Sounds like your Keystone service is not running. Try
service keystone status
to see if it is running.
Mark
From: Openstack
[mailto:openstack-bounces+mark.m.miller=hp@lists.launchpad.net] On Behalf
Of CHABANI Mohamed El Hadi
Sent: Tuesday, June 25, 2013 8:30 AM
To: Remo
If you keystone log file is not set up correctly, keystone uses /var/log/syslog.
Mark
From: Openstack
[mailto:openstack-bounces+mark.m.miller=hp@lists.launchpad.net] On Behalf
Of CHABANI Mohamed El Hadi
Sent: Tuesday, June 25, 2013 8:30 AM
To: Remo Mattei
Cc: openstack@lists.launchpad.net
The keystone service will open these 2 ports. They are defined in file
/etc/keystone/keystone.conf
From: Openstack
[mailto:openstack-bounces+mark.m.miller=hp@lists.launchpad.net] On Behalf
Of CHABANI Mohamed El Hadi
Sent: Tuesday, June 25, 2013 7:48 AM
To: Виль Суркин
Cc:
I struggled figuring out the v3 syntax myself. Here is the same command in v2.0
and v3 format:
openstack --os-token 012345SECRET99TOKEN012345 --os-auth-url
http://15.253.57.115:35357/v3; --os-url http://15.253.57.115:35357/v3;
--log-file /var/log/os.log --os-identity-api-version 3 role list
Thank you Dolph.
Mark
From: Dolph Mathews [mailto:dolph.math...@gmail.com]
Sent: Wednesday, May 29, 2013 12:55 PM
To: Miller, Mark M (EB SW Cloud - RD - Corvallis); openstack
Cc: Yee, Guang
Subject: Re: Keystone 8K header size limit
Apologies, none of these configuration settings were
Hello Adam,
I have been waiting for a separation such as this. There is no way HP would
allow us to muck with their LDAP servers other than read only.
Mark
-Original Message-
From: Openstack
[mailto:openstack-bounces+mark.m.miller=hp@lists.launchpad.net] On Behalf
Of Adam Young
Hi,
I have a loop that gets PKI tokens from Keystone (RC2). After about 116 loops I
get the following error and have to reset Keystone to continue. Has anyone else
run into this?
Thanks,
Mark
(keystone.auth.controllers): 2013-03-29 11:14:01,274 ERROR (OperationalError)
(1040, 'Too many
Hello,
I have enabled PKI tokens on my Keystone Server
[ssl]
#enable = True
enable = False
##certfile = /etc/keystone/ssl/certs/keystone.pem
##keyfile = /etc/keystone/ssl/private/keystonekey.pem
#certfile = /etc/keystone/ssl/certs/signing_cert.pem
#keyfile =
Hello,
I was able to setup a Grizzly-2 Keystone server with PKI and SSL enabled on an
Ubuntu 12.04 server. I updated to Grizzly-3 and am able to enable PKI but not
SSL. I get Connection refused. Has anyone else run into this problem? Does
anyone else have SSL working with Grizzly-3 Keystone?
@lists.launchpad.net] On Behalf
Of Miller, Mark M (EB SW Cloud - RD - Corvallis)
Sent: Thursday, March 14, 2013 2:31 PM
To: openstack@lists.launchpad.net (openstack@lists.launchpad.net)
Subject: [Openstack] Grizzly-3 Keystone SSL Connection Refused
Hello,
I was able to setup a Grizzly-2 Keystone server
I ran into a similar problem with the Grizzly-3 Keystone release. I had to
specify keystone.conf as the config-file with keystone-manage/ db_sync command
otherwise it would not use the mysql statement in the keystone.conf file.
Mark
From:
Hello,
I have been testing the new Policy APIs and looking at the policy table in the
Keystone database. When I consider the OpenStack services including Keystone,
I find that they all use a policy.json file stored on the file system. So my
question is how is this new Keystone policy feature
What does your keystone.conf file have for the following sections?
[signing]
#token_format = UUID
token_format = PKI
certfile = /etc/keystone/ssl/certs/signing_cert.pem
keyfile = /etc/keystone/ssl/private/signing_key.pem
ca_certs = /etc/keystone/ssl/certs/ca.pemkey_size = 1024
valid_days = 3650
Hello,
I am sorry but I am still a tad bit confused with this email thread.
As of the Grizzly-3 release:
1. Do Grizzly-3 OpenStack services like Nova accept and validate
Keystone V3 tokens (both UUID and PKI) ?
2. Do Grizzly-3 OpenStack services use the Keystone v2.0 APIs or do
Try adding the config file name to the command line:
keystone-manage --config-file /etc/keystone/keystone.conf db_sync
Mark
-Original Message-
From: openstack-bounces+mark.m.miller=hp@lists.launchpad.net
[mailto:openstack-bounces+mark.m.miller=hp@lists.launchpad.net]
Brad,
The following to turn off SSL and PKI.
