[Openstack] Keystone Curl can't get tokens by credentials
Alessio Ababilov
aababilov at griddynamics.com
Mon Jan 16 17:26:26 UTC 2012
Hi!
Please!
Why are you using v1.0 in this command:
swift -A http://127.0.0.1:5000/v1.0 -U admin -K secrete stat -v
Could you try:
swift -A http://127.0.0.1:5000/v2.0 <http://127.0.0.1:5000/v1.0> -U
admin -K secrete stat -v
On 01/16/2012 02:22 PM, Xuyun Zhang wrote:
> Alessio,
>
> Your answer solved my problem. Thank you so much. But I met the '500
> Internal Server Error'.
>
> I generated a user admin with password secrete, and used curl to
> produce the token successfully. When I ran " swift -A
> http://127.0.0.1:5000/v1.0 -U admin -K secrete stat -v", but got "Auth
> GET failed; http:127.0.0.1:5000/v1.0 <http://127.0.0.1:5000/v1.0> 500
> Internal Server Error".
> the api.log showed that the publicURL error. So, could you please help
> me with this problem. I guess there are something wrong with adding
> endpoints. But I don't know what's the exact cause.
>
> tail of the /var/log/keystone/api.log:
> 2012-01-16 22:53:17 WARNING [eventlet.wsgi.server] 127.0.0.1 - -
> [16/Jan/2012 22:53:17] "GET /v1.0 HTTP/1.1" 500 747 0.030160
> 2012-01-16 22:53:25 WARNING [eventlet.wsgi.server] Traceback (most
> recent call last):
> File "/usr/lib/python2.7/dist-packages/eventlet/wsgi.py", line 336,
> in handle_one_response
> result = self.application(self.environ, start_response)
> File "/home/chang/keystone/keystone/frontends/normalizer.py", line
> 107, in __call__
> return self.app(env, start_response)
> File "/home/chang/keystone/keystone/frontends/legacy_token_auth.py",
> line 77, in __call__
> json.loads(response.body))
> File "/home/chang/keystone/keystone/frontends/legacy_token_auth.py",
> line 102, in __transform_headers
> service_urls += endpoint["publicURL"]
> KeyError: 'publicURL'
> 2012-01-16 22:53:25 WARNING [eventlet.wsgi.server] 127.0.0.1 - -
> [16/Jan/2012 22:53:25] "GET /v1.0 HTTP/1.1" 500 747 0.030664
> 2012-01-16 22:53:41 WARNING [eventlet.wsgi.server] Traceback (most
> recent call last):
> File "/usr/lib/python2.7/dist-packages/eventlet/wsgi.py", line 336,
> in handle_one_response
> result = self.application(self.environ, start_response)
> File "/home/chang/keystone/keystone/frontends/normalizer.py", line
> 107, in __call__
> return self.app(env, start_response)
> File "/home/chang/keystone/keystone/frontends/legacy_token_auth.py",
> line 77, in __call__
> json.loads(response.body))
> File "/home/chang/keystone/keystone/frontends/legacy_token_auth.py",
> line 102, in __transform_headers
> service_urls += endpoint["publicURL"]
> KeyError: 'publicURL'
> 2012-01-16 22:53:41 WARNING [eventlet.wsgi.server] 127.0.0.1 - -
> [16/Jan/2012 22:53:41] "GET /v1.0 HTTP/1.1" 500 747 0.034363
> 2012-01-16 22:53:49 WARNING [eventlet.wsgi.server] 127.0.0.1 - -
> [16/Jan/2012 22:53:49] "GET /v1.0 HTTP/1
>
> My environments:
> Keystone v2012.1-dev
> swift 1.4.3-0ubuntu2
> host IP: 138.25.61.81
>
> part of swift-proxy.conf:
> bind_port = 8080 (not 8888)
>
> part of keystone.conf:
> service_host = 127.0.0.1
> serivce_port = 5000
> admin_host = 127.0.0.1
> admin_port = 5001 (not 35357)
>
> data generate sh:
> #!/bin/bash
> rm -f /var/lib/keystone/keystone.db
> keystone-manage database sync
> chown keystone:nogroup /var/lib/keystone/keystone.db
>
> keystone-manage user add admin secrete
> keystone-manage role add Admin
> keystone-manage role add KeystoneServiceAdmin
> keystone-manage role grant Admin admin
> keystone-manage role grant KeystoneServiceAdmin admin
>
> keystone-manage service add nova compute "Nova-Compute-Service"
> keystone-manage service add glance "glance Glance-Image-Service"
> keystone-manage service add swift storage "Swift-Ojbect-Storage-Service"
