Ask Your Question

Neutron command - Fails as Forbidden

asked 2014-02-18 11:13:04 -0500

johnpaulmp gravatar image

Need some help in getting neutron running. Installed openstack with packstack -allinone command successfully. All the nova commands from cli run without any trouble. But any command to neutron ( neutron net-list, neutron agent-list ...) returns failure "Forbidden" . I checked the nova.conf ( for neutron section ) neutron.conf (keystone auth section ) api-paste.ini files; admin user,password and tenant information are matching.

Any help in getting this configuration corrected is appreciated.

thanks John

edit retag flag offensive close merge delete


can you paste nova.conf, neutron.conf and paste.conf in

dheeru gravatar imagedheeru ( 2014-02-18 11:18:19 -0500 )edit

@ dheeru Thanks for helping out. Sorry I didn't give enough information Contents of the nova neutron and api-paste.ini are pasted in Paste #67163 Details of nova commands that I run and neutron commands I tried with admin credential and services credentials are available in Paste #67164.

johnpaulmp gravatar imagejohnpaulmp ( 2014-02-19 00:32:07 -0500 )edit

I saw the configuration. It looks ok to me. I suspect the issue with role given to user neutron and tenant services. Is it added with admin role ? Credentials is not a issue.

dheeru gravatar imagedheeru ( 2014-02-19 01:09:43 -0500 )edit

I believe it does have admin access. Added Keystone output in the Paste #67196 Sorry for keep bothering, Curious what might have gone wrong.

johnpaulmp gravatar imagejohnpaulmp ( 2014-02-19 02:46:28 -0500 )edit

Hope you have curl installed. Can you try running the following curl command 1. curl -i -X POST -H "Content-Type: application/json" -H "Accept: application/json" -H "User-Agent: python-neutronclient" -d '{"auth": {"tenantName": "services", "passwordCredentials": {"username": "neutron", "password": "512e6a2f7d854ebc"}}}' 2. Try with admin user as well 3. Give me output of 'keystone endpoint-list'. 4. Can you telnet to neutron server ? "telnet <ip> port". Does this work ?. If it is ok, let us have chat live chat session and close this issue. It will be good if you can paste the configuration files ?

dheeru gravatar imagedheeru ( 2014-02-19 02:59:01 -0500 )edit

1 answer

Sort by ยป oldest newest most voted

answered 2014-02-18 11:35:48 -0500

Try loading your keystonerc_admin file before you run the commands.

# . ~/keystonerc_admin

This loads your authentication details into the environment. You should be able to run commands like these now.

(keystonerc_admin)# neutron net-list
edit flag offensive delete link more


Thanks Mithilarun for replying. I have added some commands and output in Paste#67164.

johnpaulmp gravatar imagejohnpaulmp ( 2014-02-19 00:33:44 -0500 )edit

Get to know Ask OpenStack

Resources for moderators

Question Tools


Asked: 2014-02-18 11:13:04 -0500

Seen: 267 times

Last updated: Feb 18 '14