[openstack-dev] [all] Ask for help with devstack error: "401 Unauthorized"
liuxinguo
liuxinguo at huawei.com
Sat Feb 14 12:00:20 UTC 2015
I have seen the review you provided, but I think there is no relationship to our problem.
All keystone commands like “keystone user-list”, “keystone role-list”, “keystone tenant-list” and “eystone user-role-list --user admin --tenant admin” is ok.
But all the other command returned “Unauthorized”
This is the result of “cinder --debug list”:
DEBUG:keystoneclient.session:REQ: curl -g -i -X GET http://127.0.0.1:35357/v2.0 -H "Accept: application/json" -H "User-Agent: python-keystoneclient"
DEBUG:keystoneclient.session:RESP: [200] date: Sat, 14 Feb 2015 11:36:33 GMT vary: X-Auth-Token content-length: 336 content-type: application/json server: Apache/2.4.7 (Ubuntu)
RESP BODY: {"version": {"status": "stable", "updated": "2014-04-17T00:00:00Z", "media-types": [{"base": "application/json", "type": "application/vnd.openstack.identity-v2.0+json"}], "id": "v2.0", "links": [{"href": "http://127.0.0.1:35357/v2.0/", "rel": "self"}, {"href": "http://docs.openstack.org/", "type": "text/html", "rel": "describedby"}]}}
DEBUG:keystoneclient.auth.identity.v2:Making authentication request to http://127.0.0.1:35357/v2.0/tokens
DEBUG:keystoneclient.session:REQ: curl -g -i -X GET http://127.0.0.1:8776/v1/12308951ebca4eac84d20e00d4d55d72/volumes/detail -H "User-Agent: python-cinderclient" -H "Accept: application/json" -H "X-Auth-Token: {SHA1}4dfb792bb390a91d23b351b05d54db226982f6ef"
DEBUG:keystoneclient.session:RESP:
DEBUG:keystoneclient.auth.identity.v2:Making authentication request to http://127.0.0.1:35357/v2.0/tokens
DEBUG:keystoneclient.session:RESP:
DEBUG:keystoneclient.session:Request returned failure status: 401
ERROR: Unauthorized (HTTP 401) (Request-ID: req-209c999b-77b5-4677-94bb-10e6419b8c1e)
And the cinder-api.log:
2015-02-14 03:37:48.779 18036 INFO eventlet.wsgi.server [-] (18036) accepted ('127.0.0.1', 49278)
2015-02-14 03:37:48.781 18036 DEBUG keystoneclient.auth.identity.v2 [-] Making authentication request to http://127.0.0.1:35357/v2.0/tokens get_auth_ref /opt/stack/new/python-keystoneclient/keystoneclient/auth/identity/v2.py:76
2015-02-14 03:37:48.783 18036 DEBUG urllib3.util.retry [-] Converted retries value: 0 -> Retry(total=0, connect=None, read=None, redirect=0) from_int /usr/local/lib/python2.7/dist-packages/urllib3/util/retry.py:155
2015-02-14 03:37:48.792 18036 DEBUG keystoneclient.session [-] Request returned failure status: 400 request /opt/stack/new/python-keystoneclient/keystoneclient/session.py:383
2015-02-14 03:37:48.793 18036 ERROR keystonemiddleware.auth_token [-] Bad response code while validating token: 400
2015-02-14 03:37:48.794 18036 WARNING keystonemiddleware.auth_token [-] Identity response: {"error": {"message": "Expecting to find username or userId in passwordCredentials - the server could not comply with the request since it is either malformed or otherwise incorrect. The client is assumed to be in error.", "code": 400, "title": "Bad Request"}}
2015-02-14 03:37:48.794 18036 WARNING keystonemiddleware.auth_token [-] Authorization failed for token
2015-02-14 03:37:48.796 18036 INFO eventlet.wsgi.server [-] 127.0.0.1 - - [14/Feb/2015 03:37:48] "GET /v1/12308951ebca4eac84d20e00d4d55d72/volumes/detail HTTP/1.1" 401 257 0.014834
2015-02-14 03:37:49.140 18036 DEBUG keystoneclient.auth.identity.v2 [-] Making authentication request to http://127.0.0.1:35357/v2.0/tokens get_auth_ref /opt/stack/new/python-keystoneclient/keystoneclient/auth/identity/v2.py:76
2015-02-14 03:37:49.142 18036 DEBUG urllib3.util.retry [-] Converted retries value: 0 -> Retry(total=0, connect=None, read=None, redirect=0) from_int /usr/local/lib/python2.7/dist-packages/urllib3/util/retry.py:155
2015-02-14 03:37:49.150 18036 DEBUG keystoneclient.session [-] Request returned failure status: 400 request /opt/stack/new/python-keystoneclient/keystoneclient/session.py:383
2015-02-14 03:37:49.151 18036 ERROR keystonemiddleware.auth_token [-] Bad response code while validating token: 400
2015-02-14 03:37:49.152 18036 WARNING keystonemiddleware.auth_token [-] Identity response: {"error": {"message": "Expecting to find username or userId in passwordCredentials - the server could not comply with the request since it is either malformed or otherwise incorrect. The client is assumed to be in error.", "code": 400, "title": "Bad Request"}}
2015-02-14 03:37:49.153 18036 WARNING keystonemiddleware.auth_token [-] Authorization failed for token
2015-02-14 03:37:49.154 18036 INFO eventlet.wsgi.server [-] 127.0.0.1 - - [14/Feb/2015 03:37:49] "GET /v1/12308951ebca4eac84d20e00d4d55d72/volumes/detail HTTP/1.1" 401 257 0.014599
How should I do next to fix this?
