren)** CTR ** <darren.butts at alcatel-lucent.com<mailto:darren.butts at alcatel-lucent.com>>:
Mehdi
I am attempting to install Kilo.
Darren
From: Mehdi BADAOUI [mailto:mehdiuniv at gmail.com<mailto:mehdiuniv at gmail.com>]
Sent: 26 May 2015 15:42
To: Matt Kassawara
Cc: BUTTS, Darren (Darren)** CTR **; openstack at lists.openstack.org<mailto:openstack at lists.openstack.org>
Subject: Re: [Openstack] Openstack Kilo Fresh install on Centos7 Create Keystone Service Error
Which version of Openstack do you Using?
2015-05-26 16:22 GMT+02:00 Matt Kassawara <mkassawara at gmail.com<mailto:mkassawara at gmail.com>>:
A 404 indicates that Apache is probably listening on ports 5000 and 35357. Can you check with the 'ss -lntp' command to verify both ports? Also, can you check the WSGI configuration (wsgi-keystone.conf) again and the files that you copy into the /var/www/cgi-bin/keystone directory?
On Tue, May 26, 2015 at 8:11 AM, BUTTS, Darren (Darren)** CTR ** <darren.butts at alcatel-lucent.com<mailto:darren.butts at alcatel-lucent.com>> wrote:
All
I am currently trying to install the Openstack Kilo release for the first time on a centos 7 virtual machine. Following the steps in the installation guide I get to :
Create the service entity and API endpoint
At this point I am always faced with an HTTP error and depending on the OS_URL I use the error is different :
export OS_URL=http://controller:35357/v2.0
openstack service create --name keystone --description "OpenStack Identity" identity
ERROR: openstack Not Found (HTTP 404)
export OS_URL=http://controller.npi-openstack.com:35357/v2.0
openstack service create --name keystone --description "OpenStack Identity" identity
ERROR: openstack Not Found (HTTP 404)
export OS_URL=http://127.0.0.1:35357/v2.0
openstack service create --name keystone --description "OpenStack Identity" identity
ERROR: openstack Service Unavailable (HTTP 503)
export OS_URL=http://127.0.0.1:5000/v2.0
openstack service create --name keystone --description "OpenStack Identity" identity
ERROR: openstack Service Unavailable (HTTP 503)
export OS_URL=http://controller:5000/v2.0
openstack service create --name keystone --description "OpenStack Identity" identity
ERROR: openstack Not Found (HTTP 404)
Specifying the host name generates a different error to the local host, I can see that the port is listening using `netstat –l`
tcp 0 0 0.0.0.0:openstack-id 0.0.0.0:* LISTEN
As his release is using the WSG process I can also see the sockets active :
unix 2 [ ACC ] STREAM LISTENING 20240 /run/httpd/wsgi.3252.0.1.sock
unix 2 [ ACC ] STREAM LISTENING 20243 /run/httpd/wsgi.3252.0.2.sock
Http errors logs show :
[root at controller httpd]# more keystone-error.log
2015-05-26 12:50:56.567779 mod_wsgi (pid=3260): Attach interpreter ''.
2015-05-26 12:50:56.574241 mod_wsgi (pid=3253): Attach interpreter ''.
2015-05-26 12:50:56.595580 mod_wsgi (pid=3259): Attach interpreter ''.
2015-05-26 12:50:56.603280 mod_wsgi (pid=3257): Attach interpreter ''.
2015-05-26 12:50:56.613034 mod_wsgi (pid=3261): Attach interpreter ''.
2015-05-26 12:50:56.621634 mod_wsgi (pid=3255): Attach interpreter ''.
2015-05-26 12:50:56.649824 mod_wsgi (pid=3256): Attach interpreter ''.
2015-05-26 12:50:56.656236 mod_wsgi (pid=3258): Attach interpreter ''.
2015-05-26 12:50:56.657031 mod_wsgi (pid=3254): Attach interpreter ''.
2015-05-26 12:50:56.662904 mod_wsgi (pid=3262): Attach interpreter ''.
[root at controller httpd]# more error_log
[Tue May 26 12:50:56.391098 2015] [suexec:notice] [pid 3252] AH01232: suEXEC mechanism enabled (wrapper: /usr/sbin/suexec)
[Tue May 26 12:50:56.430498 2015] [auth_digest:notice] [pid 3252] AH01757: generating secret for digest authentication ...
[Tue May 26 12:50:56.432171 2015] [lbmethod_heartbeat:notice] [pid 3252] AH02282: No slotmem from mod_heartmonitor
[Tue May 26 12:50:56.479156 2015] [mpm_prefork:notice] [pid 3252] AH00163: Apache/2.4.6 (CentOS) mod_wsgi/3.4 Python/2.7.5 configured -- resuming normal ope
rations
[Tue May 26 12:50:56.479244 2015] [core:notice] [pid 3252] AH00094: Command line: '/usr/sbin/httpd -D FOREGROUND'
This is my first time attempting to install Openstack although I have now gone through the process numerous times unsuccessfully by killing and rebuilding the
Virtual machine so I know that there is nothing transient in the system to suddenly cause it to work should it do so.
As a side note I have disabled the firewall and also SELINUX to see if that has any effect but it doesn’t.
Any help would be greatly appreciated.
Darren
_______________________________________________
Mailing list: http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
Post to : openstack at lists.openstack.org<mailto:openstack at lists.openstack.org>
Unsubscribe : http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
_______________________________________________
Mailing list: http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
Post to : openstack at lists.openstack.org<mailto:openstack at lists.openstack.org>
Unsubscribe : http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
--
[http://www.pole-esg.fr/images/picto-linkedin-22x22.png] <http://dz.linkedin.com/pub/mehdi-badaoui/20/944/3ab/>
--
[http://www.pole-esg.fr/images/picto-linkedin-22x22.png] <http://dz.linkedin.com/pub/mehdi-badaoui/20/944/3ab/>
--
[http://www.pole-esg.fr/images/picto-linkedin-22x22.png] <http://dz.linkedin.com/pub/mehdi-badaoui/20/944/3ab/>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openstack.org/pipermail/openstack/attachments/20150528/239b0440/attachment.html>
More information about the Openstack
mailing list