Tuesday, 2017-09-19

« Monday, 2017-09-18 Index Wednesday, 2017-09-20 »
*** jamesbenson has joined #openstack-keystone00:16
*** chlong has joined #openstack-keystone00:20
*** jamesbenson has quit IRC00:20
*** edmondsw has quit IRC00:22
*** thorst has joined #openstack-keystone00:26
*** edmondsw has joined #openstack-keystone00:46
*** jamesbenson has joined #openstack-keystone00:49
*** edmondsw has quit IRC00:50
*** jamesbenson has quit IRC00:54
*** thorst has quit IRC01:27
*** jamesbenson has joined #openstack-keystone01:30
*** jamesbenson has quit IRC01:34
*** itlinux has joined #openstack-keystone01:48
*** jamesbenson has joined #openstack-keystone01:51
*** rajalokan has joined #openstack-keystone01:52
*** jamesbenson has quit IRC01:56
*** chlong has quit IRC02:03
*** jamesbenson has joined #openstack-keystone02:12
*** jamesbenson has quit IRC02:16
*** jamesbenson has joined #openstack-keystone02:33
*** dave-mccowan has quit IRC02:35
*** jamesbenson has quit IRC02:37
*** itlinux has quit IRC02:37
*** Shunli has joined #openstack-keystone02:40
-openstackstatus- NOTICE: Gerrit is being restarted to feed its insatiable memory appetite02:40
*** jamesbenson has joined #openstack-keystone02:53
*** jamesbenson has quit IRC02:58
*** jamesbenson has joined #openstack-keystone03:11
*** jamesbenson has quit IRC03:15
*** thorst has joined #openstack-keystone03:28
*** thorst has quit IRC03:33
*** jamesbenson has joined #openstack-keystone03:43
*** jamesbenson has quit IRC03:55
*** jamesbenson has joined #openstack-keystone04:00
*** itlinux has joined #openstack-keystone04:02
*** thorst has joined #openstack-keystone04:29
*** thorst has quit IRC04:34
*** itlinux has quit IRC04:36
*** jamesbenson has quit IRC04:44
*** aojea has joined #openstack-keystone04:48
*** aojea has quit IRC04:53
*** gyee has quit IRC04:58
*** Shunli has quit IRC05:02
*** Suramya has joined #openstack-keystone05:15
*** Suramya has quit IRC05:24
*** zhurong has joined #openstack-keystone05:24
openstackgerritLance Bragstad proposed openstack/keystone-specs master: Clarify backlog instructions and add ideas dir  https://review.openstack.org/50505705:25
*** Suramya has joined #openstack-keystone05:30
*** thorst has joined #openstack-keystone05:30
*** thorst has quit IRC05:34
*** Suramya has quit IRC05:40
*** Suramya has joined #openstack-keystone05:42
*** lbragstad has quit IRC05:44
*** aojea has joined #openstack-keystone05:46
*** jamesbenson has joined #openstack-keystone05:47
*** aojea has quit IRC05:52
*** aojea has joined #openstack-keystone05:56
*** jamesbenson has quit IRC05:57
*** aojea has quit IRC06:05
*** aloga has quit IRC06:05
*** mwheckmann has quit IRC06:05
*** afazekas has quit IRC06:05
*** mancdaz has quit IRC06:05
*** harlowja has quit IRC06:05
*** _d34dh0r53_ has quit IRC06:05
*** dstanek has quit IRC06:05
*** Krenair has quit IRC06:05
*** jamespage has quit IRC06:05
*** jmccrory has quit IRC06:05
*** amito-infinidat has quit IRC06:05
*** diablo_rojo_phon has quit IRC06:05
*** cmurphy has quit IRC06:05
*** melwitt has quit IRC06:05
*** melwitt has joined #openstack-keystone06:05
*** dstanek has joined #openstack-keystone06:05
*** d34dh0r53 has joined #openstack-keystone06:05
*** afazekas has joined #openstack-keystone06:05
*** cmurphy has joined #openstack-keystone06:05
*** aloga has joined #openstack-keystone06:05
*** melwitt is now known as Guest3664106:06
*** diablo_rojo_phon has joined #openstack-keystone06:06
*** jamespage has joined #openstack-keystone06:06
*** amito-infinidat has joined #openstack-keystone06:07
*** Krenair has joined #openstack-keystone06:08
*** aojea has joined #openstack-keystone06:10
*** mwheckmann has joined #openstack-keystone06:10
*** mancdaz has