[Openstack] [keystone] can't not use file-based backend for catalog
Li, Chen
chen.li at intel.com
Thu Mar 6 02:26:30 UTC 2014
That's the most strange part.
If I'm using
[catalog]
driver = keystone.catalog.backends.sql.Catalog
Everything is fine.
While I'm using file-based backend, even I'm using
env |grep SERVICE
SERVICE_ENDPOINT=http://host-keystone:35357/v2.0
SERVICE_TOKEN=ADMIN
I get nothing from command "keystone endpoint-list"....
From: Remo Mattei [mailto:remo at italy1.com]
Sent: Thursday, March 06, 2014 10:22 AM
To: Li, Chen
Cc: openstack at lists.openstack.org
Subject: Re: [Openstack] [keystone] can't not use file-based backend for catalog
Well looks like it does send the endpoints back to you from keystone. but looks like it's using a token.
can you try a different user? Not sure if that user had access to the endpoints. Just a suggestions.
Remo
On Mar 5, 2014, at 6:15 PM, Li, Chen <chen.li at intel.com<mailto:chen.li at intel.com>> wrote:
keystone --debug endpoint-list
REQ: curl -i -X POST http://host-keystone:5000/v2.0/tokens -H "Content-Type: application/json" -H "User-Agent: python-keystoneclient"
REQ BODY: {"auth": {"tenantName": "test", "passwordCredentials": {"username": "lichen", "password": "lichen"}}}
RESP: [200] {'date': 'Thu, 06 Mar 2014 02:14:28 GMT', 'content-type': 'application/json', 'content-length': '1897', 'vary': 'X-Auth-Token'}
RESP BODY: {"access": {"token": {"issued_at": "2014-03-06T02:14:28.417502", "expires": "2014-03-07T02:14:28Z", "id": "1a4f03fbec6a41ddbff76afe9d238f83", "tenant": {"description": null, "enabled": true, "id": "1e57be810f854bcdb73901567140ac48", "name": "test"}}, "serviceCatalog": [{"endpoints": [{"adminURL": "http://host-cinder:8776/v1/1e57be810f854bcdb73901567140ac48", "region": "RegionOne", "publicURL": "http://host-cinder:8776/v1/1e57be810f854bcdb73901567140ac48", "internalURL": "http://host-cinder:8776/v1/1e57be810f854bcdb73901567140ac48"}], "endpoints_links": [], "type": "volume", "name": "Volume Service"}, {"endpoints": [{"adminURL": "http://host-glance:9292/v1", "region": "RegionOne", "publicURL": "http://host-glance:9292/v1", "internalURL": "http://host-glance:9292/v1"}], "endpoints_links": [], "type": "image", "name": "Image Service"}, {"endpoints": [{"adminURL": "http://host-nova:8774/v1.1/1e57be810f854bcdb73901567140ac48", "region": "RegionOne", "publicURL": "http://host-nova:8774/v1.1/1e57be810f854bcdb73901567140ac48", "internalURL": "http://host-nova:8774/v1.1/1e57be810f854bcdb73901567140ac48"}], "endpoints_links": [], "type": "compute", "name": "Compute Service"}, {"endpoints": [{"adminURL": "http://host-neutron:9696/", "region": "RegionOne", "publicURL": "http://host-neutron:9696/", "internalURL": "http://host-neutron:9696/"}], "endpoints_links": [], "type": "network", "name": "Network Service"}, {"endpoints": [{"adminURL": "http://host-keystone:35357/v2.0", "region": "RegionOne", "publicURL": "http://host-keystone:5000/v2.0", "internalURL": "http://host-keystone:5000/v2.0"}], "endpoints_links": [], "type": "identity", "name": "Identity Service"}], "user": {"username": "lichen", "roles_links": [], "id": "dad121e464174060a4eb46c5fed019bf", "roles": [{"name": "admin"}], "name": "lichen"}, "metadata": {"is_admin": 0, "roles": ["1c3535acf43345acaa23b6b0c6955dfd"]}}}
REQ: curl -i -X GET http://host-keystone:35357/v2.0/endpoints -H "User-Agent: python-keystoneclient" -H "X-Auth-Token: 1a4f03fbec6a41ddbff76afe9d238f83"
RESP: [200] {'date': 'Thu, 06 Mar 2014 02:14:28 GMT', 'content-type': 'application/json', 'content-length': '17', 'vary': 'X-Auth-Token'}
RESP BODY: {"endpoints": []}
From: Remo Mattei [mailto:remo at italy1.com]
Sent: Thursday, March 06, 2014 10:13 AM
To: Li, Chen
Cc: openstack at lists.openstack.org<mailto:openstack at lists.openstack.org>
Subject: Re: [Openstack] [keystone] can't not use file-based backend for catalog
Try to add -debug and see what it says..
