Ceilometer v3 auth against Keystone

asked 2014-12-05 09:56:30 -0500

johanhedberg gravatar image


Is there anyone who knows how to configure Ceilometer to authenticate using the v3 API for Keystone?

I've tried set auth_version, auth_uri and os_auth_url to the correct values for v3, but Ceilometer still seems to treat the v3 endpoint as if it was a v2 endpoint, which obviously doesn't work.

I'm kinda stuck here and any help is much appreciated.

edit retag flag offensive close merge delete

1 answer

Sort by ยป oldest newest most voted

answered 2014-12-05 11:33:37 -0500

Each service talks with keystone to

1) Get a token for its service account

2) Validate user's token

As of Icehouse user's token is by default validated against v3 api. Service account support for v3 is still work in progress. As of now service account has to be v2 account ((i.e) Account in default domain )

edit flag offensive delete link more


Okay, I see. So if I have my Keystone configured with v3 endpoints (because we want to use v3 for everything we can). How should I configure ceilometer so it can authenticate itself properly? It seems that even if I try to specify v2 in configuration, ceilometer still picks up the v3 endpoint?

johanhedberg gravatar imagejohanhedberg ( 2014-12-07 14:34:04 -0500 )edit

As I said before, cieliometer can't use v3 for getting service tokens since middleware doesn't support it.For token validation it is going to use v3 even if you specify v2 in config file since it automatically discovers the version and choose the highest verion of api which is v3

Haneef Ali gravatar imageHaneef Ali ( 2014-12-08 12:11:28 -0500 )edit

Get to know Ask OpenStack

Resources for moderators

Question Tools


Asked: 2014-12-05 09:56:30 -0500

Seen: 487 times

Last updated: Dec 05 '14