joined #openstack-keystone06:10
*** jmccrory has joined #openstack-keystone06:10
*** mnaser has quit IRC06:12
*** guoshan has joined #openstack-keystone06:18
*** mnaser has joined #openstack-keystone06:24
*** thorst has joined #openstack-keystone06:31
*** thorst has quit IRC06:35
*** jamesbenson has joined #openstack-keystone06:50
*** Suramya_ has joined #openstack-keystone06:52
*** Suramya has quit IRC06:53
*** zhurong has quit IRC06:54
*** jamesbenson has quit IRC06:54
*** Suramya has joined #openstack-keystone06:56
*** Suramya_ has quit IRC06:57
*** Suramya has quit IRC07:04
*** Suramya has joined #openstack-keystone07:06
*** ioggstream has joined #openstack-keystone07:13
*** Suramya has quit IRC07:16
*** Suramya has joined #openstack-keystone07:16
*** rcernin has joined #openstack-keystone07:18
*** zhurong has joined #openstack-keystone07:19
-openstackstatus- NOTICE: Post jobs are not executed currently, do not tag any releases07:22
*** ChanServ changes topic to "Post jobs are not executed currently, do not tag any releases"07:22
*** pcaruana has joined #openstack-keystone07:22
*** tesseract has joined #openstack-keystone07:24
*** Suramya has quit IRC07:25
*** jamesbenson has joined #openstack-keystone07:26
*** jamesbenson has quit IRC07:30
*** thorst has joined #openstack-keystone07:32
*** Suramya has joined #openstack-keystone07:32
*** thorst has quit IRC07:36
openstackgerritChenghui Yu proposed openstack/keystone master: Update os-api-ref>=1.4.0  https://review.openstack.org/50509407:41
*** Suramya has quit IRC07:42
*** jamesbenson has joined #openstack-keystone07:47
*** Suramya has joined #openstack-keystone07:48
*** jamesbenson has quit IRC07:51
*** Suramya has quit IRC07:52
*** Suramya has joined #openstack-keystone07:54
*** d0ugal has quit IRC08:01
*** Suramya has quit IRC08:04
*** d0ugal has joined #openstack-keystone08:09
*** Suramya has joined #openstack-keystone08:12
*** mvk has quit IRC08:21
*** zhurong has quit IRC08:24
*** Suramya has quit IRC08:26
*** Suramya has joined #openstack-keystone08:30
*** thorst has joined #openstack-keystone08:33
*** jaosorior has quit IRC08:33
*** jaosorior has joined #openstack-keystone08:34
*** Suramya has quit IRC08:35
*** thorst has quit IRC08:37
*** Suramya has joined #openstack-keystone08:37
*** jamesbenson has joined #openstack-keystone08:41
*** jamesbenson has quit IRC08:45
*** Suramya has quit IRC08:48
openstackgerritShan Guo proposed openstack/keystone master: Fix releasenotes indent for consistency  https://review.openstack.org/50511508:49
*** mvk has joined #openstack-keystone08:50
*** Suramya has joined #openstack-keystone08:51
*** Suramya has quit IRC09:01
*** zhurong has joined #openstack-keystone09:06
*** Suramya has joined #openstack-keystone09:26
openstackgerritSuramya proposed openstack/keystone master: Reorganize api-ref: v3 domains  https://review.openstack.org/50513509:31
*** mvk has quit IRC09:32
*** thorst has joined #openstack-keystone09:33
*** thorst has quit IRC09:38
*** szahers has joined #openstack-keystone09:44
*** mvk has joined #openstack-keystone09:45
*** jamesbenson has joined #openstack-keystone10:08
*** nicolasbock has joined #openstack-keystone10:09
*** jamesbenson has quit IRC10:12
*** Suramya_ has joined #openstack-keystone10:18
*** thorst has joined #openstack-keystone10:18
*** thorst has quit IRC10:19
*** Suramya has quit IRC10:19
*** guoshan has quit IRC10:37
*** timothyb89 has quit IRC10:48
*** thorst has joined #openstack-keystone11:19
*** thorst has quit IRC11:26
*** Suramya_ has quit IRC11:35
*** ygl has joined #openstack-keystone11:41
yglhi all;11:41
ygli need some help with keystone11:41
