This has turned out to be a bit more complex that I originally thought.
- ironic-conductor works when configuring [keystone_authtoken] with admin_tenant_name, admin_user, and admin_password [1]. It can't auth [2] when configuring with project_name, username, and password.
- ironic-api works when configuring [keystone_authtoken] with project_name, username, and password [3]. It can't auth [4] when configuring with admin_tenant_name, admin_user, and admin_password.
Environment:
- stable/mitaka with ironic commit 5a5b3dcafa (HEAD of stable/mitaka as of Sept 29)
- ironic-api is running as a WSGI app behind apache
[2] ironic-conductor error when using project_name, username, and password config keys
2016-10-13 12:01:23.852 7645 ERROR ironic.conductor.manager [req-3a280936-5697-43b9-9b14-821f46ebf195 - - - - -] Error while preparing to deploy to node f4617648-48b4-452d-bad4-5b281de67137: Could not authorize in Keystone: A user and password or token is required.
[4] ironic-api error when using admin_{tenant_name,user,password} config keys
[Wed Oct 12 15:14:21.442754 2016] [:error] [pid 3176:tid 140102114649856] 2016-10-12 15:14:21.442 3176 CRITICAL keystonemiddleware.auth_token [-] Unable to validate token: Failed to fetch token data from identity server
[Wed Oct 12 15:14:29.483687 2016] [:error] [pid 3176:tid 140102114649856] 2016-10-12 15:14:29.483 3176 ERROR keystonemiddleware.auth_token [-] Bad response code while validating token: 400
[Wed Oct 12 15:14:29.484064 2016] [:error] [pid 3176:tid 140102114649856] 2016-10-12 15:14:29.483 3176 WARNING keystonemiddleware.auth_token [-] Identity response: {"error": {"message": "Expecting to find username or userId in passwordCredentials - the server could not comply with the request since it is either malformed or otherwise incorrect. The client is assumed to be in error.", "code": 400, "title": "Bad Request"}}
This has turned out to be a bit more complex that I originally thought.
- ironic-conductor works when configuring [keystone_ authtoken] with admin_tenant_name, admin_user, and admin_password [1]. It can't auth [2] when configuring with project_name, username, and password.
- ironic-api works when configuring [keystone_ authtoken] with project_name, username, and password [3]. It can't auth [4] when configuring with admin_tenant_name, admin_user, and admin_password.
Environment:
- stable/mitaka with ironic commit 5a5b3dcafa (HEAD of stable/mitaka as of Sept 29)
- ironic-api is running as a WSGI app behind apache
[1] working config for ironic-conductor (breaks ironic-api) authtoken] ironic/ cache/api 10.xx.xx. 45:35357 10.xx.xx. 45:5000
[keystone_
insecure = False
auth_type = password
signing_dir = /var/lib/
auth_url = http://
auth_uri = http://
admin_tenant_name = service
admin_user = ironic
admin_password = secret
[2] ironic-conductor error when using project_name, username, and password config keys conductor. manager [req-3a280936- 5697-43b9- 9b14-821f46ebf1 95 - - - - -] Error while preparing to deploy to node f4617648- 48b4-452d- bad4-5b281de671 37: Could not authorize in Keystone: A user and password or token is required.
2016-10-13 12:01:23.852 7645 ERROR ironic.
[3] working config for ironic-api (breaks ironic-conductor) authtoken] ironic/ cache/api 10.xx.xx. 45:35357 10.xx.xx. 45:5000
[keystone_
insecure = False
auth_type = password
signing_dir = /var/lib/
auth_url = http://
auth_uri = http://
project_name = service
username = ironic
password = secret
[4] ironic-api error when using admin_{ tenant_ name,user, password} config keys are.auth_ token [-] Unable to validate token: Failed to fetch token data from identity server are.auth_ token [-] Bad response code while validating token: 400 are.auth_ token [-] Identity response: {"error": {"message": "Expecting to find username or userId in passwordCredentials - the server could not comply with the request since it is either malformed or otherwise incorrect. The client is assumed to be in error.", "code": 400, "title": "Bad Request"}}
[Wed Oct 12 15:14:21.442754 2016] [:error] [pid 3176:tid 140102114649856] 2016-10-12 15:14:21.442 3176 CRITICAL keystonemiddlew
[Wed Oct 12 15:14:29.483687 2016] [:error] [pid 3176:tid 140102114649856] 2016-10-12 15:14:29.483 3176 ERROR keystonemiddlew
[Wed Oct 12 15:14:29.484064 2016] [:error] [pid 3176:tid 140102114649856] 2016-10-12 15:14:29.483 3176 WARNING keystonemiddlew