openstack team mailing list archive
-
openstack team
-
Mailing list archive
-
Message #06347
Re: cannot launch instance via dasboard - glance auth error
Hi!
You need to remove the %tenant_id% part from the Glance URI endpoint templates.
Cheers,
-jay
On Thu, Dec 22, 2011 at 6:28 AM, denmat <tu2bgone@xxxxxxxxx> wrote:
> Hi all,
>
> I'm trying to launch an instance via the dashboard with the admin
> account. (I have been following:
> http://keystone.openstack.org/configuringservices.html).
>
> Error: The server has either erred or is incapable of performing the
> requested operation.
>
> (nova.api.openstack.v2): TRACE: File
> "/usr/lib/python2.7/dist-packages/glance/common/client.py", line 411,
> in _do_request
> (nova.api.openstack.v2): TRACE: raise exception.NotAuthorized(res.read())
> (nova.api.openstack.v2): TRACE: NotAuthorized: You are not authorized
> to complete this action.
>
> In a previous post I was not able to access the images at all but that
> was fixed with a change of the endpoint templates.
>
> This is how I have set up the keystone endpoints:
>
> `keystone-manage endpointTemplates add Australia nova \
> http://nova.local:8774/v1.1/%tenant_id% \
> http://nova.local:8774/v1.1/%tenant_id% \
> http://nova.local:8774/v1.1/%tenant_id% \
> 1 1`
>
> `keystone-manage endpointTemplates add Australia glance \
> http://glance.local:9292/v1.1/%tenant_id% \
> http://glance.local:9292/v1.1/%tenant_id% \
> http://glance.local:9292/v1.1/%tenant_id% \
> 1 1`
> `keystone-manage endpointTemplates add Australia swift \
> http://swift.local:8080/v1/AUTH_%tenant_id% \
> http://swift.local:8080/v1.0/ \
> http://swift.local:8080/v1/AUTH_%tenant_id% \
> 1 1`
> `keystone-manage endpointTemplates add Australia keystone \
> http://identity.local:5000/v2.0 \
> http://identity.local:35357/v2.0 \
> http://identity.local:5000/v2.0 \
> 1 1`
>
> Neither the admin or me user can create instances. But the admin user
> could create a volume.
> --------------------------------------------------------
> | Roles |
> --------------------------------------------------------
> | id | name | service_id | description |
> --------------------------------------------------------
> | 1 | Admin | None | None |
> | 2 | KeystoneServiceAdmin | None | None |
> | 3 | Member | None | None |
> --------------------------------------------------------
> root@au-mel-kvm-3:~/setup# keystone-manage user list admin
> -------------------------------------------------------------------------------------------
> | Users
> |
> -------------------------------------------------------------------------------------------
> | id | name | enabled | tenant
> |
> -------------------------------------------------------------------------------------------
> | c75e1e8a074822078728c7ea3af9e7382 | admin | True |
> 828e80debe314d84823d606c587e867d |
> | 16b403c3811144b5976a740edeb4b868 | demo | True |
> ad1efcd098494058b451abaf438a8adb |
> | 67b9b4b622b03e88344e95601b180d6f8 | me | True |
> 05a72d14b4434a848c07f00544069d20 |
> -------------------------------------------------------------------------------------------
> root@au-mel-kvm-3:~/setup# keystone-manage role grant KeystoneServiceAdmin admin
> SUCCESS: Granted admin the KeystoneServiceAdmin role on None.
> root@au-mel-kvm-3:~/setup# keystone-manage tenant list
> -----------------------------------------------------------
> | Tenants |
> -----------------------------------------------------------
> | id | name | enabled |
> -----------------------------------------------------------
> | 828e80debe314d84823d606c587e867d | admin | True |
> | ad1efcd098494058b451abaf438a8adb | demo | True |
> | 7871122791c34cc4b2ec03324f259c7b | developers | True |
> | 05a72d14b4434a848c07f00544069d20 | SysAdmins | True |
> | 6c6672c6bf0a4de08d772dca797a3447 | QA | True |
> -----------------------------------------------------------
>
> Does anyone know how I can further investigate this?
>
> Thanks,
> Den
>
> _______________________________________________
> Mailing list: https://launchpad.net/~openstack
> Post to : openstack@xxxxxxxxxxxxxxxxxxx
> Unsubscribe : https://launchpad.net/~openstack
> More help : https://help.launchpad.net/ListHelp
References
