'openstack-heat' cluster provider misses 'domain-name' for Keystone v3 #39783

micmro opened this Issue Jan 12, 2017 · 0 comments


None yet

1 participant

micmro commented Jan 12, 2017

Is this a request for help? (If yes, you should use our troubleshooting guide and community support channels, see http://kubernetes.io/docs/troubleshooting/.):

What keywords did you search in Kubernetes issues before filing this one? (If you have found any duplicates, you should instead reply there.):

Is this a BUG REPORT or FEATURE REQUEST? (choose one):
Bug Report

Kubernetes version (use kubectl version):
Kubernetes v1.5.1


  • Cloud provider or hardware configuration: Openstack
  • OS (e.g. from /etc/os-release): CentOS Linux 7 (Core) v1608
  • Kernel (e.g. uname -a): Linux k8s-cluster-2-node-fjhcjjzz 3.10.0-327.28.3.el7.x86_64 #1 SMP Thu Aug 18 19:05:49 UTC 2016 x86_64 x86_64 x86_64 GNU/Linux
  • Install tools: openstack-heat
  • Others:

What happened:
Keystone v3 authentication by user name requires the domain (name or ID). If domain-name is not provided kubelet fails as seen below:

kubelet: error: failed to run Kubelet: could not init cloud provider "openstack": You must provide exactly one of DomainID or DomainName to authenticate by Username
systemd: kubelet.service: main process exited, code=exited, status=1/FAILURE
systemd: Unit kubelet.service entered failed state.
systemd: kubelet.service failed.

What you expected to happen:
Authenticate correctly.

To solve this by passing a newOS_USER_DOMAIN_NAME environment variable through openstack-heat's heat-templates to write it as domain-name in /srv/kubernetes/openstack.conf. (Will issue PR)

How to reproduce it (as minimally and precisely as possible):
run . ../openrc.sh && KUBERNETES_PROVIDER=openstack-heat ./cluster/kube-up.sh with a keystone v3 setup

Anything else do we need to know:

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment