Ask Your Question
0

OS_SERVICE_ENDPOINT vs OS_AUTH_URL [closed]

asked 2014-05-28 10:28:52 -0600

black sensei gravatar image

updated 2014-05-28 10:29:26 -0600

Hello I have been following a the pdf documentation for ubuntu 12.04/14/04 downloaded from openstack site using ubuntu 14.04. I have been following till the poing of the chapter 3 Configure the identity service where it's about creating an administrative user page 25. 

keystone user-create --name=admin --pass=myadminpass --email=myadmin@email.com

it throws this following error:

Expecting an auth URL via either --os-auth-url or env[OS_AUTH_URL]

But up to that page there has never been any reference to OS_AUTH_URL variable. Only known to that point are 

OS_SERVICE_TOKEN=mytoken
OS_SERVICE_ENDPOINT=http://controller:35357/v2.0

For search some use http://controller:5000/v2.0 for OS_AUTH_URL. So which one to use. I am not sure whether it's an oversight from the documenters or I was supposed to have known that part. For the mean time I just need a way to continue my setup. There seem to be other variables like : OS_TENANT_NAME , OS_USERNAME , OS_PASSWORD, OS_AUTH_URL .

Kindly show me the way forward.

Thanks

edit retag flag offensive reopen merge delete

Closed for the following reason the question is answered, right answer was accepted by SamYaple
close date 2014-05-30 12:21:21.217725

add a comment

1 answer

Sort by ยป oldest newest most voted
1

answered 2014-05-28 11:39:09 -0600

SamYaple gravatar image

I can see how that is a bit confusing.

Keystone has two ways of authenticating.

  • The first one uses the traditional username/password combination:

keystone --os-username <auth-user-name> --os-password <auth-password> --os-tenant-name <auth-tenant-name> --os-auth-url <auth-url>

  • The second one authenticates with a token. Technically it is bypassing authentication entirely. It is typically used to setup the initial users and for recovery purposes:

keystone --os-token <service-token> --os-endpoint <service-endpoint>

Notice auth-url is used for the username/password/tenant, while endpoint is paired with the token authentication.

edit flag offensive delete link more

Comments

Hello Thanks for the prompt response. However my method is also bypassing the use of username and password but still it requires somehow the presence of the authentication url. So without that set either in the environment variable there is no way of moving from keystone user-create command point.

black sensei gravatar imageblack sensei ( 2014-05-28 11:45:13 -0600 )edit

Check your enviroment. What variables do you have set? If you have certain ones set it will try and use that form of authentication.

SamYaple gravatar imageSamYaple ( 2014-05-28 13:09:08 -0600 )edit

I had these 2 exactly as documented: OS_SERVICE_TOKEN and OS_SERVICE_ENDPOINT

black sensei gravatar imageblack sensei ( 2014-05-28 13:34:58 -0600 )edit

Just those two, no other enviroment variables?

SamYaple gravatar imageSamYaple ( 2014-05-28 13:40:22 -0600 )edit

Yes those two only. Because those are the environment mentioned in the documentation at that point

black sensei gravatar imageblack sensei ( 2014-05-28 14:23:49 -0600 )edit
see more comments

Get to know Ask OpenStack

Resources for moderators

Question Tools

1 follower

subscribe to rss feed

Stats

Asked: 2014-05-28 10:28:52 -0600

Seen: 1,578 times

Last updated: May 28 '14

Related questions

How to backup and restore keystone db ?

Not able to access Controller from Instance VM

CentOS 7: fails to install openstack-keystone and python-keystoneclient

Openstack security group rules implemented ?

openstack juno installlation for production on ubuntu 14.04 OS.

What is the authorization scope of a federated user ?

_init_go () got unexpected keyword argument 'token'

How to check OpenStack Keystone LDAP working ?

Could not find user: demo

Unable to establish connection to http://controller:35357/v3/services