发件人: Peter Stachowski [mailto:peter at tesora.com]
发送时间: 2015年2月12日 23:32
收件人: OpenStack Development Mailing List (not for usage questions); openstack-infra at lists.openstack.org
抄送: Zhangli (ISSP); Fanyaohong; Chenzongliang
主题: Re: [OpenStack-Infra] [all] Ask for help with devstack error
Hi,
Take a look at this commit, it broke a number of Trove tests last night: https://review.openstack.org/#/c/154391
Not sure if it’s related, but it seems similar (try manually backing out the change for cinder and see if it fixes your problem).
Good luck!
Peter
From: liuxinguo [mailto:liuxinguo at huawei.com]
Sent: February-12-15 6:57 AM
To: openstack-dev at lists.openstack.org<mailto:openstack-dev at lists.openstack.org>; openstack-infra at lists.openstack.org<mailto:openstack-infra at lists.openstack.org>
Cc: Zhangli (ISSP); Fanyaohong; Chenzongliang
Subject: [openstack-dev] [all] Ask for help with devstack error
Our CI failed when building devstack, the error is about “Unauthorized”. Following is the segment of the devstacklog:
2015-02-12 11:16:14.639 | + is_service_enabled c-api
2015-02-12 11:16:14.646 | + return 0
2015-02-12 11:16:14.646 | + is_service_enabled tls-proxy
2015-02-12 11:16:14.646 | + _run_process c-vol '/usr/local/bin/cinder-volume --config-file /etc/cinder/cinder.conf' ''
2015-02-12 11:16:14.647 | + local service=c-vol
2015-02-12 11:16:14.647 | + local 'command=/usr/local/bin/cinder-volume --config-file /etc/cinder/cinder.conf'
2015-02-12 11:16:14.647 | + local group=
2015-02-12 11:16:14.647 | + exec
2015-02-12 11:16:14.647 | + exec
2015-02-12 11:16:14.658 | + return 1
2015-02-12 11:16:14.658 | + create_volume_types
2015-02-12 11:16:14.659 | + is_service_enabled c-api
2015-02-12 11:16:14.687 | + return 0
2015-02-12 11:16:14.688 | + [[ -n lvm:default ]]
2015-02-12 11:16:14.688 | + local be be_name be_type
2015-02-12 11:16:14.688 | + for be in '${CINDER_ENABLED_BACKENDS//,/ }'
2015-02-12 11:16:14.688 | + be_type=lvm
2015-02-12 11:16:14.688 | + be_name=default
2015-02-12 11:16:14.689 | + cinder type-create default
2015-02-12 11:16:22.734 | ERROR: Unauthorized (HTTP 401) (Request-ID: req-33c9392a-046f-4894-b22a-1a119eacec62)
In c-api.log, I find the error with “auth_token”:
2015-02-12 03:16:19.722 19912 WARNING keystonemiddleware.auth_token [-] Retrying on HTTP connection exception: SSL exception connecting to https://127.0.0.1:35357/
2015-02-12 03:16:20.723 19912 DEBUG keystoneclient.session [-] REQ: curl -g -i --cacert "/opt/stack/data/ca-bundle.pem" -X GET https://127.0.0.1:35357/ -H "Accept: application/json" -H "User-Agent: python-keystoneclient" _http_log_request /opt/stack/new/python-keystoneclient/keystoneclient/session.py:190
2015-02-12 03:16:20.724 19912 DEBUG urllib3.util.retry [-] Converted retries value: 0 -> Retry(total=0, connect=None, read=None, redirect=0) from_int /usr/local/lib/python2.7/dist-packages/urllib3/util/retry.py:155
2015-02-12 03:16:22.730 19912 ERROR keystonemiddleware.auth_token [-] HTTP connection exception: SSL exception connecting to https://127.0.0.1:35357/
2015-02-12 03:16:22.731 19912 WARNING keystonemiddleware.auth_token [-] Authorization failed for token
Any one can give me some help?
Thanks!
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openstack.org/pipermail/openstack-dev/attachments/20150214/91f0de27/attachment.html>
More information about the OpenStack-dev
mailing list