keystone v3 :: kilo HA setup token authentication failure while listing projects and running service commands.
| Affects | Status | Importance | Assigned to | Milestone | |
|---|---|---|---|---|---|
| Juniper Openstack |
New
|
High
|
Unassigned | ||
| R3.1 |
Fix Released
|
High
|
Deepinder Setia | ||
Bug Description
I have 2 setups, one multi-node HA and the other a single node. I provisioned R3.1 kilo on both and configured keystone v3. I followed the steps as listed in the attached file. I have changed the /etc/contrail/
But when I try to execute any service commands like glance image-list, neutron net-list and nova service-list it fails with token authentication failure. On the single node setup it works fine but in case of HA setup I see the failure.
Can you please take a look at the setups.
Single Node:-
root@nodeb2:~# nova --os-project-
+----+-
| Id | Binary | Host | Zone | Status | State | Updated_at | Disabled Reason |
+----+-
| 1 | nova-scheduler | nodeb2 | internal | enabled | up | 2016-07-
| 2 | nova-console | nodeb2 | internal | enabled | up | 2016-07-
| 3 | nova-consoleauth | nodeb2 | internal | enabled | up | 2016-07-
| 4 | nova-conductor | nodeb2 | internal | enabled | up | 2016-07-
| 5 | nova-compute | nodeb2 | nova | enabled | up | 2016-07-
+----+-
root@nodeb2:~# neutron --os-project-
+------
| id | name | subnets |
+------
| d68731f3-
| c3067bea-
| e6ba9007-
+------
root@nodeb2:~#
HA Setup:-
root@nodeg34:~# nova service-list
+----+-
| Id | Binary | Host | Zone | Status | State | Updated_at | Disabled Reason |
+----+-
| 3 | nova-scheduler | nodeg34 | internal | enabled | up | 2016-07-
| 6 | nova-console | nodeg34 | internal | enabled | up | 2016-07-
| 9 | nova-consoleauth | nodeg34 | internal | enabled | up | 2016-07-
| 12 | nova-conductor | nodeg34 | internal | enabled | up | 2016-07-
| 15 | nova-scheduler | nodec48 | internal | enabled | up | 2016-07-
| 18 | nova-console | nodec48 | internal | enabled | up | 2016-07-
| 21 | nova-consoleauth | nodec48 | internal | enabled | up | 2016-07-
| 24 | nova-conductor | nodec48 | internal | enabled | up | 2016-07-
| 27 | nova-scheduler | nodec49 | internal | enabled | up | 2016-07-
| 30 | nova-console | nodec49 | internal | enabled | up | 2016-07-
| 33 | nova-consoleauth | nodec49 | internal | enabled | up | 2016-07-
| 36 | nova-conductor | nodec49 | internal | enabled | up | 2016-07-
| 42 | nova-compute | nodec51 | nova | enabled | up | 2016-07-
| 45 | nova-compute | nodec63 | nova | enabled | up | 2016-07-
+----+-
root@nodeg34:~# glance --os-project-
404 Not Found: The resource could not be found. (HTTP 404)
root@nodeg34:~# neutron --os-project-
Traceback (most recent call last):
File "/usr/bin/neutron", line 6, in <module>
from neutronclient.shell import main
File "/usr/lib/
from keystoneclient.
ImportError: No module named openstack.
root@nodeg34:~#
Setup -1 :: HA
env.roledefs = {
'all': [host1, host2, host3, host4, host5],
'cfgm': [host1, host2, host3],
'openstack'
'control'
'compute': [host4, host5],
'collector': [host1, host2, host3],
'webui': [host1, host2, host3],
'database': [host1, host2, host3],
'build': [host_build],
}
env.hostnames ={
'all': ['nodeg34', 'nodec48', 'nodec49', 'nodec51', 'nodec63']
}
host1 = 'root@10.
host2 = 'root@10.
host3 = 'root@10.
host4 = 'root@10.
host5 = 'root@10.
Setup – 2 :: Single Node
host1 = 'root@10.
env.roledefs = {
'all': [host1],
'cfgm': [host1],
'openstack': [host1],
'control': [host1],
'compute': [host1],
'collector': [host1],
'webui': [host1],
'database': [host1],
'build': [host_build],
}
env.hostnames = {
'all': ['nodeb2']
}
| Ritam Gangopadhyay (ritam) wrote | #1 |
| Ritam Gangopadhyay (ritam) wrote | #2 |
| information type: | Proprietary → Public |
| Changed in juniperopenstack: | |
| milestone: | r3.1.0.0-fcs → none |
| Deepinder Setia (dsetia) wrote | #3 |
| Deepinder Setia (dsetia) wrote | #4 |
| Ritam Gangopadhyay (ritam) wrote | #5 |
Ritam, can you check if this is still broken? Ensure following:
1) admin user has a role in default domain
2) SESSION_ENGINE isn't set to cookies (ok to set to cache)