[Openstack] download ec2 creds fails consistently in horizon
Wyllys Ingersoll
Wyllys.Ingersoll at evault.com
Fri Mar 15 19:11:26 UTC 2013
Yup, you are correct, I confused 2 different issues. sorry for the confusion…
On Mar 15, 2013, at 2:58 PM, Jay Pipes <jaypipes at gmail.com> wrote:
> On 03/15/2013 01:12 PM, Wyllys Ingersoll wrote:
>> I am able to login as a non-admin user and access the containers.
>
> Your original post talked about the Download EC2 Credentials link not
> working. That's what I was referring to. Nothing to do with Swift
> containers.
>
> -jay
>
>> In addition to missing nova-cert, I also had to change the keystoneauth settings in /etc/swift/proxy-server.conf to add "Member" to the operator_roles list, which I suppose is equivalent to making a "Member" user the equivalent of an administrator for Swift.
>>
>> -Wyllys
>>
>>
>> On Mar 15, 2013, at 1:02 PM, Jay Pipes <jaypipes at gmail.com> wrote:
>>
>>> It's actually not nova-cert that you need. It is the Keystone EC2
>>> credentials API extension that is the problem. It only works for users
>>> with admin role.
>>>
>>> I logged a bug on it and am working on a fix:
>>>
>>> https://bugs.launchpad.net/keystone/+bug/1136190
>>>
>>> Best,
>>> -jay
>>>
>>> On 03/14/2013 10:57 AM, Wyllys Ingersoll wrote:
>>>>
>>>> I figured it out - nova-cert was not installed and running. I need to add this to my setup when EC2 is enabled, I wasn't aware of the dependency.
>>>>
>>>> -Wyllys
>>>>
>>>>
>>>>
>>>> On Mar 14, 2013, at 10:35 AM, Wyllys Ingersoll <wyllys.ingersoll at evault.com> wrote:
>>>>
>>>>>
>>>>> I have EC2 configured correctly as far as I can tell because I am able to view my containers using the S3 APIs and S3 tools such as CyberDuck or s3curl.pl, using ec2 credentials returned by the keystone command line tool.
>>>>>
>>>>> However, when I use the Horizon user settings interface and select "Download EC2 Credentials", nothing happens and it eventually returns yet another "System Error".
>>>>>
>>>>> According to the logs, the failure is because the call to request "os-certificates" is timing out. I know this is probably because some other nova service is not running, but Im not sure which one it needs to complete this transaction. It'd be nice if the error message somewhere that indicated which service was not responding or what to do about it. Can someone tell me which nova service I need to have running and configured to issue os-certificates?
>>>>>
>>>>> Also, I really only want the EC2 credentials to be created and downloaded, Im not so much interested in the X509 certificates at this point. It'd be nice if the user settings EC2 panel had more options, such as just creating and/or listing the EC2 access ID and Key for a particular user rather than assuming you want/need everything all at once.
>>>>>
>>>>> thanks,
>>>>> Wyllys Ingersoll
>>>>> EVault
>>>>>
>>>>>
>>>>>
>>>>> _______________________________________________
>>>>> Mailing list: https://launchpad.net/~openstack
>>>>> Post to : openstack at lists.launchpad.net
>>>>> Unsubscribe : https://launchpad.net/~openstack
>>>>> More help : https://help.launchpad.net/ListHelp
>>>>
>>>>
>>>> _______________________________________________
>>>> Mailing list: https://launchpad.net/~openstack
>>>> Post to : openstack at lists.launchpad.net
>>>> Unsubscribe : https://launchpad.net/~openstack
>>>> More help : https://help.launchpad.net/ListHelp
>>>>
>>>
>>> _______________________________________________
>>> Mailing list: https://launchpad.net/~openstack
>>> Post to : openstack at lists.launchpad.net
>>> Unsubscribe : https://launchpad.net/~openstack
>>> More help : https://help.launchpad.net/ListHelp
>>
More information about the Openstack
mailing list