Ask Your Question

Register Designate with Keystone

asked 2014-10-30 11:52:52 -0500

dplolling67 gravatar image

Hi, I am very new to Open Stack and Designate. I am following one of several quick start guides for installing Designate on Ubuntu. I am actually installing on Centos 6.5

I have PowerDNS, Designate and Keystone installed and it seems to be running correctly however, the only step I cannot find documentation on how to complete, is "How To register Designate with Keystone".

When I try to check the API using the recommended "http://IP.Address:9001/v1/command" it always returns Authentication required.

Is this because I have not registered Designate with Keystone or another problem?


edit retag flag offensive close merge delete

3 answers

Sort by ยป oldest newest most voted

answered 2014-10-31 01:38:36 -0500

rajiv-kumar gravatar image

Usually Keystone listens on two ports 5000 and 35357(admin API) untill or unless you change its default behavior. By looking at you url, i think you are giving wrong port number. If you share exact url that might help.

edit flag offensive delete link more

answered 2014-10-31 01:05:21 -0500

teju gravatar image

updated 2014-10-31 06:39:28 -0500

edit flag offensive delete link more

answered 2015-10-23 04:09:01 -0500

itsme gravatar image

I found the way for doing the same.

Here it is detailed steps attached.

Registering keystone with designate:

Kestone Setup:

apt-get install keystone

Edit /etc/keystone/keystone.conf and change the [database] section:

connection = mysql://keystone:keystone@localhost/keystone

rm /var/lib/keystone/keystone.db

$ mysql -u root -p

mysql> CREATE DATABASE keystone;

mysql> GRANT ALL PRIVILEGES ON keystone.* TO 'keystone'@'localhost' \
  IDENTIFIED BY 'keystone';

mysql> GRANT ALL PRIVILEGES ON keystone.* TO 'keystone'@'%' \
  IDENTIFIED BY 'keystone';

mysql> exit

pip install mysql-python

su -s /bin/sh -c "keystone-manage db_sync" keystone

Execute the following command note down the value:

openssl rand -hex 10

Edit /etc/keystone/keystone.conf and change the [DEFAULT] section, replacing ADMIN_TOKEN with the results of the command:

# A "shared secret" between keystone and other openstack services
admin_token = ADMIN_TOKEN

Configure the log directory. Edit the /etc/keystone/keystone.conf file and update the [DEFAULT] section:

log_dir = /var/log/keystone

service keystone restart

Users tenants service and endpoint creation:

export OS_SERVICE_TOKEN=token_value
(please edit the token value generated above)

export OS_SERVICE_ENDPOINT=http://localhost:35357/v2.0

keystone tenant-create --name service --description "Service Tenant" --enabled true

keystone service-create --type dns --name designate --description="Designate"

keystone endpoint-create --service designate --publicurl --adminurl --internalurl

keystone user-create --name dnsaas --tenant service --pass dnsaas --enabled true

keystone role-create --name=admin

keystone user-role-add --user dnsaas --tenant service --role admin

apt-get install python-designateclient

Create an openrc file:

$ vi openrc

export OS_USERNAME=dnsaas
export OS_PASSWORD=dnsaas
export OS_TENANT_NAME=service
export OS_AUTH_URL=http://localhost:5000/v2.0/
export OS_AUTH_STRATEGY=keystone
export OS_REGION_NAME=RegionOne

source an openrc file:

. openrc

Note :

Execute or restart the designate-central and designate-api services.

designate domain-list command

designate domain-list

Above command is not returing any errors means fine to go.

edit flag offensive delete link more

Get to know Ask OpenStack

Resources for moderators

Question Tools

1 follower


Asked: 2014-10-30 11:52:52 -0500

Seen: 1,003 times

Last updated: Oct 23 '15