Keystone

From silverwiki
Jump to: navigation, search

kinda following http://blog.flux7.com/blogs/openstack/tutorial-what-is-nova-and-how-to-install-use-it-openstack

Installed openstack dashboard on controller and got the following error from /var/log/apache2/error.log on login.

BadRequest: Malformed request URL: URL's project_id 'd0177bdfcebf4115ae2bd23d8eafc8da' doesn't match Context's project_id 'e6d688f5381c4a53898ddad4cef7455e' (HTTP 400) (Request-ID: req-253a28a5-1b09-4ece-88f9-c3f11d492b10)

root@controller:/home/ubuntu# keystone endpoint-list
+----------------------------------+-----------+------------------------------------------------------------+------------------------------------------------------------+------------------------------------------------------------+----------------------------------+
|                id                |   region  |                         publicurl                          |                        internalurl                         |                          adminurl                          |            service_id            |
+----------------------------------+-----------+------------------------------------------------------------+------------------------------------------------------------+------------------------------------------------------------+----------------------------------+
| 178bc5c03d8c40ef81c0b3592a5f8791 | regionOne |        http://controller:8080/v1/AUTH_%(tenant_id)s        |        http://controller:8080/v1/AUTH_%(tenant_id)s        |                   http://controller:8080                   | 77e2015152954877a2a271a4a06084de |
| 325e83050ae449c785fb38f6ae681c52 | regionOne | http://controller:8774/v2/d0177bdfcebf4115ae2bd23d8eafc8da | http://controller:8774/v2/d0177bdfcebf4115ae2bd23d8eafc8da | http://controller:8774/v2/d0177bdfcebf4115ae2bd23d8eafc8da | d0177bdfcebf4115ae2bd23d8eafc8da |
| d657fa7ec5cb4150b9f7eb728d228853 | regionOne |                http://controller:5000/v2.0                 |                http://controller:5000/v2.0                 |                http://controller:35357/v2.0                | 5ca114240c0d4934b9f02ca2d412e582 |
+----------------------------------+-----------+------------------------------------------------------------+------------------------------------------------------------+------------------------------------------------------------+----------------------------------+


root@controller:/home/ubuntu# keystone service-list
+----------------------------------+----------+--------------+--------------------------+
|                id                |   name   |     type     |       description        |
+----------------------------------+----------+--------------+--------------------------+
| 5ca114240c0d4934b9f02ca2d412e582 | keystone |   identity   |    OpenStack Identity    |
| d0177bdfcebf4115ae2bd23d8eafc8da |   nova   |   compute    |   Nova Compute service   |
| 77e2015152954877a2a271a4a06084de |  swift   | object-store | OpenStack Object Storage |
+----------------------------------+----------+--------------+--------------------------+
root@controller:/home/ubuntu# keystone user-list
+----------------------------------+-------+---------+----------------------+
|                id                |  name | enabled |        email         |
+----------------------------------+-------+---------+----------------------+
| 16bdc492f5b4466f8386ef7826575d78 | admin |   True  |    EMAIL_ADDRESS     |
| 69d39104b1c746cea10a4bc72ec36c1d |  demo |   True  |    EMAIL_ADDRESS     |
| 83e3fbe040b84a15b6c324e6abecc054 |  nova |   True  | silver@silvermag.net |
| 2319d2ccf83f42078d901930164047e2 | swift |   True  |                      |
+----------------------------------+-------+---------+----------------------+

root@controller:/home/ubuntu# keystone tenant-list
+----------------------------------+---------+---------+
|                id                |   name  | enabled |
+----------------------------------+---------+---------+
| e6d688f5381c4a53898ddad4cef7455e |  admin  |   True  |
| 05d82156e2b24308b0f59352e932a180 |   demo  |   True  |
| 12b3ad8da15941ce891ac69c1a1c47c9 | service |   True  |
+----------------------------------+---------+---------+




