Ask Your Question

Revision history [back]

click to hide/show revision 1
initial version

It is clear case of mismatch of credentials what you are specifying in /etc/neutron/neutron.conf. Can you check those user name, passoword and tenant you specify in this file. I'm assuming that auth_strategy is mentioned neutron.conf file

Please check and revert me with following.

1. keystone user-list
2. keystone tenant-list
3. keystone role-list
4. keystone endpoint-list
5. keystone service-list

Check what you specified in neutron.conf indeed exist here.  Do let me know if this helps. Other wise ping me. we can quickly close this.

As suspected it was issue of mis-match of user credentials. There are two configuration files for neutron /etc/neutron/api-paste.conf /etc/neutron/neutron.conf

Following keystone authentication configurations were in both the configuration files. Preference is always for api-paste.conf. In this case password specified in api-paste.conf was wrong. This resulted neutron to fail with authentication with keystone.

[filter:authtoken] paste.filter_factory = keystoneclient.middleware.auth_token:filter_factory auth_host=192.168.1.194 auth_uri=http://192.168.1.194:5000 admin_user=neutron admin_tenant_name=service admin_password=nova

The auth_token middleware for keystone now enables you to configure auth_token in the neutron.conf file. You no longer have to edit the api-paste.ini file. This change does not break backward compatibility. The auth_token middleware first tries the configurations in /etc/neutron/api-paste.ini and then tries the neutron.conf configuration. If you currently use api-paste.ini, you do not need to change it

====================================================

It is clear case of mismatch of credentials what you are specifying in /etc/neutron/neutron.conf. Can you check those user name, passoword and tenant you specify in this file. I'm assuming that auth_strategy is mentioned neutron.conf file

Please check and revert me with following.

1. keystone user-list
2. keystone tenant-list
3. keystone role-list
4. keystone endpoint-list
5. keystone service-list

Check what you specified in neutron.conf indeed exist here.  Do let me know if this helps. Other wise ping me. we can quickly close this.

As suspected it was issue of mis-match of user credentials.
There are two configuration files for neutron
/etc/neutron/api-paste.conf
/etc/neutron/neutron.conf

/etc/neutron/neutron.conf

Following keystone authentication configurations were in both the configuration files. Preference is always for api-paste.conf. In this case password specified in api-paste.conf was wrong. This resulted neutron to fail with authentication with keystone.

[filter:authtoken]
paste.filter_factory = keystoneclient.middleware.auth_token:filter_factory
auth_host=192.168.1.194
auth_uri=http://192.168.1.194:5000
admin_user=neutron
admin_tenant_name=service
admin_password=novaadmin_password=nova

In this case password specified in api-paste.conf was wrong. Authentication information was correct in neutron.conf. This resulted neutron to fail with authentication with keystone.

The auth_token middleware for keystone now enables you to configure auth_token in the neutron.conf file. You no longer have to edit the api-paste.ini file. This change does not break backward compatibility. The auth_token middleware first tries the configurations in /etc/neutron/api-paste.ini and then tries the neutron.conf configuration. If you currently use api-paste.ini, you do not need to change it

====================================================

It is clear case of mismatch of credentials what you are specifying in /etc/neutron/neutron.conf. Can you check those user name, passoword and tenant you specify in this file. I'm assuming that auth_strategy is mentioned neutron.conf file

Please check and revert me with following.

1. keystone user-list
2. keystone tenant-list
3. keystone role-list
4. keystone endpoint-list
5. keystone service-list

Check what you specified in neutron.conf indeed exist here.  Do let me know if this helps. Other wise ping me. we can quickly close this.