*** zhurong has quit IRC11:49
*** Drankis has joined #openstack-keystone11:50
*** jaosorior has quit IRC12:02
*** thorst has joined #openstack-keystone12:04
*** jamesbenson has joined #openstack-keystone12:09
*** edmondsw has joined #openstack-keystone12:09
*** raildo has joined #openstack-keystone12:13
*** jamesbenson has quit IRC12:13
*** lucasxu has joined #openstack-keystone12:15
*** ygl has quit IRC12:17
*** dave-mccowan has joined #openstack-keystone12:46
*** Suramya has joined #openstack-keystone12:46
*** catintheroof has joined #openstack-keystone12:49
*** dave-mcc_ has joined #openstack-keystone12:51
*** dave-mccowan has quit IRC12:51
*** szahers has quit IRC12:54
*** panbalag has joined #openstack-keystone12:57
*** StefanPaetowJisc has joined #openstack-keystone13:14
*** chlong has joined #openstack-keystone13:19
*** markvoelker has joined #openstack-keystone13:30
*** chrisshattuck has joined #openstack-keystone13:32
*** chrisshattuck has quit IRC13:39
*** jamesbenson has joined #openstack-keystone13:40
*** jamesbenson has quit IRC13:44
*** Suramya has quit IRC13:49
*** Drankis has quit IRC13:51
*** jamesbenson has joined #openstack-keystone14:01
*** Guest36641 is now known as melwitt14:03
*** erlon has joined #openstack-keystone14:05
*** jamesbenson has quit IRC14:06
*** admin0 has joined #openstack-keystone14:16
knikollao/14:16
hrybackio/14:16
knikollahrybacki: i'll look at the etherpad later today14:17
hrybackiknikolla: thanks!14:17
admin0how are catalogs created/advertised ?14:18
*** jamesbenson has joined #openstack-keystone14:39
*** jrist has quit IRC14:41
*** chrissha_ has joined #openstack-keystone14:43
*** jamesbenson has quit IRC14:44
*** raildo has quit IRC14:44
*** marst has joined #openstack-keystone14:46
samueldmqmorning keystone14:48
*** jaosorior has joined #openstack-keystone14:48
*** szahers has joined #openstack-keystone14:49
samueldmqadmin0: the service catalog is created in keystone and is advertised by keystone too14:49
samueldmqindividual services may retrieve the catalog when doing token validation14:50
admin0does one actually do catalog create .. or is it built from endpoints added14:50
samueldmqcmurphy: this is all true for fernet token too, correct?14:50
samueldmqadmin0: no catalog create call. catalog is built from services, regions and endpoints created14:51
samueldmqthose have CRUD APIs14:51
*** StefanPaetowJisc has quit IRC14:52
admin0samueldmq: thanks14:53
*** david-lyle has joined #openstack-keystone14:53
hrybackipanbalag: `sudo keystone-manage fernet_rotate --keystone-user keystone --keystone-group keystone`14:56
gagehugoo/14:56
*** StefanPaetowJisc has joined #openstack-keystone14:56
panbalaghrybacki: ok. let me try that14:57
*** lbragstad has joined #openstack-keystone14:59
*** ChanServ sets mode: +o lbragstad14:59
*** szahers has quit IRC15:00
*** jamesbenson has joined #openstack-keystone15:00
lbragstado/15:03
lbragstadjust a heads up that i'll be in orientation all day today and tomorrow15:03
lbragstad(i won't be around for the keystone meeting or office hours)15:04
*** jamesbenson has quit IRC15:05
*** gyee has joined #openstack-keystone15:05
*** StefanPaetowJisc has quit IRC15:05
samueldmqadmin0: sure, np15:08
*** StefanPaetowJisc has joined #openstack-keystone15:08
*** lbragstad has quit IRC15:11
*** Suramya has joined #openstack-keystone15:16
*** jamesbenson has joined #openstack-keystone15:21
*** raildo has joined #openstack-keystone15:24
*** jamesbenson has quit IRC15:25
*** jaosorior has quit IRC15:32
*** raildo has quit IRC15:39
*** raildo has joined #openstack-keystone15:55
kmalloco/16:01
*** jamesbenson has joined #openstack-keystone16:03
*** sbezverk has quit IRC16:03
openstackgerritMerged openstack/keystone master: Remove keystone-all doc  https://review.openstack.org/50242316:03
