Details
-
Type: extRequest
-
Status: Closed
-
Priority: Major
-
Resolution: Done
-
Fix Version/s: 2021
-
Component/s: FIWARE-TECH-HELP
-
Labels:None
-
Sender Email:
-
HD-Chapter:Security
-
HD-Enabler:KeyRock
Description
Hello.
I'm trying to install the KeyRock identity manager system, and I'm
running into some troubles.
I wanted to install it on a CentOS 6.5 server, but ran into trouble
because CentOS 6.5 only uses Python 2.6, and KeyRock requires Python
2.7. Specifically, there's a dictionary comprehension on line 65-67 of
file keystone/contrib/endpoint_filter/core.py, and those are a syntax
error in Python 2.6. Your install_venv.py script will check the Python
version, but it still allows for Python 2.6. I was able to fix that by
building and installing Python 2.7 on the server, but I also had to
modify the install_venv_common.py script to accept a custom Python
executable (that is, even if you ran install_venv.py with
/usr/bin/python2.7, it still built the virtual environment with
/usr/bin/python, which is Python 2.6 in CentOS). For reference, I used
this install guide, but I adapted it for CentOS:
https://forge.fiware.org/plugins/mediawiki/wiki/fiware/index.php/Identity_Management_-_KeyRock_-_Installation_and_Administration_Guide
Anyway, having done that, I managed to get both keystone and horizon
installed, but when I tried to run them as dev servers, I got this
error:
https://gist.githubusercontent.com/anonymous/1fa0e4ebf8e6c7e28aba/raw/b2765ba05ce00a435269158c0d3fdda08417d2c0/gistfile1.txt
I also tried installing and running keystone/horizon on an ubuntu
server, installing it using the fabric scripts you've provided. It was
much more painless doing it that way, but I still got the same error
when I tried to start it. I found this stack overflow question but the
solution listed there didn't work:
http://stackoverflow.com/questions/31318859/fiware-idm-installation-error
I take it that this error is caused by running the server using regular
HTTP and not using SSL/TLS? Is that the problem? Can I not even run it
in a dev environment without using SSL?
I would appreciate your advise in this matter.
Thanks
Oskar Sigvardsson
GroPlay
_______________________________________________
Fiware-tech-help mailing list
Fiware-tech-help@lists.fi-ware.org
https://lists.fi-ware.org/listinfo/fiware-tech-help
[Created via e-mail received from: oskar.sigvardsson@groplay.com]
Hello Oskar,
I don't think its possible to run KeyRock in CentOS without major changes
in the code and also in the dependencies. Some months ago another colleague
tried to install it and decided, in the end, to use an Ubuntu VM because he
couldn't make it work within a reasonable amount of time and effort. Later
this month we will release an Ubuntu image and a Docker container with
KeyRock already installed, if it is of your interest.
You can use regular HTTP no problem, just make use during the installation
to configure it so the urls don't have the 's' in HTTPS as the
StackOverflow answer points out.
Your error seems to be different. Looks like Horizon can't authenticate
itself with Keystone when you start the server. Check this github issue
https://github.com/ging/fi-ware-idm/issues/12 with a similar problem and
the steps to check the most common problems that may be causing it. As a
side note, the github issue system is the best way to ask for specific
problems like you, as it is easier to keep track of the issues and avoid
them getting lost forever in the email inbox. Therefore, I strongly advise
you to use it if you have other questions down the line.
Best regards,
Enrique Garcia