Ask Your Question

Revision history [back]

click to hide/show revision 1
initial version

When I changed endpoint URL of glance from 10.0.0.11 to 10.0.0.12, "glance image list" worked. 10.0.0.11 is the VIP and 10.0.0.12 is controller1.

VIP: 10.0.0.11 controller1: 10.0.0.12 controller2: 10.0.0.13 controller3: 10.0.0.14

[root@controller1 ~ (admin)]# openstack endpoint list
+----------------------------------+-----------+--------------+--------------+---------+-----------+----------------------------+
| ID                               | Region    | Service Name | Service Type | Enabled | Interface | URL                        |
+----------------------------------+-----------+--------------+--------------+---------+-----------+----------------------------+
| 50577ac48e7446beabcd4336ddd3ad2f | RegionOne | glance       | image        | True    | internal  | http://10.0.0.11:9292      |
| 56a6b82afcd3441fbd71499d62b9d3c1 | RegionOne | glance       | image        | True    | admin     | http://10.0.0.11:9292      |
| 7616f05adf54471e85a944e89786e5e4 | RegionOne | keystone     | identity     | True    | public    | http://10.0.0.11:5000/v3/  |
| 8f4702a609ff4d19a28a4a8e49691586 | RegionOne | glance       | image        | True    | public    | http://10.0.0.11:9292      |
| a8198d52bb674832b39ea5868021c90f | RegionOne | keystone     | identity     | True    | admin     | http://10.0.0.11:35357/v3/ |
| f1ecf62bf9aa42b7863e550f3a676826 | RegionOne | keystone     | identity     | True    | internal  | http://10.0.0.11:5000/v3/  |
+----------------------------------+-----------+--------------+--------------+---------+-----------+----------------------------+
[root@controller1 ~ (admin)]# openstack endpoint set --url "http://10.0.0.12:9292" 50577ac48e7446beabcd4336ddd3ad2f
[root@controller1 ~ (admin)]# openstack endpoint set --url "http://10.0.0.12:9292" 56a6b82afcd3441fbd71499d62b9d3c1
[root@controller1 ~ (admin)]# openstack endpoint set --url "http://10.0.0.12:9292" 8f4702a609ff4d19a28a4a8e49691586
[root@controller1 ~ (admin)]# openstack endpoint list
+----------------------------------+-----------+--------------+--------------+---------+-----------+----------------------------+
| ID                               | Region    | Service Name | Service Type | Enabled | Interface | URL                        |
+----------------------------------+-----------+--------------+--------------+---------+-----------+----------------------------+
| 50577ac48e7446beabcd4336ddd3ad2f | RegionOne | glance       | image        | True    | internal  | http://10.0.0.12:9292      |
| 56a6b82afcd3441fbd71499d62b9d3c1 | RegionOne | glance       | image        | True    | admin     | http://10.0.0.12:9292      |
| 7616f05adf54471e85a944e89786e5e4 | RegionOne | keystone     | identity     | True    | public    | http://10.0.0.11:5000/v3/  |
| 8f4702a609ff4d19a28a4a8e49691586 | RegionOne | glance       | image        | True    | public    | http://10.0.0.12:9292      |
| a8198d52bb674832b39ea5868021c90f | RegionOne | keystone     | identity     | True    | admin     | http://10.0.0.11:35357/v3/ |
| f1ecf62bf9aa42b7863e550f3a676826 | RegionOne | keystone     | identity     | True    | internal  | http://10.0.0.11:5000/v3/  |
+----------------------------------+-----------+--------------+--------------+---------+-----------+----------------------------+

[root@controller1 ~ (admin)]# openstack image list

[root@controller1 ~ (admin)]#

There is no unauthorized error now. But how to add all the controllers IPs (10.0.0.12, 10.0.0.13, 10.0.0.14) to endpoint catalog?

When I changed endpoint URL of glance from 10.0.0.11 to 10.0.0.12, "glance image list" worked. 10.0.0.11 is the VIP and 10.0.0.12 is controller1.

VIP: 10.0.0.11 controller1: 10.0.0.12 controller2: 10.0.0.13 controller3: 10.0.0.14

[root@controller1 ~ (admin)]# openstack endpoint list
+----------------------------------+-----------+--------------+--------------+---------+-----------+----------------------------+
| ID                               | Region    | Service Name | Service Type | Enabled | Interface | URL                        |
+----------------------------------+-----------+--------------+--------------+---------+-----------+----------------------------+
| 50577ac48e7446beabcd4336ddd3ad2f | RegionOne | glance       | image        | True    | internal  | http://10.0.0.11:9292      |
| 56a6b82afcd3441fbd71499d62b9d3c1 | RegionOne | glance       | image        | True    | admin     | http://10.0.0.11:9292      |
| 7616f05adf54471e85a944e89786e5e4 | RegionOne | keystone     | identity     | True    | public    | http://10.0.0.11:5000/v3/  |
| 8f4702a609ff4d19a28a4a8e49691586 | RegionOne | glance       | image        | True    | public    | http://10.0.0.11:9292      |
| a8198d52bb674832b39ea5868021c90f | RegionOne | keystone     | identity     | True    | admin     | http://10.0.0.11:35357/v3/ |
| f1ecf62bf9aa42b7863e550f3a676826 | RegionOne | keystone     | identity     | True    | internal  | http://10.0.0.11:5000/v3/  |
+----------------------------------+-----------+--------------+--------------+---------+-----------+----------------------------+
[root@controller1 ~ (admin)]# openstack endpoint set --url "http://10.0.0.12:9292" 50577ac48e7446beabcd4336ddd3ad2f
[root@controller1 ~ (admin)]# openstack endpoint set --url "http://10.0.0.12:9292" 56a6b82afcd3441fbd71499d62b9d3c1
[root@controller1 ~ (admin)]# openstack endpoint set --url "http://10.0.0.12:9292" 8f4702a609ff4d19a28a4a8e49691586
[root@controller1 ~ (admin)]# openstack endpoint list
+----------------------------------+-----------+--------------+--------------+---------+-----------+----------------------------+
| ID                               | Region    | Service Name | Service Type | Enabled | Interface | URL                        |
+----------------------------------+-----------+--------------+--------------+---------+-----------+----------------------------+
| 50577ac48e7446beabcd4336ddd3ad2f | RegionOne | glance       | image        | True    | internal  | http://10.0.0.12:9292      |
| 56a6b82afcd3441fbd71499d62b9d3c1 | RegionOne | glance       | image        | True    | admin     | http://10.0.0.12:9292      |
| 7616f05adf54471e85a944e89786e5e4 | RegionOne | keystone     | identity     | True    | public    | http://10.0.0.11:5000/v3/  |
| 8f4702a609ff4d19a28a4a8e49691586 | RegionOne | glance       | image        | True    | public    | http://10.0.0.12:9292      |
| a8198d52bb674832b39ea5868021c90f | RegionOne | keystone     | identity     | True    | admin     | http://10.0.0.11:35357/v3/ |
| f1ecf62bf9aa42b7863e550f3a676826 | RegionOne | keystone     | identity     | True    | internal  | http://10.0.0.11:5000/v3/  |
+----------------------------------+-----------+--------------+--------------+---------+-----------+----------------------------+

[root@controller1 ~ (admin)]# openstack image list

[root@controller1 ~ (admin)]#

There is no unauthorized error now. But how to add all the controllers IPs (10.0.0.12, 10.0.0.13, 10.0.0.14) to endpoint catalog?

When I restored VIP (10.0.0.11) as the endpoint IP for glance (image) service in endpoint catalog, "openstack image list" started throwing "Unauthorized (HTTP 401)" error.

[root@controller1 ~ (admin)]# openstack endpoint list --service image
+----------------------------------+-----------+--------------+--------------+---------+-----------+-----------------------+
| ID                               | Region    | Service Name | Service Type | Enabled | Interface | URL                   |
+----------------------------------+-----------+--------------+--------------+---------+-----------+-----------------------+
| 50577ac48e7446beabcd4336ddd3ad2f | RegionOne | glance       | image        | True    | internal  | http://10.0.0.11:9292 |
| 56a6b82afcd3441fbd71499d62b9d3c1 | RegionOne | glance       | image        | True    | admin     | http://10.0.0.11:9292 |
| 8f4702a609ff4d19a28a4a8e49691586 | RegionOne | glance       | image        | True    | public    | http://10.0.0.11:9292 |
+----------------------------------+-----------+--------------+--------------+---------+-----------+-----------------------+
[root@controller1 ~ (admin)]# openstack image list
Unauthorized (HTTP 401)

When I changed endpoint URL of glance from 10.0.0.11 to 10.0.0.12, "glance image list" worked. 10.0.0.11 is the VIP and 10.0.0.12 is controller1.

VIP: 10.0.0.11 controller1: 10.0.0.12 controller2: 10.0.0.13 controller3: 10.0.0.14

[root@controller1 ~ (admin)]# openstack endpoint list
+----------------------------------+-----------+--------------+--------------+---------+-----------+----------------------------+
| ID                               | Region    | Service Name | Service Type | Enabled | Interface | URL                        |
+----------------------------------+-----------+--------------+--------------+---------+-----------+----------------------------+
| 50577ac48e7446beabcd4336ddd3ad2f | RegionOne | glance       | image        | True    | internal  | http://10.0.0.11:9292      |
| 56a6b82afcd3441fbd71499d62b9d3c1 | RegionOne | glance       | image        | True    | admin     | http://10.0.0.11:9292      |
| 7616f05adf54471e85a944e89786e5e4 | RegionOne | keystone     | identity     | True    | public    | http://10.0.0.11:5000/v3/  |
| 8f4702a609ff4d19a28a4a8e49691586 | RegionOne | glance       | image        | True    | public    | http://10.0.0.11:9292      |
| a8198d52bb674832b39ea5868021c90f | RegionOne | keystone     | identity     | True    | admin     | http://10.0.0.11:35357/v3/ |
| f1ecf62bf9aa42b7863e550f3a676826 | RegionOne | keystone     | identity     | True    | internal  | http://10.0.0.11:5000/v3/  |
+----------------------------------+-----------+--------------+--------------+---------+-----------+----------------------------+
[root@controller1 ~ (admin)]# openstack endpoint set --url "http://10.0.0.12:9292" 50577ac48e7446beabcd4336ddd3ad2f
[root@controller1 ~ (admin)]# openstack endpoint set --url "http://10.0.0.12:9292" 56a6b82afcd3441fbd71499d62b9d3c1
[root@controller1 ~ (admin)]# openstack endpoint set --url "http://10.0.0.12:9292" 8f4702a609ff4d19a28a4a8e49691586
[root@controller1 ~ (admin)]# openstack endpoint list
+----------------------------------+-----------+--------------+--------------+---------+-----------+----------------------------+
| ID                               | Region    | Service Name | Service Type | Enabled | Interface | URL                        |
+----------------------------------+-----------+--------------+--------------+---------+-----------+----------------------------+
| 50577ac48e7446beabcd4336ddd3ad2f | RegionOne | glance       | image        | True    | internal  | http://10.0.0.12:9292      |
| 56a6b82afcd3441fbd71499d62b9d3c1 | RegionOne | glance       | image        | True    | admin     | http://10.0.0.12:9292      |
| 7616f05adf54471e85a944e89786e5e4 | RegionOne | keystone     | identity     | True    | public    | http://10.0.0.11:5000/v3/  |
| 8f4702a609ff4d19a28a4a8e49691586 | RegionOne | glance       | image        | True    | public    | http://10.0.0.12:9292      |
| a8198d52bb674832b39ea5868021c90f | RegionOne | keystone     | identity     | True    | admin     | http://10.0.0.11:35357/v3/ |
| f1ecf62bf9aa42b7863e550f3a676826 | RegionOne | keystone     | identity     | True    | internal  | http://10.0.0.11:5000/v3/  |
+----------------------------------+-----------+--------------+--------------+---------+-----------+----------------------------+

[root@controller1 ~ (admin)]# openstack image list

[root@controller1 ~ (admin)]#

There is no unauthorized error now. But how to add all the controllers IPs (10.0.0.12, 10.0.0.13, 10.0.0.14) to endpoint catalog?