Ciao
On Mar 5, 2014, at 6:08 PM, Li, Chen <chen.li at intel.com<mailto:chen.li at intel.com>> wrote:
Hi list,
I'm working under CentOS 6.4 + Havana.
I want to use the file based backend for keystone catalog.
But, after I configured that, when I run command "keystone service list" and "keystone endpoint-list", I get nothing.
Anyone know why this happened ???
I used to be successfully to this on Grizzly.
Thanks.
-chen
Here is my /etc/keystone/keystone.conf:
[DEFAULT]
[sql]
connection = mysql://keystone:keystone@host-db/keystone
[identity]
[credential]
[trust]
[os_inherit]
[catalog]
driver = keystone.catalog.backends.templated.TemplatedCatalog
template_file = /etc/keystone/default_catalog.templates
[endpoint_filter]
[token]
driver = keystone.token.backends.memcache.Token
[cache]
[policy]
[ec2]
[assignment]
[oauth1]
[ssl]
[signing]
token_format = UUID
[ldap]
[auth]
methods = external,password,token,oauth1
password = keystone.auth.plugins.password.Password
token = keystone.auth.plugins.token.Token
oauth1 = keystone.auth.plugins.oauth1.OAuth
[paste_deploy]
Here is my /etc/keystone/default_catalog.templates:
catalog.RegionOne.identity.publicURL = http://host-keystone:$(public_port)s/v2.0
catalog.RegionOne.identity.adminURL = http://host-keystone:$(admin_port)s/v2.0
catalog.RegionOne.identity.internalURL = http://host-keystone:$(public_port)s/v2.0
catalog.RegionOne.identity.name = Identity Service
catalog.RegionOne.compute.publicURL = http://host-nova:$(compute_port)s/v1.1/$(tenant_id)s
catalog.RegionOne.compute.adminURL = http://host-nova:$(compute_port)s/v1.1/$(tenant_id)s
catalog.RegionOne.compute.internalURL = http://host-nova:$(compute_port)s/v1.1/$(tenant_id)s
catalog.RegionOne.compute.name = Compute Service
catalog.RegionOne.volume.publicURL = http://host-cinder:8776/v1/$(tenant_id)s
catalog.RegionOne.volume.adminURL = http://host-cinder:8776/v1/$(tenant_id)s
catalog.RegionOne.volume.internalURL = http://host-cinder:8776/v1/$(tenant_id)s
catalog.RegionOne.volume.name = Volume Service
catalog.RegionOne.image.publicURL = http://host-glance:9292/v1
catalog.RegionOne.image.adminURL = http://host-glance:9292/v1
catalog.RegionOne.image.internalURL = http://host-glance:9292/v1
catalog.RegionOne.image.name = Image Service
catalog.RegionOne.network.publicURL = http://host-neutron:9696/
catalog.RegionOne.network.adminURL = http://host-neutron:9696/
catalog.RegionOne.network.internalURL = http://host-neutron:9696/
catalog.RegionOne.network.name = Network Service
_______________________________________________
Mailing list: http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
Post to : openstack at lists.openstack.org<mailto:openstack at lists.openstack.org>
Unsubscribe : http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
!DSPAM:1,5317d969231126667580840!
!DSPAM:1,5317db11233031001746282!
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openstack.org/pipermail/openstack/attachments/20140306/3c975e0e/attachment.html>
More information about the Openstack
mailing list