[Openstack] [Keystone][Swift] Problems with admin_user, admin_password, admin_tenant_name
Kun Huang
Academicgareth at gmail.com
Mon Feb 25 04:35:35 UTC 2013
Thx
My problem has been solved. Such of test tenant/user should be created by
my self not the swift....
On Mon, Feb 25, 2013 at 9:56 AM, Alex Yang <alex890714 at gmail.com> wrote:
> If you want to create a reseller_admin user with keystone, you should add
> this user in keystone with admin role.
> The admin role is the configuration of keysoneauth.
>
> [filter:keystoneauth]
> use = egg:swift#keystoneauth
> operator_roles = admin, swiftoperator
>
>
> 2013/2/23 Kun Huang <Academicgareth at gmail.com>
>
>> Back to my first question, should I create admin_user, admin_password,
>> admin_tenant_name by keystone command myself?
>>
>>
>> On Fri, Feb 22, 2013 at 9:02 AM, Kun Huang <Academicgareth at gmail.com>wrote:
>>
>>> Dolph, thanks your advice, but in my environment, both below two case
>>>
>>> 1. setting admin_token,admin_user, admin_password, admin_tenant_name in
>>> proxy.conf and setting admin_token in keystone.conf
>>> 2. setting admin_user, admin_password, admin_tenant_name in proxy.conf
>>> and setting admin_token in keystone.conf
>>>
>>> only admin_token in keystone.conf is valuable. (default ADMIN)
>>> Should I create admin_user, admin_password, admin_tenant_name by
>>> keystone command myself?
>>>
>>>
>>>
>>>
>>> On Fri, Feb 22, 2013 at 1:45 AM, Dolph Mathews <dolph.mathews at gmail.com>wrote:
>>>
>>>> Setting the admin_token config is overriding the admin_user,
>>>> admin_password, and admin_tenant_name values by specifying a static token.
>>>> I'd recommend removing it and using the auth credentials you've already
>>>> provided.
>>>>
>>>> -Dolph
>>>>
>>>>
>>>> On Thu, Feb 21, 2013 at 3:10 AM, Kun Huang <Academicgareth at gmail.com>wrote:
>>>>
>>>>> Following another question:
>>>>> In document:
>>>>> http://docs.openstack.org/developer/keystone/middleware_architecture.html
>>>>> ,
>>>>>
>>>>>
>>>>> [filter:tokenauth]
>>>>> paste.filter_factory = keystone.middleware.auth_token:filter_factory
>>>>> auth_host = 127.0.0.1
>>>>> auth_port = 35357
>>>>> auth_protocol = http
>>>>> auth_uri = http://127.0.0.1:5000/
>>>>> admin_token = Super999Sekret888Password777
>>>>> admin_user = admin
>>>>> admin_password = SuperSekretPassword
>>>>> admin_tenant_name = service
>>>>> ;Uncomment next line and check ip:port to use memcached to cache tokens
>>>>> ;memcache_servers = 127.0.0.1:11211
>>>>>
>>>>> That admin token is not admin_token = ADMIN in keystone, right?
>>>>>
>>>>>
>>>>>
>>>>>
>>>>>
>>>>> On Thu, Feb 21, 2013 at 4:06 PM, Kun Huang <Academicgareth at gmail.com>wrote:
>>>>>
>>>>>> I'm building environment with Swift + Keystone.
>>>>>> I have set admin_user, admin_password, admin_tenant_name, but it
>>>>>> doesn't work.
>>>>>> I followed the document:
>>>>>> http://docs.openstack.org/developer/swift/overview_auth.html and chmouel's
>>>>>> blog:
>>>>>> http://blog.chmouel.com/2011/11/24/swift-and-keystone-middleware-part1/
>>>>>>
>>>>>> My swift and keystone run well:
>>>>>>
>>>>>> [image: Inline image 1]
>>>>>>
>>>>>> But failed in curl:
>>>>>> [image: Inline image 2]
>>>>>>
>>>>>> I guess the value of admin_user/admin_password/admin_tenant_name
>>>>>> doesn't save in db.
>>>>>>
>>>>>> Which step do I missed? or some problems in my proxy config?
>>>>>>
>>>>>> Here is my current config.
>>>>>> [DEFAULT]
>>>>>> bind_port = 8888
>>>>>> user = swift
>>>>>>
>>>>>> [pipeline:main]
>>>>>> pipeline = catch_errors healthcheck cache authtoken keystoneauth
>>>>>> proxy-server
>>>>>>
>>>>>> [app:proxy-server]
>>>>>> use = egg:swift#proxy
>>>>>> account_autocreate = true
>>>>>>
>>>>>> [filter:keystoneauth]
>>>>>> use = egg:swift#keystoneauth
>>>>>> operator_roles = admin, swiftoperator
>>>>>>
>>>>>> [filter:authtoken]
>>>>>> # Delaying the auth decision is required to support token-less
>>>>>> # usage for anonymous referrers ('.r:*').
>>>>>> paste.filter_factory =
>>>>>> keystoneclient.middleware.auth_token:filter_factory
>>>>>> auth_host = keystonehost
>>>>>> auth_port = 35357
>>>>>> auth_protocol = http
>>>>>> auth_uri = http://keystonehost:5000/
>>>>>> admin_tenant_name = service
>>>>>> admin_user = swift
>>>>>> admin_password = password
>>>>>>
>>>>>> [filter:cache]
>>>>>> use = egg:swift#memcache
>>>>>> set log_name = cache
>>>>>>
>>>>>> [filter:catch_errors]
>>>>>> use = egg:swift#catch_errors
>>>>>>
>>>>>> [filter:healthcheck]
>>>>>> use = egg:swift#healthcheck
>>>>>>
>>>>>
>>>>>
>>>>> _______________________________________________
>>>>> Mailing list: https://launchpad.net/~openstack
>>>>> Post to : openstack at lists.launchpad.net
>>>>> Unsubscribe : https://launchpad.net/~openstack
>>>>> More help : https://help.launchpad.net/ListHelp
>>>>>
>>>>>
>>>>
>>>
>>
>> _______________________________________________
>> Mailing list: https://launchpad.net/~openstack
>> Post to : openstack at lists.launchpad.net
>> Unsubscribe : https://launchpad.net/~openstack
>> More help : https://help.launchpad.net/ListHelp
>>
>>
>
>
> --
> 杨雨
> Email: alex890714 at gmail.com
> GitHub: https://github.com/AlexYangYu
> Blog: http://alexyang.sinaapp.com
> Weibo: http://www.weibo.com/alexyangyu
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openstack.org/pipermail/openstack/attachments/20130225/b65d96ea/attachment.html>
More information about the Openstack
mailing list