keystone: unable to use --config-dir/--config--file

asked 2018-10-05 01:17:18 -0600

I am trying to use --config-dir / --config-file option with keystone-mange but it keeps throwing unrecognized arguments error.

keystone# keystone-manage --version
keystone-manage --help
usage: keystone-manage [bootstrap|credential_migrate|credential_rotate|credential_setup|db_sync|db_version|doctor|domain_config_upload|fernet_rotate|fernet_setup|mapping_populate|mapping_purge|mapping_engine|pki_setup|saml_idp_metadata|token_flush]

optional arguments:
  -h, --help            show this help message and exit
  --config-dir DIR      Path to a config directory to pull *.conf files from.
                        This file set is sorted, so as to provide a
                        predictable parse order if individual options are
                        over-ridden. The set is parsed after the file(s)
                        specified via previous --config-file, arguments hence
                        over-ridden options in the directory take precedence.
  --config-file PATH    Path to a config file to use. Multiple config files
                        can be specified, with values in later files taking
                        precedence. Defaults to None.
keystone# /usr/bin/keystone-manage fernet_setup --config-file /etc/keystone/keystone.conf --keystone-user keystone --keystone-group keystone
usage: keystone-manage [bootstrap|credential_migrate|credential_rotate|credential_setup|db_sync|db_version|doctor|domain_config_upload|fernet_rotate|fernet_setup|mapping_populate|mapping_purge|mapping_engine|pki_setup|saml_idp_metadata|token_flush]
keystone-manage: error: unrecognized arguments: --config-file /etc/keystone/keystone.conf
keystone# /usr/bin/keystone-manage fernet_setup --config-file /etc/keystone --keystone-user keystone --keystone-group keystone
usage: keystone-manage [bootstrap|credential_migrate|credential_rotate|credential_setup|db_sync|db_version|doctor|domain_config_upload|fernet_rotate|fernet_setup|mapping_populate|mapping_purge|mapping_engine|pki_setup|saml_idp_metadata|token_flush]
keystone-manage: error: unrecognized arguments: --config-file /etc/keystone

Any pointers?


1 answer

answered 2018-10-05 01:56:38 -0600

updated 2018-10-05 03:42:39 -0600

Have you tried to switch positions of your arguments? Try

keystone# /usr/bin/keystone-manage --config-file /etc/keystone fernet_setup --keystone-user keystone --keystone-group keystone

It's not really clear from the help page where to put the options, in that case I would also expect that the order shouldn't matter, well obviously it does.

Thanks. The above doesn't work but this finally worked.

/usr/bin/keystone-manage --config-file /etc/keystone/keystone.conf fernet_rotate --keystone-user keystone --keystone-group keystone
Great, I just tried it with the config-file option but without user and group.

I corrected the answer for other users. Is there any particular reason you want to use the default config file as an option in the command line? You don't need it if your configs are in the default locations, in this case only --keystone-user and --keystone-group would be required.

default config file is just to verify that the param --config-file works. My requirement is to specify another config file which will enable fernet key rotation in separate directory.

Okay, that seems reasonable.

