[Openstack] Swift Fail Unauthorized
Mahardhika
mahardika.gilang at andalabs.com
Tue Sep 17 07:44:16 UTC 2013
Hi, i have disable selinux, and restart swift-proxy but the files (.pem)
still nothing in signing_dir.
On 9/16/2013 9:01 PM, Adam Young wrote:
> On 09/16/2013 07:02 AM, Mahardhika wrote:
>> Hi Adam, in my proxy node, am i must create keystone.conf ?
> Sorry, not sure what you mean by this? In most deployements, there is
> a file /etc/keystone/keystone.conf created for you.
>
>> currently i used keystone that same as on controller node, so i can
>> get all tenant list with *#keystone tenant-list *command on proxy node.
>> On your blog post, in signing_dir part, where i suppose to check?
> Depends on the config file for your application. THe config file
> options are specified in auth_token middleware, buyt are read from
> swifts, nova, or whatever the remote services config file. So it
> would be swift.conf or something comparable.
>
> https://github.com/openstack/python-keystoneclient/blob/master/keystoneclient/middleware/auth_token.py#L199
>
>
>> sorry i just confused in this part
>> thanks
>>
>> On 9/13/2013 11:40 PM, Adam Young wrote:
>>> On 09/13/2013 03:25 AM, Mahardhika wrote:
>>>> Hi, still i can't get out from this issue, can you please lead me.
>>>> I follow this guide
>>>> http://docs.openstack.org/developer/swift/howto_installmultinode.html
>>>>
>>>> On 9/12/2013 9:24 AM, Kuo Hugo wrote:
>>>>> You can observe the log out put while issue the request.
>>>>> I vote on memcache related ...
>>>>>
>>>>> +Hugo Kuo+
>>>>> (+886) 935004793
>>>>>
>>>>>
>>>>> 2013/9/11 Mahardhika <mahardika.gilang at andalabs.com
>>>>> <mailto:mahardika.gilang at andalabs.com>>
>>>>>
>>>>> Hi, following this guide
>>>>> http://docs.openstack.org/developer/swift/development_saio.html#partition-section
>>>>> i am stuck at step 14 = Check that you can GET
>>>>> account:curl-v-H'X-Auth-Token:<token-from-x-auth-token-above>'<url-from-x-storage-url-above>
>>>>>
>>>>> *I run this command*
>>>>> #curl -v -H 'X-Auth-Token:
>>>>> AUTH_tkebd882e8ac094a08a1842811e025f2a8'
>>>>> http://127.0.0.1:8080/v1/AUTH_swift
>>>>>
>>>
>>> Can you use this token to talk to Keystone?
>>>
>>> Have you gone through the troubleshooting steps I posted here?
>>>
>>> http://adam.younglogic.com/2013/07/troubleshooting-pki-middleware/
>>>
>>>>> and get
>>>>> ===============
>>>>> /* About to connect() to 127.0.0.1 port 8080 (#0)//
>>>>> //* Trying 127.0.0.1...//
>>>>> //* Connected to 127.0.0.1 (127.0.0.1) port 8080 (#0)//
>>>>> //> GET /v1/AUTH_swift HTTP/1.1//
>>>>> //> User-Agent: curl/7.29.0//
>>>>> //> Host: 127.0.0.1:8080 <http://127.0.0.1:8080>//
>>>>> //> Accept: */*//
>>>>> //> X-Auth-Token: AUTH_tkebd882e8ac094a08a1842811e025f2a8//
>>>>> //>//
>>>>> //< HTTP/1.1 401 Unauthorized//
>>>>> //< Content-Length: 131//
>>>>> //< Content-Type: text/html; charset=UTF-8//
>>>>> //< Date: Wed, 11 Sep 2013 04:53:35 GMT//
>>>>> //<//
>>>>> //* Connection #0 to host 127.0.0.1 left intact/
>>>>> ===========
>>>>>
>>>>> *Why i get unauthorized?**
>>>>> **this my proxy-server.conf*
>>>>>
>>>>> /[DEFAULT]//
>>>>> //#cert_file = /etc/swift/cert.crt//
>>>>> //#key_file = /etc/swift/cert.key//
>>>>> //bind_port = 8080//
>>>>> //#bind_port = 443//
>>>>> //workers = 8//
>>>>> //user = swift//
>>>>> //log_facility = LOG_LOCAL1//
>>>>> //eventlet_debug = true//
>>>>> //
>>>>> //[pipeline:main]//
>>>>> //pipeline = healthcheck cache tempauth proxy-logging
>>>>> proxy-server//
>>>>> //
>>>>> //[app:proxy-server]//
>>>>> //use = egg:swift#proxy//
>>>>> //allow_account_management = true//
>>>>> //account_autocreate = true//
>>>>> //
>>>>> //[filter:tempauth]//
>>>>> //use = egg:swift#tempauth//
>>>>> //user_admin_admin = admin .admin .reseller_admin//
>>>>> //user_test_tester = testing .admin//
>>>>> //user_test2_tester2 = testing2 .admin//
>>>>> //user_test_tester3 = testing3//
>>>>> //#user_system_root = testpass .admin
>>>>> https://$PROXY_LOCAL_NET_IP:8080/v1/AUTH_system//
>>>>> //user_swift_swift = pass .admin//
>>>>> //
>>>>> //[filter:healthcheck]//
>>>>> //use = egg:swift#healthcheck//
>>>>> //
>>>>> //[filter:cache]//
>>>>> //use = egg:swift#memcache//
>>>>> //#memcache_servers = $PROXY_LOCAL_NET_IP:11211//
>>>>> //
>>>>> //[filter:proxy-logging]//
>>>>> //use = egg:swift#proxy_logging//
>>>>> /
>>>>> Please help me out
>>>>> thanks
>>>>>
>>>>> --
>>>>> Regards,
>>>>> Mahardhika Gilang
>>>>>
>>>>>
>>>>>
>>>>> _______________________________________________
>>>>> Mailing list:
>>>>> http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
>>>>> Post to : openstack at lists.openstack.org
>>>>> <mailto:openstack at lists.openstack.org>
>>>>> Unsubscribe :
>>>>> http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
>>>>>
>>>>>
>>>>
>>>>
>>>> --
>>>> Regards,
>>>> Mahardhika Gilang
>>>>
>>>> *PT. Andalabs Technology *
>>>> Gedung Gravira
>>>> Jl. Cideng Barat no. 54
>>>> Jakarta Pusat 10150
>>>>
>>>> HP : 0852 139 55861
>>>> Email : mahardika.gilang at andalabs.com
>>>>
>>>>
>>>> _______________________________________________
>>>> Mailing list:http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
>>>> Post to :openstack at lists.openstack.org
>>>> Unsubscribe :http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
>>>
>>>
>>>
>>> _______________________________________________
>>> Mailing list:http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
>>> Post to :openstack at lists.openstack.org
>>> Unsubscribe :http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
>>
>>
>> --
>> Regards,
>> Mahardhika Gilang
>>
>> *PT. Andalabs Technology *
>> Gedung Gravira
>> Jl. Cideng Barat no. 54
>> Jakarta Pusat 10150
>>
>> HP : 0852 139 55861
>> Email : mahardika.gilang at andalabs.com
>
--
Regards,
Mahardhika Gilang
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openstack.org/pipermail/openstack/attachments/20130917/057450f6/attachment.html>
More information about the Openstack
mailing list