openstack team mailing list archive
-
openstack team
-
Mailing list archive
-
Message #15949
Re: keystone initialization problem
On 08/17/2012 05:47 PM, Dolph Mathews wrote:
The admin_token value from keystone.conf is not a real token; it
exists as a string in memory and has no context, user or actual roles
associated with it (hence it does not appear in your token table).
Please try the steps here instead:
https://access.redhat.com/knowledge/docs/Red_Hat_OpenStack_Preview/
bascially, try export SERVICE_TOKEN=<admin_token string from
keystone.conf> instead
--token is not the same as SERVICE_TOKEN
As for your actual issue, I don't see anything obviously wrong with
what's below. Is logging enabled & working, otherwise? Have you tried
"verbose = True" and "debug = True"? Have you tried running that
command from the compute node itself, rather than over the internet
IP? What happens when you curl / GET / whatever http://<internet_ip of
the controller node>:35357/v2.0 and/or http://127.0.0.1:35357/v2.0 ?
-Dolph
On Fri, Aug 17, 2012 at 3:26 PM, Xin Zhao <xzhao@xxxxxxx
<mailto:xzhao@xxxxxxx>> wrote:
Hello,
I newly install keystone on the RHEL6 machine, but it is not
working. The following command fails:
$ keystone --token <admin_token string from keystone.conf>
--endpoint http://<internet_ip of the controller node>:35357/v2.0
tenant-create --name openstackDemo --description "Default Tenant"
--enabled true
Unable to communicate with identity service: (403, 'Forbidden').
(HTTP 400)
There is no relevant log in the keystone.log file.
Here is the instruction I follow:
http://docs.openstack.org/essex/openstack-compute/install/yum/content/setting-up-tenants-users-and-roles.html
This is done on the controller node itself. I can telnet to
<internet_ip of the controller node>:35357. I can also
log into mysql DB as keystone user, although there is no
<admin_token> entry in any of the keystone tables.
Any idea what is going wrong here?
Thanks,
Xin
_______________________________________________
Mailing list: https://launchpad.net/~openstack
<https://launchpad.net/%7Eopenstack>
Post to : openstack@xxxxxxxxxxxxxxxxxxx
<mailto:openstack@xxxxxxxxxxxxxxxxxxx>
Unsubscribe : https://launchpad.net/~openstack
<https://launchpad.net/%7Eopenstack>
More help : https://help.launchpad.net/ListHelp
_______________________________________________
Mailing list: https://launchpad.net/~openstack
Post to : openstack@xxxxxxxxxxxxxxxxxxx
Unsubscribe : https://launchpad.net/~openstack
More help : https://help.launchpad.net/ListHelp
References