*** jamesbenson has quit IRC16:07
*** itlinux has joined #openstack-keystone16:12
*** jamesbenson has joined #openstack-keystone16:23
*** StefanPaetowJisc has quit IRC16:27
*** jamesbenson has quit IRC16:28
*** StefanPaetowJisc has joined #openstack-keystone16:29
*** StefanPaetowJisc has quit IRC16:33
*** pcaruana has quit IRC16:38
*** aselius has joined #openstack-keystone16:44
*** rcernin has quit IRC16:52
*** tesseract has quit IRC16:52
*** mvk has quit IRC17:01
hrybackiwho runs the keystone mtg in lieu of lbragstad?17:02
gagehugoare we having it today? the agenda is empty17:04
*** admin0 has left #openstack-keystone17:05
hrybackigagehugo: lance is out which is what prompted me to ask17:08
*** szahers has joined #openstack-keystone17:08
hrybackido the cores want to hold a meeting / office hours?17:08
gagehugoah17:09
*** szahers has quit IRC17:10
*** ygl has joined #openstack-keystone17:11
yglhi all17:11
ygli need some help with keystone17:12
hrybackiygl: can you provide us with some more info?17:14
yglhyakuhei: i have two regions. but a common keystone.17:17
yglhrybacki: i have two regions. but a common keystone.17:17
yglhrybacki: when I try to run nova list for second region it is trying to access the internal keystone  endpoint of first region eventhough I pointed the second region to public endpoint of first region17:19
yglhrybacki: and the internal endpoint is a private network not reachable from second region17:20
yglhrybacki: but I am able to get openstack token using this public endpoint. but not nova list17:20
hrybacki(I haven't deployed this type of environment before so keep that in mind) -- how did you point the second region at the public endpoint of the first?17:21
*** jamesbenson has joined #openstack-keystone17:22
yglusing the auth_uri in nova.conf to point to keystone public endpoint of first region17:22
yglhrybacki: using the auth_uri in nova.conf to point to keystone public endpoint of first region17:23
* cmurphy on planes all day, won't be at the meeting17:24
*** jamesbenson has quit IRC17:26
hrybackiygl: I'll be slow to respond (meetings)17:28
yglhrybacki: ok17:30
*** ygl has quit IRC17:38
openstackgerritChris Friesen proposed openstack/keystone-specs master: Restrict Service Catalog in Auth Response  https://review.openstack.org/50534517:39
*** cfriesen has joined #openstack-keystone17:39
*** jamesbenson has joined #openstack-keystone17:43
*** StefanPaetowJisc has joined #openstack-keystone17:46
*** ygl has joined #openstack-keystone17:47
yglhrybacki: i want some information17:47
*** jamesbenson has quit IRC17:47
*** harlowja has joined #openstack-keystone17:49
yglcan someone tell me, if I execute nova list command form a remote client machine , which keystone urls will the nova service internally uses ? is it admin, or internal or public keystone endpoint ? which one ?17:49
hrybackiygl it may be awhile before I can respond (I'd need to research your issue). If you want to raise visibility quickly I'd recommend creating a bug in LP -- https://bugs.launchpad.net/keystone -- and adding as much information (env, version of OS, logs, config) so that I (or someone else with free time sooner) can best assist you17:49
yglhrybacki: if I execute nova list command form a remote client machine , which keystone urls will the nova service internally uses ? is it admin, or internal or public keystone endpoint ? which one ?17:50
knikollaygl: by default it should be public17:50
yglknikolla: but internally does it still use internal endpoint ?17:50
yglknikolla: i mean it is the nova service which has to interact with the keystone internally . So I am suspecting it will be internal still17:51
