← Back to team overview

yahoo-eng-team team mailing list archive

  1. yahoo-eng-team team
  2. Mailing list archive
  3. Message #42036

[Bug 1521463] [NEW] Openstack RC file downloaded in LDAP environment did not support domain setting

  Thread PreviousDate PreviousThread Next 
Public bug reported:

Enabled Read-only LDAP backend, and accessed horizon using the LDAP user
and domain named domain1.

But I found the function of Project->Access & Security->API Acess-> Download Openstack RC File did not support domain setting now.
Using download RC file,  since it does not include domain information, can not access project and got an error as below.

[liwbj@zcu13 ~]$ ./openrcv3-ldap
Please enter your OpenStack Password:
[liwbj@zcu13 ~]$ nova list
ERROR (BadRequest): KS-EE09F51 Expecting to find domain in project - the server could not comply with the request since it is either malformed or otherwise incorrect. The client is assumed to be in error. (HTTP 400)

the downloaed rc file:

#!/bin/bash

# To use an OpenStack cloud you need to authenticate against the Identity
# service named keystone, which returns a **Token** and **Service Catalog**.
# The catalog contains the endpoints for all services the user/tenant has
# access to - such as Compute, Image Service, Identity, Object Storage, Block
# Storage, and Networking (code-named nova, glance, keystone, swift,
# cinder, and neutron).
#
# *NOTE*: Using the 2.0 *Identity API* does not necessarily mean any other
# OpenStack API is version 2.0. For example, your cloud provider may implement
# Image API v1.1, Block Storage API v2, and Compute API v2.0. OS_AUTH_URL is
# only for the Identity API served through keystone.
export OS_AUTH_URL=http://9.12.35.139:5000/v2.0

# With the addition of Keystone we have standardized on the term **tenant**
# as the entity that owns the resources.
export OS_TENANT_ID=28e2c7b82c6742219edb66181a5e94e3
export OS_TENANT_NAME="admin"
export OS_PROJECT_NAME="admin"

# In addition to the owning entity (tenant), OpenStack stores the entity
# performing the action as the **user**.
export OS_USERNAME="admin"

# With Keystone you pass the keystone password.
echo "Please enter your OpenStack Password: "
read -sr OS_PASSWORD_INPUT
export OS_PASSWORD=$OS_PASSWORD_INPUT

# If your configuration has multiple regions, we set that information here.
# OS_REGION_NAME is optional and only valid in certain environments.
export OS_REGION_NAME="RegionOne"
# Don't leave a blank variable, unset it if it was empty
if [ -z "$OS_REGION_NAME" ]; then unset OS_REGION_NAME; fi

** Affects: horizon
     Importance: Undecided
         Status: New

-- 
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to OpenStack Dashboard (Horizon).
https://bugs.launchpad.net/bugs/1521463

Title:
  Openstack RC file downloaded in LDAP environment did not support
  domain setting

Status in OpenStack Dashboard (Horizon):
  New

Bug description:
  Enabled Read-only LDAP backend, and accessed horizon using the LDAP
  user and domain named domain1.

  But I found the function of Project->Access & Security->API Acess-> Download Openstack RC File did not support domain setting now.
  Using download RC file,  since it does not include domain information, can not access project and got an error as below.

  [liwbj@zcu13 ~]$ ./openrcv3-ldap
  Please enter your OpenStack Password:
  [liwbj@zcu13 ~]$ nova list
  ERROR (BadRequest): KS-EE09F51 Expecting to find domain in project - the server could not comply with the request since it is either malformed or otherwise incorrect. The client is assumed to be in error. (HTTP 400)

  the downloaed rc file:

  #!/bin/bash

  # To use an OpenStack cloud you need to authenticate against the Identity
  # service named keystone, which returns a **Token** and **Service Catalog**.
  # The catalog contains the endpoints for all services the user/tenant has
  # access to - such as Compute, Image Service, Identity, Object Storage, Block
  # Storage, and Networking (code-named nova, glance, keystone, swift,
  # cinder, and neutron).
  #
  # *NOTE*: Using the 2.0 *Identity API* does not necessarily mean any other
  # OpenStack API is version 2.0. For example, your cloud provider may implement
  # Image API v1.1, Block Storage API v2, and Compute API v2.0. OS_AUTH_URL is
  # only for the Identity API served through keystone.
  export OS_AUTH_URL=http://9.12.35.139:5000/v2.0

  # With the addition of Keystone we have standardized on the term **tenant**
  # as the entity that owns the resources.
  export OS_TENANT_ID=28e2c7b82c6742219edb66181a5e94e3
  export OS_TENANT_NAME="admin"
  export OS_PROJECT_NAME="admin"

  # In addition to the owning entity (tenant), OpenStack stores the entity
  # performing the action as the **user**.
  export OS_USERNAME="admin"

  # With Keystone you pass the keystone password.
  echo "Please enter your OpenStack Password: "
  read -sr OS_PASSWORD_INPUT
  export OS_PASSWORD=$OS_PASSWORD_INPUT

  # If your configuration has multiple regions, we set that information here.
  # OS_REGION_NAME is optional and only valid in certain environments.
  export OS_REGION_NAME="RegionOne"
  # Don't leave a blank variable, unset it if it was empty
  if [ -z "$OS_REGION_NAME" ]; then unset OS_REGION_NAME; fi

To manage notifications about this bug go to:
https://bugs.launchpad.net/horizon/+bug/1521463/+subscriptions
  Thread PreviousDate PreviousThread Next