Ask Your Question

Problems starting swift with keystone integration

asked 2011-07-26 12:56:15 -0600

nerens gravatar image


I'm trying to get keystone running with swift but have an issue trying to start swift:

swift-init main start Starting proxy-server...(/etc/swift/proxy-server.conf) Unable to locate config for container-server Unable to locate config for account-server Unable to locate config for object-server /usr/lib/pymodules/python2.6/paste/deploy/ UserWarning: Module netifaces was already imported from /usr/lib/pymodules/python2.6/, but /usr/lib/pymodules/python2.6 is being added to sys.path import pkg_resources Traceback (most recent call last): File "/usr/bin/swift-proxy-server", line 22, in <module> run_wsgi(conf_file, 'proxy-server', default_port=8080, *options) File "/usr/lib/pymodules/python2.6/swift/common/", line 122, in run_wsgi loadapp('config:%s' % conf_file, global_conf={'log_name': log_name}) File "/usr/lib/pymodules/python2.6/paste/deploy/", line 204, in loadapp return loadobj(APP, uri, name=name, *kw) File "/usr/lib/pymodules/python2.6/paste/deploy/", line 224, in loadobj global_conf=global_conf) File "/usr/lib/pymodules/python2.6/paste/deploy/", line 248, in loadcontext global_conf=global_conf) File "/usr/lib/pymodules/python2.6/paste/deploy/", line 278, in _loadconfig return loader.get_context(object_type, name, global_conf) File "/usr/lib/pymodules/python2.6/paste/deploy/", line 405, in get_context global_additions=global_additions) File "/usr/lib/pymodules/python2.6/paste/deploy/", line 496, in _pipeline_app_context % (', '.join(local_conf.keys()))) TypeError: not enough arguments for format string

My keystone conf looks as follows:


Show more verbose log output (sets INFO log level output)

verbose = True

Show debugging output in logs (sets DEBUG log level output)

debug = True

Which backend store should Keystone use by default.

Default: 'sqlite'

Available choices are 'sqlite' [future will include LDAP, PAM, etc]

default_store = sqlite

Log to this file. Make sure you do not set the same log

file for both the API and registry servers!

#log_file = /var/log/keystone.log log_file = keystone.log

List of backends to be configured

backends = keystone.backends.sqlalchemy,keystone.backends.alterdb #For LDAP support, add: ,keystone.backends.ldap

Dictionary Maps every service to a header.Missing services would get header

X_(SERVICE_NAME) Key => Service Name, Value => Header Name

service-header-mappings = { 'nova' : 'X-Server-Management-Url', 'swift' : 'X-Storage-Url', 'cdn' : 'X-CDN-Management-Url'}

Address to bind the API server

TODO Properties defined within app not available via pipeline.

service_host =

Port the bind the API server to

service_port = 5000

Address to bind the Admin API server

admin_host =

Port the bind the Admin API server to

admin_port = 5001

#Role that allows to perform admin operations. keystone-admin-role = Admin


SQLAlchemy connection string for the reference implementation registry

server. Any valid SQLAlchemy connection string is fine.


sql_connection = sqlite:///keystone.db backend_entities = ['UserGroupAssociation', 'UserRoleAssociation', 'Endpoints', 'Role', 'Tenant', 'User', 'Group', 'Credentials', 'EndpointTemplates']

Period in seconds after which SQLAlchemy should reestablish its connection

to the database.

sql_idle_timeout = 30


SQLAlchemy connection string for the reference implementation registry

server. Any valid SQLAlchemy connection string is fine.

See: http://bit ...

edit retag flag offensive close merge delete

3 answers

Sort by ยป oldest newest most voted

answered 2011-10-20 00:28:29 -0600

sunny790821 gravatar image

Is it possible to use two kind of auth (both keystone, swauth) at the same time?

edit flag offensive delete link more

answered 2011-07-26 14:35:32 -0600

nerens gravatar image

It looks like this error is due to config problem, I had an extra "account_autocreate = true" in proxy-server.conf.

I'm getting another error but that's for another post.

edit flag offensive delete link more

answered 2011-10-20 00:43:01 -0600

notmyname gravatar image

yes. you can have as many auth systems in the pipeline as you need. Each one /should/ be aware that they may not be the only auth system and therefore shouldn't clobber settings that other auth middleware make. Swauth does this. I do not know if the keystone middleware supports this, so I'd recommend that you put the keystone middleware before swauth in the pipeline.

edit flag offensive delete link more

Get to know Ask OpenStack

Resources for moderators

Question Tools

1 follower


Asked: 2011-07-26 12:56:15 -0600

Seen: 98 times

Last updated: Oct 20 '11