Hi, Experts
Could someone give me a help on below issue when I start swift proxy service.
Is something wrong with the config.
Thanks in advance.
root@folsom-storage:/etc/swift# swift-init proxy start
Starting proxy-server...(/etc/swift/proxy-server.conf)
Traceback (most recent call last):
File "/usr/bin/swift-proxy-server", line 22, in <module>
run_wsgi(conf_file, 'proxy-server', default_port=8080, **options)
File "/usr/lib/python2.7/dist-packages/swift/common/wsgi.py", line 138, in
run_wsgi
loadapp('config:%s' % conf_file, global_conf={'log_name': log_name})
File "/usr/lib/python2.7/dist-packages/paste/deploy/loadwsgi.py", line 247,
in loadapp
return loadobj(APP, uri, name=name, **kw)
File "/usr/lib/python2.7/dist-packages/paste/deploy/loadwsgi.py", line 272,
in loadobj
return context.create()
File "/usr/lib/python2.7/dist-packages/paste/deploy/loadwsgi.py", line 710,
in create
return self.object_type.invoke(self)
File "/usr/lib/python2.7/dist-packages/paste/deploy/loadwsgi.py", line 207,
in invoke
app = filter(app)
File "/usr/lib/python2.7/dist-packages/keystone/middleware/auth_token.py",
line 815, in auth_filter
return AuthProtocol(app, conf)
File "/usr/lib/python2.7/dist-packages/keystone/middleware/auth_token.py",
line 219, in __init__
os.makedirs(self.signing_dirname)
File "/usr/lib/python2.7/os.py", line 157, in makedirs
mkdir(name, mode)
OSError: [Errno 13] Permission denied: '/root/keystone-signing'
root@folsom-storage:/etc/swift# vi proxy-server.conf
[DEFAULT]
bind_port = 8080
user = swift
[pipeline:main]
pipeline = healthcheck cache authtoken keystone proxy-server
[app:proxy-server]
use = egg:swift#proxy
allow_account_management = true
account_autocreate = true
[filter:keystone]
paste.filter_factory = keystone.middleware.swift_auth:filter_factory
operator_roles = Member,admin, swiftoperator
[filter:authtoken]
paste.filter_factory = keystone.middleware.auth_token:filter_factory
# Delaying the auth decision is required to support token-less
# usage for anonymous referrers ('.r:*').
delay_auth_decision = 10
service_port = 5000
service_host = 192.168.0.1
auth_port = 35357
auth_host = 192.168.0.1
auth_protocol = http
auth_uri = http://192.168.0.1:5000/
auth_token = password
admin_token = password
admin_tenant_name = service
admin_user = swift
admin_password = swift
[filter:cache]
use = egg:swift#memcache
set log_name = cache
[filter:catch_errors]
use = egg:swift#catch_errors
[filter:healthcheck]
use = egg:swift#healthcheck
Keystone is configured on 192.168.0.1:
keystone endpoint-list
+----------------------------------+-----------+--------------------------------------------------+-----------------------------------------------+------------------------------------------+
| id | region | publicurl
| internalurl |
adminurl |
+----------------------------------+-----------+--------------------------------------------------+-----------------------------------------------+------------------------------------------+
| 0621ace42619443d9d66a717dc41f6ea | RegionOne |
http://192.168.0.1:8773/services/Cloud |
http://192.168.0.1:8773/services/Cloud |
http://192.168.0.1:8773/services/Admin |
| 4a7f461a0de44a0a850cc681e4584318 | RegionOne |
http://192.168.0.1:8774/v2/$(tenant_id)s |
http://192.168.0.1:8774/v2/$(tenant_id)s |
http://192.168.0.1:8774/v2/$(tenant_id)s |
| 4f941d8ce5be494896e27a1511527ff4 | RegionOne |
http://192.168.0.4:8080/v1/AUTH_$(tenant_id)s |
http://192.168.0.4:8080/v1/AUTH_$(tenant_id)s |
http://192.168.0.1:8080/v1 |
