Keystone Adding Users - Auth URL

asked 2014-09-13 14:43:10 -0500

updated 2014-09-13 14:44:41 -0500

I am currently trying to define keystone users from the openstack icehouse documentation:

When running commands like:

sudo keystone user-create --name=admin --pass=$ADMIN_PASS --email=$ADMIN_EMAIL

I will get the error message: Expecting an auth URL via either --os-auth-url or env[OS_AUTH_URL].

However, if I then specify --os-auth-url at the end like so:

sudo keystone user-create --name=admin --pass=$ADMIN_PASS --email=$ADMIN_EMAIL --os-auth-url=$OS_SERVICE_ENDPOINT I get the following other error message:

usage: keystone [--version] [--timeout <seconds>]
                [--os-username <auth-user-name>]
                [--os-password <auth-password>]
                [--os-tenant-name <auth-tenant-name>]
                [--os-tenant-id <tenant-id>] [--os-auth-url <auth-url>]
                [--os-region-name <region-name>]
                [--os-identity-api-version <identity-api-version>]
                [--os-token <service-token>]
                [--os-endpoint <service-endpoint>]
                [--os-cacert <ca-certificate>] [--insecure]
                [--os-cert <certificate>] [--os-key <key>] [--os-cache]
                [--force-new-token] [--stale-duration <seconds>]
                <subcommand> ...
keystone: error: unrecognized arguments: --os-auth-url=

Furthermore, the environment variable OS_AUTH_URL is already defined.

What is the correct way to create the admin user?

OS: CentOS 6.5

edit retag flag offensive close merge delete

1 answer

Sort by ยป oldest newest most voted

answered 2014-09-13 15:59:16 -0500

larsks gravatar image

Your first problem is probably that you are running the command using sudo. There is no need to run OpenStack client commands with elevated privileges; your Unix permissions have very little to do with your authorization in OpenStack. Among other things, sudo sanitizes the environment, so if OS_AUTH_URL (and other OS_* variables) are set in your environment, they will not be visible to commands that you run using sudo.

Your second issue is that youare specifying --os-auth-url at the wrong point in the command line. You want this:

keystone  --os-auth-url=$OS_SERVICE_ENDPOINT \
  user-create --name=admin --pass=$ADMIN_PASS --email=$ADMIN_EMAIL

That is, the --os-auth-url option is a global argument, not an argument to the user-create subcommand.

edit flag offensive delete link more

Get to know Ask OpenStack

Resources for moderators

Question Tools

1 follower


Asked: 2014-09-13 14:43:10 -0500

Seen: 1,115 times

Last updated: Sep 13 '14