1044, \"Access denied for user 'root'@'%' to database 'keystone'\")
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
kolla-ansible |
Invalid
|
Undecided
|
Unassigned |
Bug Description
TASK [keystone : Creating Keystone database user and setting permissions] *******
task path: /usr/share/
<kolla1> ESTABLISH SSH CONNECTION FOR USER: None
<kolla1> SSH: EXEC ssh -C -o ControlMaster=auto -o ControlPersist=60s -o KbdInteractiveA
<kolla1> (0, '/root\n', '')
<kolla1> ESTABLISH SSH CONNECTION FOR USER: None
<kolla1> SSH: EXEC ssh -C -o ControlMaster=auto -o ControlPersist=60s -o KbdInteractiveA
<kolla1> (0, 'ansible-
Using module file /usr/share/
<kolla1> PUT /root/.
<kolla1> SSH: EXEC sftp -b - -C -o ControlMaster=auto -o ControlPersist=60s -o KbdInteractiveA
<kolla1> (0, 'sftp> put /root/.
<kolla1> ESTABLISH SSH CONNECTION FOR USER: None
<kolla1> SSH: EXEC ssh -C -o ControlMaster=auto -o ControlPersist=60s -o KbdInteractiveA
<kolla1> (0, '', '')
<kolla1> ESTABLISH SSH CONNECTION FOR USER: None
<kolla1> SSH: EXEC ssh -C -o ControlMaster=auto -o ControlPersist=60s -o KbdInteractiveA
<kolla1> (0, '\r\n{"msg": "(1044, \\"Access denied for user \'root\'@\'%\' to database \'keystone\'\\")", "failed": true, "changed": false, "invocation": {"module_args": {"module_name": "mysql_user", "module_
<kolla1> ESTABLISH SSH CONNECTION FOR USER: None
<kolla1> SSH: EXEC ssh -C -o ControlMaster=auto -o ControlPersist=60s -o KbdInteractiveA
<kolla1> (0, '', '')
fatal: [kolla1 -> kolla1]: FAILED! => {
"changed": false,
"invocation": {
},
}
},
"msg": "(1044, \"Access denied for user 'root'@'%' to database 'keystone'\")"
}
NO MORE HOSTS LEFT *******
to retry, use: --limit @/usr/share/
PLAY RECAP *******
kolla1 : ok=52 changed=0 unreachable=0 failed=1
kolla2 : ok=41 changed=0 unreachable=0 failed=0
kolla3 : ok=39 changed=0 unreachable=0 failed=0
localhost : ok=1 changed=0 unreachable=0 failed=0
openstack:queens
[root@kolla1 ~]# pip list |grep kolla
kolla-ansible 6.1.1.dev7
For example: kolla3=mariadb service
[mariadb:children] Change [mariadb]
[root@kolla1 ~]# egrep -v "^#|^$" multinode
[control]
kolla1
kolla2
kolla3
[network]
kolla1
[inner-compute]
[external-compute]
kolla2
............
[mariadb]
kolla3
Increase the following parameters
/etc/kolla/
enable_
use_preconfigur
enable_mariadb: "no"
The database and user have been created but found out that this permission is incorrect?
Should this give permission:
GRANT ALL PRIVILEGES ON keystone.* TO 'keystone'@'%' IDENTIFIED BY 'RsWmvtMU6EYigw
MariaDB [keystone]> show grants for keystone;
+------
| Grants for keystone@% |
+------
| GRANT USAGE ON *.* TO 'keystone'@'%' IDENTIFIED BY PASSWORD '*A3B000B3A06E2
+------
MariaDB [(none)]> select user,host,password from mysql.user;
+------
| user | host | password |
+------
| root | localhost | *FE1E37A7390CE0
| root | kolla3 | *FE1E37A7390CE0
| root | 127.0.0.1 | *FE1E37A7390CE0
| root | ::1 | *FE1E37A7390CE0
| root | % | *FE1E37A7390CE0
| keystone | % | *A3B000B3A06E2A
+------
Explain that the node cannot remotely log in to the mysql database as root ? I don't quite understand how kolla accesses the database in this mode.
(1044, \"Access denied for user 'root'@'%' to database 'keystone'\")
Changed in kolla: | |
status: | New → Incomplete |
affects: | kolla → kolla-ansible |
In this case kolla-ansible tries to use `database_password` as root password to create the `keystone` user by itself. If keystone user is to be precreated then the database must be too and the variable value needs to be changed.
# Whether to use pre-configured databases / users ured_databases: "no"
use_preconfig