nova.compute ImageNotAuthorized when using strategy keystone
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
OpenStack Compute (nova) |
Invalid
|
Undecided
|
Unassigned |
Bug Description
This compute node is running the latest code from:
http://
When glance is secured with keystone then nova-compute is not authorized to deploy an image from glance. This is a problem specific to the context of the token.
per this question:
https:/
I am getting the same error.
I have updated the code in nova.image.glance to this:
def _create_
"""Instantiate a new glanceclient.Client object"""
if use_ssl:
scheme = 'https'
else:
scheme = 'http'
params = {}
params[
if FLAGS.auth_strategy == 'keystone':
dicttoken = context.
endpoint = '%s://%s:%s' % (scheme, host, port)
return glanceclient.
And as you can see from the paste
The params['token'] code is being called twice.
The second time the context.auth_token call is failing.
root@server12:~# grep req-f66255ef-
2013-03-07 11:07:44 ERROR nova.image.glance [req-f66255ef-
2013-03-07 11:07:44 ERROR nova.image.glance [req-f66255ef-
2013-03-07 11:07:49 ERROR nova.image.glance [req-f66255ef-
2013-03-07 11:07:49 ERROR nova.image.glance [req-f66255ef-
2013-03-07 11:07:49 ERROR nova.compute.
If I use the dict option the token works and I am no longer blocked.
description: | updated |
description: | updated |
Changed in nova: | |
status: | New → Confirmed |
Changed in nova: | |
status: | Confirmed → New |
status: | New → Confirmed |
Changed in nova: | |
assignee: | nobody → lizheming (lizheming-li) |
Changed in nova: | |
assignee: | lizheming (lizheming-li) → nobody |
Changed in nova: | |
status: | Incomplete → Invalid |
folsom has been end of lifed