*** Suramya_ has joined #openstack-keystone17:52
knikollaygl: this blog post from a while ago should help http://blog.dolphm.com/openstack-keystone-service-catalog/17:52
yglknikolla: eventhough the public endpoint takes the request, the nova service internally uses internal endpoint17:52
knikollaygl: here's the workflow17:52
*** panbalag has quit IRC17:53
*** Suramya has quit IRC17:53
*** mvk has joined #openstack-keystone17:53
knikollaygl: 1. user gets a token from keystone via the keystone public interface, 2. user sends the request with the token to the nova public interface, 3. nova talks to keystone to validate the token, which interface nova uses for talking to keystone is configurable in the nova configuration for keystonemiddleware17:53
yglknikolla: for me eventhough I configured nova to use public keystone endpoint, it is still querying internal endpoint in the debug output17:54
yglknikolla: openstack --debug server list17:55
*** spilla has joined #openstack-keystone17:55
knikollaygl: the debug output of that will be of openstackclient, not nova17:55
*** ioggstream has quit IRC17:56
yglknikolla: the openstack client is querying internal endpoint eventhough I mentioned public endpoint. thats my doubt17:56
knikollaygl: is it querying the internal endpoint for keystone or the internal endpoint for nova?17:57
yglknikolla: it is querying internal endpoint of keystone first and then it is going to nova. but my query is why is it querying internal keystone, eventhough I mentioned public keystone in the openrc file17:58
knikollaygl: for keystone, openstackclient will query whatever is your AUTH_URL in your openrc file. there is no other way to figure out which keystone to query, since the catalog is fetched after getting a token from keystone itself17:59
yglknikolla: but I mentioned publick keystone endpoint in the openrc file17:59
samueldmqhrybacki: well, it's not official we don't have a meeting18:01
knikollasamueldmq: lance is on orientation day, so unless someone want to host the meeting, i guess not18:01
samueldmqand I do have a 1 topic, I think we can do a quick meeting if people show up18:01
samueldmqI can do it18:01
hrybackisamueldmq: let's do it18:01
knikollaygl: paste on paste.opentsack.org and send me a link (remove passwords)18:02
yglknikolla: ok18:02
*** jamesbenson has joined #openstack-keystone18:04
*** Suramya has joined #openstack-keystone18:04
*** Suramya_ has quit IRC18:06
yglknikolla: http://paste.openstack.org/show/621464/18:07
*** jamesbenson has quit IRC18:08
yglknikolla: it is timing out because i see these logs in the nova-api:  http://paste.openstack.org/show/621465/18:09
knikollaygl: that looks like it's correctly working to get a token from keystone, but it's talking to the wrong nova18:09
yglknikolla: no the nova url is correct18:09
knikollaygl: oh i see. nova can't talk to keystone18:09
yglknikolla: because keystone-internal is not reachable18:09
knikollaygl: the url of the keystone that nova should use is in the nova.conf file18:10
knikollathere is a keystone_authtoken section18:10
knikollafor keystonemiddleware18:10
yglknikolla: yes it is pointing to public keystone url18:10
yglknikolla: in nova.conf18:10
knikollacan i see that section? blank out the passwords18:10
yglknikolla: ok18:11
*** spilla has quit IRC18:11
yglknikolla: http://paste.openstack.org/show/621466/18:12
yglknikolla: keystone.mycloud.wtl.com is reachable\18:12
knikollaygl: the entire section please. i think i know the issue, i just want to make sure.18:13
yglknikolla: but in the debug output it is pointing to keystone-internal.mycloud.wtl.com18:13
yglknikolla: ok18:13
yglknikolla: http://paste.openstack.org/show/621467/18:14
