openstack team mailing list archive
-
openstack team
-
Mailing list archive
-
Message #17102
Re: Enabling logging in keystone.
Hi Ahmed -
I believe you don't have a tenant named "adminTenant" - possibly try this?
curl -d '{"auth": {"tenantName": "service", "passwordCredentials":
{"username": "adminUser", "password": "secretword"}}}' -H "Content-type:
application/json" http://10.0.2.15:35357/v2.0/tokens | python -mjson.tool
Also, you can run keystone with the --debug parameter to see the curl
output like so:
keystone --debug --token
012345SECRET99TOKEN012345 --endpoint http://10.0.2.15:35357/v2.0 tenant-list
Generally, yes, you need to ensure keystone is working correctly before
installing glance and nova (they require keystone), so you're correct to
keep trying.
Anne
On Tue, Oct 2, 2012 at 3:09 PM, Ahmed Al-Mehdi <ahmed@xxxxxxxxxx> wrote:
> Hi Dolph,
>
> Very sorry about that. With the correct token, calling keystone from
> the cli is working. However, the curl command is failing. Will this
> cause an issue down the line as I start to install glance and nova?
>
>
> #> keystone --token 012345SECRET99TOKEN012345 --endpoint
> http://10.0.2.15:35357/v2.0 tenant-list
> +----------------------------------+---------------+---------+
> | id | name | enabled |
> +----------------------------------+---------------+---------+
> | 07a44f9d55694d638f41bc160c14b42e | openstackDemo | True |
> | 0e4cc20586ae42329db51e0c6f807731 | service | True |
> +----------------------------------+---------------+---------+
> #> curl -d '{"auth": {"tenantName": "adminTenant", "passwordCredentials":
> {"username": "adminUser", "password": "secretword"}}}' -H "Content-type:
> application/json" http://10.0.2.15:35357/v2.0/tokens | python -mjson.tool
>
> % Total % Received % Xferd Average Speed Time Time Time
> Current
> Dload Upload Total Spent Left
> Speed
> 100 231 0 116 100 115 2771 2747 --:--:-- --:--:-- --:--:--
> 3052
>
> {
> "error": {
> "code": 401,
> "message": "The request you have made requires authentication.",
> "title": "Not Authorized"
> }
> }
>
> Regards,
> Ahmed.
>
>
> ------------------------------
> *From:* Dolph Mathews [dolph.mathews@xxxxxxxxx]
> *Sent:* Tuesday, October 02, 2012 12:12 PM
> *To:* Ahmed Al-Mehdi
> *Cc:* heckj; openstack@xxxxxxxxxxxxxxxxxxx
>
> *Subject:* Re: [Openstack] Enabling logging in keystone.
>
> You're missing a "5" on the admin_token you've specified on the command
> line.
>
> 012345SECRET99TOKEN01234 (your CLI arg)
> 012345SECRET99TOKEN012345 (keystone.conf)
>
> -Dolph
>
>
> On Tue, Oct 2, 2012 at 1:08 PM, Ahmed Al-Mehdi <ahmed@xxxxxxxxxx> wrote:
>
>> Hi Joe,
>>
>> I have put the conf file (renamed to ahmed_keystone.conf) into gist.
>>
>> git://gist.github.com/3821846.git
>>
>> Please let me know if you have any issues accessing the file.
>>
>> Thank you very much for helping me out. I have a feeling the issue might
>> be in the python script to populate keystone. When I previously input the
>> data manually, I got keystone configured properly.
>>
>> Regards,
>> Ahmed.
>>
>>
>> ________________________________________
>> From: heckj [heckj@xxxxxxx]
>> Sent: Tuesday, October 02, 2012 10:56 AM
>> To: Ahmed Al-Mehdi
>> Cc: openstack@xxxxxxxxxxxxxxxxxxx
>> Subject: Re: [Openstack] Enabling logging in keystone.
>>
>> Ahmed - can you put your keystone.conf into a paste or gist and share it
>> with me? I'd be happy to help you debug this.
>>
>> I'm assuming you're running keystone on the system with the IP address
>> 10.0.2.15, correct?
>>
>> -joe
>>
>> On Oct 2, 2012, at 10:45 AM, Ahmed Al-Mehdi <ahmed@xxxxxxxxxx> wrote:
>>
>> > Hi Joe,
>> >
>> > I noticed I did not put the port number in the URL, now I am getting a
>> more meaningful error:
>> >
>> > #> keystone --token 012345SECRET99TOKEN01234 --endpoint
>> http://10.0.2.15:35357/v2.0 tenant-list
>> > No handlers could be found for logger "keystoneclient.client"
>> > Unable to authorize user
>> >
>> > Regards,
>> > Ahmed.
>> >
>> > ________________________________________
>> > From: openstack-bounces+ahmed=coraid.com@xxxxxxxxxxxxxxxxxxx[openstack-bounces+ahmed
>> =coraid.com@xxxxxxxxxxxxxxxxxxx] On Behalf Of Ahmed Al-Mehdi [
>> ahmed@xxxxxxxxxx]
>> > Sent: Tuesday, October 02, 2012 10:30 AM
>> > To: heckj
>> > Cc: openstack@xxxxxxxxxxxxxxxxxxx
>> > Subject: Re: [Openstack] Enabling logging in keystone.
