← Back to team overview

openstack team mailing list archive

cannot launch instance via dasboard - glance auth error

 

Hi all,

I'm trying to launch an instance via the dashboard with the admin
account. (I have been following:
http://keystone.openstack.org/configuringservices.html).

Error: The server has either erred or is incapable of performing the
requested operation.

(nova.api.openstack.v2): TRACE:   File
"/usr/lib/python2.7/dist-packages/glance/common/client.py", line 411,
in _do_request
(nova.api.openstack.v2): TRACE:     raise exception.NotAuthorized(res.read())
(nova.api.openstack.v2): TRACE: NotAuthorized: You are not authorized
to complete this action.

In a previous post I was not able to access the images at all but that
was fixed with a change of the endpoint templates.

This is how I have set up the keystone endpoints:

   `keystone-manage endpointTemplates add Australia nova \
http://nova.local:8774/v1.1/%tenant_id% \
http://nova.local:8774/v1.1/%tenant_id% \
http://nova.local:8774/v1.1/%tenant_id% \
1 1`

    `keystone-manage endpointTemplates add Australia glance \
http://glance.local:9292/v1.1/%tenant_id% \
http://glance.local:9292/v1.1/%tenant_id% \
http://glance.local:9292/v1.1/%tenant_id% \
1 1`
    `keystone-manage endpointTemplates add Australia swift \
http://swift.local:8080/v1/AUTH_%tenant_id% \
http://swift.local:8080/v1.0/ \
http://swift.local:8080/v1/AUTH_%tenant_id% \
1 1`
    `keystone-manage endpointTemplates add Australia keystone \
http://identity.local:5000/v2.0 \
http://identity.local:35357/v2.0 \
http://identity.local:5000/v2.0 \
1 1`

Neither the admin or me user can create instances. But the admin user
could create a volume.
--------------------------------------------------------
| Roles                                                |
--------------------------------------------------------
| id | name                 | service_id | description |
--------------------------------------------------------
| 1  | Admin                | None       | None        |
| 2  | KeystoneServiceAdmin | None       | None        |
| 3  | Member               | None       | None        |
--------------------------------------------------------
root@au-mel-kvm-3:~/setup# keystone-manage user list admin
-------------------------------------------------------------------------------------------
| Users
                   |
-------------------------------------------------------------------------------------------
| id                               | name    | enabled | tenant
                   |
-------------------------------------------------------------------------------------------
| c75e1e8a074822078728c7ea3af9e7382 | admin   | True    |
828e80debe314d84823d606c587e867d |
| 16b403c3811144b5976a740edeb4b868 | demo    | True    |
ad1efcd098494058b451abaf438a8adb |
| 67b9b4b622b03e88344e95601b180d6f8 | me | True    |
05a72d14b4434a848c07f00544069d20 |
-------------------------------------------------------------------------------------------
root@au-mel-kvm-3:~/setup# keystone-manage role grant KeystoneServiceAdmin admin
SUCCESS: Granted admin the KeystoneServiceAdmin role on None.
root@au-mel-kvm-3:~/setup# keystone-manage tenant list
-----------------------------------------------------------
| Tenants                                                 |
-----------------------------------------------------------
| id                               | name       | enabled |
-----------------------------------------------------------
| 828e80debe314d84823d606c587e867d | admin      | True    |
| ad1efcd098494058b451abaf438a8adb | demo       | True    |
| 7871122791c34cc4b2ec03324f259c7b | developers | True    |
| 05a72d14b4434a848c07f00544069d20 | SysAdmins  | True    |
| 6c6672c6bf0a4de08d772dca797a3447 | QA         | True    |
-----------------------------------------------------------

Does anyone know how I can further investigate this?

Thanks,
Den


Follow ups