← Back to team overview

openstack team mailing list archive

nova list requests failing

 

Hi,

Please excuse dumb questions. Im very new to openstack.

So I have just managed to get the nova-api service running (thanks virsh) but it seems to be having a little problem with auth. 

[root@blade02 07-openstack-controller]# nova list
ERROR: n/a (HTTP 401)
[root@blade02 07-openstack-controller]# nova    --os_username=nova    --os_password=passw0rd    --os_tenant_name=service    --os_auth_url=http://controller:5000/v2.0 list
ERROR: n/a (HTTP 401)

Can anyone see what is going on here?

Thanks,

Andrew



/var/log/nova/api.log
2012-12-10 20:24:49 ERROR keystone.middleware.auth_token [-] HTTP connection exception: [Errno 1] _ssl.c:490: error:140770FC:SSL routines:SSL23_GET_SERVER_HELLO:unknown protocol
2012-12-10 20:24:49 WARNING keystone.middleware.auth_token [-] Authorization failed for token 61d0f67e79cd4f8fbe19412e4347e22c
2012-12-10 20:24:49 INFO keystone.middleware.auth_token [-] Invalid user token - rejecting request
2012-12-10 20:24:49 INFO nova.osapi_compute.wsgi.server [-] 127.0.0.1 - - [10/Dec/2012 20:24:49] "GET /v2/3338bc86707e4cdb910a3c7a6fd1a649/servers/detail HTTP/1.1" 401 462 0.002252

[root@blade02 07-openstack-controller]# cat /etc/nova/api-paste.ini
############
# Metadata #
############
[composite:metadata]
use = egg:Paste#urlmap
/: meta

[pipeline:meta]
pipeline = ec2faultwrap logrequest metaapp

[app:metaapp]
paste.app_factory = nova.api.metadata.handler:MetadataRequestHandler.factory

#######
# EC2 #
#######

[composite:ec2]
use = egg:Paste#urlmap
/services/Cloud: ec2cloud

[composite:ec2cloud]
use = call:nova.api.auth:pipeline_factory
noauth = ec2faultwrap logrequest ec2noauth cloudrequest validator ec2executor
keystone = ec2faultwrap logrequest ec2keystoneauth cloudrequest validator ec2executor

[filter:ec2faultwrap]
paste.filter_factory = nova.api.ec2:FaultWrapper.factory

[filter:logrequest]
paste.filter_factory = nova.api.ec2:RequestLogging.factory

[filter:ec2lockout]
paste.filter_factory = nova.api.ec2:Lockout.factory

[filter:ec2keystoneauth]
paste.filter_factory = nova.api.ec2:EC2KeystoneAuth.factory

[filter:ec2noauth]
paste.filter_factory = nova.api.ec2:NoAuth.factory

[filter:cloudrequest]
controller = nova.api.ec2.cloud.CloudController
paste.filter_factory = nova.api.ec2:Requestify.factory

[filter:authorizer]
paste.filter_factory = nova.api.ec2:Authorizer.factory

[filter:validator]
paste.filter_factory = nova.api.ec2:Validator.factory

[app:ec2executor]
paste.app_factory = nova.api.ec2:Executor.factory

#############
# Openstack #
#############

[composite:osapi_compute]
use = call:nova.api.openstack.urlmap:urlmap_factory
/: oscomputeversions
/v1.1: openstack_compute_api_v2
/v2: openstack_compute_api_v2

[composite:osapi_volume]
use = call:nova.api.openstack.urlmap:urlmap_factory
/: osvolumeversions
/v1: openstack_volume_api_v1

[composite:openstack_compute_api_v2]
use = call:nova.api.auth:pipeline_factory
noauth = faultwrap sizelimit noauth ratelimit osapi_compute_app_v2
keystone = faultwrap sizelimit authtoken keystonecontext ratelimit osapi_compute_app_v2
keystone_nolimit = faultwrap sizelimit authtoken keystonecontext osapi_compute_app_v2

[composite:openstack_volume_api_v1]
use = call:nova.api.auth:pipeline_factory
noauth = faultwrap sizelimit noauth ratelimit osapi_volume_app_v1
keystone = faultwrap sizelimit authtoken keystonecontext ratelimit osapi_volume_app_v1
keystone_nolimit = faultwrap sizelimit authtoken keystonecontext osapi_volume_app_v1

[filter:faultwrap]
paste.filter_factory = nova.api.openstack:FaultWrapper.factory

[filter:noauth]
paste.filter_factory = nova.api.openstack.auth:NoAuthMiddleware.factory

[filter:ratelimit]
paste.filter_factory = nova.api.openstack.compute.limits:RateLimitingMiddleware.factory

[filter:sizelimit]
paste.filter_factory = nova.api.sizelimit:RequestBodySizeLimiter.factory

[app:osapi_compute_app_v2]
paste.app_factory = nova.api.openstack.compute:APIRouter.factory

[pipeline:oscomputeversions]
pipeline = faultwrap oscomputeversionapp

[app:osapi_volume_app_v1]
paste.app_factory = nova.api.openstack.volume:APIRouter.factory

[app:oscomputeversionapp]
paste.app_factory = nova.api.openstack.compute.versions:Versions.factory

[pipeline:osvolumeversions]
pipeline = faultwrap osvolumeversionapp

[app:osvolumeversionapp]
paste.app_factory = nova.api.openstack.volume.versions:Versions.factory

##########
# Shared #
##########

[filter:keystonecontext]
paste.filter_factory = nova.api.auth:NovaKeystoneContext.factory

[filter:authtoken]
paste.filter_factory = keystone.middleware.auth_token:filter_factory
admin_tenant_name = service
admin_user = nova
admin_password = passw0rd
auth_uri = http://controller:5000/



/etc/nova/nova.conf 
[DEFAULT]
logdir = /var/log/nova
state_path = /var/lib/nova
lock_path = /var/lib/nova/tmp
volumes_dir = /etc/nova/volumes
dhcpbridge = /usr/bin/nova-dhcpbridge
dhcpbridge_flagfile = /etc/nova/nova.conf
force_dhcp_release = False
injected_network_template = /usr/share/nova/interfaces.template
libvirt_nonblocking = True
libvirt_inject_partition = -1
network_manager = nova.network.manager.FlatDHCPManager
iscsi_helper = tgtadm
sql_connection = mysql://nova:x7deix7dei@controller/nova
compute_driver = libvirt.LibvirtDriver
firewall_driver = nova.virt.libvirt.firewall.IptablesFirewallDriver
rpc_backend = nova.openstack.common.rpc.impl_qpid
rootwrap_config = /etc/nova/rootwrap.conf
verbose = True
auth_strategy = keystone
qpid_hostname = controller
network_host = compute1
fixed_range = 10.0.0.0/24
flat_interface = eth1
flat_network_bridge = br100
public_interface = eth1
glance_host = controller
vncserver_listen = 0.0.0.0
vncserver_proxyclient_address = controller
novncproxy_base_url = http://47.12.104.3:6080/vnc_auto.html
xvpvncproxy_base_url = http://47.12.104.3:6081/console
metadata_host = 10.141.6.2
enabled_apis=ec2,osapi_compute,metadata

#[keystone_authtoken]
admin_tenant_name = %SERVICE_TENANT_NAME%
admin_user = %SERVICE_USER%
admin_password = %SERVICE_PASSWORD%
auth_host = 127.0.0.1
auth_port = 35357
auth_protocol = http
signing_dirname = /tmp/keystone-signing-nova




Follow ups