yglknikolla: this is actually a second region talking to keystone urls of first region since both share a common keystone18:15
yglknikolla: hope u got the picture now18:16
yglknikolla: u there ?18:18
knikollaygl: yeah, give me a sec. checking something18:18
yglknikolla: ok18:18
yglknikolla: this is mitaka version18:18
yglknikolla: in ubuntu18:19
knikollaygl: based on that configuration, keystonemiddleware should have talked to the correct keystone. :/18:21
knikollatry auth_plugin instead of auth_type18:21
knikollathat's the wrong option name.18:22
yglknikolla: it is showing public endpoint in debug output but it is failing because nova-api log shows that it is querying internal keystone though18:22
*** StefanPaetowJisc has quit IRC18:22
*** itlinux has quit IRC18:22
yglknikolla: did u get my point ?18:23
knikollai do get your point. also it doesn't matter what is internal or external, because nova will not use the catalog to query keystone18:23
knikollait will use a configuration setting in nova.conf18:23
*** Suramya has quit IRC18:23
yglknikolla: but my command is failing eventually because internal endpoint is unreachable from second region18:24
yglknikolla: only if I add the public ip of the same host to point to internal keystone in /etc/hosts file ten it is working18:24
*** jamesbenson has joined #openstack-keystone18:24
yglknikolla: it is weird though. why is it  not using public keystone18:25
knikollaygl: as i said above. the keystone endpoint is hardcoded in nova.18:25
*** Suramya has joined #openstack-keystone18:25
knikollaygl: so the internal endpoint is somewhere in the nova.conf file18:25
yglknikolla: but I used public endpoint in nova18:25
yglknikolla: no it is not there at all18:25
knikollado a grep on the url of the internal endpoint18:25
yglknikolla: i double-checked it18:25
yglknikolla:18:25
yglknikolla: ok18:26
yglknikolla: root@blrlab-hyper-2:~# cat /etc/nova/nova.conf | grep keystone-internal root@blrlab-hyper-2:~#18:26
yglknikolla: no output18:26
yglknikolla: i think it is a bug with multi regions in mitaka18:26
yglknikolla: it is searching for internal keystone endpoint on the first region eventhough I specify public keystone endpoint18:27
knikollaygl: it shouldn't be. because it doesn't search, because it doesn't know how to search "yet".18:28
yglknikolla: but my logs show otherwise18:28
yglknikolla: i hope u got my point18:28
*** ayoung has joined #openstack-keystone18:28
*** jamesbenson has quit IRC18:29
yglknikolla: can u send your findings and thoughts about this to my mail id 'ygk.kmr@gmail.com' please18:29
yglknikolla: it is only working if I make the internal endpoint resolvable from second region18:29
knikollaygl: i'd rather keep this here since more folks can jump in and help.18:30
yglknikolla: i am done for the day18:30
yglit is close to midnight here18:30
knikollaygl: ping me on irc when you're on tomorrow.18:30
yglknikolla: can u remember me ?18:31
yglknikolla: what time u will be available tomorrow ?18:31
knikollaygl: i'm good at names, terrible with faces. so you're in luck.18:31
yglknikolla: ok, send ur findings or thoughts to my mail id above18:32
*** StefanPaetowJisc has joined #openstack-keystone18:32
knikollaygl: i'm on EST, but i can spare some time tonight, wich will be morning at you.18:32
yglknikolla: ok18:32
yglknikolla: thanks18:32
knikollaygl: np18:32
