← Back to team overview

openstack team mailing list archive

Re: [Keystone][Swift] Problems with admin_user, admin_password, admin_tenant_name

 

Back to my first question, should I create admin_user, admin_password,
admin_tenant_name by keystone command myself?


On Fri, Feb 22, 2013 at 9:02 AM, Kun Huang <Academicgareth@xxxxxxxxx> wrote:

> Dolph, thanks your advice, but in my environment, both below two case
>
> 1. setting admin_token,admin_user, admin_password, admin_tenant_name in
> proxy.conf and setting admin_token in keystone.conf
> 2. setting admin_user, admin_password, admin_tenant_name in proxy.conf and
> setting admin_token in keystone.conf
>
> only admin_token in keystone.conf is valuable. (default ADMIN)
> Should I create admin_user, admin_password, admin_tenant_name by keystone
> command myself?
>
>
>
>
> On Fri, Feb 22, 2013 at 1:45 AM, Dolph Mathews <dolph.mathews@xxxxxxxxx>wrote:
>
>> Setting the admin_token config is overriding the admin_user,
>> admin_password, and admin_tenant_name values by specifying a static token.
>> I'd recommend removing it and using the auth credentials you've already
>> provided.
>>
>> -Dolph
>>
>>
>> On Thu, Feb 21, 2013 at 3:10 AM, Kun Huang <Academicgareth@xxxxxxxxx>wrote:
>>
>>> Following another question:
>>> In document:
>>> http://docs.openstack.org/developer/keystone/middleware_architecture.html
>>> ,
>>>
>>> [filter:tokenauth]
>>> paste.filter_factory = keystone.middleware.auth_token:filter_factory
>>> auth_host = 127.0.0.1
>>> auth_port = 35357
>>> auth_protocol = http
>>> auth_uri = http://127.0.0.1:5000/
>>> admin_token = Super999Sekret888Password777
>>> admin_user = admin
>>> admin_password = SuperSekretPassword
>>> admin_tenant_name = service
>>> ;Uncomment next line and check ip:port to use memcached to cache tokens
>>> ;memcache_servers = 127.0.0.1:11211
>>>
>>> That admin token is not admin_token = ADMIN in keystone, right?
>>>
>>>
>>>
>>>
>>>
>>> On Thu, Feb 21, 2013 at 4:06 PM, Kun Huang <Academicgareth@xxxxxxxxx>wrote:
>>>
>>>> I'm building environment with Swift + Keystone.
>>>> I have set admin_user, admin_password, admin_tenant_name, but it
>>>> doesn't work.
>>>> I followed the document:
>>>> http://docs.openstack.org/developer/swift/overview_auth.html and chmouel's
>>>> blog:
>>>> http://blog.chmouel.com/2011/11/24/swift-and-keystone-middleware-part1/
>>>>
>>>> My swift and keystone run well:
>>>>
>>>> [image: Inline image 1]
>>>>
>>>> But failed in curl:
>>>> [image: Inline image 2]
>>>>
>>>> I guess the value of admin_user/admin_password/admin_tenant_name
>>>> doesn't save in db.
>>>>
>>>> Which step do I missed? or some problems in my proxy config?
>>>>
>>>> Here is my current config.
>>>> [DEFAULT]
>>>> bind_port = 8888
>>>> user = swift
>>>>
>>>> [pipeline:main]
>>>> pipeline = catch_errors healthcheck cache authtoken keystoneauth
>>>> proxy-server
>>>>
>>>> [app:proxy-server]
>>>> use = egg:swift#proxy
>>>> account_autocreate = true
>>>>
>>>> [filter:keystoneauth]
>>>> use = egg:swift#keystoneauth
>>>> operator_roles = admin, swiftoperator
>>>>
>>>> [filter:authtoken]
>>>> # Delaying the auth decision is required to support token-less
>>>> # usage for anonymous referrers ('.r:*').
>>>> paste.filter_factory =
>>>> keystoneclient.middleware.auth_token:filter_factory
>>>> auth_host = keystonehost
>>>> auth_port = 35357
>>>> auth_protocol = http
>>>> auth_uri = http://keystonehost:5000/
>>>> admin_tenant_name = service
>>>> admin_user = swift
>>>> admin_password = password
>>>>
>>>> [filter:cache]
>>>> use = egg:swift#memcache
>>>> set log_name = cache
>>>>
>>>> [filter:catch_errors]
>>>> use = egg:swift#catch_errors
>>>>
>>>> [filter:healthcheck]
>>>> use = egg:swift#healthcheck
>>>>
>>>
>>>
>>> _______________________________________________
>>> Mailing list: https://launchpad.net/~openstack
>>> Post to     : openstack@xxxxxxxxxxxxxxxxxxx
>>> Unsubscribe : https://launchpad.net/~openstack
>>> More help   : https://help.launchpad.net/ListHelp
>>>
>>>
>>
>

Follow ups

References