containers: contrail-api can't authenticate if keystone has only v3 protocol
Affects | Status | Importance | Assigned to | Milestone | ||
---|---|---|---|---|---|---|
Juniper Openstack | Status tracked in Trunk | |||||
R4.0 |
Fix Committed
|
Critical
|
Ignatious Johnson Christopher | |||
Trunk |
Fix Committed
|
Critical
|
Ignatious Johnson Christopher |
Bug Description
from github: https:/
contrail-api can't authenticate in keystone:
vnc_openstack.err
Traceback (most recent call last):
File "/usr/lib/
vnc_domains = self._vnc_
File "/usr/lib/
return func(self, *args, **kwargs)
File "/usr/lib/
detail=detail, count=count, filters=filters, shared=shared)
File "/usr/lib/
return func(self, *args, **kwargs)
File "/usr/lib/
rest.OP_GET, obj_class.
File "/usr/lib/
retry_
File "/usr/lib/
self._headers = self._authentic
File "/usr/lib/
raise RuntimeError(
RuntimeError: Authentication Failure
/etc/contrail/
[global]
WEB_SERVER = 172.31.13.46
WEB_PORT = 8082
BASE_URL = /
;BASE_URL = /tenants/infra ; common-prefix for all URLs
; Authentication settings (optional)
[auth]
AUTHN_TYPE = keystone
AUTHN_PROTOCOL = http
AUTHN_SERVER = 13.58.57.227
AUTHN_PORT = 35357
AUTHN_URL = /v3/auth/tokens
;AUTHN_TOKEN_URL = http://
Changed in juniperopenstack: | |
assignee: | nobody → Sachin Bansal (sbansal) |
information type: | Proprietary → Public |
contrail- keystone- auth.conf
[KEYSTONE] 13.58.57. 227:35357/ v3 13.58.57. 227 password name=admin servers= 127.0.0. 1:11211 /etc/contrail/ ssl/certs/ keystone. pem /etc/contrail/ ssl/certs/ keystone. pem /etc/contrail/ ssl/certs/ keystone_ ca.pem
auth_url=http://
auth_host=
auth_protocol=http
auth_port=35357
admin_user=admin
admin_password=
admin_tenant_
memcache_
;insecure=False
;certfile=
;keyfile=
;cafile=