Juniper Openstack

3.2-build-9:mitaka-rbac+ keystone v3 setup- vm launch failed (project and user created using v2 creds)

Bug #1648198 reported by shajuvk on 2016-12-07

This bug report is a duplicate of: Bug #1648434: VMs failing to launch with kestone_V3. Edit Remove

This bug affects 1 person

	Status	Importance	Assigned to	Milestone
Juniper Openstack	Status tracked in Trunk
R3.2	Fix Released	High	Deepinder Setia	Juniper Openstack r3.2.0.0-fcs "r3.2.0.0"
Trunk	New	High	Deepinder Setia	Juniper Openstack r4.0.0.0-fcs "r4.0.0.0"

Bug Description

keystone v3+ rbac setup. But project and users are created using v2 rc file. While launching vm on v2 create project, vm failed with below error

2016-12-07 09:43:27.755 30318 ERROR nova.compute.manager [instance: 405df134-b4a8-4540-aa42-ff129ce2ade8] File "/usr/lib/python2.7/dist-packages/neutronclient/v2_0/client.py", line 662, in create_port
2016-12-07 09:43:27.755 30318 ERROR nova.compute.manager [instance: 405df134-b4a8-4540-aa42-ff129ce2ade8] return self.post(self.ports_path, body=body)
2016-12-07 09:43:27.755 30318 ERROR nova.compute.manager [instance: 405df134-b4a8-4540-aa42-ff129ce2ade8] File "/usr/lib/python2.7/dist-packages/neutronclient/v2_0/client.py", line 363, in post
2016-12-07 09:43:27.755 30318 ERROR nova.compute.manager [instance: 405df134-b4a8-4540-aa42-ff129ce2ade8] headers=headers, params=params)
2016-12-07 09:43:27.755 30318 ERROR nova.compute.manager [instance: 405df134-b4a8-4540-aa42-ff129ce2ade8] File "/usr/lib/python2.7/dist-packages/neutronclient/v2_0/client.py", line 286, in do_request
2016-12-07 09:43:27.755 30318 ERROR nova.compute.manager [instance: 405df134-b4a8-4540-aa42-ff129ce2ade8] resp, replybody = self.httpclient.do_request(action, method, body=body)
2016-12-07 09:43:27.755 30318 ERROR nova.compute.manager [instance: 405df134-b4a8-4540-aa42-ff129ce2ade8] File "/usr/lib/python2.7/dist-packages/neutronclient/client.py", line 306, in do_request
2016-12-07 09:43:27.755 30318 ERROR nova.compute.manager [instance: 405df134-b4a8-4540-aa42-ff129ce2ade8] return self.request(url, method, **kwargs)
2016-12-07 09:43:27.755 30318 ERROR nova.compute.manager [instance: 405df134-b4a8-4540-aa42-ff129ce2ade8] File "/usr/lib/python2.7/dist-packages/neutronclient/client.py", line 294, in request
2016-12-07 09:43:27.755 30318 ERROR nova.compute.manager [instance: 405df134-b4a8-4540-aa42-ff129ce2ade8] resp = super(SessionClient, self).request(*args, **kwargs)
2016-12-07 09:43:27.755 30318 ERROR nova.compute.manager [instance: 405df134-b4a8-4540-aa42-ff129ce2ade8] File "/usr/lib/python2.7/dist-packages/keystoneauth1/adapter.py", line 98, in request
2016-12-07 09:43:27.755 30318 ERROR nova.compute.manager [instance: 405df134-b4a8-4540-aa42-ff129ce2ade8] return self.session.request(url, method, **kwargs)
2016-12-07 09:43:27.755 30318 ERROR nova.compute.manager [instance: 405df134-b4a8-4540-aa42-ff129ce2ade8] File "/usr/lib/python2.7/dist-packages/positional/__init__.py", line 94, in inner
2016-12-07 09:43:27.755 30318 ERROR nova.compute.manager [instance: 405df134-b4a8-4540-aa42-ff129ce2ade8] return func(*args, **kwargs)
2016-12-07 09:43:27.755 30318 ERROR nova.compute.manager [instance: 405df134-b4a8-4540-aa42-ff129ce2ade8] File "/usr/lib/python2.7/dist-packages/keystoneauth1/session.py", line 370, in request
2016-12-07 09:43:27.755 30318 ERROR nova.compute.manager [instance: 405df134-b4a8-4540-aa42-ff129ce2ade8] auth_headers = self.get_auth_headers(auth)
2016-12-07 09:43:27.755 30318 ERROR nova.compute.manager [instance: 405df134-b4a8-4540-aa42-ff129ce2ade8] File "/usr/lib/python2.7/dist-packages/keystoneauth1/session.py", line 624, in get_auth_headers
2016-12-07 09:43:27.755 30318 ERROR nova.compute.manager [instance: 405df134-b4a8-4540-aa42-ff129ce2ade8] return auth.get_headers(self, **kwargs)
2016-12-07 09:43:27.755 30318 ERROR nova.compute.manager [instance: 405df134-b4a8-4540-aa42-ff129ce2ade8] File "/usr/lib/python2.7/dist-packages/keystoneauth1/plugin.py", line 84, in get_headers
2016-12-07 09:43:27.755 30318 ERROR nova.compute.manager [instance: 405df134-b4a8-4540-aa42-ff129ce2ade8] token = self.get_token(session)
2016-12-07 09:43:27.755 30318 ERROR nova.compute.manager [instance: 405df134-b4a8-4540-aa42-ff129ce2ade8] File "/usr/lib/python2.7/dist-packages/keystoneauth1/identity/base.py", line 90, in get_token
2016-12-07 09:43:27.755 30318 ERROR nova.compute.manager [instance: 405df134-b4a8-4540-aa42-ff129ce2ade8] return self.get_access(session).auth_token
2016-12-07 09:43:27.755 30318 ERROR nova.compute.manager [instance: 405df134-b4a8-4540-aa42-ff129ce2ade8] File "/usr/lib/python2.7/dist-packages/keystoneauth1/identity/base.py", line 136, in get_access
2016-12-07 09:43:27.755 30318 ERROR nova.compute.manager [instance: 405df134-b4a8-4540-aa42-ff129ce2ade8] self.auth_ref = self.get_auth_ref(session)
2016-12-07 09:43:27.755 30318 ERROR nova.compute.manager [instance: 405df134-b4a8-4540-aa42-ff129ce2ade8] File "/usr/lib/python2.7/dist-packages/keystoneauth1/identity/generic/base.py", line 181, in get_auth_ref
2016-12-07 09:43:27.755 30318 ERROR nova.compute.manager [instance: 405df134-b4a8-4540-aa42-ff129ce2ade8] return self._plugin.get_auth_ref(session, **kwargs)
2016-12-07 09:43:27.755 30318 ERROR nova.compute.manager [instance: 405df134-b4a8-4540-aa42-ff129ce2ade8] File "/usr/lib/python2.7/dist-packages/keystoneauth1/identity/v3/base.py", line 167, in get_auth_ref
2016-12-07 09:43:27.755 30318 ERROR nova.compute.manager [instance: 405df134-b4a8-4540-aa42-ff129ce2ade8] authenticated=False, log=False, **rkwargs)
2016-12-07 09:43:27.755 30318 ERROR nova.compute.manager [instance: 405df134-b4a8-4540-aa42-ff129ce2ade8] File "/usr/lib/python2.7/dist-packages/keystoneauth1/session.py", line 572, in post
2016-12-07 09:43:27.755 30318 ERROR nova.compute.manager [instance: 405df134-b4a8-4540-aa42-ff129ce2ade8] return self.request(url, 'POST', **kwargs)
2016-12-07 09:43:27.755 30318 ERROR nova.compute.manager [instance: 405df134-b4a8-4540-aa42-ff129ce2ade8] File "/usr/lib/python2.7/dist-packages/positional/__init__.py", line 94, in inner
2016-12-07 09:43:27.755 30318 ERROR nova.compute.manager [instance: 405df134-b4a8-4540-aa42-ff129ce2ade8] return func(*args, **kwargs)
2016-12-07 09:43:27.755 30318 ERROR nova.compute.manager [instance: 405df134-b4a8-4540-aa42-ff129ce2ade8] File "/usr/lib/python2.7/dist-packages/keystoneauth1/session.py", line 467, in request
2016-12-07 09:43:27.755 30318 ERROR nova.compute.manager [instance: 405df134-b4a8-4540-aa42-ff129ce2ade8] raise exceptions.from_response(resp, method, url)
2016-12-07 09:43:27.755 30318 ERROR nova.compute.manager [instance: 405df134-b4a8-4540-aa42-ff129ce2ade8] BadRequest: Expecting to find domain in project - the server could not comply with the request since it is either malformed or otherwise incorrect. The client is assumed to be in error. (HTTP 400) (Request-ID: req-8c1e8f9e-3eea-489b-91c6-603683bc9114)
2016-12-07 09:43:27.755 30318 ERROR nova.compute.manager [instance: 405df134-b4a8-4540-aa42-ff129ce2ade8]
2016-12-07 09:43:27.758 30318 INFO nova.compute.manager [req-d1093e21-53b3-4074-83dd-b62fec053437 9a5527e3701e46f58407a1d6a63eee67 1f00d4243c1c4e5b91d87dc45d20887a - - -] [instance: 405df134-b4a8-4540-aa42-ff129ce2ade8] Terminating instance
2016-12-07 09:43:27.761 30318 INFO nova.virt.libvirt.driver [-] [instance: 405df134-b4a8-4540-aa42-ff129ce2ade8] During wait destroy, instance disappeared.