When I restored VIP (10.0.0.11) as the endpoint IP for glance (image) service in endpoint catalog, "openstack image list" started throwing "Unauthorized (HTTP 401)" error.

[root@controller1 ~ (admin)]# openstack endpoint list --service image
+----------------------------------+-----------+--------------+--------------+---------+-----------+-----------------------+
| ID                               | Region    | Service Name | Service Type | Enabled | Interface | URL                   |
+----------------------------------+-----------+--------------+--------------+---------+-----------+-----------------------+
| 50577ac48e7446beabcd4336ddd3ad2f | RegionOne | glance       | image        | True    | internal  | http://10.0.0.11:9292 |
| 56a6b82afcd3441fbd71499d62b9d3c1 | RegionOne | glance       | image        | True    | admin     | http://10.0.0.11:9292 |
| 8f4702a609ff4d19a28a4a8e49691586 | RegionOne | glance       | image        | True    | public    | http://10.0.0.11:9292 |
+----------------------------------+-----------+--------------+--------------+---------+-----------+-----------------------+
[root@controller1 ~ (admin)]# openstack image list
Unauthorized (HTTP 401)

[root@controller1 ~ (admin)]# glance image-list Invalid OpenStack Identity credentials.

When I changed endpoint URL of glance from 10.0.0.11 to 10.0.0.12, "glance image list" worked. 10.0.0.11 is the VIP and 10.0.0.12 is controller1.

VIP: 10.0.0.11 controller1: 10.0.0.12 controller2: 10.0.0.13 controller3: 10.0.0.14

[root@controller1 ~ (admin)]# openstack endpoint list
+----------------------------------+-----------+--------------+--------------+---------+-----------+----------------------------+
| ID                               | Region    | Service Name | Service Type | Enabled | Interface | URL                        |
+----------------------------------+-----------+--------------+--------------+---------+-----------+----------------------------+
| 50577ac48e7446beabcd4336ddd3ad2f | RegionOne | glance       | image        | True    | internal  | http://10.0.0.11:9292      |
| 56a6b82afcd3441fbd71499d62b9d3c1 | RegionOne | glance       | image        | True    | admin     | http://10.0.0.11:9292      |
| 7616f05adf54471e85a944e89786e5e4 | RegionOne | keystone     | identity     | True    | public    | http://10.0.0.11:5000/v3/  |
| 8f4702a609ff4d19a28a4a8e49691586 | RegionOne | glance       | image        | True    | public    | http://10.0.0.11:9292      |
| a8198d52bb674832b39ea5868021c90f | RegionOne | keystone     | identity     | True    | admin     | http://10.0.0.11:35357/v3/ |
| f1ecf62bf9aa42b7863e550f3a676826 | RegionOne | keystone     | identity     | True    | internal  | http://10.0.0.11:5000/v3/  |
+----------------------------------+-----------+--------------+--------------+---------+-----------+----------------------------+
[root@controller1 ~ (admin)]# openstack endpoint set --url "http://10.0.0.12:9292" 50577ac48e7446beabcd4336ddd3ad2f
[root@controller1 ~ (admin)]# openstack endpoint set --url "http://10.0.0.12:9292" 56a6b82afcd3441fbd71499d62b9d3c1
[root@controller1 ~ (admin)]# openstack endpoint set --url "http://10.0.0.12:9292" 8f4702a609ff4d19a28a4a8e49691586
[root@controller1 ~ (admin)]# openstack endpoint list
+----------------------------------+-----------+--------------+--------------+---------+-----------+----------------------------+
| ID                               | Region    | Service Name | Service Type | Enabled | Interface | URL                        |
+----------------------------------+-----------+--------------+--------------+---------+-----------+----------------------------+
| 50577ac48e7446beabcd4336ddd3ad2f | RegionOne | glance       | image        | True    | internal  | http://10.0.0.12:9292      |
| 56a6b82afcd3441fbd71499d62b9d3c1 | RegionOne | glance       | image        | True    | admin     | http://10.0.0.12:9292      |
| 7616f05adf54471e85a944e89786e5e4 | RegionOne | keystone     | identity     | True    | public    | http://10.0.0.11:5000/v3/  |
| 8f4702a609ff4d19a28a4a8e49691586 | RegionOne | glance       | image        | True    | public    | http://10.0.0.12:9292      |
| a8198d52bb674832b39ea5868021c90f | RegionOne | keystone     | identity     | True    | admin     | http://10.0.0.11:35357/v3/ |
| f1ecf62bf9aa42b7863e550f3a676826 | RegionOne | keystone     | identity     | True    | internal  | http://10.0.0.11:5000/v3/  |
+----------------------------------+-----------+--------------+--------------+---------+-----------+----------------------------+

[root@controller1 ~ (admin)]# openstack image list

[root@controller1 ~ (admin)]#

There is no unauthorized error now. But how to add all the controllers IPs (10.0.0.12, 10.0.0.13, 10.0.0.14) to endpoint catalog?

When I restored VIP (10.0.0.11) as the endpoint IP for glance (image) service in endpoint catalog, "openstack image list" started throwing "Unauthorized (HTTP 401)" error.

[root@controller1 ~ (admin)]# openstack endpoint list --service image
+----------------------------------+-----------+--------------+--------------+---------+-----------+-----------------------+
| ID                               | Region    | Service Name | Service Type | Enabled | Interface | URL                   |
+----------------------------------+-----------+--------------+--------------+---------+-----------+-----------------------+
| 50577ac48e7446beabcd4336ddd3ad2f | RegionOne | glance       | image        | True    | internal  | http://10.0.0.11:9292 |
| 56a6b82afcd3441fbd71499d62b9d3c1 | RegionOne | glance       | image        | True    | admin     | http://10.0.0.11:9292 |
| 8f4702a609ff4d19a28a4a8e49691586 | RegionOne | glance       | image        | True    | public    | http://10.0.0.11:9292 |
+----------------------------------+-----------+--------------+--------------+---------+-----------+-----------------------+
[root@controller1 ~ (admin)]# openstack image list
Unauthorized (HTTP 401)

[root@controller1 ~ (admin)]# glance image-list Invalid OpenStack Identity credentials.

When I changed endpoint URL of glance from 10.0.0.11 to 10.0.0.12, "glance image list" worked. 10.0.0.11 is the VIP and 10.0.0.12 is controller1.

VIP: 10.0.0.11 controller1: 10.0.0.12 controller2: 10.0.0.13 controller3: 10.0.0.14

[root@controller1 ~ (admin)]# openstack endpoint list
+----------------------------------+-----------+--------------+--------------+---------+-----------+----------------------------+
| ID                               | Region    | Service Name | Service Type | Enabled | Interface | URL                        |
+----------------------------------+-----------+--------------+--------------+---------+-----------+----------------------------+
| 50577ac48e7446beabcd4336ddd3ad2f | RegionOne | glance       | image        | True    | internal  | http://10.0.0.11:9292      |
| 56a6b82afcd3441fbd71499d62b9d3c1 | RegionOne | glance       | image        | True    | admin     | http://10.0.0.11:9292      |
| 7616f05adf54471e85a944e89786e5e4 | RegionOne | keystone     | identity     | True    | public    | http://10.0.0.11:5000/v3/  |
| 8f4702a609ff4d19a28a4a8e49691586 | RegionOne | glance       | image        | True    | public    | http://10.0.0.11:9292      |
| a8198d52bb674832b39ea5868021c90f | RegionOne | keystone     | identity     | True    | admin     | http://10.0.0.11:35357/v3/ |
| f1ecf62bf9aa42b7863e550f3a676826 | RegionOne | keystone     | identity     | True    | internal  | http://10.0.0.11:5000/v3/  |
+----------------------------------+-----------+--------------+--------------+---------+-----------+----------------------------+
[root@controller1 ~ (admin)]# openstack endpoint set --url "http://10.0.0.12:9292" 50577ac48e7446beabcd4336ddd3ad2f
[root@controller1 ~ (admin)]# openstack endpoint set --url "http://10.0.0.12:9292" 56a6b82afcd3441fbd71499d62b9d3c1
[root@controller1 ~ (admin)]# openstack endpoint set --url "http://10.0.0.12:9292" 8f4702a609ff4d19a28a4a8e49691586
[root@controller1 ~ (admin)]# openstack endpoint list
+----------------------------------+-----------+--------------+--------------+---------+-----------+----------------------------+
| ID                               | Region    | Service Name | Service Type | Enabled | Interface | URL                        |
+----------------------------------+-----------+--------------+--------------+---------+-----------+----------------------------+
| 50577ac48e7446beabcd4336ddd3ad2f | RegionOne | glance       | image        | True    | internal  | http://10.0.0.12:9292      |
| 56a6b82afcd3441fbd71499d62b9d3c1 | RegionOne | glance       | image        | True    | admin     | http://10.0.0.12:9292      |
| 7616f05adf54471e85a944e89786e5e4 | RegionOne | keystone     | identity     | True    | public    | http://10.0.0.11:5000/v3/  |
| 8f4702a609ff4d19a28a4a8e49691586 | RegionOne | glance       | image        | True    | public    | http://10.0.0.12:9292      |
| a8198d52bb674832b39ea5868021c90f | RegionOne | keystone     | identity     | True    | admin     | http://10.0.0.11:35357/v3/ |
| f1ecf62bf9aa42b7863e550f3a676826 | RegionOne | keystone     | identity     | True    | internal  | http://10.0.0.11:5000/v3/  |
+----------------------------------+-----------+--------------+--------------+---------+-----------+----------------------------+

[root@controller1 ~ (admin)]# openstack image list

[root@controller1 ~ (admin)]#

There is no unauthorized error now. But how to add all the controllers IPs (10.0.0.12, 10.0.0.13, 10.0.0.14) to endpoint catalog?

