Ask Your Question
0

Why Keystone uses PKI tokens Error

asked 2015-08-17 21:45:55 -0500

yjcepk gravatar image
[database]
connection = mysql://keystone:kxxxxx@controller/keystone



MariaDB [(none)]> CREATE DATABASE keystone;
Query OK, 1 row affected (0.16 sec)

MariaDB [(none)]> GRANT ALL PRIVILEGES ON keystone.* TO 'keystone'@'localhost' \ 
    ->   IDENTIFIED BY 'kxxxxx';
Query OK, 0 rows affected (0.16 sec)

MariaDB [(none)]> GRANT ALL PRIVILEGES ON keystone.* TO 'keystone'@'%' \
    ->   IDENTIFIED BY 'kxxxxx';
Query OK, 0 rows affected (0.01 sec)



controller:~ # echo $ADMIN_TOKEN
7da8b62713ec9296eb38
controller:~ # openstack-config --set /etc/keystone/keystone.conf DEFAULT \
> >    admin_token $ADMIN_TOKEN
controller:~ #  ADMIN_TOKEN=$(openssl rand 10|hexdump  -e '1/1 "%.2x"')
controller:~ #  keystone-manage pki_setup --keystone-user keystone --keystone-group keystone
2015-08-18 10:32:37.142 2913 WARNING keystone.cli [-] keystone-manage pki_setup is not recommended for production use.
The following cert files already exist, use --rebuild to remove the existing files before regenerating:
/etc/keystone/ssl/private/cakey.pem already exists
/etc/keystone/ssl/certs/ca.pem already exists
/etc/keystone/ssl/private/signing_key.pem already exists
/etc/keystone/ssl/certs/signing_cert.pem already exists
edit retag flag offensive close merge delete

2 answers

Sort by ยป oldest newest most voted
0

answered 2015-08-18 21:37:56 -0500

nethawk gravatar image

What is wrong when you used keystone pki token? From your information,the cert and key files are all exist.

edit flag offensive delete link more

Comments

Why does it show information exists? Do you need to remove the database to solve it? Install python-keystoneclient openstack-utils enstack-keystone There are several errors.

Additional rpm output:

2015-08-19 16:09:55.788 5793 WARNING keystone.cli [-] keystone-manage pki_setup is not recommended

yjcepk gravatar imageyjcepk ( 2015-08-19 03:27:37 -0500 )edit

Additional rpm output: 2015-08-19 16:09:55.788 5793 WARNING keystone.cli [-] keystone-manage pki_setup is not recommended for production use.

yjcepk gravatar imageyjcepk ( 2015-08-19 03:27:50 -0500 )edit

Do you have any impact?

yjcepk gravatar imageyjcepk ( 2015-08-19 03:29:33 -0500 )edit
0

answered 2015-08-19 03:31:43 -0500

yjcepk gravatar image

zypper install openstack-keystone python-keystoneclient openstack-utils Retrieving repository 'Icehouse' metadata ................................[done] Building repository 'Icehouse' cache .....................................[done] Retrieving repository 'Kilo' metadata ....................................[done] Building repository 'Kilo' cache .........................................[done] Retrieving repository 'openSUSE-13.2-Update' metadata ....................[done] Building repository 'openSUSE-13.2-Update' cache .........................[done] Loading repository data... Reading installed packages... 'openstack-utils' is already installed. No update candidate for 'openstack-utils-2014.21+git.1438267640.8b362f2-1.1.noarch'. The highest available version is already installed. Resolving package dependencies...

