no problem here - if we're going to document a scripted solution, we should have it be something that we're actively maintaining. Don't know who's running the nimbus repo and those tools, which are cool - but we're not keeping them up with changes in the systems...
-joe On Oct 2, 2012, at 4:50 PM, Dolph Mathews <dolph.math...@gmail.com> wrote: > I find it odd that the document describes two approaches for configuring > keystone -- one being a relatively undocumented, scripted approach not > managed or distributed by OpenStack. Surely these two approaches will > continue to evolve seperately and we'll experience more issues such as this > one. > > Anyone have any objections to removing this "scripted configuration" section > in favor of focusing on the existing "manual" approach? > > http://docs.openstack.org/trunk/openstack-compute/install/apt/content/setting-up-tenants-users-and-roles.html > > -Dolph > > > On Tue, Oct 2, 2012 at 6:42 PM, Ahmed Al-Mehdi <ah...@coraid.com> wrote: > Hi Dolph, > > I am now getting the same output as the "curl" command, basically "Invalid > Tenant". At this point > > root@ubuntu1:~# keystone --os-username=adminUser --os-password=secretword > --os-tenant-name=service --os-auth-url=http://10.0. > 2.15:35357/v2.0 token-get > > No handlers could be found for logger "keystoneclient.client" > Invalid tenant (HTTP 401) > > Without the "os-tenant-name" parameter, I seem to get "good' response. > > root@ubuntu1:~# keystone --os-username=adminUser --os-password=secretword > --os-auth-url=http://10.0.2.15:35357/v2.0 token-get > No handlers could be found for logger "keystoneclient.v2_0.client" > +----------+----------------------------------+ > | Property | Value | > +----------+----------------------------------+ > | expires | 2012-10-03T23:31:17Z | > | id | 31078072aae94f5aab5c8e46ff5f6373 | > | user_id | 3e674f7f64ba452cb20781b8d5e26b7f | > +----------+----------------------------------+ > At this point, I feel like I am running into issues with/in the python / > PyYAML script (https://github.com/nimbis/keystone-init.git) which must not be > populating info into keystone "accurately" and most probably not equivalent > to manual steps mentioned in "Deploy and Install OpenStack - Red Hat Ubuntu". > I will look into the script. > > Regards, > Ahmed. > > From: Dolph Mathews [dolph.math...@gmail.com] > Sent: Tuesday, October 02, 2012 2:19 PM > > To: Ahmed Al-Mehdi > Cc: heckj; openstack@lists.launchpad.net > Subject: Re: [Openstack] Enabling logging in keystone. > > No worries, that's what a second set of eyes is for! > > By specifying a token and endpoint, you're bypassing the authentication > process that your curl command is performing. > > You can test authentication with the keystone client using: > > $ keystone --os-username=adminUser --os-password=secretword > --os-tenant-name=adminTenant --os-authurl=http://10.0.2.15:35357/v2.0 > token-get > > But as Anne pointed out, you don't have a tenant named "adminTenant". You'll > also need to make sure you've granted a role to your user on the specified > tenant for authorization to succeed. You can remove the tenant name argument > from the token-get call to test authentication without authorization > (therefore without requiring anything but a valid user in your keystone > install). > > -Dolph > > On Tuesday, October 2, 2012, Ahmed Al-Mehdi wrote: > Hi Dolph, > > Very sorry about that. With the correct token, calling keystone from the cli > is working. However, the curl command is failing. Will this cause an > issue down the line as I start to install glance and nova? > > > #> keystone --token 012345SECRET99TOKEN012345 --endpoint > http://10.0.2.15:35357/v2.0 tenant-list > +----------------------------------+---------------+---------+ > | id | name | enabled | > +----------------------------------+---------------+---------+ > | 07a44f9d55694d638f41bc160c14b42e | openstackDemo | True | > | 0e4cc20586ae42329db51e0c6f807731 | service | True | > +----------------------------------+---------------+---------+ > #> curl -d '{"auth": {"tenantName": "adminTenant", "passwordCredentials": > {"username": "adminUser", "password": "secretword"}}}' -H "Content-type: > application/json" http://10.0.2.15:35357/v2.0/tokens | python -mjson.tool > % Total % Received % Xferd Average Speed Time Time Time > Current > Dload Upload Total Spent Left Speed > 100 231 0 116 100 115 2771 2747 --:--:-- --:--:-- --:--:-- 3052 > { > "error": { > "code": 401, > "message": "The request you have made requires authentication.", > "title": "Not Authorized" > } > } > > Regards, > Ahmed. > > > From: Dolph Mathews [dolph.math...@gmail.com] > Sent: Tuesday, October 02, 2012 12:12 PM > To: Ahmed Al-Mehdi > Cc: heckj; openstack@lists.launchpad.net > Subject: Re: [Openstack] Enabling logging in keystone. > > You're missing a "5" on the admin_token you've specified on the command line. > > 012345SECRET99TOKEN01234 (your CLI arg) > 012345SECRET99TOKEN012345 (keystone.conf) > > -Dolph > > > On Tue, Oct 2, 2012 at 1:08 PM, Ahmed Al-Mehdi <ah...@coraid.com> wrote: > Hi Joe, > > I have put the conf file (renamed to ahmed_keystone.conf) into gist. > > git://gist.github.com/3821846.git > > Please let me know if you have any issues accessing the file. > > Thank you very much for helping me out. I have a feeling the issue might be > in the python script to populate keystone. When I previously input the data > manually, I got keystone configured properly. > > Regards, > Ahmed. > > > ________________________________________ > From: heckj [he...@mac.com] > Sent: Tuesday, October 02, 2012 10:56 AM > To: Ahmed Al-Mehdi > Cc: openstack@lists.launchpad.net > Subject: Re: [Openstack] Enabling logging in keystone. > > Ahmed - can you put your keystone.conf into a paste or gist and share it with > me? I'd be happy to help you debug this. > > I'm assuming you're running keystone on the system with the IP address > 10.0.2.15, correct? > > -joe > > On Oct 2, 2012, at 10:45 AM, Ahmed Al-Mehdi <ah...@coraid.com> wrote: > > > Hi Joe, > > > > I noticed I did not put the port number in the URL, now I am getting a more > > meaningful error: > > > > #> keystone --token 012345SECRET99TOKEN01234 --endpoint > > http://10.0.2.15:35357/v2.0 tenant-list > > No handlers could be found for logger "keystoneclient.client" > > Unable to authorize user > > > > Regards, > > Ahmed. > > > > ________________________________________ > > From: openstack-bounces+ahmed=coraid....@lists.launchpad.net > > [openstack-bounces+ahmed=coraid....@lists.launchpad.net] On Behalf Of Ahmed > > Al-Mehdi [ah...@coraid.com] > > Sent: Tuesday, October 02, 2012 10:30 AM > > To: heckj > > Cc: openstack@lists.launchpad.net > > Subject: Re: [Openstack] Enabling logging in keystone. > > > > Hi Joe, > > > > Unfortunately before I read your response I re-installed my Ubuntu server. > > I repeated the same steps mentioned in the OpenStack document "Deploy and > > Install OpenStack - RedHat Ubuntu" and also used the script mentioned in it > > (https://github.com/nimbis/keystone-init/blob/master/keystone-init.py) to > > populate keystone. I reboot the server prior to running your suggested > > command and now running into a different issue, which I feel maybe due to > > not starting some service. Btw, my host OS is Ubuntu 12.04 (32 bit) > > running inVirtualBox. > > > > Currently I am getting the following error: > > > > #> keystone --token 012345SECRET99TOKEN01234 --endpoint > > http://10.0.2.15/v2.0 tenant-lis > > > -- > > -Dolph >
_______________________________________________ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp
