keystone federation extension causes ArgsAlreadyParsedError

asked 2015-09-14 09:46:35 -0600

rduncan-t gravatar image

Hi, hopefully someone will understand what is going on with my keystone server. I am running Juno on CentOS 6.5 and have just moved keystone 2014.2.2 to httpd, I followed the openstack documentation for this and everything worked fine.

I linked the keystone.wsgi from /usr/share/kestone to /var/www/cgi-bin/keystone/admin & main and then created the virtual host:

Listen 5000
Listen 35357

WSGIDaemonProcess keystone user=keystone group=keystone processes=3 threads=10

<Virtualhost *:5000>
    LogLevel  info
    ErrorLog  /var/log/keystone/keystone-apache-error.log
    CustomLog /var/log/keystone/ssl_access.log combined
    Options +FollowSymLinks

#SSLEngine on
#SSLCertificateFile /etc/ssl/certs/mycert.pem
#SSLCertificateKeyFile /etc/ssl/private/mycert.key
#SSLVerifyClient optional
#SSLVerifyDepth 10
#SSLProtocol all -SSLv2
#SSLCipherSuite ALL:!ADH:!EXPORT:!SSLv2:RC4+RSA:+HIGH:+MEDIUM:+LOW
#SSLOptions +StdEnvVars +ExportCertData

    WSGIScriptAlias /  /var/www/cgi-bin/keystone/main
    WSGIProcessGroup keystone
</VirtualHost>

<VirtualHost *:35357>
    LogLevel  info
    ErrorLog  /var/log/keystone/keystone-apache-error.log
    CustomLog /var/log/keystone/ssl_access.log combined
    Options +FollowSymLinks

#SSLEngine on
#SSLCertificateFile /etc/ssl/certs/mycert.pem
#SSLCertificateKeyFile /etc/ssl/private/mycert.key
#SSLVerifyClient optional
#SSLVerifyDepth 10
#SSLProtocol all -SSLv2
#SSLCipherSuite ALL:!ADH:!EXPORT:!SSLv2:RC4+RSA:+HIGH:+MEDIUM:+LOW
#SSLOptions +StdEnvVars +ExportCertData

    WSGIScriptAlias / /var/www/cgi-bin/keystone/admin
    WSGIProcessGroup keystone
</VirtualHost>
~

I configured the virtual host and stopped the openstack-keystone service the restarted httpd and keystone become available as WSGI

after this I ran a few tests, wget, curl, keystone clinet commands, all is working fine. now I want to enable the federation extension so I can authenticate with saml2

I am following the guide here http://docs.openstack.org/developer/keystone/extensions/federation.html (http://docs.openstack.org/developer/k...)

as soon as I add in federation_extension as per the guide I get service unavailable erro 500, here is the log once the extension is enabled: i

mod_wsgi (pid=30034): Target WSGI script '/var/www/cgi-bin/keystone/admin' cannot be loaded as Python module.
mod_wsgi (pid=30034): Exception occurred processing WSGI script '/var/www/cgi-bin/keystone/admin'.
 Traceback (most recent call last):
   File "/var/www/cgi-bin/keystone/admin", line 39, in <module>
     config.configure()
   File "/usr/lib/python2.6/site-packages/keystone/common/config.py", line 968, in configure
    help='Do not monkey-patch threading system modules.'))
   File "/usr/lib/python2.6/site-packages/oslo_config/cfg.py", line 1679, in __inner
     result = f(self, *args, **kwargs)
   File "/usr/lib/python2.6/site-packages/oslo_config/cfg.py", line 1852, in register_cli_opt
     raise ArgsAlreadyParsedError("cannot register CLI option")
 ArgsAlreadyParsedError: arguments already parsed: cannot register CLI option
 mod_wsgi (pid=30036, process='keystone', application='node-55:35357|'): Loading WSGI script '/var/www/cgi-bin/keystone/admin'.
s loaded:

here is the keystone admin wsgi from CentOS 6.5

# Copyright 2013 OpenStack Foundation
#
#    Licensed under the Apache License, Version 2.0 (the "License"); you may
#    not use this file except in compliance with the License. You may obtain
#    a copy of the License at
#
#         http://www.apache.org/licenses/LICENSE-2.0
#
#    Unless required by applicable law or agreed to in writing, software
#    distributed under the License is distributed on ...
(more)
edit retag flag offensive close merge delete