When I restored VIP (10.0.0.11) as the endpoint IP for glance (image) service in endpoint catalog, "openstack image list" started throwing "Unauthorized (HTTP 401)" error.

[root@controller1 ~ (admin)]# openstack endpoint list --service image
+----------------------------------+-----------+--------------+--------------+---------+-----------+-----------------------+
| ID                               | Region    | Service Name | Service Type | Enabled | Interface | URL                   |
+----------------------------------+-----------+--------------+--------------+---------+-----------+-----------------------+
| 50577ac48e7446beabcd4336ddd3ad2f | RegionOne | glance       | image        | True    | internal  | http://10.0.0.11:9292 |
| 56a6b82afcd3441fbd71499d62b9d3c1 | RegionOne | glance       | image        | True    | admin     | http://10.0.0.11:9292 |
| 8f4702a609ff4d19a28a4a8e49691586 | RegionOne | glance       | image        | True    | public    | http://10.0.0.11:9292 |
+----------------------------------+-----------+--------------+--------------+---------+-----------+-----------------------+
[root@controller1 ~ (admin)]# openstack image list
Unauthorized (HTTP 401)

Invalid OpenStack Identity credentials.

When I changed endpoint URL of glance from 10.0.0.11 to 10.0.0.12, "glance image list" worked. 10.0.0.11 is the VIP and 10.0.0.12 is controller1.

VIP: 10.0.0.11 controller1: 10.0.0.12 controller2: 10.0.0.13 controller3: 10.0.0.14

[root@controller1 ~ (admin)]# openstack endpoint list
+----------------------------------+-----------+--------------+--------------+---------+-----------+----------------------------+
| ID                               | Region    | Service Name | Service Type | Enabled | Interface | URL                        |
+----------------------------------+-----------+--------------+--------------+---------+-----------+----------------------------+
| 50577ac48e7446beabcd4336ddd3ad2f | RegionOne | glance       | image        | True    | internal  | http://10.0.0.11:9292      |
| 56a6b82afcd3441fbd71499d62b9d3c1 | RegionOne | glance       | image        | True    | admin     | http://10.0.0.11:9292      |
| 7616f05adf54471e85a944e89786e5e4 | RegionOne | keystone     | identity     | True    | public    | http://10.0.0.11:5000/v3/  |
| 8f4702a609ff4d19a28a4a8e49691586 | RegionOne | glance       | image        | True    | public    | http://10.0.0.11:9292      |
| a8198d52bb674832b39ea5868021c90f | RegionOne | keystone     | identity     | True    | admin     | http://10.0.0.11:35357/v3/ |
| f1ecf62bf9aa42b7863e550f3a676826 | RegionOne | keystone     | identity     | True    | internal  | http://10.0.0.11:5000/v3/  |
+----------------------------------+-----------+--------------+--------------+---------+-----------+----------------------------+
[root@controller1 ~ (admin)]# openstack endpoint set --url "http://10.0.0.12:9292" 50577ac48e7446beabcd4336ddd3ad2f
[root@controller1 ~ (admin)]# openstack endpoint set --url "http://10.0.0.12:9292" 56a6b82afcd3441fbd71499d62b9d3c1
[root@controller1 ~ (admin)]# openstack endpoint set --url "http://10.0.0.12:9292" 8f4702a609ff4d19a28a4a8e49691586
[root@controller1 ~ (admin)]# openstack endpoint list
+----------------------------------+-----------+--------------+--------------+---------+-----------+----------------------------+
| ID                               | Region    | Service Name | Service Type | Enabled | Interface | URL                        |
+----------------------------------+-----------+--------------+--------------+---------+-----------+----------------------------+
| 50577ac48e7446beabcd4336ddd3ad2f | RegionOne | glance       | image        | True    | internal  | http://10.0.0.12:9292      |
| 56a6b82afcd3441fbd71499d62b9d3c1 | RegionOne | glance       | image        | True    | admin     | http://10.0.0.12:9292      |
| 7616f05adf54471e85a944e89786e5e4 | RegionOne | keystone     | identity     | True    | public    | http://10.0.0.11:5000/v3/  |
| 8f4702a609ff4d19a28a4a8e49691586 | RegionOne | glance       | image        | True    | public    | http://10.0.0.12:9292      |
| a8198d52bb674832b39ea5868021c90f | RegionOne | keystone     | identity     | True    | admin     | http://10.0.0.11:35357/v3/ |
| f1ecf62bf9aa42b7863e550f3a676826 | RegionOne | keystone     | identity     | True    | internal  | http://10.0.0.11:5000/v3/  |
+----------------------------------+-----------+--------------+--------------+---------+-----------+----------------------------+

[root@controller1 ~ (admin)]# openstack image list

[root@controller1 ~ (admin)]#

There is no unauthorized error now. But how to add all the controllers IPs (10.0.0.12, 10.0.0.13, 10.0.0.14) to endpoint catalog?

When I restored VIP (10.0.0.11) as the endpoint IP for glance (image) service in endpoint catalog, "openstack image list" started throwing "Unauthorized (HTTP 401)" error.

[root@controller1 ~ (admin)]# openstack endpoint list --service image
+----------------------------------+-----------+--------------+--------------+---------+-----------+-----------------------+
| ID                               | Region    | Service Name | Service Type | Enabled | Interface | URL                   |
+----------------------------------+-----------+--------------+--------------+---------+-----------+-----------------------+
| 50577ac48e7446beabcd4336ddd3ad2f | RegionOne | glance       | image        | True    | internal  | http://10.0.0.11:9292 |
| 56a6b82afcd3441fbd71499d62b9d3c1 | RegionOne | glance       | image        | True    | admin     | http://10.0.0.11:9292 |
| 8f4702a609ff4d19a28a4a8e49691586 | RegionOne | glance       | image        | True    | public    | http://10.0.0.11:9292 |
+----------------------------------+-----------+--------------+--------------+---------+-----------+-----------------------+
[root@controller1 ~ (admin)]# openstack image list
Unauthorized (HTTP 401)

2017-June-22: I ran "openstack --debug image list" to get more details about the error.

