keystone-manage db_sync failing unless "localhost" set in keystone.conf
Hello all. New to openstack. I'm attempting to set up Open Stack on CentOS 6.6 using the http://docs.openstack.org/icehouse/install-guide/install/yum/content/ch_basics.html (Icehouse instructions).
I'm running in to issues when I attempt the step on http://docs.openstack.org/icehouse/install-guide/install/yum/content/keystone-install.html (this page):
su -s /bin/sh -c "keystone-manage db_sync" keystone
The error I get is nothing on the screen, but /var/log/keystone/keystone.log gets populated with:
2015-04-17 18:50:47.336 5944 CRITICAL keystone [-] OperationalError: (OperationalError) (2003, "Can't connect to MySQL server on 'controller' (111)") None None
Strangely, however, the command works if I edit the keystone.conf file to use "localhost" instead of the hostname:
[database]
connection = mysql://keystone:KEYSTONE_DBPASS@controller/keystone
Does not work, but:
[database]
connection = mysql://keystone:KEYSTONE_DBPASS@localhost/keystone
Does work.
I think my MySQL permissions are correct, but something's broken, so they might not be. Here is the output from the MySQL database for users and the keystone privileges:
+----------+------------+
| user | host |
+----------+------------+
| keystone | % |
| root | 127.0.0.1 |
| root | controller |
| keystone | localhost |
| root | localhost |
+----------+------------+
5 rows in set (0.01 sec)
mysql> show grants for 'keystone'@'%';
+---------------------------------------------------------------------------------------------------------+
| Grants for keystone@% |
+---------------------------------------------------------------------------------------------------------+
| GRANT USAGE ON *.* TO 'keystone'@'%' IDENTIFIED BY PASSWORD '*442DFE587A8B6BE1E9538855E8187C1EFB863A73' |
| GRANT ALL PRIVILEGES ON `keystone`.* TO 'keystone'@'%' |
+---------------------------------------------------------------------------------------------------------+
2 rows in set (0.00 sec)
mysql> show grants for 'keystone'@'localhost';
+-----------------------------------------------------------------------------------------------------------------+
| Grants for keystone@localhost |
+-----------------------------------------------------------------------------------------------------------------+
| GRANT USAGE ON *.* TO 'keystone'@'localhost' IDENTIFIED BY PASSWORD '*442DFE587A8B6BE1E9538855E8187C1EFB863A73' |
| GRANT ALL PRIVILEGES ON `keystone`.* TO 'keystone'@'localhost' |
+-----------------------------------------------------------------------------------------------------------------+
2 rows in set (0.00 sec)
And here are some relevant lines from the /etc/my.cnf file:
symbolic-links=0
bind-address = 10.11.21.159
default-storage-engine = innodb
innodb_file_per_table
collation-server = utf8_general_ci
init-connect = 'SET NAMES utf8'
character-set-server = utf8
Does anyone know what I'm doing wrong?
What output can I provide that will help resolve the issue?
Thanks in advance.
(Edit) I figured out the answer with the help of a coworker, but do not have enough reputation to select my answer as THE answer. It is listed below.