Ask Your Question
0

When logged in to openstack-dashboard got error "Unable to get service,usage info"

asked 2011-12-07 12:26:28 -0500

piyadol-h gravatar image

I've installed openstack-dashboard from https://github.com/openstack/horizon everything is fine until I've logged in to openstack-dashboard it's say

Error: Unable to get service info: This server could not verify that you are authorized to access the document you requested. Either you supplied the wrong credentials (e.g., bad password), or your browser does not understand how to supply the credentials required.

Error: Unable to get usage info: This server could not verify that you are authorized to access the document you requested. Either you supplied the wrong credentials (e.g., bad password), or your browser does not understand how to supply the credentials required.

There are 2 errors that says Unable to get service&usage info I've tried in everyway but can't solved my problem.

edit retag flag offensive close merge delete

9 answers

Sort by ยป oldest newest most voted
0

answered 2011-12-14 09:25:34 -0500

Same Error here in Switzerland...

edit flag offensive delete link more
0

answered 2011-12-08 06:47:09 -0500

piyadol-h gravatar image

Thanks for your answered Gabriel but I've already checked all config files but still got the same error.Here is my config file keystone.conf,nova.conf,api-pase.ini

##Keystone.conf##

[DEFAULT]

Show more verbose log output (sets INFO log level output)

verbose = False

Show debugging output in logs (sets DEBUG log level output)

debug = False

Which backend store should Keystone use by default.

Default: 'sqlite'

Available choices are 'sqlite' [future will include LDAP, PAM, etc]

default_store = sqlite

Log to this file. Make sure you do not set the same log

file for both the API and registry servers!

log_file = keystone.log log_dir = .

List of backends to be configured

backends = keystone.backends.sqlalchemy #For LDAP support, add: ,keystone.backends.ldap

Dictionary Maps every service to a header.Missing services would get header

X_(SERVICE_NAME) Key => Service Name, Value => Header Name

service-header-mappings = { 'nova' : 'X-Server-Management-Url', 'swift' : 'X-Storage-Url', 'cdn' : 'X-CDN-Management-Url'}

#List of extensions currently loaded. #Refer docs for list of supported extensions. extensions= osksadm,oskscatalog

Address to bind the API server

TODO Properties defined within app not available via pipeline.

service_host = 0.0.0.0

Port the bind the API server to

service_port = 5000

SSL for API server

service_ssl = False

Address to bind the Admin API server

admin_host = 0.0.0.0

Port the bind the Admin API server to

admin_port = 35357

SSL for API Admin server

admin_ssl = False

Keystone certificate file (modify as needed)

Only required if *_ssl is set to True

certfile = /etc/keystone/ssl/certs/keystone.pem

Keystone private key file (modify as needed)

Only required if *_ssl is set to True

keyfile = /etc/keystone/ssl/private/keystonekey.pem

Keystone trusted CA certificates (modify as needed)

Only required if *_ssl is set to True

ca_certs = /etc/keystone/ssl/certs/ca.pem

Client certificate required

Only relevant if *_ssl is set to True

cert_required = True

#Role that allows to perform admin operations. keystone-admin-role = Admin

#Role that allows to perform service admin operations. keystone-service-admin-role = KeystoneServiceAdmin

#Tells whether password user need to be hashed in the backend hash-password = True

[keystone.backends.sqlalchemy]

SQLAlchemy connection string for the reference implementation registry

server. Any valid SQLAlchemy connection string is fine.

See: http://bit.ly/ideIpI

sql_connection = mysql://keystone:keystonedbadmin@172.0.0.1/keystone backend_entities = ['UserRoleAssociation', 'Endpoints', 'Role', 'Tenant', 'User', 'Credentials', 'EndpointTemplates', 'Token', 'Service']

Period in seconds after which SQLAlchemy should reestablish its connection

to the database.

sql_idle_timeout = 30

[pipeline:admin] pipeline = urlrewritefilter admin_api

[pipeline:keystone-legacy-auth] pipeline = urlrewritefilter legacy_auth service_api

[app:service_api] paste.app_factory = keystone.server:service_app_factory

[app:admin_api] paste.app_factory = keystone.server:admin_app_factory

[filter:urlrewritefilter] paste.filter_factory = keystone.middleware.url:filter_factory

[filter:legacy_auth] paste.filter_factory = keystone.frontends.legacy_token_auth:filter_factory

[filter:debug] paste.filter_factory = keystone.common.wsgi:debug_filter_factory

nova.conf

configured using KVM, Flat, MySQL, and Glance, API is OpenStack (or EC2)

--daemonize=1 --dhcpbridge_flagfile=/etc/nova/nova.conf --dhcpbridge=/usr/bin/nova-dhcpbridge --flat_network_bridge=br100 --lock_path=/var/lock/nova --logdir=/var/log/nova --state_path=/var/lib/nova --verbose --use_deprecated_auth --network_manager=nova.network.manager.FlatDHCPManager --sql_connection=mysql://nova:novadbadmin@172.0.0.1/nova --osapi_host ... (more)

edit flag offensive delete link more
0

answered 2011-12-07 19:00:18 -0500

gabriel-hurley gravatar image

This error is related to the rest of your openstack deployment. It is most often caused by mismatched service tokens between nova, keystone, etc. but similar errors can also be raised by failure to have the openstackx extensions properly installed with nova or bad service endpoint data in keystone causing connection errors.

My first suggestion, though, would be to check all your conf/proxy server files (nova, keystone, glance, etc.) and make sure they match the correct admin service token defined by keystone.

edit flag offensive delete link more
0

answered 2012-02-21 10:49:03 -0500

Hi, modifying /etc/nova/api-paste.ini did help to remove the first error you mentioned. thanks for that.

how did you fix the error "Unable to get usage info: [Errno 111] ECONNREFUSED" ?

edit flag offensive delete link more
0

answered 2011-12-14 19:15:47 -0500

Got it!!!