[root@controller1 ~ (admin)]# openstack --debug image list
START with options: [u'--debug', u'image', u'list']
options: Namespace(access_key='', access_secret='***', access_token='***', access_token_endpoint='', access_token_type='', auth_type='', auth_url='http://10.0.0.11:35357/v3', cacert=None, cert='', client_id='', client_secret='***', cloud='', code='', consumer_key='', consumer_secret='***', debug=True, default_domain='default', default_domain_id='', default_domain_name='', deferred_help=False, discovery_endpoint='', domain_id='', domain_name='', endpoint='', identity_provider='', identity_provider_url='', insecure=None, interface='', key='', log_file=None, old_profile=None, openid_scope='', os_beta_command=False, os_compute_api_version='', os_identity_api_version='3', os_image_api_version='2', os_key_manager_api_version='1', os_network_api_version='', os_object_api_version='', os_project_id=None, os_project_name=None, os_volume_api_version='', passcode='', password='***', profile=None, project_domain_id='', project_domain_name='Default', project_id='', project_name='admin', protocol='', redirect_uri='', region_name='', timing=False, token='***', trust_id='', url='', user_domain_id='', user_domain_name='Default', user_id='', username='admin', verbose_level=3, verify=None)
Auth plugin password selected
auth_config_hook(): {'auth_type': 'password', 'beta_command': False, u'compute_api_version': u'2', 'key': None, u'database_api_version': u'1.0', 'cacert': None, 'auth_url': 'http://10.0.0.11:35357/v3', u'network_api_version': u'2', u'message': u'', u'image_format': u'qcow2', 'networks': [], u'image_api_version': '2', 'verify': True, u'dns_api_version': u'2', u'object_store_api_version': u'1', 'username': 'admin', u'container_infra_api_version': u'1', 'verbose_level': 3, 'region_name': '', 'api_timeout': None, u'baremetal_api_version': u'1', 'auth': {'user_domain_name': 'Default', 'project_name': 'admin', 'project_domain_name': 'Default'}, 'default_domain': 'default', u'container_api_version': u'1', u'image_api_use_tasks': False, u'floating_ip_source': u'neutron', u'orchestration_api_version': u'1', 'timing': False, 'password': '***', u'application_catalog_api_version': u'1', u'key_manager_api_version': '1', u'metering_api_version': u'2', 'deferred_help': False, u'identity_api_version': '3', u'volume_api_version': u'2', 'cert': None, u'secgroup_source': u'neutron', u'status': u'active', 'debug': True, u'interface': None, u'disable_vendor_agent': {}}
defaults: {u'auth_type': 'password', u'status': u'active', u'compute_api_version': u'2', 'key': None, u'database_api_version': u'1.0', 'api_timeout': None, u'baremetal_api_version': u'1', u'image_api_version': u'2', u'container_infra_api_version': u'1', u'metering_api_version': u'2', u'image_api_use_tasks': False, u'floating_ip_source': u'neutron', u'orchestration_api_version': u'1', 'cacert': None, u'network_api_version': u'2', u'message': u'', u'image_format': u'qcow2', u'application_catalog_api_version': u'1', u'key_manager_api_version': u'v1', 'verify': True, u'identity_api_version': u'2.0', u'volume_api_version': u'2', 'cert': None, u'secgroup_source': u'neutron', u'container_api_version': u'1', u'dns_api_version': u'2', u'object_store_api_version': u'1', u'interface': None, u'disable_vendor_agent': {}}
cloud cfg: {'auth_type': 'password', 'beta_command': False, u'compute_api_version': u'2', 'key': None, u'database_api_version': u'1.0', 'cacert': None, 'auth_url': 'http://10.0.0.11:35357/v3', u'network_api_version': u'2', u'message': u'', u'image_format': u'qcow2', 'networks': [], u'image_api_version': '2', 'verify': True, u'dns_api_version': u'2', u'object_store_api_version': u'1', 'username': 'admin', u'container_infra_api_version': u'1', 'verbose_level': 3, 'region_name': '', 'api_timeout': None, u'baremetal_api_version': u'1', 'auth': {'user_domain_name': 'Default', 'project_name': 'admin', 'project_domain_name': 'Default'}, 'default_domain': 'default', u'container_api_version': u'1', u'image_api_use_tasks': False, u'floating_ip_source': u'neutron', u'orchestration_api_version': u'1', 'timing': False, 'password': '***', u'application_catalog_api_version': u'1', u'key_manager_api_version': '1', u'metering_api_version': u'2', 'deferred_help': False, u'identity_api_version': '3', u'volume_api_version': u'2', 'cert': None, u'secgroup_source': u'neutron', u'status': u'active', 'debug': True, u'interface': None, u'disable_vendor_agent': {}}
compute API version 2, cmd group openstack.compute.v2
network API version 2, cmd group openstack.network.v2
image API version 2, cmd group openstack.image.v2
volume API version 2, cmd group openstack.volume.v2
identity API version 3, cmd group openstack.identity.v3
object_store API version 1, cmd group openstack.object_store.v1
neutronclient API version 2, cmd group openstack.neutronclient.v2
key_manager API version 1, cmd group openstack.key_manager.v1
Auth plugin password selected
auth_config_hook(): {'auth_type': 'password', 'beta_command': False, u'compute_api_version': u'2', 'key': None, u'database_api_version': u'1.0', 'cacert': None, 'auth_url': 'http://10.0.0.11:35357/v3', u'network_api_version': u'2', u'message': u'', u'image_format': u'qcow2', 'networks': [], u'image_api_version': '2', 'verify': True, u'dns_api_version': u'2', u'object_store_api_version': u'1', 'username': 'admin', u'container_infra_api_version': u'1', 'verbose_level': 3, 'region_name': '', 'api_timeout': None, u'baremetal_api_version': u'1', 'auth': {'user_domain_name': 'Default', 'project_name': 'admin', 'project_domain_name': 'Default'}, 'default_domain': 'default', u'container_api_version': u'1', u'image_api_use_tasks': False, u'floating_ip_source': u'neutron', u'orchestration_api_version': u'1', 'timing': False, 'password': '***', u'application_catalog_api_version': u'1', u'key_manager_api_version': '1', u'metering_api_version': u'2', 'deferred_help': False, u'identity_api_version': '3', u'volume_api_version': u'2', 'cert': None, u'secgroup_source': u'neutron', u'status': u'active', 'debug': True, u'interface': None, u'disable_vendor_agent': {}}
Auth plugin password selected
auth_config_hook(): {'auth_type': 'password', 'beta_command': False, u'compute_api_version': u'2', 'key': None, u'database_api_version': u'1.0', 'cacert': None, 'auth_url': 'http://10.0.0.11:35357/v3', u'network_api_version': u'2', u'message': u'', u'image_format': u'qcow2', 'networks': [], u'image_api_version': '2', 'verify': True, u'dns_api_version': u'2', u'object_store_api_version': u'1', 'username': 'admin', u'container_infra_api_version': u'1', 'verbose_level': 3, 'region_name': '', 'api_timeout': None, u'baremetal_api_version': u'1', 'auth': {'user_domain_name': 'Default', 'project_name': 'admin', 'project_domain_name': 'Default'}, 'default_domain': 'default', u'container_api_version': u'1', u'image_api_use_tasks': False, u'floating_ip_source': u'neutron', u'orchestration_api_version': u'1', 'timing': False, 'password': '***', u'application_catalog_api_version': u'1', u'key_manager_api_version': '1', u'metering_api_version': u'2', 'deferred_help': False, u'identity_api_version': '3', u'volume_api_version': u'2', 'cert': None, u'secgroup_source': u'neutron', u'status': u'active', 'debug': True, u'interface': None, u'disable_vendor_agent': {}}
command: image list -> openstackclient.image.v2.image.ListImage
Auth plugin password selected
auth_config_hook(): {'auth_type': 'password', 'beta_command': False, u'compute_api_version': u'2', 'key': None, u'database_api_version': u'1.0', 'cacert': None, 'auth_url': 'http://10.0.0.11:35357/v3', u'network_api_version': u'2', u'message': u'', u'image_format': u'qcow2', 'networks': [], u'image_api_version': '2', 'verify': True, u'dns_api_version': u'2', u'object_store_api_version': u'1', 'username': 'admin', u'container_infra_api_version': u'1', 'verbose_level': 3, 'region_name': '', 'api_timeout': None, u'baremetal_api_version': u'1', 'auth': {'user_domain_name': 'Default', 'project_name': 'admin', 'project_domain_name': 'Default'}, 'default_domain': 'default', u'container_api_version': u'1', u'image_api_use_tasks': False, u'floating_ip_source': u'neutron', u'orchestration_api_version': u'1', 'timing': False, 'password': '***', u'application_catalog_api_version': u'1', u'key_manager_api_version': '1', u'metering_api_version': u'2', 'deferred_help': False, u'identity_api_version': '3', u'volume_api_version': u'2', 'cert': None, u'secgroup_source': u'neutron', u'status': u'active', 'debug': True, u'interface': None, u'disable_vendor_agent': {}}
Using auth plugin: password
Using parameters {'username': 'admin', 'project_name': 'admin', 'user_domain_name': 'Default', 'auth_url': 'http://10.0.0.11:35357/v3', 'password': '***', 'project_domain_name': 'Default'}
Get auth_ref
REQ: curl -g -i -X GET http://10.0.0.11:35357/v3 -H "Accept: application/json" -H "User-Agent: osc-lib/1.3.0 keystoneauth1/2.18.0 python-requests/2.11.1 CPython/2.7.5"
Starting new HTTP connection (1): 10.0.0.11
"GET /v3 HTTP/1.1" 200 249
RESP: [200] Date: Thu, 22 Jun 2017 04:22:33 GMT Server: Apache/2.4.6 (CentOS) mod_wsgi/3.4 Python/2.7.5 Vary: X-Auth-Token x-openstack-request-id: req-a6d7d534-6383-41c8-81db-5c4a53abfb48 Content-Length: 249 Content-Type: application/json
RESP BODY: {"version": {"status": "stable", "updated": "2017-02-22T00:00:00Z", "media-types": [{"base": "application/json", "type": "application/vnd.openstack.identity-v3+json"}], "id": "v3.8", "links": [{"href": "http://10.0.0.11:35357/v3/", "rel": "self"}]}}

GET call to None for http://10.0.0.11:35357/v3 used request id req-a6d7d534-6383-41c8-81db-5c4a53abfb48
Making authentication request to http://10.0.0.11:35357/v3/auth/tokens
"POST /v3/auth/tokens HTTP/1.1" 201 2937
{"token": {"is_domain": false, "methods": ["password"], "roles": [{"id": "7be880f2619e49bcba8b0792d38c6720", "name": "admin"}], "expires_at": "2017-06-22T05:22:33.000000Z", "project": {"domain": {"id": "default", "name": "Default"}, "id": "96c9b397c67047269b9a59470cf35622", "name": "admin"}, "catalog": [{"endpoints": [{"url": "http://10.0.0.11:5000/v3/", "interface": "public", "region": "RegionOne", "region_id": "RegionOne", "id": "7616f05adf54471e85a944e89786e5e4"}, {"url": "http://10.0.0.11:35357/v3/", "interface": "admin", "region": "RegionOne", "region_id": "RegionOne", "id": "a8198d52bb674832b39ea5868021c90f"}, {"url": "http://10.0.0.11:5000/v3/", "interface": "internal", "region": "RegionOne", "region_id": "RegionOne", "id": "f1ecf62bf9aa42b7863e550f3a676826"}], "type": "identity", "id": "007242401dc048f08b80725d96326e14", "name": "keystone"}, {"endpoints": [{"url": "http://10.0.0.11:8776/v2/96c9b397c67047269b9a59470cf35622", "interface": "public", "region": "RegionOne", "region_id": "RegionOne", "id": "071d96e442104758b72d177d658d9ae1"}, {"url": "http://10.0.0.11:8776/v2/96c9b397c67047269b9a59470cf35622", "interface": "admin", "region": "RegionOne", "region_id": "RegionOne", "id": "17d8c7c8442b4b98a35655ea64c24431"}, {"url": "http://10.0.0.11:8776/v2/96c9b397c67047269b9a59470cf35622", "interface": "internal", "region": "RegionOne", "region_id": "RegionOne", "id": "2a438c0687d3421888028a5d7361abcf"}], "type": "volumev2", "id": "2f345104d98842a3a5c30dc1cedf5034", "name": "cinderv2"}, {"endpoints": [{"url": "http://10.0.0.11:9292", "interface": "internal", "region": "RegionOne", "region_id": "RegionOne", "id": "50577ac48e7446beabcd4336ddd3ad2f"}, {"url": "http://10.0.0.11:9292", "interface": "admin", "region": "RegionOne", "region_id": "RegionOne", "id": "56a6b82afcd3441fbd71499d62b9d3c1"}, {"url": "http://10.0.0.11:9292", "interface": "public", "region": "RegionOne", "region_id": "RegionOne", "id": "8f4702a609ff4d19a28a4a8e49691586"}], "type": "image", "id": "2f687904f968474f996023b590e97abd", "name": "glance"}, {"endpoints": [{"url": "http://10.0.0.11:8776/v3/96c9b397c67047269b9a59470cf35622", "interface": "admin", "region": "RegionOne", "region_id": "RegionOne", "id": "37ee2246b2574cb0bc9bddc218ad0302"}, {"url": "http://10.0.0.11:8776/v3/96c9b397c67047269b9a59470cf35622", "interface": "public", "region": "RegionOne", "region_id": "RegionOne", "id": "e144fd22c09c4b2cafd3da6b3d599e65"}, {"url": "http://10.0.0.11:8776/v3/96c9b397c67047269b9a59470cf35622", "interface": "internal", "region": "RegionOne", "region_id": "RegionOne", "id": "fc3d60c259c84ff698d298fdf797f867"}], "type": "volumev3", "id": "b0de425c3f7d463796a24fb4e107e80a", "name": "cinderv3"}], "user": {"domain": {"id": "default", "name": "Default"}, "password_expires_at": null, "name": "admin", "id": "35e74dfcd02946d1ae95467f14c3bfb8"}, "audit_ids": ["-fgv9RJbTASCPup6FdBdyQ"], "issued_at": "2017-06-22T04:22:33.000000Z"}}
run(Namespace(columns=[], formatter='table', limit=None, long=False, marker=None, max_width=0, noindent=False, page_size=None, print_empty=False, private=False, property=None, public=False, quote_mode='nonnumeric', shared=False, sort='name:asc'))
Instantiating image client: <class 'glanceclient.v2.client.Client'>
Making authentication request to http://10.0.0.11:35357/v3/auth/tokens
"POST /v3/auth/tokens HTTP/1.1" 201 2937
{"token": {"is_domain": false, "methods": ["password"], "roles": [{"id": "7be880f2619e49bcba8b0792d38c6720", "name": "admin"}], "expires_at": "2017-06-22T05:22:34.000000Z", "project": {"domain": {"id": "default", "name": "Default"}, "id": "96c9b397c67047269b9a59470cf35622", "name": "admin"}, "catalog": [{"endpoints": [{"url": "http://10.0.0.11:5000/v3/", "interface": "public", "region": "RegionOne", "region_id": "RegionOne", "id": "7616f05adf54471e85a944e89786e5e4"}, {"url": "http://10.0.0.11:35357/v3/", "interface": "admin", "region": "RegionOne", "region_id": "RegionOne", "id": "a8198d52bb674832b39ea5868021c90f"}, {"url": "http://10.0.0.11:5000/v3/", "interface": "internal", "region": "RegionOne", "region_id": "RegionOne", "id": "f1ecf62bf9aa42b7863e550f3a676826"}], "type": "identity", "id": "007242401dc048f08b80725d96326e14", "name": "keystone"}, {"endpoints": [{"url": "http://10.0.0.11:8776/v2/96c9b397c67047269b9a59470cf35622", "interface": "public", "region": "RegionOne", "region_id": "RegionOne", "id": "071d96e442104758b72d177d658d9ae1"}, {"url": "http://10.0.0.11:8776/v2/96c9b397c67047269b9a59470cf35622", "interface": "admin", "region": "RegionOne", "region_id": "RegionOne", "id": "17d8c7c8442b4b98a35655ea64c24431"}, {"url": "http://10.0.0.11:8776/v2/96c9b397c67047269b9a59470cf35622", "interface": "internal", "region": "RegionOne", "region_id": "RegionOne", "id": "2a438c0687d3421888028a5d7361abcf"}], "type": "volumev2", "id": "2f345104d98842a3a5c30dc1cedf5034", "name": "cinderv2"}, {"endpoints": [{"url": "http://10.0.0.11:9292", "interface": "internal", "region": "RegionOne", "region_id": "RegionOne", "id": "50577ac48e7446beabcd4336ddd3ad2f"}, {"url": "http://10.0.0.11:9292", "interface": "admin", "region": "RegionOne", "region_id": "RegionOne", "id": "56a6b82afcd3441fbd71499d62b9d3c1"}, {"url": "http://10.0.0.11:9292", "interface": "public", "region": "RegionOne", "region_id": "RegionOne", "id": "8f4702a609ff4d19a28a4a8e49691586"}], "type": "image", "id": "2f687904f968474f996023b590e97abd", "name": "glance"}, {"endpoints": [{"url": "http://10.0.0.11:8776/v3/96c9b397c67047269b9a59470cf35622", "interface": "admin", "region": "RegionOne", "region_id": "RegionOne", "id": "37ee2246b2574cb0bc9bddc218ad0302"}, {"url": "http://10.0.0.11:8776/v3/96c9b397c67047269b9a59470cf35622", "interface": "public", "region": "RegionOne", "region_id": "RegionOne", "id": "e144fd22c09c4b2cafd3da6b3d599e65"}, {"url": "http://10.0.0.11:8776/v3/96c9b397c67047269b9a59470cf35622", "interface": "internal", "region": "RegionOne", "region_id": "RegionOne", "id": "fc3d60c259c84ff698d298fdf797f867"}], "type": "volumev3", "id": "b0de425c3f7d463796a24fb4e107e80a", "name": "cinderv3"}], "user": {"domain": {"id": "default", "name": "Default"}, "password_expires_at": null, "name": "admin", "id": "35e74dfcd02946d1ae95467f14c3bfb8"}, "audit_ids": ["3_W3E4t_QF6oLrWVxPIPtg"], "issued_at": "2017-06-22T04:22:34.000000Z"}}
Instantiating image api: <class 'openstackclient.api.image_v2.APIv2'>
REQ: curl -g -i -X GET "http://10.0.0.11:9292/v2/images?marker=None" -H "User-Agent: osc-lib/1.3.0 keystoneauth1/2.18.0 python-requests/2.11.1 CPython/2.7.5" -H "X-Auth-Token: {SHA1}e9ce6d64ca4a646b2a020624fe1464ed31aa9deb"
Starting new HTTP connection (1): 10.0.0.11
"GET /v2/images HTTP/1.1" 401 253
RESP: [401] Content-Length: 253 Content-Type: text/plain; charset=UTF-8 Www-Authenticate: Keystone uri='http://10.0.0.11:5000' Date: Thu, 22 Jun 2017 04:22:34 GMT
RESP BODY: Omitted, Content-Type is set to text/plain; charset=UTF-8. Only application/json responses have their bodies logged.

