[Openstack] Heat-IceHouse, stack creation fails
Parisa Heidari
parisa-2.heidari at polymtl.ca
Fri Aug 8 20:15:17 UTC 2014
Hi Steve,
Thanks for your help. I tried either files but in both cases I get the same
error. I copy the output below. It seems that the OS variables are exported
properly. Any help is appreciated.
Here is the output after executing the suggested script:
#./heat-keystone-setup-domain
INFO (connectionpool:258) Starting new HTTP connection (1): controller
INFO (heat-keystone-setup-domain:71) Creating domain heat
INFO (connectionpool:258) Starting new HTTP connection (1): controller
Traceback (most recent call last):
File "./heat-keystone-setup-domain", line 112, in <module>
main()
File "./heat-keystone-setup-domain", line 74, in main
description=HEAT_DOMAIN_DESCRIPTION)
File "/usr/lib/python2.7/dist-packages/keystoneclient/utils.py", line 318, in
inner
return func(*args, **kwargs)
File "/usr/lib/python2.7/dist-packages/keystoneclient/v3/domains.py", line 43,
in create
**kwargs)
File "/usr/lib/python2.7/dist-packages/keystoneclient/base.py", line 66, in
func
return f(*args, **new_kwargs)
File "/usr/lib/python2.7/dist-packages/keystoneclient/base.py", line 314, in
create
self.key)
File "/usr/lib/python2.7/dist-packages/keystoneclient/base.py", line 142, in
_create
return self._post(url, body, response_key, return_raw)
File "/usr/lib/python2.7/dist-packages/keystoneclient/base.py", line 155, in
_post
resp, body = self.client.post(url, body=body)
File "/usr/lib/python2.7/dist-packages/keystoneclient/httpclient.py", line
596, in post
return self._cs_request(url, 'POST', **kwargs)
File "/usr/lib/python2.7/dist-packages/keystoneclient/httpclient.py", line
582, in _cs_request
return self.request(url, method, **kwargs)
File "/usr/lib/python2.7/dist-packages/keystoneclient/httpclient.py", line
564, in request
resp = super(HTTPClient, self).request(url, method, **kwargs)
File "/usr/lib/python2.7/dist-packages/keystoneclient/baseclient.py", line 21,
in request
return self.session.request(url, method, **kwargs)
File "/usr/lib/python2.7/dist-packages/keystoneclient/utils.py", line 318, in
inner
return func(*args, **kwargs)
File "/usr/lib/python2.7/dist-packages/keystoneclient/session.py", line 251,
in request
raise exceptions.from_response(resp, method, url)
keystoneclient.apiclient.exceptions.Forbidden: You are not authorized to perform
the requested action, identity:create_domain. (HTTP 403)
Thanks,
Parisa
>On 06/08/14 14:32, Anne Gentle wrote:
>>
>>
>>
>> On Tue, Aug 5, 2014 at 9:13 PM, Steve Baker <sbaker [at] redhat
>> <mailto:sbaker [at] redhat>> wrote:
>>
>> On 06/08/14 09:25, Parisa Heidari wrote:
>>> Hi,
>>> I am trying Heat - IceHouse but I cannot even create a tiny VM as explained
in
>>> the documents
>>>
(http://docs.openstack.org/icehouse/install-guide/install/apt/content/heat-verify.html).
>>> In Heat-engine log file, I saw that "stack-user-domain" ID is not set in the
>>> heat.conf file. So I modified heat.conf and added admin ID (the one defined
>>> when Keystone was installed and configured) and its name and password for
>>> stack_user_domain, stack_domain_admin, and stack_domain_admin_password,
>>> respectively. But still stack creation fails and I see in the logs that
>>> "ClientException: The server has either erred or is incapable of performing
the
>>> requested operation".
>>>
>>> What should be set in heat.conf as stack-user-domain and other corresponding
>>> variables? should I create a new domain for Heat and how?
>>>
>>> Many thanks,
>>> Parisa
>>>
>> It looks like you need to run the heat-keystone-setup-domain
>> script and copy the resulting snippet into heat.conf
>>
>>
>>
>> Hi Steve,
>> Should that script be part of the install docs? Currently it just
>> says to Create the heat_stack_user role.
>>
>> I can log a doc bug, just want to be clear what it is that's missing.
>>
>We do have https://bugs.launchpad.net/heat/+bug/1326483 for the missing
man page.
>
>For the doc bug, the heat installation instructions need to describe
>when and how to run heat-keystone-setup-domain[1]
>but actually for the icehouse release of heat the script is
>create_heat_domain[2]
>Having said all that, if the heat domain is not configured there is
>fallback code which reverts to the Havana behaviour of requiring the
>stack launching user be an admin, and _that_ may be the cause of
>Parisa's error above.
>[1]
>http://git.openstack.org/cgit/openstack/heat/tree/bin/heat-keystone-setup-domain
>[2]
>http://git.openstack.org/cgit/openstack/heat/tree/tools/create_heat_domain?h=stable/icehouse
More information about the Openstack
mailing list