| 5f431e96bc4140a086e45757165e3f58 | RegionOne |
http://192.168.0.1:5000/v2.0 | http://192.168.0.1:5000/v2.0
| http://192.168.0.1:35357/v2.0 |
| 75fe8e7e5f2c43a2b46b596266688390 | RegionOne |
http://192.168.0.1:9292/v2 | http://192.168.0.1:9292/v2
| http://192.168.0.1:9292/v2 |
| 9c0d4921854d48209b0c84109536fddc | RegionOne |
http://192.168.0.1:9696/ | http://192.168.0.1:9696/
| http://192.168.0.1:9696/ |
| c09985140ef14472afdfe3b9e4cb7c60 | RegionOne |
http://192.168.0.1:8776/v1/$(tenant_id)s |
http://192.168.0.1:8776/v1/$(tenant_id)s |
http://192.168.0.1:8776/v1/$(tenant_id)s |
| cd22ee5a9b23443d9c28e8ce38729617 | RegionOne |
http://192.168.0.1:9696/ | http://192.168.0.1:9696/
| http://192.168.0.1:9696/ |
+----------------------------------+-----------+--------------------------------------------------+-----------------------------------------------+------------------------------------------+
root@folsom-controller:/etc/keystone# cat keystone.conf
[DEFAULT]
# A "shared secret" between keystone and other openstack services
admin_token = password
# The IP address of the network interface to listen on
bind_host = 0.0.0.0
# The port number which the public service listens on
public_port = 5000
# The port number which the public admin listens on
admin_port = 35357
# The port number which the OpenStack Compute service listens on
compute_port = 8774
# === Logging Options ===
# Print debugging output
verbose = True
# Print more verbose output
# (includes plaintext request logging, potentially including passwords)
debug = True
# Name of log file to output to. If not set, logging will go to stdout.
log_file = keystone.log
# The directory to keep log files in (will be prepended to --logfile)
log_dir = /var/log/keystone
# Use syslog for logging.
# use_syslog = False
# syslog facility to receive log lines
# syslog_log_facility = LOG_USER
# If this option is specified, the logging configuration file specified is
# used and overrides any other logging options specified. Please see the
# Python logging module documentation for details on logging configuration
# files.
log_config = /etc/keystone/logging.conf
# A logging.Formatter log message format string which may use any of the
# available logging.LogRecord attributes.
# log_format = %(asctime)s %(levelname)8s [%(name)s] %(message)s
# Format string for %(asctime)s in log records.
# log_date_format = %Y-%m-%d %H:%M:%S
# onready allows you to send a notification when the process is ready to serve
# For example, to have it notify using systemd, one could set shell command:
# onready = systemd-notify --ready
# or a module with notify() method:
# onready = keystone.common.systemd
[sql]
# The SQLAlchemy connection string used to connect to the database
#connection = sqlite:////var/lib/keystone/keystone.db
connection = mysql://keystone:password@localhost:3306/keystone
idle_timeout = 200
# the timeout before idle sql connections are reaped
# idle_timeout = 200
[identity]
driver = keystone.identity.backends.sql.Identity
[catalog]
# dynamic, sql-based backend (supports API/CLI-based management commands)
driver = keystone.catalog.backends.sql.Catalog
# static, file-based backend (does *NOT* support any management commands)
# driver = keystone.catalog.backends.templated.TemplatedCatalog
# template_file = default_catalog.templates
[token]
driver = keystone.token.backends.sql.Token
# Amount of time a token should remain valid (in seconds)
# expiration = 86400
[policy]
driver = keystone.policy.backends.rules.Policy