Making authentication request to http://10.0.0.11:35357/v3/auth/tokens
"POST /v3/auth/tokens HTTP/1.1" 201 2937
{"token": {"is_domain": false, "methods": ["password"], "roles": [{"id": "7be880f2619e49bcba8b0792d38c6720", "name": "admin"}], "expires_at": "2017-06-22T05:22:34.000000Z", "project": {"domain": {"id": "default", "name": "Default"}, "id": "96c9b397c67047269b9a59470cf35622", "name": "admin"}, "catalog": [{"endpoints": [{"url": "http://10.0.0.11:5000/v3/", "interface": "public", "region": "RegionOne", "region_id": "RegionOne", "id": "7616f05adf54471e85a944e89786e5e4"}, {"url": "http://10.0.0.11:35357/v3/", "interface": "admin", "region": "RegionOne", "region_id": "RegionOne", "id": "a8198d52bb674832b39ea5868021c90f"}, {"url": "http://10.0.0.11:5000/v3/", "interface": "internal", "region": "RegionOne", "region_id": "RegionOne", "id": "f1ecf62bf9aa42b7863e550f3a676826"}], "type": "identity", "id": "007242401dc048f08b80725d96326e14", "name": "keystone"}, {"endpoints": [{"url": "http://10.0.0.11:8776/v2/96c9b397c67047269b9a59470cf35622", "interface": "public", "region": "RegionOne", "region_id": "RegionOne", "id": "071d96e442104758b72d177d658d9ae1"}, {"url": "http://10.0.0.11:8776/v2/96c9b397c67047269b9a59470cf35622", "interface": "admin", "region": "RegionOne", "region_id": "RegionOne", "id": "17d8c7c8442b4b98a35655ea64c24431"}, {"url": "http://10.0.0.11:8776/v2/96c9b397c67047269b9a59470cf35622", "interface": "internal", "region": "RegionOne", "region_id": "RegionOne", "id": "2a438c0687d3421888028a5d7361abcf"}], "type": "volumev2", "id": "2f345104d98842a3a5c30dc1cedf5034", "name": "cinderv2"}, {"endpoints": [{"url": "http://10.0.0.11:9292", "interface": "internal", "region": "RegionOne", "region_id": "RegionOne", "id": "50577ac48e7446beabcd4336ddd3ad2f"}, {"url": "http://10.0.0.11:9292", "interface": "admin", "region": "RegionOne", "region_id": "RegionOne", "id": "56a6b82afcd3441fbd71499d62b9d3c1"}, {"url": "http://10.0.0.11:9292", "interface": "public", "region": "RegionOne", "region_id": "RegionOne", "id": "8f4702a609ff4d19a28a4a8e49691586"}], "type": "image", "id": "2f687904f968474f996023b590e97abd", "name": "glance"}, {"endpoints": [{"url": "http://10.0.0.11:8776/v3/96c9b397c67047269b9a59470cf35622", "interface": "admin", "region": "RegionOne", "region_id": "RegionOne", "id": "37ee2246b2574cb0bc9bddc218ad0302"}, {"url": "http://10.0.0.11:8776/v3/96c9b397c67047269b9a59470cf35622", "interface": "public", "region": "RegionOne", "region_id": "RegionOne", "id": "e144fd22c09c4b2cafd3da6b3d599e65"}, {"url": "http://10.0.0.11:8776/v3/96c9b397c67047269b9a59470cf35622", "interface": "internal", "region": "RegionOne", "region_id": "RegionOne", "id": "fc3d60c259c84ff698d298fdf797f867"}], "type": "volumev3", "id": "b0de425c3f7d463796a24fb4e107e80a", "name": "cinderv3"}], "user": {"domain": {"id": "default", "name": "Default"}, "password_expires_at": null, "name": "admin", "id": "35e74dfcd02946d1ae95467f14c3bfb8"}, "audit_ids": ["oai2o1URQOSXCY0tdnzjGw"], "issued_at": "2017-06-22T04:22:34.000000Z"}}
"GET /v2/images HTTP/1.1" 401 253
RESP: [401] Content-Length: 253 Content-Type: text/plain; charset=UTF-8 Www-Authenticate: Keystone uri='http://10.0.0.11:5000' Date: Thu, 22 Jun 2017 04:22:35 GMT
RESP BODY: Omitted, Content-Type is set to text/plain; charset=UTF-8. Only application/json responses have their bodies logged.

Request returned failure status: 401
Unauthorized (HTTP 401)
Traceback (most recent call last):
  File "/usr/lib/python2.7/site-packages/cliff/app.py", line 400, in run_subcommand
    result = cmd.run(parsed_args)
  File "/usr/lib/python2.7/site-packages/osc_lib/command/command.py", line 41, in run
    return super(Command, self).run(parsed_args)
  File "/usr/lib/python2.7/site-packages/cliff/display.py", line 112, in run
    column_names, data = self.take_action(parsed_args)
  File "/usr/lib/python2.7/site-packages/openstackclient/image/v2/image.py", line 533, in take_action
    page = image_client.api.image_list(marker=marker, **kwargs)
  File "/usr/lib/python2.7/site-packages/openstackclient/api/image_v2.py", line 74, in image_list
    return self.list(url, **filter)['images']
  File "/usr/lib/python2.7/site-packages/openstackclient/api/api.py", line 198, in list
    params=params,
  File "/usr/lib/python2.7/site-packages/openstackclient/api/api.py", line 84, in _request
    return session.request(url, method, **kwargs)
  File "/usr/lib/python2.7/site-packages/osc_lib/session.py", line 40, in request
    resp = super(TimingSession, self).request(url, method, **kwargs)
  File "/usr/lib/python2.7/site-packages/positional/__init__.py", line 101, in inner
    return wrapped(*args, **kwargs)
  File "/usr/lib/python2.7/site-packages/keystoneauth1/session.py", line 655, in request
    raise exceptions.from_response(resp, method, url)
Unauthorized: Unauthorized (HTTP 401)
clean_up ListImage: Unauthorized (HTTP 401)
Traceback (most recent call last):
  File "/usr/lib/python2.7/site-packages/osc_lib/shell.py", line 135, in run
    ret_val = super(OpenStackShell, self).run(argv)
  File "/usr/lib/python2.7/site-packages/cliff/app.py", line 279, in run
    result = self.run_subcommand(remainder)
  File "/usr/lib/python2.7/site-packages/osc_lib/shell.py", line 180, in run_subcommand
    ret_value = super(OpenStackShell, self).run_subcommand(argv)
  File "/usr/lib/python2.7/site-packages/cliff/app.py", line 400, in run_subcommand
    result = cmd.run(parsed_args)
  File "/usr/lib/python2.7/site-packages/osc_lib/command/command.py", line 41, in run
    return super(Command, self).run(parsed_args)
  File "/usr/lib/python2.7/site-packages/cliff/display.py", line 112, in run
    column_names, data = self.take_action(parsed_args)
  File "/usr/lib/python2.7/site-packages/openstackclient/image/v2/image.py", line 533, in take_action
    page = image_client.api.image_list(marker=marker, **kwargs)
  File "/usr/lib/python2.7/site-packages/openstackclient/api/image_v2.py", line 74, in image_list
    return self.list(url, **filter)['images']
  File "/usr/lib/python2.7/site-packages/openstackclient/api/api.py", line 198, in list
    params=params,
  File "/usr/lib/python2.7/site-packages/openstackclient/api/api.py", line 84, in _request
    return session.request(url, method, **kwargs)
  File "/usr/lib/python2.7/site-packages/osc_lib/session.py", line 40, in request
    resp = super(TimingSession, self).request(url, method, **kwargs)
  File "/usr/lib/python2.7/site-packages/positional/__init__.py", line 101, in inner
    return wrapped(*args, **kwargs)
  File "/usr/lib/python2.7/site-packages/keystoneauth1/session.py", line 655, in request
    raise exceptions.from_response(resp, method, url)
Unauthorized: Unauthorized (HTTP 401)

END return value: 1
[root@controller1 ~ (admin)]#

When I changed endpoint URL of solved the issue. Root cause is fernet-keys and credential-keys. The keys in three controllers were different. Once I copied the fernet-keys and credential-keys from controller1 to controller2 and controller3, glance from 10.0.0.11 to 10.0.0.12, "glance image list" worked. 10.0.0.11 is the VIP and 10.0.0.12 is controller1.worked well.