Tags:

shajuvk (shajuvk) on 2016-12-07

summary:	- rbac- vm launch failed on keystone v3 setup-project and user created - using v2 creds + 3.2-build-9:mitaka-rbac- vm launch failed on keystone v3 setup-project + and user created using v2 creds
information type:	Proprietary → Public
Changed in juniperopenstack:
assignee:	nobody → Deepinder Setia (dsetia)
summary:	- 3.2-build-9:mitaka-rbac- vm launch failed on keystone v3 setup-project - and user created using v2 creds + 3.2-build-9:mitaka-rbac+ keystone v3 setup- vm launch failed (project + and user created using v2 creds)

shajuvk (shajuvk) on 2016-12-08

tags:

added: keystonev3

Revision history for this message

shajuvk (shajuvk) wrote on 2016-12-08:

VM creation failed on keystone v2 project.

I have a keystone v3 setup with Rbac. Steps followed for creating vm.

Created a project and user using keystone v2
CRUD permission for the user (shaju-user) on tenant (shaju-tenant)
Login to horizon using user-name ‘shaju-user’ and password :c0ntrail123
Vm launch failed.
Note: Setup is up with v3, but tenant and user created using v2 token.

Setup – 10.84.14.7

Revision history for this message

shajuvk (shajuvk) wrote on 2016-12-13:

this commit resolved the issue.

https://review.opencontrail.org/#/c/27062/

3.2 build 12 is the verified build

Revision history for this message

shajuvk (shajuvk) wrote on 2016-12-13:

/etc/nova/nova.conf should have an entry of below parameters in neutron session.

user_domain_name = Default
project_domain_name = Default