[Bug 1571347] Re: Main config keystone-authtoken section is incompatible with keystone v3 on mitaka

Liam Young liam.young at canonical.com
Thu Jun 16 09:02:24 UTC 2016 

It looks like two fixes are needed for heat.

1) Update keystone_authtoken in the heat.conf template to use the new
format as has been done with the other charms attached to this bug
report.

2) The service user created for heat (heat-cfn_heat) lacks permissions
on the admin domain and the format of /root/admin-openrc-v3 is wrong.
This means that the domain-setup action fails. I think the keystone
charm could be updated to grant domain admin to the service users or the
heat charm could grow a identity-admin relation. If the latter is
implemented then the keystone charm will also need updating to support
exposing v3 admin credentials down the identity-admin relation.

-- 
You received this bug notification because you are a member of Ubuntu
OpenStack, which is subscribed to cinder in Juju Charms Collection.
Matching subscriptions: charm-bugs
https://bugs.launchpad.net/bugs/1571347

Title:
  Main config keystone-authtoken section is incompatible with keystone
  v3 on mitaka

Status in Charm Helpers:
  Fix Released
Status in cinder package in Juju Charms Collection:
  Fix Released
Status in glance package in Juju Charms Collection:
  Fix Released
Status in heat package in Juju Charms Collection:
  In Progress
Status in neutron-api package in Juju Charms Collection:
  Fix Released
Status in neutron-gateway package in Juju Charms Collection:
  Fix Released
Status in nova-cloud-controller package in Juju Charms Collection:
  Fix Released
Status in nova-compute package in Juju Charms Collection:
  Fix Released

Bug description:
  The keystone_auth section has changed for Mitaka. The Liberty format
  which is currently being used is  incompatible with keystone v3 on
  mitaka as it assumes the id of the default domain is default where as
  in Mitaka it is a random uuid.

  This change is reflected in the setup documentation:

  Mitaka:

  [keystone_authtoken]
  ...
  auth_uri = http://controller:5000
  auth_url = http://controller:35357
  memcached_servers = controller:11211
  auth_type = password
  project_domain_name = default
  user_domain_name = default
  project_name = service
  username = nova
  password = NOVA_PASS

  http://docs.openstack.org/mitaka/install-guide-ubuntu/nova-controller-
  install.html

  
  Liberty:

  [keystone_authtoken]
  ...
  auth_uri = http://controller:5000
  auth_url = http://controller:35357
  auth_plugin = password
  project_domain_id = default
  user_domain_id = default
  project_name = service
  username = nova
  password = NOVA_PASS

  http://docs.openstack.org/liberty/install-guide-ubuntu/nova-
  controller-install.html

To manage notifications about this bug go to:
https://bugs.launchpad.net/charm-helpers/+bug/1571347/+subscriptions

More information about the Ubuntu-openstack-bugs mailing list