[Openstack-operators] [Swift][Keystone] Ressource not found

Heiko Krämer kraemer at avarteq.de
Tue Nov 1 11:13:56 UTC 2011


Heyho Guys,

i've a problem with swift and keystone.
I added a new user in keystone with role and all this stuff. This works
and i can login in my dashboard.
If i try now to get the containers from swift, then I get this error
below. 

Nov  1 10:14:27 test1-os swift Keystone middleware called
Nov  1 10:14:27 test1-os swift token:
c9022cd4-xxxxx-xxxxxx-xxxxx-d58397f54080
Nov  1 10:14:27 test1-os swift Asking keystone to validate token
Nov  1 10:14:27 test1-os swift headers: {'Content-type':
'application/json', 'Accept': 'text/json', 'X-Auth-Token':
'1111111111111111'}
Nov  1 10:14:27 test1-os swift url: ParseResult(scheme='http',
netloc='localhost:5001', path='/v2.0/', params='', query='',
fragment='')
Nov  1 10:14:27 test1-os swift request authenticated: {'roles': [u'3',
u'3'], 'user': u'test', 'tenant': u'3'}
Nov  1 10:14:27 test1-os swift calling app: <function start_response at
0x7f4344377398> // {'SCRIPT_NAME': '', 'REQUEST_METHOD': 'GET',
'PATH_INFO': '/v1/AUTH_3/', 'SERVER_PROTOCOL': 'HTTP/1.0',
'QUERY_STRING': 'format=json', 'swift.authorize': <bound method
AuthProtocol.authorize of <keystone.middleware.swift_auth.AuthProtocol
object at 0x18881d0>>, 'CONTENT_LENGTH': '0', 'HTTP_X_AUTH_TOKEN':
'c9022cd4-xxxxx-xxxxxx-xxxxx-d58397f54080', 'HTTP_USER_AGENT':
'python-cloudfiles/1.7.9.1', 'eventlet.posthooks': [], 'SERVER_NAME':
'192.168.0.2', 'REMOTE_ADDR': '192.168.0.2', 'eventlet.input':
<eventlet.wsgi.Input object at 0x1bd1cd0>, 'wsgi.url_scheme': 'http',
'keystone.identity': {'roles': [u'3', u'3'], 'user': u'test', 'tenant':
u'3'}, 'SERVER_PORT': '8080', 'wsgi.input': <eventlet.wsgi.Input object
at 0x1bd1cd0>, 'HTTP_HOST': '192.168.0.2:8080', 'swift.cache':
<swift.common.memcached.MemcacheRing object at 0x1bd1210>,
'wsgi.multithread': True, 'wsgi.version': (1, 0), 'GATEWAY_INTERFACE':
'CGI/1.1', 'wsgi.run_once': False, 'wsgi.errors':
<swift.common.utils.LoggerFileObject object at 0x186c0d0>,
'wsgi.multiprocess': False, 'CONTENT_TYPE': None, 'swift.clean_acl':
<function clean_acl at 0x18822a8>, 'HTTP_ACCEPT_ENCODING': 'identity'}
Nov  1 10:14:27 test1-os swift keystone middleware authorization begin
(txn: txc4288a66373348d0805b72d6b0b3b976) (client_ip: 192.168.0.2)
Nov  1 10:14:27 test1-os swift AUTHORIZED OKAY (txn:
txc4288a66373348d0805b72d6b0b3b976) (client_ip: 192.168.0.2)
Nov  1 10:14:27 test1-os account-server 192.168.0.2 - -
[01/Nov/2011:09:14:27 +0000] "GET /sda6/244982/AUTH_3" 404 -
"txc4288a66373348d0805b72d6b0b3b976" "-" "python-cloudfiles/1.7.9.1"
0.0003 ""
Nov  1 10:14:27 test1-os swift return from app: ['404 Not Found\n\nThe
resource could not be found.\n\n   '] (txn:
txc4288a66373348d0805b72d6b0b3b976) (client_ip: 192.168.0.2)
Nov  1 10:14:27 test1-os swift 192.168.0.2 192.168.0.2
01/Nov/2011/09/14/27 GET /v1/AUTH_3/%3Fformat%3Djson HTTP/1.0 404 -
python-cloudfiles/1.7.9.1 c9022cd4-xxxxx-xxxxxx-xxxxx-d58397f54080 - - -
txc4288a66373348d0805b72d6b0b3b976 - 0.0061



The mountpoint in /srv/node/sda6 exists with the correct rights. But
this folder doesn't exists.

So i try with the curl or Swift commands directly on the server to login
and get this informations.

The result:

> GET /auth/v1.0 HTTP/1.1
> User-Agent: curl/7.19.7 (x86_64-pc-linux-gnu) libcurl/7.19.7
OpenSSL/0.9.8k zlib/1.2.3.3 libidn/1.15
> Host: 192.168.0.2:8080
> Accept: */*
> X-Auth-Tokenr: c9022cd4-xxxxx-xxxxxx-xxxxx-d58397f54080
> 
< HTTP/1.1 401 Unauthorized
< Content-Length: 358
< Content-Type: text/html; charset=UTF-8
< Date: Tue, 01 Nov 2011 10:33:34 GMT
< 
<html>
 <head>
  <title>401 Unauthorized</title>
 </head>
 <body>
  <h1>401 Unauthorized</h1>
  This server could not verify that you are authorized to access the
document you requested. Either you supplied the wrong credentials (e.g.,
bad password), or your browser does not understand how to supply the
credentials required.<br /><br />

 </body>
* Connection #0 to host 192.168.0.2 left intact
* Closing connection #0

In the Log:
Nov  1 12:05:45 test1-os swift keystone middleware authorization begin
(txn: tx0df22eb538f040da87f6b8fbfca505df) (client_ip: 192.168.0.2)
Nov  1 12:05:45 test1-os swift tenant mismatch: u'3' (txn:
tx0df22eb538f040da87f6b8fbfca505df) (client_ip: 192.168.0.2)
Nov  1 12:05:45 test1-os swift return from app: ['<html>\n <head>\n
<title>401 Unauthorized</title>\n </head>\n <body>\n  <h1>401
Unauthorized</h1>\n  This server could not verify that you are
authorized to access the document you requested. Either you supplied the
wrong credentials (e.g., bad password), or your browser does not
understand how to supply the credentials required.<br /><br />\n\n\n\n
</body>\n</html>'] (txn: tx0df22eb538f040da87f6b8fbfca505df) (client_ip:
192.168.0.2)





My config (only the important options):
Swift-Proxy-Server(swift)

[pipeline:main]
pipeline = healthcheck cache keystone proxy-server

[filter:keystone]
use = egg:keystone#swiftauth
keystone_admin_token = 1111111111111111
keystone_url = http://localhost:5001/v2.0/


In the Keystone config i changed only bind-address and keystone runs on
all NIC's.


I hope for any idea :)

Greetings
Heiko




-- 
Heiko Krämer 
CIO / Administrator

Avarteq GmbH
Gebäude A1.2 - Universität des Saarlandes - 66123 Saarbrücken - Germany

Ph/Fax: +49-700-RAILSHOSTER
Ph/Fax: +49-700-72 45 74 67

Web: www.avarteq.de

Geschäftsführer: Alexander Faißt, Dipl.-Inf.(FH) Julian Fischer
Handelsregister: AG Saarbrücken HRB 17413, Ust-IdNr.: DE262633168
Sitz: Saarbrücken
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openstack.org/pipermail/openstack-operators/attachments/20111101/99405e9c/attachment-0002.html>


More information about the Openstack-operators mailing list