Why will requesting keystone admin url /v3/s3tokens result in 404?

asked 2018-06-08 08:31:04 -0500

Florian Renner gravatar image

Hi,

currently I'm facing an issue regarding the s3 auth token in keystone. Trying to access s3 token URL will result in an 404 in keystone. From my point of view there is no reason, why it shouldn't work.

Did I miss something?

Thanks in advance, Flo

curl -v http://keystone.xxx.net:35357/v3/s3tokens
* About to connect() to keystone.xxx.net.de port 35357 (#0)
*   Trying 10.172.10.101...
* Connected to keystone.xxx.net (10.172.10.101) port 35357 (#0)
> GET /v3/s3tokens HTTP/1.1
> User-Agent: curl/7.29.0
> Host: keystone.xxx.net:35357
> Accept: */*
> 
< HTTP/1.1 404 Not Found
< Date: Fri, 08 Jun 2018 13:07:57 GMT
< Server: Apache
< Vary: X-Auth-Token
< x-openstack-request-id: req-b008cc75-fb0b-4f1a-9341-860f7d203ded
< X-Frame-Options: SAMEORIGIN
< Content-Length: 160
< Content-Type: application/json
< 
* Connection #0 to host keystone.xxx.net left intact
{"error": {"message": "(http://keystone.xxx.net:35357/v3/s3tokens): The resource could not be found.", "code": 404, "title": "Not Found"}}

Details

OpenStack version: Pike

Operating system: CentOS 7.4

Openstack Repository: centos-release-openstack-pike

keystone.conf

[DEFAULT]
debug = False
log_dir = /var/log/keystone
use_syslog = True
public_endpoint = https://keystone.xxx.net:5000
admin_endpoint = http://keystone.xxx.net:35357


transport_url = rabbit://netde_keystone:xxx@rabbitmq.xxx.net:5672/keystone

[assignment]
driver = sql

[auth]

methods = password,token

[cache]
backend = oslo_cache.memcache_pool
enabled = True
memcache_servers = memcache.xxx.net:11211

[credential]
key_repository = /etc/keystone/credential-keys

[database]
connection = mysql+pymysql://keystone:xxx@mysql.xxx.net/keystone
max_retries = -1

[fernet_tokens]
key_repository = /etc/keystone/fernet-keys
max_active_keys = 7

[identity]
driver = sql
default_domain_id = default

[oslo_messaging_rabbit]
ssl = False

[revoke]
caching = true
driver = sql
expiration_buffer = 3600
cache_time = 1800

[token]
enforce_token_bind = permissive
expiration = 43200
caching = true
cache_time = 3600
provider = fernet

keystone-paste.ini

[filter:debug]
use = egg:oslo.middleware#debug

[filter:request_id]
use = egg:oslo.middleware#request_id

[filter:build_auth_context]
use = egg:keystone#build_auth_context

[filter:token_auth]
use = egg:keystone#token_auth

[filter:json_body]
use = egg:keystone#json_body

[filter:cors]
use = egg:oslo.middleware#cors
oslo_config_project = keystone

[filter:http_proxy_to_wsgi]
use = egg:oslo.middleware#http_proxy_to_wsgi

[filter:healthcheck]
use = egg:oslo.middleware#healthcheck

[filter:ec2_extension]
use = egg:keystone#ec2_extension

[filter:ec2_extension_v3]
use = egg:keystone#ec2_extension_v3

[filter:s3_extension]
use = egg:keystone#s3_extension

[filter:url_normalize]
use = egg:keystone#url_normalize

[filter:sizelimit]
use = egg:oslo.middleware#sizelimit

[filter:osprofiler]
use = egg:osprofiler#osprofiler

[app:public_service]
use = egg:keystone#public_service

[app:service_v3]
use = egg:keystone#service_v3

[app:admin_service]
use = egg:keystone#admin_service

[pipeline:public_api]
# The last item in this pipeline must be public_service or an equivalent
# application. It cannot be a filter.
pipeline = healthcheck cors sizelimit http_proxy_to_wsgi osprofiler url_normalize request_id build_auth_context token_auth json_body ec2_extension public_service

[pipeline:admin_api]
# The last item in this pipeline must be admin_service or an equivalent
# application. It cannot be a filter.
pipeline = healthcheck cors sizelimit http_proxy_to_wsgi osprofiler url_normalize request_id build_auth_context token_auth json_body ec2_extension s3_extension admin_service

[pipeline:api_v3]
# The last item in this pipeline must be service_v3 or an equivalent
# application. It cannot be a filter.
pipeline = healthcheck cors sizelimit http_proxy_to_wsgi osprofiler url_normalize request_id build_auth_context token_auth json_body ec2_extension_v3 s3_extension service_v3

[app:public_version_service]
use = egg:keystone#public_version_service

[app:admin_version_service]
use = egg:keystone#admin_version_service

[pipeline ...
(more)
edit retag flag offensive close merge delete