Ask Your Question

juno keystone driver persistence

asked 2014-11-25 00:57:03 -0500

cunningr69 gravatar image

updated 2014-11-26 01:12:53 -0500

I am following the install docs for Openstack juno release on Ubuntu 14.04. When configuring keystone I am trying to set the line:

driver = keystone.token.persistence.backends.sql.Token

however with this directive keystone will not start correctly however it doesn't seem to be creating any log files either.

When i remove this line keystone starts ok however I however I seem to be having problems further down the line with glance (Unsure if these two are related yet).

Here is the keystone.conf

cisco@kermit:~$ sudo grep -v ^# /etc/keystone/keystone.conf | grep -v ^$
connection = mysql://keystone:Cisco123@controller/keystone
provider = keystone.token.providers.uuid.Provider
Distribution = Ubuntu
edit retag flag offensive close merge delete


could you paste your keystone.conf in /etc/keystone/? This file is important for troubleshooting.

9lives gravatar image9lives ( 2014-11-25 03:00:35 -0500 )edit

looks like you are not turning debug switch on, try to turn it on in /etc/keystone.conf by

debug = True

then restart your keystone service and paste the keystone.log to

9lives gravatar image9lives ( 2014-11-26 01:50:24 -0500 )edit

cisco@kermit:~$ sudo egrep '^debug|^verbose' /etc/keystone/keystone.conf debug=True verbose=True cisco@kermit:~$ sudo egrep ^driver /etc/keystone/keystone.conf driver = keystone.token.persistence.backends.sql.Token

but the /var/log/keystone folder is still empty.

cunningr69 gravatar imagecunningr69 ( 2014-11-26 02:34:23 -0500 )edit

Here you go. I managed to get the logs to console by running keystone-all

cunningr69 gravatar imagecunningr69 ( 2014-11-26 05:36:11 -0500 )edit

3 answers

Sort by ยป oldest newest most voted

answered 2014-11-26 13:42:37 -0500

cunningr69 gravatar image

Ok I found my fix. I was hitting ->

Which meant that Ubuntu 14.04 wasn't actually pulling the latest packages so I wasn't actually using Juno (doh!)

I went back to the start and ran "sudo apt-get update; sudo apt-get upgrade" then went back and updated Openstack packages. I now have keystone and glance working as per install docs for Juno.

Thanks for all the pointers everyone that helped.

edit flag offensive delete link more

answered 2014-11-25 21:13:42 -0500

9lives gravatar image

The driver has been refactored in juno code 'keystone.token.backends.sql.Token' will be replaced in Kilo version by 'keystone.token.persistence.backends.sql.Token' per hacking the source code of juno release as follows

class Token(sql.Token):
    def __init__(self):
        super(Token, self).__init__()

So we need to use the new driver name and it should be ok, if not there might be a potential bug or something wrong with your keystone.conf.

Hope that helps!


edit flag offensive delete link more

answered 2014-11-25 04:09:19 -0500

Ram.Meena gravatar image

updated 2014-11-26 02:25:41 -0500

According to the official documentation Configuring Keystone in section 'Token Persistence Driver' below information has been published:-

Keystone supports customizable token persistence drivers. These can be specified in the [token] section of the configuration file. Keystone provides three non-test persistence backends. These can be set with the [token]\driver configuration option.

The drivers Keystone provides are:

keystone.token.persistence.backends.memcache_pool.Token - The pooled memcached token persistence engine. This backend supports the concept of pooled memcache client object (allowing for the re-use of the client objects). This backend has a number of extra tunable options in the [memcache] section of the config.

keystone.token.persistence.backends.sql.Token - The SQL-based (default) token persistence engine.

keystone.token.persistence.backends.memcache.Token - The memcached based token persistence backend. This backend relies on dogpile.cache and stores the token data in a set of memcached servers. The servers URLs are specified in the [memcache]\servers configuration option in the Keystone config.

However recently I have installed the Juno on RHEL 7 system and value of 'driver' parameter in my keystone.conf is below:


You may also try if it works. Meanwhile I am also going to check it on ubuntu based system and will update here with my findings.

edit flag offensive delete link more


Yes this setting does allow keystone to start however I am having problems later with glance auth failure (see ) and i am not sure if this is related. Possibly not?

cunningr69 gravatar imagecunningr69 ( 2014-11-26 03:13:40 -0500 )edit

Would you make a comparison between the three persistence backends in performance perspective?

jang gravatar imagejang ( 2015-03-20 23:37:11 -0500 )edit

Get to know Ask OpenStack

Resources for moderators

Question Tools



Asked: 2014-11-25 00:57:03 -0500

Seen: 1,043 times

Last updated: Nov 26 '14