>> >
>> > Hi Joe,
>> >
>> > Unfortunately before I read your response I re-installed my Ubuntuserver. I repeated the same steps mentioned in the OpenStackdocument "Deploy and Install OpenStack- RedHatUbuntu"
>> and also used the script mentioned in it (
>> https://github.com/nimbis/keystone-init/blob/master/keystone-init.py) to
>> populate keystone. I reboot the server prior to running your suggested
>> command and now running into a different issue, which I feel maybe due to
>> not starting some service. Btw, my host OS is Ubuntu 12.04 (32 bit)
>> running inVirtualBox.
>> >
>> > Currently I am getting the following error:
>> >
>> > #> keystone --token 012345SECRET99TOKEN01234 --endpoint
>> http://10.0.2.15/v2.0 tenant-list
>> > No handlers could be found for logger "keystoneclient.client"
>> > Unable to communicate with identity service: [Errno 111] Connection
>> refused. (HTTP 400)
>> >
>> > How can I address the "logger" error. I don't see any output sent to
>> /var/log/keystone/keystone.log.
>> >
>> > I checked mysql and keystone is running:
>> >
>> > #> service keystone status
>> > keystone start/running, process 741
>> > #> ps aux | grep key
>> > keystone 741 0.0 0.0 3028 1184 ? Ss 09:41 0:00 su -s
>> /bin/sh -c exec keystone-all keystone
>> > keystone 760 0.1 1.0 30872 21696 ? S 09:41 0:01 /usr/bin/python
>> /usr/bin/keystone-all
>> > root 1726 0.0 0.0 4388 828 tty1 S+ 09:56 0:00 grep--color=auto key
>> >
>> > Thank you,
>> > Ahmed.
>> >
>> >
>> > ________________________________________
>> > From: heckj [heckj@xxxxxxx]
>> > Sent: Monday, October 01, 2012 5:47 PM
>> > To: Ahmed Al-Mehdi
>> > Cc: openstack@xxxxxxxxxxxxxxxxxxx
>> > Subject: Re: [Openstack] Enabling logging in keystone.
>> >
>> > Can you invoke the keystone commands with --token and --endpoint?
>> That's the same thing as what you're trying to do with curl, but using
>> the CLI to do the hard work of making sure you get the header's all
>> nailed down correctly.
>> >
>> > Some good ones to try are:
>> > (using your example "token" and "endpoint" from below - modify if they
>> don't match your config)
>> >
>> > keystone --token ahmedadmintoken --endpoint
>> http://10.176.20.158:35357/v2.0 tenant-list
>> > keystone --token ahmedadmintoken --endpoint
>> http://10.176.20.158:35357/v2.0 user-list
>> > keystone --token ahmedadmintoken --endpoint
>> http://10.176.20.158:35357/v2.0 service-list
>> > keystone --token ahmedadmintoken --endpoint
>> http://10.176.20.158:35357/v2.0 role-list
>> >
>> > All of these should report back *without* errors, even if you haven't
>> bootstrapped Keystone to include any services, tenants, users, or roles.
>> >
>> > You can also add "--debug" (as in keystone --debug
>> --token ahmedadmintoken --endpoint http://10.176.20.158:35357/v2.0user-list) to see the underlying HTTP protocol going back and forth and
>> what's getting sent to Keystone.
>> >
>> > -joe
>> >
>> > On Oct 1, 2012, at 5:30 PM, Ahmed Al-Mehdi <ahmed@xxxxxxxxxx> wrote:
>> >> Actually, the curl command with the "X_Auth_Token" is my weak attempt
>> to try to find a solution. I am actually issuing the following command
>> (per recommendation from the OpenStack document - "Install and Deploy
>> Manual – Red Hat Ubuntu"):
>> >>
>> >> root@bodega:~# curl -d '{"auth": {"tenantName": "adminTenant",
>> "passwordCredentials": {"username": "adminUser", "password": "secretword"}}}'
>> -H "Content-type: application/json" -H "X_Auth_Token: ahmedadmintoken"
>> http://10.176.20.158:35357/v2.0/tokens | python -mjson.tool
>> >> % Total % Received % Xferd Average Speed Time Time Time
>> Current
>> >> Dload Upload Total Spent Left
>> Speed
>> >> 100 231 0 116 100 115 12927 12816 --:--:-- --:--:--
>> --:--:-- 14500
>> >> {
>> >> "error": {
>> >> "code": 401,
>> >> "message": "The request you have made requires authentication.",
>> >> "title": "Not Authorized"
>> >> }
>> >> }
>> >>
>> >> Regards,
>> >> Ahmed.