VIP: 10.0.0.11 controller1: 10.0.0.12 controller2: 10.0.0.13 controller3: 10.0.0.14

[root@controller1 ~ (admin)]# openstack endpoint list
+----------------------------------+-----------+--------------+--------------+---------+-----------+----------------------------+
| ID                               | Region    | Service Name | Service Type | Enabled | Interface | URL                        |
+----------------------------------+-----------+--------------+--------------+---------+-----------+----------------------------+
| 50577ac48e7446beabcd4336ddd3ad2f | RegionOne | glance       | image        | True    | internal  | http://10.0.0.11:9292      |
| 56a6b82afcd3441fbd71499d62b9d3c1 | RegionOne | glance       | image        | True    | admin     | http://10.0.0.11:9292      |
| 7616f05adf54471e85a944e89786e5e4 | RegionOne | keystone     | identity     | True    | public    | http://10.0.0.11:5000/v3/  |
| 8f4702a609ff4d19a28a4a8e49691586 | RegionOne | glance       | image        | True    | public    | http://10.0.0.11:9292      |
| a8198d52bb674832b39ea5868021c90f | RegionOne | keystone     | identity     | True    | admin     | http://10.0.0.11:35357/v3/ |
| f1ecf62bf9aa42b7863e550f3a676826 | RegionOne | keystone     | identity     | True    | internal  | http://10.0.0.11:5000/v3/  |
+----------------------------------+-----------+--------------+--------------+---------+-----------+----------------------------+
[root@controller1 ~ (admin)]# openstack endpoint set --url "http://10.0.0.12:9292" 50577ac48e7446beabcd4336ddd3ad2f
[root@controller1 ~ (admin)]# openstack endpoint set --url "http://10.0.0.12:9292" 56a6b82afcd3441fbd71499d62b9d3c1
[root@controller1 ~ (admin)]# openstack endpoint set --url "http://10.0.0.12:9292" 8f4702a609ff4d19a28a4a8e49691586
[root@controller1 ~ (admin)]# openstack endpoint list
+----------------------------------+-----------+--------------+--------------+---------+-----------+----------------------------+
| ID                               | Region    | Service Name | Service Type | Enabled | Interface | URL                        |
+----------------------------------+-----------+--------------+--------------+---------+-----------+----------------------------+
| 50577ac48e7446beabcd4336ddd3ad2f | RegionOne | glance       | image        | True    | internal  | http://10.0.0.12:9292      |
| 56a6b82afcd3441fbd71499d62b9d3c1 | RegionOne | glance       | image        | True    | admin     | http://10.0.0.12:9292      |
| 7616f05adf54471e85a944e89786e5e4 | RegionOne | keystone     | identity     | True    | public    | http://10.0.0.11:5000/v3/  |
| 8f4702a609ff4d19a28a4a8e49691586 | RegionOne | glance       | image        | True    | public    | http://10.0.0.12:9292      |
| a8198d52bb674832b39ea5868021c90f | RegionOne | keystone     | identity     | True    | admin     | http://10.0.0.11:35357/v3/ |
| f1ecf62bf9aa42b7863e550f3a676826 | RegionOne | keystone     | identity     | True    | internal  | http://10.0.0.11:5000/v3/  |
+----------------------------------+-----------+--------------+--------------+---------+-----------+----------------------------+

[root@controller1 ~ (admin)]# openstack image list

[root@controller1 ~ (admin)]#

There is no unauthorized error now. But how to add all the controllers IPs (10.0.0.12, 10.0.0.13, 10.0.0.14) to endpoint catalog?

When I restored VIP (10.0.0.11) as the endpoint IP for glance (image) service in endpoint catalog, "openstack image list" started throwing "Unauthorized (HTTP 401)" error.

[root@controller1 ~ (admin)]# openstack endpoint list --service image
+----------------------------------+-----------+--------------+--------------+---------+-----------+-----------------------+
| ID                               | Region    | Service Name | Service Type | Enabled | Interface | URL                   |
+----------------------------------+-----------+--------------+--------------+---------+-----------+-----------------------+
| 50577ac48e7446beabcd4336ddd3ad2f | RegionOne | glance       | image        | True    | internal  | http://10.0.0.11:9292 |
| 56a6b82afcd3441fbd71499d62b9d3c1 | RegionOne | glance       | image        | True    | admin     | http://10.0.0.11:9292 |
| 8f4702a609ff4d19a28a4a8e49691586 | RegionOne | glance       | image        | True    | public    | http://10.0.0.11:9292 |
+----------------------------------+-----------+--------------+--------------+---------+-----------+-----------------------+
[root@controller1 ~ (admin)]# openstack image list
Unauthorized (HTTP 401)

2017-June-22: I ran "openstack --debug image list" to get more details about the error.

[root@controller1 ~ (admin)]# openstack --debug image list
START with options: [u'--debug', u'image', u'list']
options: Namespace(access_key='', access_secret='***', access_token='***', access_token_endpoint='', access_token_type='', auth_type='', auth_url='http://10.0.0.11:35357/v3', cacert=None, cert='', client_id='', client_secret='***', cloud='', code='', consumer_key='', consumer_secret='***', debug=True, default_domain='default', default_domain_id='', default_domain_name='', deferred_help=False, discovery_endpoint='', domain_id='', domain_name='', endpoint='', identity_provider='', identity_provider_url='', insecure=None, interface='', key='', log_file=None, old_profile=None, openid_scope='', os_beta_command=False, os_compute_api_version='', os_identity_api_version='3', os_image_api_version='2', os_key_manager_api_version='1', os_network_api_version='', os_object_api_version='', os_project_id=None, os_project_name=None, os_volume_api_version='', passcode='', password='***', profile=None, project_domain_id='', project_domain_name='Default', project_id='', project_name='admin', protocol='', redirect_uri='', region_name='', timing=False, token='***', trust_id='', url='', user_domain_id='', user_domain_name='Default', user_id='', username='admin', verbose_level=3, verify=None)
Auth plugin password selected
auth_config_hook(): {'auth_type': 'password', 'beta_command': False, u'compute_api_version': u'2', 'key': None, u'database_api_version': u'1.0', 'cacert': None, 'auth_url': 'http://10.0.0.11:35357/v3', u'network_api_version': u'2', u'message': u'', u'image_format': u'qcow2', 'networks': [], u'image_api_version': '2', 'verify': True, u'dns_api_version': u'2', u'object_store_api_version': u'1', 'username': 'admin', u'container_infra_api_version': u'1', 'verbose_level': 3, 'region_name': '', 'api_timeout': None, u'baremetal_api_version': u'1', 'auth': {'user_domain_name': 'Default', 'project_name': 'admin', 'project_domain_name': 'Default'}, 'default_domain': 'default', u'container_api_version': u'1', u'image_api_use_tasks': False, u'floating_ip_source': u'neutron', u'orchestration_api_version': u'1', 'timing': False, 'password': '***', u'application_catalog_api_version': u'1', u'key_manager_api_version': '1', u'metering_api_version': u'2', 'deferred_help': False, u'identity_api_version': '3', u'volume_api_version': u'2', 'cert': None, u'secgroup_source': u'neutron', u'status': u'active', 'debug': True, u'interface': None, u'disable_vendor_agent': {}}
defaults: {u'auth_type': 'password', u'status': u'active', u'compute_api_version': u'2', 'key': None, u'database_api_version': u'1.0', 'api_timeout': None, u'baremetal_api_version': u'1', u'image_api_version': u'2', u'container_infra_api_version': u'1', u'metering_api_version': u'2', u'image_api_use_tasks': False, u'floating_ip_source': u'neutron', u'orchestration_api_version': u'1', 'cacert': None, u'network_api_version': u'2', u'message': u'', u'image_format': u'qcow2', u'application_catalog_api_version': u'1', u'key_manager_api_version': u'v1', 'verify': True, u'identity_api_version': u'2.0', u'volume_api_version': u'2', 'cert': None, u'secgroup_source': u'neutron', u'container_api_version': u'1', u'dns_api_version': u'2', u'object_store_api_version': u'1', u'interface': None, u'disable_vendor_agent': {}}
cloud cfg: {'auth_type': 'password', 'beta_command': False, u'compute_api_version': u'2', 'key': None, u'database_api_version': u'1.0', 'cacert': None, 'auth_url': 'http://10.0.0.11:35357/v3', u'network_api_version': u'2', u'message': u'', u'image_format': u'qcow2', 'networks': [], u'image_api_version': '2', 'verify': True, u'dns_api_version': u'2', u'object_store_api_version': u'1', 'username': 'admin', u'container_infra_api_version': u'1', 'verbose_level': 3, 'region_name': '', 'api_timeout': None, u'baremetal_api_version': u'1', 'auth': {'user_domain_name': 'Default', 'project_name': 'admin', 'project_domain_name': 'Default'}, 'default_domain': 'default', u'container_api_version': u'1', u'image_api_use_tasks': False, u'floating_ip_source': u'neutron', u'orchestration_api_version': u'1', 'timing': False, 'password': '***', u'application_catalog_api_version': u'1', u'key_manager_api_version': '1', u'metering_api_version': u'2', 'deferred_help': False, u'identity_api_version': '3', u'volume_api_version': u'2', 'cert': None, u'secgroup_source': u'neutron', u'status': u'active', 'debug': True, u'interface': None, u'disable_vendor_agent': {}}
compute API version 2, cmd group openstack.compute.v2
network API version 2, cmd group openstack.network.v2
image API version 2, cmd group openstack.image.v2
volume API version 2, cmd group openstack.volume.v2
identity API version 3, cmd group openstack.identity.v3
object_store API version 1, cmd group openstack.object_store.v1
neutronclient API version 2, cmd group openstack.neutronclient.v2
key_manager API version 1, cmd group openstack.key_manager.v1
Auth plugin password selected
auth_config_hook(): {'auth_type': 'password', 'beta_command': False, u'compute_api_version': u'2', 'key': None, u'database_api_version': u'1.0', 'cacert': None, 'auth_url': 'http://10.0.0.11:35357/v3', u'network_api_version': u'2', u'message': u'', u'image_format': u'qcow2', 'networks': [], u'image_api_version': '2', 'verify': True, u'dns_api_version': u'2', u'object_store_api_version': u'1', 'username': 'admin', u'container_infra_api_version': u'1', 'verbose_level': 3, 'region_name': '', 'api_timeout': None, u'baremetal_api_version': u'1', 'auth': {'user_domain_name': 'Default', 'project_name': 'admin', 'project_domain_name': 'Default'}, 'default_domain': 'default', u'container_api_version': u'1', u'image_api_use_tasks': False, u'floating_ip_source': u'neutron', u'orchestration_api_version': u'1', 'timing': False, 'password': '***', u'application_catalog_api_version': u'1', u'key_manager_api_version': '1', u'metering_api_version': u'2', 'deferred_help': False, u'identity_api_version': '3', u'volume_api_version': u'2', 'cert': None, u'secgroup_source': u'neutron', u'status': u'active', 'debug': True, u'interface': None, u'disable_vendor_agent': {}}
Auth plugin password selected
auth_config_hook(): {'auth_type': 'password', 'beta_command': False, u'compute_api_version': u'2', 'key': None, u'database_api_version': u'1.0', 'cacert': None, 'auth_url': 'http://10.0.0.11:35357/v3', u'network_api_version': u'2', u'message': u'', u'image_format': u'qcow2', 'networks': [], u'image_api_version': '2', 'verify': True, u'dns_api_version': u'2', u'object_store_api_version': u'1', 'username': 'admin', u'container_infra_api_version': u'1', 'verbose_level': 3, 'region_name': '', 'api_timeout': None, u'baremetal_api_version': u'1', 'auth': {'user_domain_name': 'Default', 'project_name': 'admin', 'project_domain_name': 'Default'}, 'default_domain': 'default', u'container_api_version': u'1', u'image_api_use_tasks': False, u'floating_ip_source': u'neutron', u'orchestration_api_version': u'1', 'timing': False, 'password': '***', u'application_catalog_api_version': u'1', u'key_manager_api_version': '1', u'metering_api_version': u'2', 'deferred_help': False, u'identity_api_version': '3', u'volume_api_version': u'2', 'cert': None, u'secgroup_source': u'neutron', u'status': u'active', 'debug': True, u'interface': None, u'disable_vendor_agent': {}}
command: image list -> openstackclient.image.v2.image.ListImage
Auth plugin password selected
auth_config_hook(): {'auth_type': 'password', 'beta_command': False, u'compute_api_version': u'2', 'key': None, u'database_api_version': u'1.0', 'cacert': None, 'auth_url': 'http://10.0.0.11:35357/v3', u'network_api_version': u'2', u'message': u'', u'image_format': u'qcow2', 'networks': [], u'image_api_version': '2', 'verify': True, u'dns_api_version': u'2', u'object_store_api_version': u'1', 'username': 'admin', u'container_infra_api_version': u'1', 'verbose_level': 3, 'region_name': '', 'api_timeout': None, u'baremetal_api_version': u'1', 'auth': {'user_domain_name': 'Default', 'project_name': 'admin', 'project_domain_name': 'Default'}, 'default_domain': 'default', u'container_api_version': u'1', u'image_api_use_tasks': False, u'floating_ip_source': u'neutron', u'orchestration_api_version': u'1', 'timing': False, 'password': '***', u'application_catalog_api_version': u'1', u'key_manager_api_version': '1', u'metering_api_version': u'2', 'deferred_help': False, u'identity_api_version': '3', u'volume_api_version': u'2', 'cert': None, u'secgroup_source': u'neutron', u'status': u'active', 'debug': True, u'interface': None, u'disable_vendor_agent': {}}
Using auth plugin: password
Using parameters {'username': 'admin', 'project_name': 'admin', 'user_domain_name': 'Default', 'auth_url': 'http://10.0.0.11:35357/v3', 'password': '***', 'project_domain_name': 'Default'}
Get auth_ref
REQ: curl -g -i -X GET http://10.0.0.11:35357/v3 -H "Accept: application/json" -H "User-Agent: osc-lib/1.3.0 keystoneauth1/2.18.0 python-requests/2.11.1 CPython/2.7.5"
Starting new HTTP connection (1): 10.0.0.11
"GET /v3 HTTP/1.1" 200 249
RESP: [200] Date: Thu, 22 Jun 2017 04:22:33 GMT Server: Apache/2.4.6 (CentOS) mod_wsgi/3.4 Python/2.7.5 Vary: X-Auth-Token x-openstack-request-id: req-a6d7d534-6383-41c8-81db-5c4a53abfb48 Content-Length: 249 Content-Type: application/json
RESP BODY: {"version": {"status": "stable", "updated": "2017-02-22T00:00:00Z", "media-types": [{"base": "application/json", "type": "application/vnd.openstack.identity-v3+json"}], "id": "v3.8", "links": [{"href": "http://10.0.0.11:35357/v3/", "rel": "self"}]}}