*** ygl has quit IRC18:32
*** jamesbenson has joined #openstack-keystone18:45
*** StefanPaetowJisc has quit IRC18:46
*** jamesbenson has quit IRC18:50
*** itlinux has joined #openstack-keystone18:59
*** jamesbenson has joined #openstack-keystone19:06
*** StefanPaetowJisc has joined #openstack-keystone19:06
*** jamesbenson has quit IRC19:10
*** lucasxu has quit IRC19:26
*** jrist has joined #openstack-keystone19:26
*** StefanPaetowJisc has quit IRC19:28
*** Suramya has quit IRC19:34
*** StefanPaetowJisc has joined #openstack-keystone19:35
*** StefanPaetowJisc has quit IRC19:56
*** raildo has quit IRC19:57
*** StefanPaetowJisc has joined #openstack-keystone19:58
openstackgerritKristi Nikolla proposed openstack/keystonemiddleware master: Document endpoint interface and region behavior  https://review.openstack.org/50539619:59
knikollahrybacki: ^^19:59
*** StefanPaetowJisc has quit IRC20:02
*** StefanPaetowJisc has joined #openstack-keystone20:06
*** StefanPaetowJisc has quit IRC20:13
*** rcernin has joined #openstack-keystone20:14
*** raildo has joined #openstack-keystone20:17
marstHello. Apologies for trivial question, I'm trying to follow this: https://docs.openstack.org/keystone/pike/install/keystone-install-rdo.html guide and I'm stuck getting "Can't connect to MySQL server on 'controller'" errors. http://paste.openstack.org/show/621443/ - after keystone db_sync command. http://paste.openstack.org/show/621476/ - configuration for keystone, I guess I'm missing some fields? I can connect to20:20
marstthis DB from another host, it's not firewall issue. Any ideas on what else to check?20:20
*** jamesbenson has joined #openstack-keystone20:22
knikollamarst: is controller pingable?20:23
marstknikilla: yes, it's "all-in-one" setup.20:23
marst*knikolla, apologies20:24
knikollamarst: what i mean is, does `ping controller` work?20:25
*** jamesbenson has quit IRC20:26
marstknikolla: yes. "controller" is defined in /etc/hosts file as "127.0.0.1".20:26
-openstackstatus- NOTICE: Zuul and Gerrit are being restarted to address issues discovered with the Gerrit 2.13 upgrade. review.openstack.org will be inaccessible for a few minutes while we make these changes. Currently running jobs will be restarted for you once Zuul and Gerrit are running again.20:26
marstI can replace "controller with IP and see if that helps, I guess.20:26
knikollamarst: can you connect to mysql with the user and password specified?20:27
marstknikolla: yes. both from localhost and from another host too.20:27
knikollamarst: and i assume you've replaced `KEYSTONE_DBPASS` in the configuration file with the actual database password for the user20:29
knikollain the `mysql+pymysql://keystone:KEYSTONE_DBPASS@controller/keystone` line20:29
marstknikolla: I did better. I setup my password as KEYSTONE_DBPASS. Perhaps I should change it and remove underscore?20:30
knikollamarst: the underscore shouldn't matter.20:31
knikollaso you have a `keystone` user with a `KEYSTONE_DBPASS`, and permissions on a database named `keystone`20:32
knikollathat database is accessible from outside hosts, but not from keystone when running db_sync20:33
marstknikolla: yes, that's correct.20:33
knikollamarst: give me a sec, testing something.20:34
marstknikolla: sure, thanks a lot for taking time! Appreciate any and all help. For now I've replaced "controller" with 127.0.0.1 in connection string, restarted httpd, but still same error: Can't connect to MySQL server on '127.0.0.1'20:35
marstand just realized that I should've probably asked for help in oslo channel.20:37
knikollamarst: connection is all you really need for the db connection.20:39
marstknikolla: "easy" problems are always most painful. I've spent 2 days fighting this and still can't figure out what's wrong. :)20:41
knikollamarst: i can believe that!20:41
marstknikolla: promised docs team I'll check install guide by Thursday. Looks like I'll be late. :(20:41
knikollamarst: so `keystone db_sync` is failing with the error you pasted, right?20:42
knikollakeystone-manage20:42
knikollaerr.20:42
marstknikolla: it doesn't fail, it just silently quites. the error messages appear only in /var/log/keystone/keystone.log file t20:42