> keystone-manage service add keystone identity "Keystone-Identity-Service"
>
> keystone-manage endpointTemplates add RegionOne nova
> http://138.25.61.81:8774/v1.1/%tenant_id%
> http://127.0.0.1:8774/v1.1/%tenant_id%
> http://138.25.61.81:8774/v1.1/%tenant_id% 1 1
> keystone-manage endpointTemplates add RegionOne glance
> http://138.25.61.81:9292/v1 http://127.0.0.1:9292/v1
> http://138.25.61.81:9292/v1 1 1
> keystone-manage endpointTemplates add RegionOne swift
> http://138.25.61.81:8080/v1/AUTH_%tenant_id%
> http://127.0.0.1:8080/v1.0/
> http://138.25.61.81:8080/v1/AUTH_%tenant_id% 1 1
> keystone-manage endpointTemplates add RegionOne keystone
> http://138.25.61.81:5000/v2.0 http://127.0.0.1:5001/v2.0
> http://138.25.61.81:5000/v2.0 1 1
>
> keystone-manage tenant add admin-tenant
> keystone-manage role grant Admin admin admin-tenant
>
> keystone-manage token add 999888777666 admin admin-tenant 2015-02-05T00:00
>
> keystone-manage tenant add demo-tenant
> keystone-manage user add demo secrete
> keystone-manage role add Member
> keystone-manage role grant Member demo demo-tenant
> keystone-manage role grant Admin admin demo-tenant
>
> keystone-manage credentials add admin EC2 admin-key secretepassword
> keystone-manage credentials add admin EC2 demo-key secretepassword
>
> keystone-manage endpoint add admin-tenant 1
> keystone-manage endpoint add admin-tenant 2
> keystone-manage endpoint add admin-tenant 3
> keystone-manage endpoint add admin-tenant 4
>
> keystone-manage endpoint add demo-tenant 1
> keystone-manage endpoint add demo-tenant 2
> keystone-manage endpoint add demo-tenant 3
> keystone-manage endpoint add demo-tenant 4
>
>
>
>
> On 16 January 2012 00:00, Alessio Ababilov <aababilov at griddynamics.com
> <mailto:aababilov at griddynamics.com>> wrote:
>
> Hi!
>
> You are using sqlite and I guess that you have run ./sampledata as
> root. So, the database file is owned by root and cannot be
> writable by `keystone` user.
>
> Please change it ownership (run as root in the directory where you
> have your keystone.db):
>
> chown keystone keystone.db
>
>
>
> On 01/14/2012 01:51 PM, Xuyun Zhang wrote:
>> I set the database by running ./sampledata
>>
>> Then I tried to use curl to get tokens, the command is:
>>
>> $ curl -d '{"auth":{"passwordCredentials":{"username": "admin",
>> "password": "secrete"}}}' -H "Content-type: application/json"
>> http://localhost:35357/v2.0/tokens
>>
>> The result is :
>> $ {"IdentityFault": {"message": "Unhandled error", "code": "500",
>> "details": "(OperationalError) attempt to write a readonly
>> database u'INSERT INTO tokens (id, user_id, tenant_id, expires)
>> VALUES (?, ?, ?, ?)' ('ce9cc482-7ab5-4785-9152-3cab95e12833', 1,
>> None, '2012-01-15 22 <tel:2012-01-15%2022>:41:14.794615')"}}
>>
>> it seemed that the token had been generated yet can't be written
>> to the database.
>>
>> my environment:
>> swift version: 1.4.3-0ubuntu2 (installed by apt-get install command)
>> keystone version: keystone 2012.1-dev (installation directory:
>> /home/chang/keystone)
>>
>> Any helpful information is highly appreciated!
>>
>> Regards,
>> Sean
>>
>>
>>
>> _______________________________________________
>> Mailing list:https://launchpad.net/~openstack <https://launchpad.net/%7Eopenstack>
>> Post to :openstack at lists.launchpad.net <mailto:openstack at lists.launchpad.net>
>> Unsubscribe :https://launchpad.net/~openstack <https://launchpad.net/%7Eopenstack>
>> More help :https://help.launchpad.net/ListHelp
>
>
> --
> Alessio Ababilov
> Software Engineer
> Grid Dynamics
>
>
--
Alessio Ababilov
Software Engineer
Grid Dynamics
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openstack.org/pipermail/openstack/attachments/20120116/85771aa2/attachment.html>
More information about the Openstack
mailing list