The following 89 NEW packages are going to be installed: libpq5 openstack-keystone python-Babel python-M2Crypto python-Mako python-MarkupSafe python-Paste python-PasteDeploy python-PrettyTable python-PyJWT python-PyYAML python-Routes python-SQLAlchemy python-Tempita python-WebOb python-aioeventlet python-alembic python-amqp python-anyjson python-argparse python-blinker python-cffi python-cryptography python-dogpile.cache python-dogpile.core python-enum34 python-eventlet python-extras python-fixtures python-flup python-futures python-greenlet python-iso8601 python-jsonschema python-keyring python-keystone python-keystoneclient python-keystonemiddleware python-kombu python-ldap python-ldappool python-mock python-mox3 python-msgpack-python python-netaddr python-netifaces python-oauthlib python-oslo.concurrency python-oslo.config python-oslo.context python-oslo.db python-oslo.i18n python-oslo.log python-oslo.messaging python-oslo.middleware python-oslo.policy python-oslo.serialization python-oslo.utils python-oslotest python-passlib python-pbr python-pip python-posix_ipc python-psycopg2 python-py python-pyasn1 python-pyasn1-modules python-pycadf python-pycparser python-pymongo python-pysaml2 python-python-mimeparse python-python-openid python-python-subunit python-pytz python-repoze.lru python-requests python-retrying python-setuptools python-sqlalchemy-migrate python-sqlparse python-stevedore python-tempest-lib python-testrepository python-testresources python-testscenarios python-testtools python-trollius python-zope.interface

The following recommended package was automatically selected: python-keyring

89 new packages to install. Overall download size: 1.4 MiB. Already cached: 17.0 MiB After the operation, additional 89.3 MiB will be used. Continue? [y/n/? shows all options] (y): y In cache python-aioeventlet-0.4-1.1.noarch.rpm (1/89), 10.3 KiB ( 23.5 KiB unpacked) In cache python-blinker-1.3-1.1.noarch.rpm (2/89), 81.0 KiB (304.2 KiB unpacked) In cache python-enum34-1.0-1.1.noarch.rpm (3/89), 46.0 KiB (261.5 KiB unpacked) In cache python-netaddr-0.7.14-1.1.noarch.rpm (4/89), 1.0 MiB ( 5.1 MiB unpacked) In cache python-posix_ipc-0.9.9-1.1.x86_64.rpm (5/89), 26.6 KiB ( 81.0 KiB unpacked) In cache python-retrying-1.3.3-1.1.noarch.rpm (6/89), 15.4 KiB ( 44.2 KiB unpacked) In cache python-sqlparse-0.1.10-10.1.noarch.rpm (7/89), 59.0 KiB (226.5 KiB unpacked) In cache python-trollius-1.0.4-1.1.noarch.rpm (8/89), 224.3 KiB (964.0 KiB unpacked) In cache python-zope.interface-4.1.1-2.3.x86_64.rpm (9/89), 179.7 KiB ( 1.3 MiB unpacked) In cache python-PrettyTable-0.7.2-5.1.4.noarch.rpm (10/89), 35.4 KiB (130.1 KiB unpacked) In cache python-Tempita-0.5.1-13.1.4.noarch.rpm (11/89), 26.4 KiB ( 91.1 KiB unpacked) In cache python-WebOb-1.4-1.3.noarch.rpm (12/89), 123.0 KiB (533.5 KiB unpacked) In cache python-amqp-1.4.6-1.3.noarch.rpm (13/89), 166.3 KiB (932.5 KiB unpacked) In cache python-anyjson-0.3.3-12.1.4.noarch.rpm (14/89), 11.7 KiB ( 18.3 KiB unpacked) In cache python-argparse-1.2.1-16.1.4.noarch.rpm (15/89), 248.6 KiB (490.1 KiB unpacked) In cache python-dogpile.core-0.4.1-4.1.4.noarch.rpm (16/89), 16.4 KiB ( 45.0 KiB unpacked) In ... (more)

edit flag offensive delete link more

Your Answer

Please start posting anonymously - your entry will be published after you log in or create a new account.

Add Answer

Get to know Ask OpenStack

Resources for moderators

Question Tools

1 follower

Stats

Asked: 2015-08-17 21:45:55 -0500

Seen: 236 times

Last updated: Aug 19 '15