← Back to team overview

yahoo-eng-team team mailing list archive

[Bug 1312858] Re: Keystone + Devstack fail when KEYSTONE_TOKEN_FORMAT=UUID

 

** Also affects: python-keystoneclient
   Importance: Undecided
       Status: New

** Changed in: python-keystoneclient
     Assignee: (unassigned) => Brant Knudson (blk-u)

-- 
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to Keystone.
https://bugs.launchpad.net/bugs/1312858

Title:
  Keystone + Devstack fail when KEYSTONE_TOKEN_FORMAT=UUID

Status in devstack - openstack dev environments:
  New
Status in OpenStack Identity (Keystone):
  Confirmed
Status in Python client library for Keystone:
  New

Bug description:
  Running devstack in fresh Ubuntu 12.04 virtual machine with:

  $ cat local_rc
  KEYSTONE_TOKEN_FORMAT=UUID

  ...fails to start Keystone.  Despite being configured for the UUID
  provider, keystone attempts to read
  `/etc/keystone/ssl/certs/signing_cert.pem` and fails (because it
  doesn't exist):

  2014-04-25 10:36:25.289 INFO eventlet.wsgi.server [-] 192.168.121.46 - - [25/Apr/2014 10:36:25] "GET /v2.0/tokens/69da781ae31c405e9aaa7adbf8f6f806 HTTP/1.1" 200 3988 0.009096                                     
  2014-04-25 10:36:25.294 DEBUG keystone.middleware.core [-] RBAC: auth_context: {'project_id': u'7fab1d7a9ba741208bd748749a394902', 'user_id': u'8d21c5353bdd4eb7a1a805cb3b7fd1b2', 'roles': [u'_member_', u'service
  ']} from (pid=13334) process_request /opt/stack/keystone/keystone/middleware/core.py:281                                                                                                                           
  2014-04-25 10:36:25.296 DEBUG keystone.common.wsgi [-] arg_dict: {} from (pid=13334) __call__ /opt/stack/keystone/keystone/common/wsgi.py:181                                                                      
  2014-04-25 10:36:25.296 DEBUG keystone.common.controller [-] RBAC: Authorizing identity:revocation_list() from (pid=13334) _build_policy_check_credentials /opt/stack/keystone/keystone/common/controller.py:54    
  2014-04-25 10:36:25.297 DEBUG keystone.common.controller [-] RBAC: using auth context from the request environment from (pid=13334) _build_policy_check_credentials /opt/stack/keystone/keystone/common/controller.
  py:59                                                                                                                                                                                                              
  2014-04-25 10:36:25.297 DEBUG keystone.policy.backends.rules [-] enforce identity:revocation_list: {'project_id': u'7fab1d7a9ba741208bd748749a394902', 'user_id': u'8d21c5353bdd4eb7a1a805cb3b7fd1b2', 'roles': [u'
  _member_', u'service']} from (pid=13334) enforce /opt/stack/keystone/keystone/policy/backends/rules.py:101                                                                                                         
  2014-04-25 10:36:25.297 DEBUG keystone.openstack.common.policy [-] Rule identity:revocation_list will be now enforced from (pid=13334) enforce /opt/stack/keystone/keystone/openstack/common/policy.py:287         
  2014-04-25 10:36:25.298 DEBUG keystone.common.controller [-] RBAC: Authorization granted from (pid=13334) inner /opt/stack/keystone/keystone/common/controller.py:151                                              
  2014-04-25 10:36:25.309 ERROR keystoneclient.common.cms [-] Signing error: Error opening signer certificate /etc/keystone/ssl/certs/signing_cert.pem                                                               
  140424564475552:error:02001002:system library:fopen:No such file or directory:bss_file.c:398:fopen('/etc/keystone/ssl/certs/signing_cert.pem','r')                                                                 
  140424564475552:error:20074002:BIO routines:FILE_CTRL:system lib:bss_file.c:400:                                                                                                                                   
  unable to load certificate                                                                                                                                                                                         
                                                                                                                                                                                                                     
  2014-04-25 10:36:25.310 ERROR keystone.common.wsgi [-] Command 'openssl' returned non-zero exit status 3                                                                                                           
  2014-04-25 10:36:25.310 TRACE keystone.common.wsgi Traceback (most recent call last):                                                                                                                              
  2014-04-25 10:36:25.310 TRACE keystone.common.wsgi   File "/opt/stack/keystone/keystone/common/wsgi.py", line 207, in __call__                                                                                     
  2014-04-25 10:36:25.310 TRACE keystone.common.wsgi     result = method(context, **params)                                                                                                                          
  2014-04-25 10:36:25.310 TRACE keystone.common.wsgi   File "/opt/stack/keystone/keystone/common/controller.py", line 152, in inner                                                                                  
  2014-04-25 10:36:25.310 TRACE keystone.common.wsgi     return f(self, context, *args, **kwargs)                                                                                                                    
  2014-04-25 10:36:25.310 TRACE keystone.common.wsgi   File "/opt/stack/keystone/keystone/token/controllers.py", line 436, in revocation_list                                                                        
  2014-04-25 10:36:25.310 TRACE keystone.common.wsgi     CONF.signing.keyfile)                                                                                                                                       
  2014-04-25 10:36:25.310 TRACE keystone.common.wsgi   File "/opt/stack/python-keystoneclient/keystoneclient/common/cms.py", line 251, in cms_sign_text                                                              
  2014-04-25 10:36:25.310 TRACE keystone.common.wsgi     raise subprocess.CalledProcessError(retcode, 'openssl')                                                                                                     
  2014-04-25 10:36:25.310 TRACE keystone.common.wsgi CalledProcessError: Command 'openssl' returned non-zero exit status 3                                                                                           
  2014-04-25 10:36:25.310 TRACE keystone.common.wsgi                                                                                                                                                                 
  2014-04-25 10:36:25.316 INFO eventlet.wsgi.server [-] 192.168.121.46 - - [25/Apr/2014 10:36:25] "GET /v2.0/tokens/revoked HTTP/1.1" 500 341 0.024887

  https://asciinema.org/a/9116

To manage notifications about this bug go to:
https://bugs.launchpad.net/devstack/+bug/1312858/+subscriptions


References