Open Stack

Hello,


I'm working on a multi-node setup of openstack Icehouse using centos7.
I have :
  - one controllor node with all server services thing stuff
  - one network node with openvswitch agent, l3-agent, dhcp-agent
  - two compute node with nova-compute and neutron-openvswitch
  - one storage nfs node

My network is configured to use vxlan.  I can create VM, tenant-network,
external-network, routeur, assign floating-ip to VM, push ssh-key into VM,
create volume from glance image, etc... Evrything is conected and
reacheable. Pretty cool :)

But when i try to migrate VM things go wrong ...  I have configured  nova,
libvirtd and qemu to use migration through libvirt-tcp.
I have create and exchanged ssh-key for nova user on all  node. I have
verified userid and groupid of nova.

 Well i have enable debug = True in keystone.conf

And after a nova migrate <VM>, when i nova show <VM> :
==============================================================================
| fault                                | {"message": "Remote error:
Unauthorized {\"error\": {\"message\": \"User
0b45ccc267e04b59911e88381bb450c0 is unauthorized for tenant services\",
\"code\": 401, \"title\": \"Unauthorized\"}} |
==============================================================================

So well User with id 0b45ccc267e04b59911e88381bb450c0 is neutron :
==============================================================================
keystone user-list
  | 0b45ccc267e04b59911e88381bb450c0 | neutron |   True  |       |
==============================================================================

And the role seems good :
==============================================================================
keystone user-role-add --user=neutron --tenant=services --role=admin
         Conflict occurred attempting to store role grant. User
0b45ccc267e04b59911e88381bb450c0 already has role
734c2fb6fb444792b5ede1fa1e17fb7e in tenant dea82f7937064b6da1c370280d8bfdad
(HTTP 409)


keystone user-role-list --user neutron --tenant services
+----------------------------------+-------+----------------------------------+----------------------------------+
|                id                |  name |
user_id              |            tenant_id             |
+----------------------------------+-------+----------------------------------+----------------------------------+
| 734c2fb6fb444792b5ede1fa1e17fb7e | admin |
0b45ccc267e04b59911e88381bb450c0 | dea82f7937064b6da1c370280d8bfdad |
+----------------------------------+-------+----------------------------------+----------------------------------+

keystone tenant-list
+----------------------------------+----------+---------+
|                id                |   name   | enabled |
+----------------------------------+----------+---------+
| e250f7573010415da6f191e0b53faae5 |  admin   |   True  |
| fa30c6bdd56e45dea48dfbe9c3ee8782 | exploit  |   True  |
| dea82f7937064b6da1c370280d8bfdad | services |   True  |
+----------------------------------+----------+---------+
==============================================================================


Can you help me to resolve this plz ?  Point me to any direction plz ?
Do you need all my configuration files ?


Thank you in advance !

Regards,

--
Benoit
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openstack.org/pipermail/openstack/attachments/20140717/1518ad76/attachment.html>