marst*quits20:42
*** jrist has quit IRC20:43
knikollamarst: try increasing the logging level to debug by setting `debug = True` in the `[DEFAULT]` section of the config.20:45
marstknikolla: just did. One question, is there a difference between running keyston-manage db_sync as root user or as in guide: "su -s /bin/sh -c "keystone-manage db_sync" keystone" ?20:49
*** catintheroof has quit IRC20:50
*** catintheroof has joined #openstack-keystone20:50
knikollamarst: there shouldn't be.20:50
*** catintheroof has quit IRC20:51
marstknikolla: yeah, same error in both cases: http://paste.openstack.org/show/621480/20:51
knikollamarst: i didn't expect a different error, but hoped for more info before the error. it seems to load the migrations and everything correctly, so only the connection is failing.20:54
marstknikolla: I guess I'll try to do everything again from scratch and if it fails again will comeback. :)20:54
knikollatry asking oslo first.20:55
marstknikolla: will do. thank you!20:55
*** itlinux has quit IRC20:56
*** itlinux has joined #openstack-keystone20:57
*** itlinux has quit IRC20:58
*** itlinux has joined #openstack-keystone20:59
*** StefanPaetowJisc has joined #openstack-keystone21:06
openstackgerritGage Hugo proposed openstack/keystone master: Handle latest changes to os-testr  https://review.openstack.org/50444221:06
*** StefanPaetowJisc has quit IRC21:10
*** jose-phillips has joined #openstack-keystone21:11
*** thorst has quit IRC21:14
*** StefanPaetowJisc has joined #openstack-keystone21:16
*** thorst has joined #openstack-keystone21:16
*** thorst has quit IRC21:20
*** itlinux has quit IRC21:21
*** StefanPaetowJisc has quit IRC21:21
*** itlinux has joined #openstack-keystone21:25
*** raildo has quit IRC21:40
*** jistr has quit IRC21:41
*** panbalag has joined #openstack-keystone21:48
*** aahh has joined #openstack-keystone21:51
*** panbalag has quit IRC21:58
*** jistr has joined #openstack-keystone22:01
*** chrissha_ has quit IRC22:02
*** jamesbenson has joined #openstack-keystone22:10
*** jamesbenson has quit IRC22:14
*** aojea has quit IRC22:16
*** chlong has quit IRC22:21
*** aahh has quit IRC22:24
-openstackstatus- NOTICE: Gerrit is being restarted to address some final issues, review.openstack.org will be inaccessible for a few minutes while we restart22:33
*** dave-mcc_ has quit IRC22:33
*** catintheroof has joined #openstack-keystone22:45
*** openstackgerrit has quit IRC22:47
*** itlinux has quit IRC22:49
*** edmondsw has quit IRC22:50
*** jamesbenson has joined #openstack-keystone22:51
*** nkinder has quit IRC22:52
*** chrisshattuck has joined #openstack-keystone22:55
*** edmondsw has joined #openstack-keystone22:55
*** jamesbenson has quit IRC22:55
*** edmondsw has quit IRC22:59
*** nkinder has joined #openstack-keystone23:07
*** rcernin has quit IRC23:11
*** chrisshattuck has quit IRC23:19
*** edmondsw has joined #openstack-keystone23:23
*** hoonetorg has quit IRC23:23
*** edmondsw has quit IRC23:27
*** hoonetorg has joined #openstack-keystone23:36
*** ChanServ changes topic to "Queens release schedule: https://releases.openstack.org/queens/schedule.html | Meeting agenda: https://etherpad.openstack.org/p/keystone-weekly-meeting | Bugs that need triaging: http://bit.ly/2iJuN1h"23:39
-openstackstatus- NOTICE: Gerrit is once again part of normal puppet config management. Problems with Gerrit gitweb links and Zuul post jobs have been addressed. We currently cannot create new gerrit projects (fixes in progress) and email sending is slow (being debugged).23:39
« Monday, 2017-09-18 Index Wednesday, 2017-09-20 »

Generated by irclog2html.py 2.15.3 by Marius Gedminas - find it at mg.pov.lt!