[Openstack] Keystone problem
Louis-Philippe Reid
louis.philippe.reid at gmail.com
Tue Sep 9 15:01:15 UTC 2014
Found it, it was the cumulative errors on adminurl (wrong port, and typo).
It's ok now.
Thank you for your time!
# keystone user-list
+----------------------------------+-------+---------+---------------------------------+
| id | name | enabled | email
|
+----------------------------------+-------+---------+---------------------------------+
| a1c8728d58584e7db2e4087e74a02abd | admin | True | xxxxxxxxxxxxxx
|
| a843d2e9e431483086091165851c6a2c | demo | True | xxxxxxxxxxxxxx
|
+----------------------------------+-------+---------+---------------------------------+
On Tue, Sep 9, 2014 at 10:47 AM, Louis-Philippe Reid <
louis.philippe.reid at gmail.com> wrote:
> Ok, I think I just found a typo resulting from the correction I did for
> adminurl. I have http:///lecloud100 (note the triple /). Let me check
> that again and retest.
>
> On Tue, Sep 9, 2014 at 10:35 AM, Louis-Philippe Reid <
> louis.philippe.reid at gmail.com> wrote:
>
>>
>>
>> I'm not sure I understand you correctly. keystone is not associated
>> properly with the role? Let met trace association and you will be able to
>> tell me where the link is not good:
>>
>> user 4e51cf42393e478ba630233a1984e5ab admin associated to tenant admin bc8c91c4c321480a99c1d5c01f9ee2ee
>>
>>
>> # keystone user-role-list --user admin --tenant admin
>> WARNING: Bypassing authentication using a token & endpoint (authentication credentials are being ignored).
>> +----------------------------------+----------+----------------------------------+----------------------------------+
>> | id | name | user_id | tenant_id |
>> +----------------------------------+----------+----------------------------------+----------------------------------+
>> | 9fe2ff9ee4384b1894a90878d3e92bab | _member_ | 4e51cf42393e478ba630233a1984e5ab | bc8c91c4c321480a99c1d5c01f9ee2ee |
>> | e51a667a851f4768b3ee3fb7c4de711d | admin | 4e51cf42393e478ba630233a1984e5ab | bc8c91c4c321480a99c1d5c01f9ee2ee |
>> +----------------------------------+----------+----------------------------------+----------------------------------+
>>
>>
>> user_id is mapping to the correct user:
>>
>> # keystone user-list
>> WARNING: Bypassing authentication using a token & endpoint (authentication credentials are being ignored).
>> +----------------------------------+-------+---------+---------------------------------+
>> | id | name | enabled | email |
>> +----------------------------------+-------+---------+---------------------------------+
>> | 4e51cf42393e478ba630233a1984e5ab | admin | True | xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx |
>> | 38ee12f0c8364218a7ffab0c39fbce5f | demo | True | xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx |
>> +----------------------------------+-------+---------+---------------------------------+
>>
>> also associated to the right tenant:
>>
>> # keystone tenant-list
>> WARNING: Bypassing authentication using a token & endpoint (authentication credentials are being ignored).
>> +----------------------------------+---------+---------+
>> | id | name | enabled |
>> +----------------------------------+---------+---------+
>> | bc8c91c4c321480a99c1d5c01f9ee2ee | admin | True |
>> | 9bddf495845e4138b6c05305917518b9 | demo | True |
>> | 2ba53d8ccf82496eb4c0ed91db73df41 | service | True |
>> +----------------------------------+---------+---------+
>>
>>
>>
>> service keystone is associated correctly to endpoint:
>>
>>
>> keystone cad84013496a4d33a132fd99026d1322 associated with endpoint 9c5aa10925014e7c939ad392d8384b22
>>
>>
>> # keystone service-list
>> WARNING: Bypassing authentication using a token & endpoint (authentication credentials are being ignored).
>> +----------------------------------+----------+----------+--------------------+
>> | id | name | type | description |
>> +----------------------------------+----------+----------+--------------------+
>> | cad84013496a4d33a132fd99026d1322 | keystone | identity | OpenStack Identity |
>> +----------------------------------+----------+----------+--------------------+
>>
>> # keystone endpoint-list
>> WARNING: Bypassing authentication using a token & endpoint (authentication credentials are being ignored).
>> +----------------------------------+-----------+------------------------------------------------------------+-----------------------------+-------------------------------+----------------------------------+
>> | id | region | publicurl | internalurl | adminurl | service_id |
>> +----------------------------------+-----------+------------------------------------------------------------+-----------------------------+-------------------------------+----------------------------------+
>> | 9c5aa10925014e7c939ad392d8384b22 | regionOne | http://cloud-pp-public-10-15-109-200.xxxx.com:5000/v2.0 | http://lecloud100:5000/v2.0 | http:///lecloud100:35357/v2.0 | cad84013496a4d33a132fd99026d1322 |
>> +----------------------------------+-----------+------------------------------------------------------------+-----------------------------+-------------------------------+----------------------------------+
>>
>>
>> Looking back at the documentation I don't see any missing links. What am I missing?
>>
>> Thanks,
>>
>>
>>
>> On Tue, Sep 9, 2014 at 10:06 AM, <raghavendra.lad at accenture.com> wrote:
>>
>>> Hi,
>>>
>>>
>>> I did check the attached doc. I find that the keystone is not
>>> associated properly with the role.
>>>
>>>
>>> You can try to unset and then keystone token-get, after which try
>>> executing the keystone commands by sourcing from the file.
>>>
>>>
>>> Let me know if that helps.
>>>
>>>
>>> Regards,
>>>
>>> Raghavendra Lad
>>>
>>>
>>> ------------------------------
>>> *From:* Louis-Philippe Reid <louis.philippe.reid at gmail.com>
>>> *Sent:* Tuesday, September 9, 2014 7:25 PM
>>> *To:* Lad, Raghavendra
>>> *Cc:* openstack at lists.openstack.org
>>> *Subject:* Re: [Openstack] Keystone problem
>>>
>>> Thanks for your quick reply, I found an error in my installation when
>>> I defined the endpoint. I used port 5000 for the adminurl. I restarted
>>> from scratch, once again just to be sure it was clean and made sure ton
>>> unset the token and service endpoint has you suggested. I did use the --os
>>> commands. I did create admin and associate everything. Also, the error I
>>> get since I corrected the adminurl is now different.
>>>
>>> [root at lecloud100 ~]# env | grep OS_
>>> OS_PASSWORD=xxxxxxxxxx
>>> OS_AUTH_URL=http://lecloud100:35357/v2.0
>>> OS_USERNAME=admin
>>> OS_TENANT_NAME=admin
>>>
>>> # keystone user-list
>>> 'NoneType' object has no attribute 'encode'
>>>
>>>
>>> Here is all the information used to create the config, line by line
>>> and debug outputs:
>>>
>>> http://pastebin.com/6XWVqBqb
>>>
>>> Thanks,
>>>
>>>
>>>>
>>>
>>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openstack.org/pipermail/openstack/attachments/20140909/9367d3b0/attachment.html>
More information about the Openstack
mailing list