Mark
-
[ssl]
enable = False
#certfile = /etc/keystone/ssl/certs/keystone.pem
#keyfile = /etc/keystone/ssl/private/keystonekey.pem
#ca_certs = /etc/keystone/ssl/certs/ca.pem
#cert_required = True
[signing]
token_format = UUID
://localhost:%(public_port)s/
admin_endpoint = http://localhost:%(admin_port)s/
Mark
-Original Message-
From: Brad Knowles [mailto:bknow...@momentumsi.com]
Sent: Tuesday, March 05, 2013 1:15 PM
To: Miller, Mark M (EB SW Cloud - RD - Corvallis)
Cc: Brad Knowles; Koert van der Veer
To run my backwards compatibility tests, I had to change file controller.py as
follows:
# token_data = token_ref['token_data']
token_data = token_ref
Unfortunately I don't know if this broke Keystone in some other way. So far it
doesn't appear to have caused other problems.
Mark
what I thought was true.
Thanks again,
Mark Miller
From: Dolph Mathews [mailto:dolph.math...@gmail.com]
Sent: Monday, March 04, 2013 2:03 PM
To: Miller, Mark M (EB SW Cloud - RD - Corvallis)
Cc: openstack@lists.launchpad.net (openstack@lists.launchpad.net); Brownell,
Jonathan C (Corvallis)
Subject
Attached is my keystone.conf file.
Mark
From: KangEdda [mailto:dellab...@hotmail.com]
Sent: Thursday, February 28, 2013 5:09 PM
To: Miller, Mark M (EB SW Cloud - RD - Corvallis);
openstack@lists.launchpad.net
Subject: RE: [Openstack] Keystone Grizzly-3 Tokens not getting saved to database
I have a question about the keystone client. You just mentioned
keystoneclient.v3. I was under the impression that the keystone client was
going to be deprecated and replaced by the openstackclient. However, when I
checked yesterday I noticed that the openstackclient was listed as abandoned.
asking
about compatibility.
Mark
From: Dolph Mathews [mailto:dolph.math...@gmail.com]
Sent: Friday, March 01, 2013 4:46 PM
To: Miller, Mark M (EB SW Cloud - RD - Corvallis)
Cc: openstack@lists.launchpad.net (openstack@lists.launchpad.net); Yee, Guang
Subject: Re: [Openstack] Possible keystone
I had difficulty with the db_sync command and had to specify the keystone.conf
file. I think it was trying to access a sqlite database even though I am using
MySQL.
Ø keystone-manage --config-file /etc/keystone/keystone.conf db_sync
Mark
From:
Hello,
I have some tests that attempt to retrieve tenants/projects from Keystone using
an admin user's token. The test gave the following error:
{error: {message: coercing to Unicode: need string or buffer, NoneType
found, code: 400, title: Bad Request}}
The same code works fine if I use the
Hello,
I have trying to install Keystone Grizzly-3 and cannot get past the following
error. The keystone-manage db_sync command is generating the following error.
I have tried deleting and re-creating the MySQL database (connection =
mysql://keystonedbadmin:password@15.253.59.37/keystone) but
at 2:39 PM, Dolph Mathews
dolph.math...@gmail.commailto:dolph.math...@gmail.com wrote:
Thanks for the feedback; cc'ing Adam Young. I raised a bug to track the issue:
https://bugs.launchpad.net/keystone/+bug/1133608
-Dolph
On Tue, Feb 26, 2013 at 2:24 PM, Miller, Mark M (EB SW Cloud - RD
Hello,
Now that I have a MySQL keystone database ( keystone-manage --config-file
/etc/keystone/keystone.conf db_sync), I was able to create my first domain. At
first I thought it did not get created because of the error seen below in the
screen shot, however when I checked the database, the
DEBUG 15.253.59.37 - -
[26/Feb/2013 15:02:22] GET /v3/domains HTTP/1.1 400 343 0.009875
From: Jones, Richard (Mr. Netperf)
Sent: Tuesday, February 26, 2013 3:04 PM
To: Miller, Mark M (EB SW Cloud - RD - Corvallis)
Subject: Re: [Openstack] Grizzly-3 Keystone
Hello,
We are moving from OpenStack Essex to Grizzly and I am trying to find out how
the new domain security collection will be used by the OpenStack services
like Nova or Glance. I would greatly appreciate any information or
documentation pointers.
Regards,
Mark Miller
without having any knowledge about them.
Mark
From: Dolph Mathews [mailto:dolph.math...@gmail.com]
Sent: Monday, February 25, 2013 2:01 PM
To: Miller, Mark M (EB SW Cloud - RD - Corvallis)
Cc: openstack@lists.launchpad.net
Subject: Re: [Openstack] Usage of New Keystone Domains with OpenStack
of the other examples in the document.
Mark
-Original Message-
From: openstack-bounces+mark.m.miller=hp@lists.launchpad.net
[mailto:openstack-bounces+mark.m.miller=hp@lists.launchpad.net] On Behalf
Of Miller, Mark M (EB SW Cloud - RD - Corvallis)
Sent: Thursday, February 07, 2013 1:42
To: Miller, Mark M (EB SW Cloud - RD - Corvallis)
Subject: Re: [Openstack] keystone question - Solved
- keystoneclient currently provides a python client library for both Identity
API v2 and v3
- keystoneclient currently provides a command line interface for Identity API
v2 -- but will not do so
Hi all,
I have spent several days installing Grizzly-2 Keystone with SSL and PKI and
think I have been successful. I can see some of the new API resources such as
v3/domains, v3/groups, and v3/services, but I don't see these listed as
commands in the keystoneclient. Are they simply not
33 matches
Mail list logo