Hi guys,
In order to set the domains in icehouse, we needed the following patch:
--- heat-keystone-setup-domain 2015-04-23 17:50:08.000000000 +0000
+++ heat-keystone-setup-domain.patch 2015-04-28 16:27:25.358901215 +0000
@@ -25,6 +25,7 @@
DEBUG = False
USERNAME = os.environ.get('OS_USERNAME', None)
PASSWORD = os.environ.get('OS_PASSWORD', None)
+TENANT_NAME = os.environ.get('OS_TENANT_NAME', None)
AUTH_URL = os.environ.get('OS_AUTH_URL', '').replace('v2.0', 'v3')
opts = [
@@ -64,10 +65,15 @@
c = client.Client(debug=DEBUG,
username=USERNAME,
password=PASSWORD,
+ tenant_name=TENANT_NAME,
auth_url=AUTH_URL,
endpoint=AUTH_URL)
c.authenticate()
+ try:
+ heat_domain = c.domains.delete(name=HEAT_DOMAIN_NAME)
+ except:
+ print "error"
# Create the heat domain
logger.info("Creating domain %s" % HEAT_DOMAIN_NAME)
try:
From: David Hill
Sent: 8-Sep-14 7:08 PM
To: openstack (openstack@lists.openstack.org)
Subject: [Openstack] [heat] identity:create_domain failed (403)
Hi guys,
I have 2 environments that are almost identical but one of them
gives me this:
keystoneclient.openstack.common.apiclient.exceptions.Forbidden: You are not
authorized to perform the requested action, identity:create_domain. (HTTP 403)
When I try to run:
heat-keystone-setup-domain --stack-domain-admin stack_admin
--stack-domain-admin-password $password --stack-user-domain-name heat
The problem is that I'm using the same policy everywhere and one works but the
other doesn't. I'm out of ideas!
Any hints?
Dave
_______________________________________________
Mailing list: http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
Post to : openstack@lists.openstack.org
Unsubscribe : http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
