The admin_token value from keystone.conf is not a real token; it exists as a string in memory and has no context, user or actual roles associated with it (hence it does not appear in your token table).
As for your actual issue, I don't see anything obviously wrong with what's below. Is logging enabled & working, otherwise? Have you tried "verbose = True" and "debug = True"? Have you tried running that command from the compute node itself, rather than over the internet IP? What happens when you curl / GET / whatever http://<internet_ip of the controller node>:35357/v2.0 and/or http://127.0.0.1:35357/v2.0 ? -Dolph On Fri, Aug 17, 2012 at 3:26 PM, Xin Zhao <xz...@bnl.gov> wrote: > Hello, > > I newly install keystone on the RHEL6 machine, but it is not working. The > following command fails: > > $ keystone --token <admin_token string from keystone.conf> --endpoint > http://<internet_ip of the controller node>:35357/v2.0 tenant-create > --name openstackDemo --description "Default Tenant" --enabled true > > Unable to communicate with identity service: (403, 'Forbidden'). (HTTP 400) > > There is no relevant log in the keystone.log file. > > Here is the instruction I follow: > http://docs.openstack.org/**essex/openstack-compute/** > install/yum/content/setting-**up-tenants-users-and-roles.**html<http://docs.openstack.org/essex/openstack-compute/install/yum/content/setting-up-tenants-users-and-roles.html> > > This is done on the controller node itself. I can telnet to <internet_ip > of the controller node>:35357. I can also > log into mysql DB as keystone user, although there is no <admin_token> > entry in any of the keystone tables. > > Any idea what is going wrong here? > > Thanks, > Xin > > > _______________________________________________ > Mailing list: https://launchpad.net/~openstack > Post to : openstack@lists.launchpad.net > Unsubscribe : https://launchpad.net/~openstack > More help : https://help.launchpad.net/ListHelp > >
_______________________________________________ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp
