Ask Your Question
1

Internal Server Error (HTTP 500) error during Service Create

asked 2016-07-19 14:30:46 -0500

jbdkz100 gravatar image

I am following the OpenStack procedure (below) and am at the service create step.

http://docs.openstack.org/mitaka/install-guide-rdo/keystone-services.html (http://docs.openstack.org/mitaka/inst...)

When I run as root:

openstack service create --name keystone --description "OpenStack Identity" identity

I get the following error:

Internal Server Error (HTTP 500)

When I run ps -aux | grep keystone I see 10 processes.

Thanks,

John

edit retag flag offensive close merge delete

2 answers

Sort by ยป oldest newest most voted
0

answered 2016-07-19 15:09:19 -0500

updated 2016-07-19 15:18:12 -0500

  1. Confirm the value exported for OS_TOKEN matches the admin_token value in keystone.conf
  2. Confirm the values exported for OS_URL and OS_IDENTITY_API_VERSION match the documentation

If you still receive the error, drop the keystone database and recreate it and grant privileges again. Then run su -s /bin/sh -c "keystone-manage db_sync" keystone and finally keystone-manage fernet_setup --keystone-user keystone --keystone-group keystone Restart httpd and try to create the service again.

edit flag offensive delete link more

Comments

1

Thanks Barry, I did as you suggested but have the same issue. The only strange thing is when I ran su -s /bin/sh -c "keystone-manage db_sync" keystone I get the following error on the last line: IOError: [Errno 13] permission denied: '/var/log/keystone/keystone.log' I am logged in as root.

jbdkz100 gravatar imagejbdkz100 ( 2016-07-19 20:31:35 -0500 )edit

/var/log/keystone/keystone.log does exist on my controller server.

jbdkz100 gravatar imagejbdkz100 ( 2016-07-19 20:40:25 -0500 )edit

The directory /var/log/keystone should have been created by the openstack-keystone package installation. It has keystone:keystone ownership and 750 permissions.

barry.davis gravatar imagebarry.davis ( 2016-07-19 20:42:54 -0500 )edit

/var/log/keystone/keystone.log exists on my controller server. I can examine the contents using VIM. I do not get any permission errors when I type in vim /var/log/keystone/keystone.log as mentioned, I am logged in as root.

jbdkz100 gravatar imagejbdkz100 ( 2016-07-19 21:32:17 -0500 )edit

If the database is empty after su -s /bin/sh -c "keystone-manage db_sync" keystone an error will occur following keystone-manage fernet_setup --keystone-user keystone --keystone-group keystone (IOError: [Errno 13] Permission denied '/var/log/keystone/keystone.log')

barry.davis gravatar imagebarry.davis ( 2016-07-19 23:38:38 -0500 )edit
0

answered 2016-07-19 17:01:21 -0500

Vijayuppala gravatar image

Hi Barry,

Thank you for the response. I have the same issue as John. I'm trying to install the Mitaka and struck at the keystone identity service (http://docs.openstack.org/mitaka/install-guide-rdo/keystone-services.html (http://docs.openstack.org/mitaka/inst...) )

Below is my configuration

i created the keystone DB in mysql [root@controller keystone]# mysql -u root -p Enter password: Welcome to the MariaDB monitor. Commands end with ; or \g. Your MariaDB connection id is 63 Server version: 10.1.12-MariaDB MariaDB Server

Copyright (c) 2000, 2016, Oracle, MariaDB Corporation Ab and others.

Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.

MariaDB [(none)]> show databases; +--------------------+ | Database | +--------------------+ | information_schema | | keystone | | mysql | | performance_schema | | test | +--------------------+ 5 rows in set (0.00 sec)

MariaDB [(none)]>

This is how my keystone.conf file looks like

[root@controller keystone]# grep ^[^#] /etc/keystone/keystone.conf [DEFAULT] admin_token = b9a95be763c7bf6cce1a [assignment] [auth] [cache] [catalog] [cors] [cors.subdomain] [credential] [database] connection = mysql+pymysql://keystone:keystone123@controller/keystone [domain_config] [endpoint_filter] [endpoint_policy] [eventlet_server] [eventlet_server_ssl] [federation] [fernet_tokens] [identity] [identity_mapping] [kvs] [ldap] [matchmaker_redis] [memcache] [oauth1] [os_inherit] [oslo_messaging_amqp] [oslo_messaging_notifications] [oslo_messaging_rabbit] [oslo_middleware] [oslo_policy] [paste_deploy] [policy] [resource] [revoke] [role] [saml] [shadow_users] [signing] [ssl] [token] provider = fernet [tokenless_auth] [trust]

And finally these are the exported values

[root@controller ~]# echo $OS_TOKEN b9a95be763c7bf6cce1a [root@controller ~]# more /etc/keystone/keystone.conf | grep admin_token

None, the value is ignored and the admin_token log in mechanism is

effectively disabled. To completely disable admin_token in production

admin_token = b9a95be763c7bf6cce1a [root@controller ~]# echo $OS_URL http://controller:35357/v3 [root@controller ~]# echo $OS_IDENTITY_API_VERSION 3

everything looks good in the keystone.conf file and the export values match as well but i still get the HTTP 500 error

[root@controller ~]# openstack service create \

--name keystone --description "OpenStack Identity" identity An unexpected error prevented the server from fulfilling your request. (HTTP 500) (Request-ID: req-56b3b078-0978-4e69-886c-570ebb333ae0)

i dropped the keystone db and tried again several times but the same result. i just found out that the su -s /bin/sh -c "keystone-manage db_sync" keystone command is not populating the tables in the keystone db MariaDB [keystone]> show tables; Empty set (0.00 sec)

MariaDB [keystone]>

Could this be the problem?

Thank You Vijay Uppala

edit flag offensive delete link more

Comments

The keystone-manage db_sync will populate the database. Your grant privileges failed to apply on the keystone database or did not have the same user password used in the keystone.conf connection value (in your case: keystone123). Please ask a new question for future requests.

barry.davis gravatar imagebarry.davis ( 2016-07-19 23:27:34 -0500 )edit

Use "su -s /bin/sh -c "keystone-manage db_sync 008" keystone" to populate the database in mitaka. If it again persist the same error (HTTP 500). Reboot ur machine & populate the DB again. It works.

Sahana gravatar imageSahana ( 2016-08-30 07:00:17 -0500 )edit

Your Answer

Please start posting anonymously - your entry will be published after you log in or create a new account.

Add Answer

Get to know Ask OpenStack

Resources for moderators

Question Tools

2 followers

Stats

Asked: 2016-07-19 14:30:46 -0500

Seen: 6,354 times

Last updated: Jul 19 '16