Ask Your Question
0

DomainNotFound: Could not find domain: default

asked 2016-08-19 08:32:13 -0500

bertly gravatar image

updated 2016-08-22 06:41:38 -0500

Hi,

fresh Mitaka installation, well at the very early beginning. Created keystone db, fernet keys, endpoints and user - including the domain. Also have OS_TOKEN, OS_URL and OS_IDENTITY set.

# openstack domain create --description "Default Domain" default
+-------------+----------------------------------+
| Field       | Value                            |
+-------------+----------------------------------+
| description | Default Domain                   |
| enabled     | True                             |
| id          | 9b96adc22ac14bb4986b6861193a3ff2 |
| name        | default                          |
+-------------+----------------------------------+

Unfortunately when I want to create a token (having all envs set):

# openstack token issue
The request you have made requires authentication. (HTTP 401) (Request-ID: req-911437c7-3abc-42d7-b120-f27c14d30647)

I can see this in the wsgi keystone admin log:

2016-08-19 15:13:12.144 2780 ERROR keystone.auth.controllers     raise exception.DomainNotFound(domain_id=domain_id)
2016-08-19 15:13:12.144 2780 ERROR keystone.auth.controllers DomainNotFound: Could not find domain: default
2016-08-19 15:13:12.144 2780 ERROR keystone.auth.controllers

MySQL also does not know any domain:

mysql> select * from domain;
+--------------------------+--------------------------+---------+-------+
| id                       | name                     | enabled | extra |
+--------------------------+--------------------------+---------+-------+
| <<keystone.domain.root>> | <<keystone.domain.root>> |       0 | {}    |
+--------------------------+--------------------------+---------+-------+
1 row in set (0.00 sec)

BUT openstack thinks, it got something (not sure where it gets this from):

 # openstack domain list
 +----------------------------------+---------+---------+----------------+ | ID                               |
 Name    | Enabled | Description    |
 +----------------------------------+---------+---------+----------------+ | 9b96adc22ac14bb4986b6861193a3ff2 |
 default | True    | Default Domain |
 +----------------------------------+---------+---------+----------------+

Any idea how this is possible? Are there any hidden folder/dbs except mysql,rabbitmq or memcached? Because I had an failed installation before that and there might be some leftover files that I dont know.

Many Thanks

bertly

edit retag flag offensive close merge delete

Comments

Can you try to populate the Identity service database: su -s /bin/sh -c "keystone-manage db_sync" keystone

Mohit gravatar imageMohit ( 2016-08-22 22:00:31 -0500 )edit

Hi Mohit, thanks for the hint. This gets executed and the database is available. Nevertheless I will try it next time. I took a detour and installed liberty and then upgraded to mitaka. At least thats working without problems :)

bertly gravatar imagebertly ( 2016-08-24 02:37:10 -0500 )edit

Did you found a solution ?

RingWraiths gravatar imageRingWraiths ( 2016-10-11 15:22:22 -0500 )edit

4 answers

Sort by ยป oldest newest most voted
0

answered 2016-09-01 11:48:27 -0500

igoshin-r gravatar image

Update your MqSQL(Mariadb server) service. It will solve your trouble. Good luck.

edit flag offensive delete link more
0

answered 2016-09-01 18:15:54 -0500

I had the same issue, however I managed to get around it with a (dirty) hack.

Seems like the "default" domain should be created by the db_sync script with a id of "default". I could not find a way of changing this ID afterwards, therefore I did a messy (but working) string replace in the database on the ID given by "openstack domain list", and changed all occurrences of it to default.

Seems to be working so far.


root@ctrl:/# openstack --os-auth-url http://controller:35357/v3 \
>   --os-project-domain-id default --os-user-domain-id default \
>   --os-project-name admin --os-username admin --os-auth-type password \
>   token issue
Password: 
The request you have made requires authentication. (HTTP 401) (Request-ID: req-b0207a30-4c3e-4ab0-a778-f1c0a9c85197)


root@ctrl:/# openstack domain list
+----------------------------------+---------+---------+-------------+
| ID                               | Name    | Enabled | Description |
+----------------------------------+---------+---------+-------------+
| c915d8c5064a48f788593ba020752abe | default | True    |             |
+----------------------------------+---------+---------+-------------+
root@ctrl:/# mysqldump keystone > /tmp/keystone.backup
root@ctrl:/# systemctl stop keystone
root@ctrl:/# mysql
Welcome to the MariaDB monitor.  Commands end with ; or \g.
Your MariaDB connection id is 59
Server version: 10.0.25-MariaDB-0ubuntu0.16.04.1 Ubuntu 16.04

Copyright (c) 2000, 2016, Oracle, MariaDB Corporation Ab and others.

Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.

MariaDB [(none)]> drop database keystone;
Query OK, 37 rows affected (2.80 sec)

MariaDB [(none)]> create database keystone;
Query OK, 1 row affected (0.00 sec)

MariaDB [(none)]> Bye

root@ctrl:/# cat /tmp/keystone.backup | sed -e "s/c915d8c5064a48f788593ba020752abe/default/g" | mysql keystone
root@ctrl:/# systemctl start keystone
root@ctrl:/# openstack domain list
+---------+---------+---------+-------------+
| ID      | Name    | Enabled | Description |
+---------+---------+---------+-------------+
| default | default | True    |             |
+---------+---------+---------+-------------+
root@ctrl:/# openstack --os-auth-url http://controller:35357/v3 \
>   --os-project-domain-id default --os-user-domain-id default \
>   --os-project-name admin --os-username admin --os-auth-type password \
>   token issue
Password: 
+------------+----------------------------------+
| Field      | Value                            |
+------------+----------------------------------+
| expires    | 2016-09-02T00:00:30.795115Z      |
| id         | de093214940146fa8209651a92da2743 |
| project_id | ede0fba174a642ce814f73e91a9e9763 |
| user_id    | 5a26130415c94dc9b4c5aeae485fcbde |
+------------+----------------------------------+


edit flag offensive delete link more

Comments

Did this really work in the long run? I was thinking of doing the same, but it looked like the domain id was also stored in other places, not just the keystone db?

theque42 gravatar imagetheque42 ( 2016-10-28 03:05:40 -0500 )edit
0

answered 2017-02-16 04:52:22 -0500

For me something like that helped:

openstack --os-auth-url http://localhost:35357/v3 --os-project-domain-name default --os-user-domain-name default --os-project-name admin --os-username admin token issue

Maybe I should clean up the duplicate defaults. to avoid issues later

edit flag offensive delete link more
0

answered 2017-05-28 09:00:30 -0500

insecure-it gravatar image

I was getting the same error, when I changed default to Default it cleared this issue right up.

edit flag offensive delete link more

Your Answer

Please start posting anonymously - your entry will be published after you log in or create a new account.

Add Answer

Get to know Ask OpenStack

Resources for moderators

Question Tools

2 followers

Stats

Asked: 2016-08-19 08:32:13 -0500

Seen: 7,068 times

Last updated: May 28 '17