Glance

NotAuthorized: You are not authorized to complete this action

Bug #958568 reported by Peng Yong on 2012-03-18

This bug affects 1 person

Affects		Status	Importance	Assigned to	Milestone
	Glance	Invalid	Undecided	Unassigned

Bug Description

i install a multi node openstack. it works in contoller with a compute, i can run instances on it.
when i copy nova.conf to a new compute, and run instance, it reports:

2012-03-18 21:53:50 ERROR nova.rpc.common [-] Exception during message handling
(nova.rpc.common): TRACE: Traceback (most recent call last):
(nova.rpc.common): TRACE: File "/usr/lib/python2.7/site-packages/nova/rpc/amqp.py", line 250, in _process_data
(nova.rpc.common): TRACE: rval = node_func(context=ctxt, **node_args)
(nova.rpc.common): TRACE: File "/usr/lib/python2.7/site-packages/nova/exception.py", line 112, in wrapped
(nova.rpc.common): TRACE: return f(*args, **kw)
(nova.rpc.common): TRACE: File "/usr/lib/python2.7/site-packages/nova/compute/manager.py", line 180, in decorated_function
(nova.rpc.common): TRACE: sys.exc_info())
(nova.rpc.common): TRACE: File "/usr/lib64/python2.7/contextlib.py", line 24, in __exit__
(nova.rpc.common): TRACE: self.gen.next()
(nova.rpc.common): TRACE: File "/usr/lib/python2.7/site-packages/nova/compute/manager.py", line 174, in decorated_function
(nova.rpc.common): TRACE: return function(self, context, instance_uuid, *args, **kwargs)
(nova.rpc.common): TRACE: File "/usr/lib/python2.7/site-packages/nova/compute/manager.py", line 649, in run_instance
(nova.rpc.common): TRACE: self._run_instance(context, instance_uuid, **kwargs)
(nova.rpc.common): TRACE: File "/usr/lib/python2.7/site-packages/nova/compute/manager.py", line 452, in _run_instance
(nova.rpc.common): TRACE: self._set_instance_error_state(context, instance_uuid)
(nova.rpc.common): TRACE: File "/usr/lib64/python2.7/contextlib.py", line 24, in __exit__
(nova.rpc.common): TRACE: self.gen.next()
(nova.rpc.common): TRACE: File "/usr/lib/python2.7/site-packages/nova/compute/manager.py", line 421, in _run_instance
(nova.rpc.common): TRACE: image_meta = self._check_image_size(context, instance)
(nova.rpc.common): TRACE: File "/usr/lib/python2.7/site-packages/nova/compute/manager.py", line 499, in _check_image_size
(nova.rpc.common): TRACE: image_meta = _get_image_meta(context, instance['image_ref'])
(nova.rpc.common): TRACE: File "/usr/lib/python2.7/site-packages/nova/compute/manager.py", line 187, in _get_image_meta
(nova.rpc.common): TRACE: return image_service.show(context, image_id)
(nova.rpc.common): TRACE: File "/usr/lib/python2.7/site-packages/nova/image/glance.py", line 236, in show
(nova.rpc.common): TRACE: image_id)
(nova.rpc.common): TRACE: File "/usr/lib/python2.7/site-packages/nova/image/glance.py", line 145, in _call_retry
(nova.rpc.common): TRACE: return getattr(client, name)(*args, **kwargs)
(nova.rpc.common): TRACE: File "/usr/lib/python2.7/site-packages/glance/client.py", line 101, in get_image_meta
(nova.rpc.common): TRACE: res = self.do_request("HEAD", "/images/%s" % image_id)
(nova.rpc.common): TRACE: File "/usr/lib/python2.7/site-packages/glance/common/client.py", line 61, in wrapped
(nova.rpc.common): TRACE: return func(self, *args, **kwargs)
(nova.rpc.common): TRACE: File "/usr/lib/python2.7/site-packages/glance/common/client.py", line 390, in do_request
(nova.rpc.common): TRACE: headers=headers)
(nova.rpc.common): TRACE: File "/usr/lib/python2.7/site-packages/glance/common/client.py", line 75, in wrapped
(nova.rpc.common): TRACE: return func(self, method, url, body, headers)
(nova.rpc.common): TRACE: File "/usr/lib/python2.7/site-packages/glance/common/client.py", line 500, in _do_request
(nova.rpc.common): TRACE: raise exception.NotAuthorized(res.read())
(nova.rpc.common): TRACE: NotAuthorized: You are not authorized to complete this action.
(nova.rpc.common): TRACE: Details:
(nova.rpc.common): TRACE:

here is my nova.conf:

[DEFAULT]
verbose=True
logdir = /var/log/nova
state_path = /var/lib/nova
lock_path = /var/lib/nova/tmp
dhcpbridge = /usr/bin/nova-dhcpbridge
dhcpbridge_flagfile = /etc/nova/nova.conf

root_helper = sudo nova-rootwrap

force_dhcp_release = True
injected_network_template = /usr/share/nova/interfaces.template
libvirt_xml_template = /usr/share/nova/libvirt.xml.template
vpn_client_template = /usr/share/nova/client.ovpn.template
credentials_template = /usr/share/nova/novarc.template

api_paste_config=/etc/nova/api-paste.ini
sql_connection = mysql://nova:nova@192.168.28.5/nova

iscsi_ip_prefix = 192.168.28.5
iscsi_helper = tgtadm

connection_type = libvirt
libvirt_type = kvm

rabbit_host=192.168.28.5
rabbit_password=nova

firewall_driver = nova.virt.libvirt.firewall.IptablesFirewallDriver
network_manager=nova.network.manager.FlatDHCPManager
flat_network_bridge=br100
flat_injected=False
public_interface=em1
flat_interface=em2

auth_strategy=keystone
allow_resize_to_same_host=True
compute_scheduler_driver=nova.scheduler.simple.SimpleScheduler
#compute_scheduler_driver=nova.scheduler.distributed_scheduler.DistributedScheduler

image_service=nova.image.glance.GlanceImageService
#nova glance host
s3_host=192.168.28.5
glance_api_servers=192.168.28.5:9292

volume_group=nova-volumes
volume_name_template=volume-%08x
osapi_compute_extension=nova.api.openstack.compute.contrib.standard_extensions