[Openstack] Swift Fail Unauthorized
Andalabs
mahardika.gilang at andalabs.com
Mon Sep 16 14:29:03 UTC 2013
Sorry i just got that , thats in prox-conf.conf
I just add that keystone authoken lines, and restart swift proxy server, but that 3 files (.pem) not appear on signing_dir path.
Email-an dari Kokpit
On 16 Sep 2013, at 09:01 PM, Adam Young <ayoung at redhat.com> wrote:
> On 09/16/2013 07:02 AM, Mahardhika wrote:
>> Hi Adam, in my proxy node, am i must create keystone.conf ?
> Sorry, not sure what you mean by this? In most deployements, there is a file /etc/keystone/keystone.conf created for you.
>
>> currently i used keystone that same as on controller node, so i can get all tenant list with #keystone tenant-list command on proxy node.
>> On your blog post, in signing_dir part, where i suppose to check?
> Depends on the config file for your application. THe config file options are specified in auth_token middleware, buyt are read from swifts, nova, or whatever the remote services config file. So it would be swift.conf or something comparable.
>
> https://github.com/openstack/python-keystoneclient/blob/master/keystoneclient/middleware/auth_token.py#L199
>
>
>> sorry i just confused in this part
>> thanks
>>
>> On 9/13/2013 11:40 PM, Adam Young wrote:
>>> On 09/13/2013 03:25 AM, Mahardhika wrote:
>>>> Hi, still i can't get out from this issue, can you please lead me. I follow this guide
>>>> http://docs.openstack.org/developer/swift/howto_installmultinode.html
>>>>
>>>> On 9/12/2013 9:24 AM, Kuo Hugo wrote:
>>>>> You can observe the log out put while issue the request.
>>>>> I vote on memcache related ...
>>>>>
>>>>> +Hugo Kuo+
>>>>> (+886) 935004793
>>>>>
>>>>>
>>>>> 2013/9/11 Mahardhika <mahardika.gilang at andalabs.com>
>>>>>> Hi, following this guide http://docs.openstack.org/developer/swift/development_saio.html#partition-section
>>>>>> i am stuck at step 14 = Check that you can GET account: curl -v -H 'X-Auth-Token: <token-from-x-auth-token-above>' <url-from-x-storage-url-above>
>>>>>>
>>>>>> I run this command
>>>>>> #curl -v -H 'X-Auth-Token: AUTH_tkebd882e8ac094a08a1842811e025f2a8' http://127.0.0.1:8080/v1/AUTH_swift
>>>
>>> Can you use this token to talk to Keystone?
>>>
>>> Have you gone through the troubleshooting steps I posted here?
>>>
>>> http://adam.younglogic.com/2013/07/troubleshooting-pki-middleware/
>>>
>>>>>> and get
>>>>>> ===============
>>>>>> * About to connect() to 127.0.0.1 port 8080 (#0)
>>>>>> * Trying 127.0.0.1...
>>>>>> * Connected to 127.0.0.1 (127.0.0.1) port 8080 (#0)
>>>>>> > GET /v1/AUTH_swift HTTP/1.1
>>>>>> > User-Agent: curl/7.29.0
>>>>>> > Host: 127.0.0.1:8080
>>>>>> > Accept: */*
>>>>>> > X-Auth-Token: AUTH_tkebd882e8ac094a08a1842811e025f2a8
>>>>>> >
>>>>>> < HTTP/1.1 401 Unauthorized
>>>>>> < Content-Length: 131
>>>>>> < Content-Type: text/html; charset=UTF-8
>>>>>> < Date: Wed, 11 Sep 2013 04:53:35 GMT
>>>>>> <
>>>>>> * Connection #0 to host 127.0.0.1 left intact
>>>>>> ===========
>>>>>>
>>>>>> Why i get unauthorized?
>>>>>> this my proxy-server.conf
>>>>>>
>>>>>> [DEFAULT]
>>>>>> #cert_file = /etc/swift/cert.crt
>>>>>> #key_file = /etc/swift/cert.key
>>>>>> bind_port = 8080
>>>>>> #bind_port = 443
>>>>>> workers = 8
>>>>>> user = swift
>>>>>> log_facility = LOG_LOCAL1
>>>>>> eventlet_debug = true
>>>>>>
>>>>>> [pipeline:main]
>>>>>> pipeline = healthcheck cache tempauth proxy-logging proxy-server
>>>>>>
>>>>>> [app:proxy-server]
>>>>>> use = egg:swift#proxy
>>>>>> allow_account_management = true
>>>>>> account_autocreate = true
>>>>>>
>>>>>> [filter:tempauth]
>>>>>> use = egg:swift#tempauth
>>>>>> user_admin_admin = admin .admin .reseller_admin
>>>>>> user_test_tester = testing .admin
>>>>>> user_test2_tester2 = testing2 .admin
>>>>>> user_test_tester3 = testing3
>>>>>> #user_system_root = testpass .admin https://$PROXY_LOCAL_NET_IP:8080/v1/AUTH_system
>>>>>> user_swift_swift = pass .admin
>>>>>>
>>>>>> [filter:healthcheck]
>>>>>> use = egg:swift#healthcheck
>>>>>>
>>>>>> [filter:cache]
>>>>>> use = egg:swift#memcache
>>>>>> #memcache_servers = $PROXY_LOCAL_NET_IP:11211
>>>>>>
>>>>>> [filter:proxy-logging]
>>>>>> use = egg:swift#proxy_logging
>>>>>>
>>>>>> Please help me out
>>>>>> thanks
>>>>>>
>>>>>> --
>>>>>> Regards,
>>>>>> Mahardhika Gilang
>>>>>>
>>>>>>
>>>>>>
>>>>>> _______________________________________________
>>>>>> Mailing list: http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
>>>>>> Post to : openstack at lists.openstack.org
>>>>>> Unsubscribe : http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
>>>>
>>>>
>>>> --
>>>> Regards,
>>>> Mahardhika Gilang
>>>>
>>>> PT. Andalabs Technology
>>>> Gedung Gravira
>>>> Jl. Cideng Barat no. 54
>>>> Jakarta Pusat 10150
>>>>
>>>> HP : 0852 139 55861
>>>> Email : mahardika.gilang at andalabs.com
>>>>
>>>>
>>>> _______________________________________________
>>>> Mailing list: http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
>>>> Post to : openstack at lists.openstack.org
>>>> Unsubscribe : http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
>>>
>>>
>>>
>>> _______________________________________________
>>> Mailing list: http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
>>> Post to : openstack at lists.openstack.org
>>> Unsubscribe : http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
>>
>>
>> --
>> Regards,
>> Mahardhika Gilang
>>
>> PT. Andalabs Technology
>> Gedung Gravira
>> Jl. Cideng Barat no. 54
>> Jakarta Pusat 10150
>>
>> HP : 0852 139 55861
>> Email : mahardika.gilang at andalabs.com
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openstack.org/pipermail/openstack/attachments/20130916/00affbbd/attachment.html>
More information about the Openstack
mailing list