GET call to None for http://10.0.0.11:35357/v3 used request id req-a6d7d534-6383-41c8-81db-5c4a53abfb48
Making authentication request to http://10.0.0.11:35357/v3/auth/tokens
"POST /v3/auth/tokens HTTP/1.1" 201 2937
{"token": {"is_domain": false, "methods": ["password"], "roles": [{"id": "7be880f2619e49bcba8b0792d38c6720", "name": "admin"}], "expires_at": "2017-06-22T05:22:33.000000Z", "project": {"domain": {"id": "default", "name": "Default"}, "id": "96c9b397c67047269b9a59470cf35622", "name": "admin"}, "catalog": [{"endpoints": [{"url": "http://10.0.0.11:5000/v3/", "interface": "public", "region": "RegionOne", "region_id": "RegionOne", "id": "7616f05adf54471e85a944e89786e5e4"}, {"url": "http://10.0.0.11:35357/v3/", "interface": "admin", "region": "RegionOne", "region_id": "RegionOne", "id": "a8198d52bb674832b39ea5868021c90f"}, {"url": "http://10.0.0.11:5000/v3/", "interface": "internal", "region": "RegionOne", "region_id": "RegionOne", "id": "f1ecf62bf9aa42b7863e550f3a676826"}], "type": "identity", "id": "007242401dc048f08b80725d96326e14", "name": "keystone"}, {"endpoints": [{"url": "http://10.0.0.11:8776/v2/96c9b397c67047269b9a59470cf35622", "interface": "public", "region": "RegionOne", "region_id": "RegionOne", "id": "071d96e442104758b72d177d658d9ae1"}, {"url": "http://10.0.0.11:8776/v2/96c9b397c67047269b9a59470cf35622", "interface": "admin", "region": "RegionOne", "region_id": "RegionOne", "id": "17d8c7c8442b4b98a35655ea64c24431"}, {"url": "http://10.0.0.11:8776/v2/96c9b397c67047269b9a59470cf35622", "interface": "internal", "region": "RegionOne", "region_id": "RegionOne", "id": "2a438c0687d3421888028a5d7361abcf"}], "type": "volumev2", "id": "2f345104d98842a3a5c30dc1cedf5034", "name": "cinderv2"}, {"endpoints": [{"url": "http://10.0.0.11:9292", "interface": "internal", "region": "RegionOne", "region_id": "RegionOne", "id": "50577ac48e7446beabcd4336ddd3ad2f"}, {"url": "http://10.0.0.11:9292", "interface": "admin", "region": "RegionOne", "region_id": "RegionOne", "id": "56a6b82afcd3441fbd71499d62b9d3c1"}, {"url": "http://10.0.0.11:9292", "interface": "public", "region": "RegionOne", "region_id": "RegionOne", "id": "8f4702a609ff4d19a28a4a8e49691586"}], "type": "image", "id": "2f687904f968474f996023b590e97abd", "name": "glance"}, {"endpoints": [{"url": "http://10.0.0.11:8776/v3/96c9b397c67047269b9a59470cf35622", "interface": "admin", "region": "RegionOne", "region_id": "RegionOne", "id": "37ee2246b2574cb0bc9bddc218ad0302"}, {"url": "http://10.0.0.11:8776/v3/96c9b397c67047269b9a59470cf35622", "interface": "public", "region": "RegionOne", "region_id": "RegionOne", "id": "e144fd22c09c4b2cafd3da6b3d599e65"}, {"url": "http://10.0.0.11:8776/v3/96c9b397c67047269b9a59470cf35622", "interface": "internal", "region": "RegionOne", "region_id": "RegionOne", "id": "fc3d60c259c84ff698d298fdf797f867"}], "type": "volumev3", "id": "b0de425c3f7d463796a24fb4e107e80a", "name": "cinderv3"}], "user": {"domain": {"id": "default", "name": "Default"}, "password_expires_at": null, "name": "admin", "id": "35e74dfcd02946d1ae95467f14c3bfb8"}, "audit_ids": ["-fgv9RJbTASCPup6FdBdyQ"], "issued_at": "2017-06-22T04:22:33.000000Z"}}
run(Namespace(columns=[], formatter='table', limit=None, long=False, marker=None, max_width=0, noindent=False, page_size=None, print_empty=False, private=False, property=None, public=False, quote_mode='nonnumeric', shared=False, sort='name:asc'))
Instantiating image client: <class 'glanceclient.v2.client.Client'>
Making authentication request to http://10.0.0.11:35357/v3/auth/tokens
"POST /v3/auth/tokens HTTP/1.1" 201 2937
{"token": {"is_domain": false, "methods": ["password"], "roles": [{"id": "7be880f2619e49bcba8b0792d38c6720", "name": "admin"}], "expires_at": "2017-06-22T05:22:34.000000Z", "project": {"domain": {"id": "default", "name": "Default"}, "id": "96c9b397c67047269b9a59470cf35622", "name": "admin"}, "catalog": [{"endpoints": [{"url": "http://10.0.0.11:5000/v3/", "interface": "public", "region": "RegionOne", "region_id": "RegionOne", "id": "7616f05adf54471e85a944e89786e5e4"}, {"url": "http://10.0.0.11:35357/v3/", "interface": "admin", "region": "RegionOne", "region_id": "RegionOne", "id": "a8198d52bb674832b39ea5868021c90f"}, {"url": "http://10.0.0.11:5000/v3/", "interface": "internal", "region": "RegionOne", "region_id": "RegionOne", "id": "f1ecf62bf9aa42b7863e550f3a676826"}], "type": "identity", "id": "007242401dc048f08b80725d96326e14", "name": "keystone"}, {"endpoints": [{"url": "http://10.0.0.11:8776/v2/96c9b397c67047269b9a59470cf35622", "interface": "public", "region": "RegionOne", "region_id": "RegionOne", "id": "071d96e442104758b72d177d658d9ae1"}, {"url": "http://10.0.0.11:8776/v2/96c9b397c67047269b9a59470cf35622", "interface": "admin", "region": "RegionOne", "region_id": "RegionOne", "id": "17d8c7c8442b4b98a35655ea64c24431"}, {"url": "http://10.0.0.11:8776/v2/96c9b397c67047269b9a59470cf35622", "interface": "internal", "region": "RegionOne", "region_id": "RegionOne", "id": "2a438c0687d3421888028a5d7361abcf"}], "type": "volumev2", "id": "2f345104d98842a3a5c30dc1cedf5034", "name": "cinderv2"}, {"endpoints": [{"url": "http://10.0.0.11:9292", "interface": "internal", "region": "RegionOne", "region_id": "RegionOne", "id": "50577ac48e7446beabcd4336ddd3ad2f"}, {"url": "http://10.0.0.11:9292", "interface": "admin", "region": "RegionOne", "region_id": "RegionOne", "id": "56a6b82afcd3441fbd71499d62b9d3c1"}, {"url": "http://10.0.0.11:9292", "interface": "public", "region": "RegionOne", "region_id": "RegionOne", "id": "8f4702a609ff4d19a28a4a8e49691586"}], "type": "image", "id": "2f687904f968474f996023b590e97abd", "name": "glance"}, {"endpoints": [{"url": "http://10.0.0.11:8776/v3/96c9b397c67047269b9a59470cf35622", "interface": "admin", "region": "RegionOne", "region_id": "RegionOne", "id": "37ee2246b2574cb0bc9bddc218ad0302"}, {"url": "http://10.0.0.11:8776/v3/96c9b397c67047269b9a59470cf35622", "interface": "public", "region": "RegionOne", "region_id": "RegionOne", "id": "e144fd22c09c4b2cafd3da6b3d599e65"}, {"url": "http://10.0.0.11:8776/v3/96c9b397c67047269b9a59470cf35622", "interface": "internal", "region": "RegionOne", "region_id": "RegionOne", "id": "fc3d60c259c84ff698d298fdf797f867"}], "type": "volumev3", "id": "b0de425c3f7d463796a24fb4e107e80a", "name": "cinderv3"}], "user": {"domain": {"id": "default", "name": "Default"}, "password_expires_at": null, "name": "admin", "id": "35e74dfcd02946d1ae95467f14c3bfb8"}, "audit_ids": ["3_W3E4t_QF6oLrWVxPIPtg"], "issued_at": "2017-06-22T04:22:34.000000Z"}}
Instantiating image api: <class 'openstackclient.api.image_v2.APIv2'>
REQ: curl -g -i -X GET "http://10.0.0.11:9292/v2/images?marker=None" -H "User-Agent: osc-lib/1.3.0 keystoneauth1/2.18.0 python-requests/2.11.1 CPython/2.7.5" -H "X-Auth-Token: {SHA1}e9ce6d64ca4a646b2a020624fe1464ed31aa9deb"
Starting new HTTP connection (1): 10.0.0.11
"GET /v2/images HTTP/1.1" 401 253
RESP: [401] Content-Length: 253 Content-Type: text/plain; charset=UTF-8 Www-Authenticate: Keystone uri='http://10.0.0.11:5000' Date: Thu, 22 Jun 2017 04:22:34 GMT
RESP BODY: Omitted, Content-Type is set to text/plain; charset=UTF-8. Only application/json responses have their bodies logged.

