Ask Your Question

keystone-manage db_sync failing unless "localhost" set in keystone.conf

asked 2015-04-17 21:12:20 -0600

Locane gravatar image

updated 2015-04-20 19:33:40 -0600

Hello all. New to openstack. I'm attempting to set up Open Stack on CentOS 6.6 using the (Icehouse instructions).

I'm running in to issues when I attempt the step on (this page):

su -s /bin/sh -c "keystone-manage db_sync" keystone

The error I get is nothing on the screen, but /var/log/keystone/keystone.log gets populated with:

2015-04-17 18:50:47.336 5944 CRITICAL keystone [-] OperationalError: (OperationalError) (2003, "Can't connect to MySQL server on 'controller' (111)") None None

Strangely, however, the command works if I edit the keystone.conf file to use "localhost" instead of the hostname:

connection = mysql://keystone:KEYSTONE_DBPASS@controller/keystone

Does not work, but:

connection = mysql://keystone:KEYSTONE_DBPASS@localhost/keystone

Does work.

I think my MySQL permissions are correct, but something's broken, so they might not be. Here is the output from the MySQL database for users and the keystone privileges:

| user     | host       |
| keystone | %          |
| root     |  |
| root     | controller |
| keystone | localhost  |
| root     | localhost  |
5 rows in set (0.01 sec)

mysql> show grants for 'keystone'@'%';
| Grants for keystone@%                                                                                   |
| GRANT USAGE ON *.* TO 'keystone'@'%' IDENTIFIED BY PASSWORD '*442DFE587A8B6BE1E9538855E8187C1EFB863A73' |
| GRANT ALL PRIVILEGES ON `keystone`.* TO 'keystone'@'%'                                                  |
2 rows in set (0.00 sec)

mysql> show grants for 'keystone'@'localhost';
| Grants for keystone@localhost                                                                                   |
| GRANT USAGE ON *.* TO 'keystone'@'localhost' IDENTIFIED BY PASSWORD '*442DFE587A8B6BE1E9538855E8187C1EFB863A73' |
| GRANT ALL PRIVILEGES ON `keystone`.* TO 'keystone'@'localhost'                                                  |
2 rows in set (0.00 sec)

And here are some relevant lines from the /etc/my.cnf file:

bind-address =
default-storage-engine = innodb
collation-server = utf8_general_ci
init-connect = 'SET NAMES utf8'
character-set-server = utf8

Does anyone know what I'm doing wrong?

What output can I provide that will help resolve the issue?

Thanks in advance.

(Edit) I figured out the answer with the help of a coworker, but do not have enough reputation to select my answer as THE answer. It is listed below.

edit retag flag offensive close merge delete

5 answers

Sort by ยป oldest newest most voted

answered 2017-11-28 13:09:04 -0600

someone please share documentation for Newton installation. When I'm trying to sych SQL database with keystone by using command su -s /bin/sh -c "keystone-manage db_sync" keystone its giveing error message as Authentication failure. Need quick results as I'm working on it for my masters project.

edit flag offensive delete link more

answered 2017-02-23 06:04:44 -0600

hkml2000 gravatar image


if the password of mysql keystone user contains special char, then you have to encode the password

you can use this tool

edit flag offensive delete link more


The final breakthrough - after commenting the bind-address (localhost) in the my.cnf-file && setting the bind-address(uncommented) to - was the change of my password to one without special characters which you suggested to be encoded. Maybe I'll play around with utf-8 in the my.cnf

Robert Wolf gravatar imageRobert Wolf ( 2018-05-13 12:48:15 -0600 )edit

answered 2016-06-24 05:17:07 -0600

nareng gravatar image

please check it once if error

netstat -tunap| grep 3306

tcp 0 0* LISTEN

if the output is this do below

comment the /etc/mysql/mariadb.conf.d/50-server.cnf

# bind-address =

edit flag offensive delete link more


for me I had to comment the line into


Amyway it worked

turnab gravatar imageturnab ( 2016-07-19 10:11:41 -0600 )edit

answered 2015-04-20 16:24:05 -0600

Locane gravatar image

I figured it out.

My /etc/hosts file was not configured properly to resolve my hostname.

Previously, it was: controller
::1 controller

And it needed to be: localhost
::1 localhost controller

Where is the machine's IP.

edit flag offensive delete link more

answered 2015-04-20 06:47:37 -0600

Poonam Agarwal gravatar image

Can you please confirm whether your mysql is binding only to localhost ?

netstat -tunap| grep 3306

Also the bind address in /etc/mysql/my.cnf should be as below :

bind-address            =

Change mysql to not bind only to localhost by adding above and restart mysql. That should probably resolve your problem.

edit flag offensive delete link more


Thanks for your reply Poonam!

Locane gravatar imageLocane ( 2015-04-20 16:24:40 -0600 )edit

Get to know Ask OpenStack

Resources for moderators

Question Tools

1 follower


Asked: 2015-04-17 21:12:20 -0600

Seen: 8,318 times

Last updated: Jun 24 '16