[ec2]
driver = keystone.contrib.ec2.backends.sql.Ec2
[ssl]
#enable = True
#certfile = /etc/keystone/ssl/certs/keystone.pem
#keyfile = /etc/keystone/ssl/private/keystonekey.pem
#ca_certs = /etc/keystone/ssl/certs/ca.pem
#cert_required = True
[signing]
#token_format = UUID
#certfile = /etc/keystone/ssl/certs/signing_cert.pem
#keyfile = /etc/keystone/ssl/private/signing_key.pem
#ca_certs = /etc/keystone/ssl/certs/ca.pem
#key_size = 1024
#valid_days = 3650
#ca_password = None
#token_format = PKI
[ldap]
# url = ldap://localhost
# user = dc=Manager,dc=example,dc=com
# password = None
# suffix = cn=example,cn=com
# use_dumb_member = False
# user_tree_dn = ou=Users,dc=example,dc=com
# user_objectclass = inetOrgPerson
# user_id_attribute = cn
# user_name_attribute = sn
# tenant_tree_dn = ou=Groups,dc=example,dc=com
# tenant_objectclass = groupOfNames
# tenant_id_attribute = cn
# tenant_member_attribute = member
# tenant_name_attribute = ou
# role_tree_dn = ou=Roles,dc=example,dc=com
# role_objectclass = organizationalRole
# role_id_attribute = cn
# role_member_attribute = roleOccupant
[filter:debug]
paste.filter_factory = keystone.common.wsgi:Debug.factory
[filter:token_auth]
paste.filter_factory = keystone.middleware:TokenAuthMiddleware.factory
[filter:admin_token_auth]
paste.filter_factory = keystone.middleware:AdminTokenAuthMiddleware.factory
[filter:xml_body]
paste.filter_factory = keystone.middleware:XmlBodyMiddleware.factory
[filter:json_body]
paste.filter_factory = keystone.middleware:JsonBodyMiddleware.factory
[filter:user_crud_extension]
paste.filter_factory = keystone.contrib.user_crud:CrudExtension.factory
[filter:crud_extension]
paste.filter_factory = keystone.contrib.admin_crud:CrudExtension.factory
[filter:ec2_extension]
paste.filter_factory = keystone.contrib.ec2:Ec2Extension.factory
[filter:s3_extension]
paste.filter_factory = keystone.contrib.s3:S3Extension.factory
[filter:url_normalize]
paste.filter_factory = keystone.middleware:NormalizingFilter.factory
[filter:stats_monitoring]
paste.filter_factory = keystone.contrib.stats:StatsMiddleware.factory
[filter:stats_reporting]
paste.filter_factory = keystone.contrib.stats:StatsExtension.factory
[app:public_service]
paste.app_factory = keystone.service:public_app_factory
[app:admin_service]
paste.app_factory = keystone.service:admin_app_factory
[pipeline:public_api]
pipeline = stats_monitoring url_normalize token_auth admin_token_auth xml_body
json_body debug ec2_extension user_crud_extension public_service
[pipeline:admin_api]
pipeline = stats_monitoring url_normalize token_auth admin_token_auth xml_body
json_body debug stats_reporting ec2_extension s3_extension crud_extension
admin_service
[app:public_version_service]
paste.app_factory = keystone.service:public_version_app_factory
[app:admin_version_service]
paste.app_factory = keystone.service:admin_version_app_factory
[pipeline:public_version_api]
pipeline = stats_monitoring url_normalize xml_body public_version_service
[pipeline:admin_version_api]
pipeline = stats_monitoring url_normalize xml_body admin_version_service
[composite:main]
use = egg:Paste#urlmap
/v2.0 = public_api
/ = public_version_api
[composite:admin]
use = egg:Paste#urlmap
/v2.0 = admin_api
/ = admin_version_api
Thanks & Regards,
David
_______________________________________________
Mailing list: https://launchpad.net/~openstack
Post to : openstack@lists.launchpad.net
Unsubscribe : https://launchpad.net/~openstack
More help : https://help.launchpad.net/ListHelp