keystone user-delete nova
keystone service-delete nova

 keystone user-create --name=nova --pass=password1 --email=silver@silvermag.net
+----------+----------------------------------+
| Property |              Value               |
+----------+----------------------------------+
|  email   |       silver@silvermag.net       |
| enabled  |               True               |
|    id    | 309d60d8b7d04b1c87add931f8506cf7 |
|   name   |               nova               |
| username |               nova               |
+----------+----------------------------------+

keystone user-role-add --user=nova --tenant=service --role=admin

keystone endpoint-create --service-id=12b3ad8da15941ce891ac69c1a1c47c9 --publicurl=http://controller:8774/v2/%\(tenant_id\)s --internalurl=http://controller:8774/v2/%\(tenant_id\)s --adminurl=http://controller:8774/v2/%\(tenant_id\)s
No service with a name or ID of '12b3ad8da15941ce891ac69c1a1c47c9' exists.

keystone endpoint-create --service-id=309d60d8b7d04b1c87add931f8506cf7 --publicurl=http://controller:8774/v2/%\(tenant_id\)s --internalurl=http://controller:8774/v2/%\(tenant_id\)s --adminurl=http://controller:8774/v2/%\(tenant_id\)s
No service with a name or ID of '309d60d8b7d04b1c87add931f8506cf7' exists.

keystone service-create --name=nova --type=compute --description="Nova Compute service"

+-------------+----------------------------------+
|   Property  |              Value               |
+-------------+----------------------------------+
| description |       Nova Compute service       |
|   enabled   |               True               |
|      id     | 08407ca2bea0478a82264616d69dbf3b |
|     name    |               nova               |
|     type    |             compute              |
+-------------+----------------------------------+

keystone endpoint-create --service-id=08407ca2bea0478a82264616d69dbf3b --publicurl=http://controller:8774/v2/%\(tenant_id\)s --internalurl=http://controller:8774/v2/%\(tenant_id\)s --adminurl=http://controller:8774/v2/%\(tenant_id\)s
+-------------+-----------------------------------------+
|   Property  |                  Value                  |
+-------------+-----------------------------------------+
|   adminurl  | http://controller:8774/v2/%(tenant_id)s |
|      id     |     e2d4abf4fa844193a90020b5c56d2d67    |
| internalurl | http://controller:8774/v2/%(tenant_id)s |
|  publicurl  | http://controller:8774/v2/%(tenant_id)s |
|    region   |                regionOne                |
|  service_id |     08407ca2bea0478a82264616d69dbf3b    |
+-------------+-----------------------------------------+


service nova-api restart
service nova-cert restart
service nova-consoleauth restart
service nova-scheduler restart
service nova-conductor restart
service nova-novncproxy restart

Still broken, but using private browsing fixed it so there was a cookie issue.


keystone endpoint-list
+----------------------------------+-----------+----------------------------------------------+----------------------------------------------+-----------------------------------------+----------------------------------+
|                id                |   region  |                  publicurl                   |                 internalurl                  |                 adminurl                |            service_id            |
+----------------------------------+-----------+----------------------------------------------+----------------------------------------------+-----------------------------------------+----------------------------------+
| 178bc5c03d8c40ef81c0b3592a5f8791 | regionOne | http://controller:8080/v1/AUTH_%(tenant_id)s | http://controller:8080/v1/AUTH_%(tenant_id)s |          http://controller:8080         | 77e2015152954877a2a271a4a06084de |
| d657fa7ec5cb4150b9f7eb728d228853 | regionOne |         http://controller:5000/v2.0          |         http://controller:5000/v2.0          |       http://controller:35357/v2.0      | 5ca114240c0d4934b9f02ca2d412e582 |
| e2d4abf4fa844193a90020b5c56d2d67 | regionOne |   http://controller:8774/v2/%(tenant_id)s    |   http://controller:8774/v2/%(tenant_id)s    | http://controller:8774/v2/%(tenant_id)s | 08407ca2bea0478a82264616d69dbf3b |
+----------------------------------+-----------+----------------------------------------------+----------------------------------------------+-----------------------------------------+----------------------------------+

So the problem was probably the %(tenant_id)s junk being wrong. remaking everything ftw.