Just need to change in /etc/nova/api-paste.ini the following

from: [pipeline:openstackapi10]

pipeline = faultwrap noauth ratelimit osapiapp10

NOTE(vish): use the following pipeline for deprecated auth

#pipeline = faultwrap auth ratelimit osapiapp10

[pipeline:openstackapi11]

pipeline = faultwrap noauth ratelimit extensions osapiapp11

NOTE(vish): use the following pipeline for deprecated auth

pipeline = faultwrap auth ratelimit extensions osapiapp11

to: [pipeline:openstackapi10] pipeline = faultwrap noauth ratelimit osapiapp10

NOTE(vish): use the following pipeline for deprecated auth

#pipeline = faultwrap auth ratelimit osapiapp10

[pipeline:openstackapi11] pipeline = faultwrap noauth ratelimit extensions osapiapp11

NOTE(vish): use the following pipeline for deprecated auth

#pipeline = faultwrap auth ratelimit extensions osapiapp11

and

from: [pipeline:ec2cloud]

pipeline = logrequest ec2noauth cloudrequest authorizer ec2executor

NOTE(vish): use the following pipeline for deprecated auth

pipeline = logrequest authenticate cloudrequest authorizer ec2executor

[pipeline:ec2admin]

pipeline = logrequest ec2noauth adminrequest authorizer ec2executor

NOTE(vish): use the following pipeline for deprecated auth

pipeline = logrequest authenticate adminrequest authorizer ec2executor

to:

[pipeline:ec2cloud] pipeline = logrequest ec2noauth cloudrequest authorizer ec2executor

NOTE(vish): use the following pipeline for deprecated auth

#pipeline = logrequest authenticate cloudrequest authorizer ec2executor

[pipeline:ec2admin] pipeline = logrequest ec2noauth adminrequest authorizer ec2executor

NOTE(vish): use the following pipeline for deprecated auth

#pipeline = logrequest authenticate adminrequest authorizer ec2executor

edit flag offensive delete link more
0

answered 2011-12-14 18:59:00 -0500

Hey folks...

I've worked many hours in this issue with no progress... The whole infrastructure is working perfectly...

I'm working on a simple installerscript located here: https://github.com/tspycher/CloudInstaller/issues/2 (https://github.com/tspycher/CloudInst...)

edit flag offensive delete link more
0

answered 2011-12-14 10:02:49 -0500

Oukay Port 8774 is the osapi port. Looks like my setting for osapi osapi_extensions_path is wrong...

edit flag offensive delete link more
0

answered 2011-12-14 09:58:59 -0500

Thanks for your fast reply I've just tested your advice. The Message in Dashboard changed now: Unable to get service info: [Errno 111] ECONNREFUSED

Checking to logs tells me the following:

DEBUG:django_openstack.api:extras_api connection created using token "7df0ae9b-6f0a-478e-950b-e9f2b3dc446a" and url "http://192.168.77.135:8774/v1.1/2" ERROR:django_openstack.api:ApiException fetching usage list in instance usage on date range "2011-12-01 00:00:00 to 2011-12-14 09:56:34.233693" Traceback (most recent call last): File "/usr/share/openstack-dashboard-dev/django-openstack/django_openstack/api.py", line 1021, in usage datetime_end) File "/usr/share/openstack-dashboard-dev/django-openstack/django_openstack/api.py", line 324, in inner return f(args, *kwargs) File "/usr/share/openstack-dashboard-dev/django-openstack/django_openstack/api.py", line 719, in usage_list return [Usage(u) for u in extras_api(request).usage.list(start, end)] File "/usr/share/openstack-dashboard-dev/openstack-dashboard/.dashboard-venv/src/openstackx/openstackx/extras/usage.py", line 12, in list return self._list("/extras/usage?start=%s&end=%s" % (start.isoformat(), end.isoformat()), "usage") File "/usr/share/openstack-dashboard-dev/openstack-dashboard/.dashboard-venv/src/openstackx/openstackx/api/base.py", line 27, in _list resp, body = self.api.connection.get(url) File "/usr/share/openstack-dashboard-dev/openstack-dashboard/.dashboard-venv/src/openstackx/openstackx/api/connection.py", line 78, in get return self._cs_request(url, 'GET', *kwargs) File "/usr/share/openstack-dashboard-dev/openstack-dashboard/.dashboard-venv/src/openstackx/openstackx/api/connection.py", line 63, in _cs_request *kwargs) File "/usr/share/openstack-dashboard-dev/openstack-dashboard/.dashboard-venv/src/openstackx/openstackx/api/connection.py", line 48, in request raise exceptions.from_response(resp, body) BadRequest: [Errno 111] ECONNREFUSED (HTTP 400)

edit flag offensive delete link more
0

answered 2011-12-14 09:39:58 -0500

gabriel-hurley gravatar image

A second thought is that this could also be related to the openstackx nova extensions being configured. Despite openstackx being deprecated it is not completely excised from the horizon codebase yet (the nova API doesn't support everything openstackx did yet).

Off the top of my head, with devstack's directory structure as a reference, on diablo nova you needed to make sure --osapi_extensions_path=/opt/stack/openstackx/extensions in nova.conf.

I believe the flag name changed in essex nova, though. You should consult the current nova/devstack docs for what the right thing to set is.

Hopefully that helps this time!

edit flag offensive delete link more

Your Answer

Please start posting anonymously - your entry will be published after you log in or create a new account.

Add Answer

Get to know Ask OpenStack

Resources for moderators

Question Tools

1 follower

Stats

Asked: 2011-12-07 12:26:28 -0500

Seen: 408 times

Last updated: Feb 21 '12