openstack team mailing list archive
-
openstack team
-
Mailing list archive
-
Message #19694
Re: Cannot create projects. Folsom on Centos 6.3
On Dec 27, 2012, at 4:13 PM, Julie Pichon wrote:
> I've seen something similar when the keystone default role defined in Horizon doesn't actually exist in Keystone. The guide you link to suggests changing the default role in Horizon to match the OS_TENANT_NAME environment variable. Could you check that the value of OPENSTACK_KEYSTONE_DEFAULT_ROLE in /etc/openstack-dashboard/local_settings matches one of the role names in the output of 'keystone role-list'?
Hey,
It is just Dashboard that seems to have the problem. I guess there is something strange with users and roles going on...
/etc/openstack-dashboard/local_settings
OPENSTACK_HOST = "controller"
OPENSTACK_KEYSTONE_URL = "http://%s:5000/v2.0"; % OPENSTACK_HOST
OPENSTACK_KEYSTONE_DEFAULT_ROLE = "admin"
##Logging is not very verbose..
[root@controller nova]# cat /var/log/keystone/keystone.log
2012-12-20 13:54:48 WARNING [keystone.common.wsgi] Conflict occurred attempting to store tenant. (IntegrityError) (1062, "Duplicate entry 'admin' for key 'name'")
2012-12-20 17:08:26 WARNING [keystone.common.wsgi] Could not find user: admin
2012-12-27 11:52:36 WARNING [keystone.common.wsgi] Authorization failed. The request you have made requires authentication. from 127.0.0.1
[root@controller nova]# keystone tenant-list
+----------------------------------+----------------+---------+
| id | name | enabled |
+----------------------------------+----------------+---------+
| 0c512648e33844cea8f957a37d5525e5 | widget-company | True |
| 60d672952f1b4917b90cf6821de24742 | admin | True |
| bceb80c7104e475aab4b60786320a86f | service | True |
+----------------------------------+----------------+---------+
[root@controller nova]# keystone user-list
+----------------------------------+--------+---------+-----------------------+
| id | name | enabled | email |
+----------------------------------+--------+---------+-----------------------+
| 14791fc4ee364f7aa35cd8df3211dc2c | ec2 | True | None |
| 5387b83db7d14ca8843a3b16e68fc2ca | swift | True | None |
| 6a2593f0867c478bb2ece460226c3ce2 | admin | True | None |
| 784701dc5dfe41a7811f7261d8345a9a | andrew | True | a.holway@xxxxxxxxxxxx |
| 89876a05f18c4d049a90ff6a863ce7c6 | nova | True | None |
| bac2b9234ced458481733f98b0dacaa2 | glance | True | None |
+----------------------------------+--------+---------+-----------------------+
[root@controller nova]# keystone tenant-list
+----------------------------------+----------------+---------+
| id | name | enabled |
+----------------------------------+----------------+---------+
| 0c512648e33844cea8f957a37d5525e5 | widget-company | True |
| 60d672952f1b4917b90cf6821de24742 | admin | True |
| bceb80c7104e475aab4b60786320a86f | service | True |
+----------------------------------+----------------+---------+
[root@controller nova]# keystone role-list
+----------------------------------+------------+
| id | name |
+----------------------------------+------------+
| 64139d1b94214e20976489861da50bf1 | memberRole |
| bf2b003aaf7a424b967ed209a6c57215 | admin |
+----------------------------------+------------+
[root@controller nova]# keystone user-role-list
+----------------------------------+-------+----------------------------------+----------------------------------+
| id | name | user_id | tenant_id |
+----------------------------------+-------+----------------------------------+----------------------------------+
| bf2b003aaf7a424b967ed209a6c57215 | admin | 6a2593f0867c478bb2ece460226c3ce2 | 60d672952f1b4917b90cf6821de24742 |
+----------------------------------+-------+----------------------------------+----------------------------------+
Follow ups
References