>> >>
>> >>
>> >> From: heckj <heckj@xxxxxxx>
>> >> Date: Monday, October 1, 2012 5:23 PM
>> >> To: Ahmed Al-Mehdi <ahmed@xxxxxxxxxx>
>> >> Cc: "openstack@xxxxxxxxxxxxxxxxxxx" <openstack@xxxxxxxxxxxxxxxxxxx>
>> >> Subject: Re: [Openstack] Enabling logging in keystone.
>> >>
>> >> Ahmed -
>> >>
>> >> The header that's supposed to have the token within it is labelled"X-Auth-Token', not "X_Auth_Token".
>> Unless you're really comfortable with the protocol, I'd recommend using
>> the keystone CLI from the python-keystoneclient to do your verifying,
>> using it's debugging (which is to show you the curl output that you did
>> below).
>> >>
>> >> -joe
>> >>
>> >> On Oct 1, 2012, at 5:12 PM, Ahmed Al-Mehdi <ahmed@xxxxxxxxxx> wrote:
>> >>> Hello,
>> >>>
>> >>> I am trying to verify the installation of keystone. When I try to
>> run some "curl" commands, I get the following error message:
>> >>>
>> >>> root@bodega:~/ahmed/keystone-init# curl -d '{"auth": {"tenantName":
>> "adminTenant", "passwordCredentials": {"username": "adminUser",
>> "password": "secretword"}}}' -H "Content-type: application/json" -H
>> "X_Auth_Token: ahmedadmintoken" http://10.176.20.158:35357/v2.0/tokens |
>> python -mjson.tool
>> >>> % Total % Received % Xferd Average Speed Time Time Time
>> Current
>> >>> Dload Upload Total Spent
>> Left Speed
>> >>> 100 231 0 116 100 115 15205 15074 --:--:-- --:--:--
>> --:--:-- 16571
>> >>> {
>> >>> "error": {
>> >>> "code": 401,
>> >>> "message": "The request you have made requires
>> authentication.",
>> >>> "title": "Not Authorized"
>> >>> }
>> >>> }
>> >>>
>> >>>
>> >>> I don't see any message in the /var/log/keystone/logging.conf file.
>> I can pass "-debug" option to keystone to enable debugging, but I am not
>> sure how to do that from curl. Following is content of
>> /etc/keystone/logging.conf file:
>> >>>
>> >>> root@bodega:~# cat /etc/keystone/logging.conf
>> >>> [loggers]
>> >>> keys=root
>> >>>
>> >>> [formatters]
>> >>> keys=normal,normal_with_name,debug
>> >>>
>> >>> [handlers]
>> >>> keys=production,file,devel
>> >>>
>> >>> [logger_root]
>> >>> level=WARNING
>> >>> handlers=file
>> >>>
>> >>> [handler_production]
>> >>> class=handlers.SysLogHandler
>> >>> level=ERROR
>> >>> formatter=normal_with_name
>> >>> args=(('localhost', handlers.SYSLOG_UDP_PORT),
>> handlers.SysLogHandler.LOG_USER)
>> >>>
>> >>> [handler_file]
>> >>> class=FileHandler
>> >>> level=DEBUG
>> >>> formatter=normal_with_name
>> >>> args=('/var/log/keystone/keystone.log', 'a')
>> >>>
>> >>> [handler_devel]
>> >>> class=StreamHandler
>> >>> level=NOTSET
>> >>> formatter=debug
>> >>> args=(sys.stdout,)
>> >>>
>> >>> [formatter_normal]
>> >>> format=%(asctime)s %(levelname)s %(message)s
>> >>>
>> >>> [formatter_normal_with_name]
>> >>> format=(%(name)s): %(asctime)s %(levelname)s %(message)s
>> >>>
>> >>> [formatter_debug]
>> >>> format=(%(name)s): %(asctime)s %(levelname)s %(module)s %(funcName)s
>> %(message)s
>> >>> root@bodega:~#
>> >>>
>> >>> Any help would be greatly appreciated.
>> >>>
>> >>> Regards,
>> >>> Ahmed.
>> >>>
>> >>>
>> >>>
>> >>> _______________________________________________
>> >>> Mailing list: https://launchpad.net/~openstack
>> >>> Post to : openstack@xxxxxxxxxxxxxxxxxxx
>> >>> Unsubscribe : https://launchpad.net/~openstack
>> >>> More help : https://help.launchpad.net/ListHelp
>> >>
>> > _______________________________________________
>> > Mailing list: https://launchpad.net/~openstack
>> > Post to : openstack@xxxxxxxxxxxxxxxxxxx
>> > Unsubscribe : https://launchpad.net/~openstack
>> > More help : https://help.launchpad.net/ListHelp
>> _______________________________________________
>> Mailing list: https://launchpad.net/~openstack
>> Post to : openstack@xxxxxxxxxxxxxxxxxxx
>> Unsubscribe : https://launchpad.net/~openstack
>> More help : https://help.launchpad.net/ListHelp
>>
>
>
> _______________________________________________
> Mailing list: https://launchpad.net/~openstack
> Post to : openstack@xxxxxxxxxxxxxxxxxxx
> Unsubscribe : https://launchpad.net/~openstack
> More help : https://help.launchpad.net/ListHelp
>
>
Follow ups
References
