Openstack-Keystone failing to start

Question

I've tried almost everything in the past couple of days to get keystone running to no avail.

The setup is all on the same host, the virtualization and openstack and keystone are all on the same host, so I've tried setting up keystone with 127.0.0.1 and localhost and the IP of the host with no luck

[DEFAULT] log_file = /var/log/keystone/keystone.log 
admin_token = *** 
bind_host = 192.168.33.11 
public_port = 5000 
admin_port = 35357 
compute_port = 8774

# === Logging Options ===
# Print debugging output verbose = True

# Print more verbose output
# (includes plaintext request logging, potentially including passwords)
# debug = False

# Name of log file to output to. If not set, logging will go to stdout. log_file = keystone.log

# The directory to keep log files in (will be prepended to --logfile) log_dir = /var/log/keystone

# Use syslog for logging.
# use_syslog = False

# syslog facility to receive log lines
# syslog_log_facility = LOG_USER

# If this option is specified, the logging configuration file specified is
# used and overrides any other logging options specified. Please see the
# Python logging module documentation for details on logging configuration
# files. log_config = logging.conf

# A logging.Formatter log message format string which may use any of the
# available logging.LogRecord attributes.
# log_format = %(asctime)s %(levelname)8s [%(name)s] %(message)s

# Format string for %(asctime)s in log records.
# log_date_format = %Y-%m-%d %H:%M:%S

# onready allows you to send a notification when the process is ready to serve
# For example, to have it notify using systemd, one could set shell command:
# onready = systemd-notify --ready
# or a module with notify() method:
# onready = keystone.common.systemd

[sql] connection = mysql://keystone:***@localhost/keystone
# idle_timeout = 200

[identity] driver = keystone.identity.backends.sql.Identity

[catalog] template_file = /etc/keystone/default_catalog.templates driver = keystone.catalog.backends.sql.Catalog
# dynamic, sql-based backend (supports API/CLI-based management commands)
# driver = keystone.catalog.backends.sql.Catalog

# static, file-based backend (does *NOT* support any management commands)
# driver = keystone.catalog.backends.templated.TemplatedCatalog

# template_file = default_catalog.templates

[token] driver = keystone.token.backends.sql.Token
# driver = keystone.token.backends.kvs.Token

# Amount of time a token should remain valid (in seconds)
# expiration = 86400

I've enabled logging in the logging.conf file and set the level to DEBUG and INFO, however nothing in log files.

[root@* keystone]# service openstack-keystone restart
Stopping keystone:                                         [FAILED]
Starting keystone:                                         [  OK  ]
[root@* keystone]# service openstack-keystone restart
Stopping keystone:                                         [FAILED]
Starting keystone:                                         [  OK  ]
[root@* keystone]# ps aux | grep keystone
root     25580  0.0  0.0 103236   880 pts/1    S+   09:41   0:00 grep keystone
[root@* keystone]#

Any ideas will be greatly appreciated.Thank you

Answer 1

As I mentioned in the comment, I've never seen a config file with the section headings on the same line as config option:

[DEFAULT] log_file = /var/log/keystone/keystone.log 

I've also seen it like this instead:

[DEFAULT]
log_file = /var/log/keystone/keystone.log 

However, I have no idea if this is related to your issue.

To enable debug-level logging, make sure you set the following in /etc/keystone/logging.conf:

[logger_root]
level=DEBUG

Then try running keystone manually instead of as a service:

$ sudo -u keystone bash
$ HOME=/var/lib/keystone keystone-all --debug

Hopefully you'll see a relevant error message on standard out.

(I believe it will still send the logging to /var/log/keystone/keystone.log, not sure how to actually get it to log to standard out when running manually like this).

Answer 2

1. Add a valid token for admin_token. It should not be "*".

2. Check the below line: [sql] connection = mysql://keystone:*@localhost/keystone It should be something like: connection = mysql://keystone:keystone@localhost/keystone

3. Refer to this url for an example keystone.conf file http://docs.openstack.org/trunk/openstack-compute/install/yum/content/keystone-conf-file.html

Answer 3

I ran into this issue as well. I am running on Ubuntu 12.04LTS. What i found was the the service start command in /etc/init/keystone.conf is using start-stop-daemon to run the service. It was written for a newer version than the one on my box. The --chdir variable is not accepted as an input. once i removed that line keystone started right up.

Try running:

start-stop-daemon --start --chuid keystone --name keystone --exec /usr/bin/keystone-all

/etc/init/keystone.conf  after

description "Keystone API server"
author "Soren Hansen <soren@linux2go.dk>"

start on runlevel [2345]
stop on runlevel [!2345]

respawn

exec start-stop-daemon --start --chuid keystone \
            --name keystone \
            --exec /usr/bin/keystone-all

Answer 4

Check if your IP-adress is equal to HOST_IP=... in localrc

Answer 5

This might be due to keystone not getting started properly and therefore port 35357 is not in listening mode. This seems to be anomalous behavior of service keystone. I am mentioning steps which have worked on my system for havana installtion on Ubuntu 12.04 Kernel version 3.2.0-67-generic. After a day of headache around this issue. Try these steps, preferably in the same order.

1) Remove keystone package:-

  apt-get remove  keystone 

2) Reboot your system

 reboot 

3) After reboot again INSTALL KEYSTONE.

apt-get install keystone

4) Check status of keystone service

 service keystone status

It will show start/running

5) Now do the necessary changes you want to do in /etc/keystone/keystone.conf

after making changes in conf file DO NOT RESTART KEYSTONE SERVICE

Use stop and start command to make an effect of restart but don't restart.

service keystone stop

service keystone start

For further help, pasting a dump of my CLI :-

http://pastebin.com/sduuFCL7

Answer 6

There are multiple problems with the icehouse documentations and install. packstack is broken so the only way to get started is to manually follow the upstream docs for your distro. keystone is very important to set up first correctly before moving on, because other services rely on it.

1. the paste-file /usr/share/keystone/keystone-dist-paste.ini should be copied to /etc/ to be accessible to the config scripts like this:

   cp /usr/share/keystone/keystone-dist-paste.ini /etc/keystone/
   chown keystone:keystone /etc/keystone/*
   

   make sure to update keystone.conf with the new config_file value

2. documentation is wrong about the mysql connection, it should go to [sql] and not [database] so:

   openstack-config --set /etc/keystone/keystone.conf    sql connection mysql://keystone:PASSWD@controller/keystone
   

3. the name controller should be resolved to whatever mysql is bound to, I will add it to /etc/hosts like this if [mysqld]/bind-address in /etc/my.cnf is 10.1.1.100:

   10.1.1.100  controller
   

4. make sure to uncomment log_file in keystone.conf to get what is happening.

Answer 7

I was facing similar issue.I followed below mentioned steps and openstack-keystone service got started.

Edit the /etc/keystone/keystone.conf file and complete the following actions:

1. In the [DEFAULT] section

   [DEFAULT]
   
   admin_token = ADMIN_TOKEN
   

2. In the [database] section

   [database]
   connection = mysql://keystone:KEYSTONE_DBPASS@controller/keystone
   

3. In the [token] section, configure the UUID token provider and SQL driver

   [token]
   provider = keystone.token.providers.uuid.Provider
   driver = keystone.token.persistence.backends.sql.Token
   

4. In the [revoke] section

   [revoke]
   driver = keystone.contrib.revoke.backends.sql.Revoke
   

After making above changes populate the Identity service database using command

su -s /bin/sh -c "keystone-manage db_sync" keystone

Start the openstack-keystone service using below command

systemctl start openstack-keystone