Making authentication request to http://10.0.0.11:35357/v3/auth/tokens
"POST /v3/auth/tokens HTTP/1.1" 201 2937
{"token": {"is_domain": false, "methods": ["password"], "roles": [{"id": "7be880f2619e49bcba8b0792d38c6720", "name": "admin"}], "expires_at": "2017-06-22T05:22:34.000000Z", "project": {"domain": {"id": "default", "name": "Default"}, "id": "96c9b397c67047269b9a59470cf35622", "name": "admin"}, "catalog": [{"endpoints": [{"url": "http://10.0.0.11:5000/v3/", "interface": "public", "region": "RegionOne", "region_id": "RegionOne", "id": "7616f05adf54471e85a944e89786e5e4"}, {"url": "http://10.0.0.11:35357/v3/", "interface": "admin", "region": "RegionOne", "region_id": "RegionOne", "id": "a8198d52bb674832b39ea5868021c90f"}, {"url": "http://10.0.0.11:5000/v3/", "interface": "internal", "region": "RegionOne", "region_id": "RegionOne", "id": "f1ecf62bf9aa42b7863e550f3a676826"}], "type": "identity", "id": "007242401dc048f08b80725d96326e14", "name": "keystone"}, {"endpoints": [{"url": "http://10.0.0.11:8776/v2/96c9b397c67047269b9a59470cf35622", "interface": "public", "region": "RegionOne", "region_id": "RegionOne", "id": "071d96e442104758b72d177d658d9ae1"}, {"url": "http://10.0.0.11:8776/v2/96c9b397c67047269b9a59470cf35622", "interface": "admin", "region": "RegionOne", "region_id": "RegionOne", "id": "17d8c7c8442b4b98a35655ea64c24431"}, {"url": "http://10.0.0.11:8776/v2/96c9b397c67047269b9a59470cf35622", "interface": "internal", "region": "RegionOne", "region_id": "RegionOne", "id": "2a438c0687d3421888028a5d7361abcf"}], "type": "volumev2", "id": "2f345104d98842a3a5c30dc1cedf5034", "name": "cinderv2"}, {"endpoints": [{"url": "http://10.0.0.11:9292", "interface": "internal", "region": "RegionOne", "region_id": "RegionOne", "id": "50577ac48e7446beabcd4336ddd3ad2f"}, {"url": "http://10.0.0.11:9292", "interface": "admin", "region": "RegionOne", "region_id": "RegionOne", "id": "56a6b82afcd3441fbd71499d62b9d3c1"}, {"url": "http://10.0.0.11:9292", "interface": "public", "region": "RegionOne", "region_id": "RegionOne", "id": "8f4702a609ff4d19a28a4a8e49691586"}], "type": "image", "id": "2f687904f968474f996023b590e97abd", "name": "glance"}, {"endpoints": [{"url": "http://10.0.0.11:8776/v3/96c9b397c67047269b9a59470cf35622", "interface": "admin", "region": "RegionOne", "region_id": "RegionOne", "id": "37ee2246b2574cb0bc9bddc218ad0302"}, {"url": "http://10.0.0.11:8776/v3/96c9b397c67047269b9a59470cf35622", "interface": "public", "region": "RegionOne", "region_id": "RegionOne", "id": "e144fd22c09c4b2cafd3da6b3d599e65"}, {"url": "http://10.0.0.11:8776/v3/96c9b397c67047269b9a59470cf35622", "interface": "internal", "region": "RegionOne", "region_id": "RegionOne", "id": "fc3d60c259c84ff698d298fdf797f867"}], "type": "volumev3", "id": "b0de425c3f7d463796a24fb4e107e80a", "name": "cinderv3"}], "user": {"domain": {"id": "default", "name": "Default"}, "password_expires_at": null, "name": "admin", "id": "35e74dfcd02946d1ae95467f14c3bfb8"}, "audit_ids": ["oai2o1URQOSXCY0tdnzjGw"], "issued_at": "2017-06-22T04:22:34.000000Z"}}
"GET /v2/images HTTP/1.1" 401 253
RESP: [401] Content-Length: 253 Content-Type: text/plain; charset=UTF-8 Www-Authenticate: Keystone uri='http://10.0.0.11:5000' Date: Thu, 22 Jun 2017 04:22:35 GMT
RESP BODY: Omitted, Content-Type is set to text/plain; charset=UTF-8. Only application/json responses have their bodies logged.

Request returned failure status: 401
Unauthorized (HTTP 401)
Traceback (most recent call last):
  File "/usr/lib/python2.7/site-packages/cliff/app.py", line 400, in run_subcommand
    result = cmd.run(parsed_args)
  File "/usr/lib/python2.7/site-packages/osc_lib/command/command.py", line 41, in run
    return super(Command, self).run(parsed_args)
  File "/usr/lib/python2.7/site-packages/cliff/display.py", line 112, in run
    column_names, data = self.take_action(parsed_args)
  File "/usr/lib/python2.7/site-packages/openstackclient/image/v2/image.py", line 533, in take_action
    page = image_client.api.image_list(marker=marker, **kwargs)
  File "/usr/lib/python2.7/site-packages/openstackclient/api/image_v2.py", line 74, in image_list
    return self.list(url, **filter)['images']
  File "/usr/lib/python2.7/site-packages/openstackclient/api/api.py", line 198, in list
    params=params,
  File "/usr/lib/python2.7/site-packages/openstackclient/api/api.py", line 84, in _request
    return session.request(url, method, **kwargs)
  File "/usr/lib/python2.7/site-packages/osc_lib/session.py", line 40, in request
    resp = super(TimingSession, self).request(url, method, **kwargs)
  File "/usr/lib/python2.7/site-packages/positional/__init__.py", line 101, in inner
    return wrapped(*args, **kwargs)
  File "/usr/lib/python2.7/site-packages/keystoneauth1/session.py", line 655, in request
    raise exceptions.from_response(resp, method, url)
Unauthorized: Unauthorized (HTTP 401)
clean_up ListImage: Unauthorized (HTTP 401)
Traceback (most recent call last):
  File "/usr/lib/python2.7/site-packages/osc_lib/shell.py", line 135, in run
    ret_val = super(OpenStackShell, self).run(argv)
  File "/usr/lib/python2.7/site-packages/cliff/app.py", line 279, in run
    result = self.run_subcommand(remainder)
  File "/usr/lib/python2.7/site-packages/osc_lib/shell.py", line 180, in run_subcommand
    ret_value = super(OpenStackShell, self).run_subcommand(argv)
  File "/usr/lib/python2.7/site-packages/cliff/app.py", line 400, in run_subcommand
    result = cmd.run(parsed_args)
  File "/usr/lib/python2.7/site-packages/osc_lib/command/command.py", line 41, in run
    return super(Command, self).run(parsed_args)
  File "/usr/lib/python2.7/site-packages/cliff/display.py", line 112, in run
    column_names, data = self.take_action(parsed_args)
  File "/usr/lib/python2.7/site-packages/openstackclient/image/v2/image.py", line 533, in take_action
    page = image_client.api.image_list(marker=marker, **kwargs)
  File "/usr/lib/python2.7/site-packages/openstackclient/api/image_v2.py", line 74, in image_list
    return self.list(url, **filter)['images']
  File "/usr/lib/python2.7/site-packages/openstackclient/api/api.py", line 198, in list
    params=params,
  File "/usr/lib/python2.7/site-packages/openstackclient/api/api.py", line 84, in _request
    return session.request(url, method, **kwargs)
  File "/usr/lib/python2.7/site-packages/osc_lib/session.py", line 40, in request
    resp = super(TimingSession, self).request(url, method, **kwargs)
  File "/usr/lib/python2.7/site-packages/positional/__init__.py", line 101, in inner
    return wrapped(*args, **kwargs)
  File "/usr/lib/python2.7/site-packages/keystoneauth1/session.py", line 655, in request
    raise exceptions.from_response(resp, method, url)
Unauthorized: Unauthorized (HTTP 401)

END return value: 1
[root@controller1 ~ (admin)]#