Ask Your Question
0

"Unable to retrieve authorized projects." error at the login screen

asked 2014-03-04 07:56:05 -0600

ogzy gravatar image

Although i have a single controller running mysql, rabbitmq, keystone, nova-x (api, ...), when ever i tried to login to the dashboard i get the error displaying "Unable to retrieve authorized projects.". Seems i have tenant definitions and roles also

$ keystone user-role-list
+----------------------------------+----------+----------------------------------+----------------------------------+
|                id                |   name   |             user_id              |            tenant_id             |
+----------------------------------+----------+----------------------------------+----------------------------------+
| 9fe2ff9ee4384b1894a90878d3e92bab | _member_ | cfd29265dd4845109df81852efc67e86 | 6822bbb9e4484bf0a7d43524489a01d8 |
| cfd79cbe87ad44de96aed67269d885c6 |  admin   | cfd29265dd4845109df81852efc67e86 | 6822bbb9e4484bf0a7d43524489a01d8 |
+----------------------------------+----------+----------------------------------+----------------------------------+

$ keystone tenant-list
+----------------------------------+-----------+---------+
|                id                |    name   | enabled |
+----------------------------------+-----------+---------+
| 6822bbb9e4484bf0a7d43524489a01d8 |   admin   |   True  |
| 786bae3330a14e9fbcab17b0e4be98c5 | openstack |   True  |
| 0968f82c1311453ba032bc6020fe0b51 |  service  |   True  |
+----------------------------------+-----------+---------+

sourced environment variables before the keystone command is run:

$ cat environment.rc 
# COMMON OPENSTACK ENVS
export OS_USERNAME=admin
export OS_PASSWORD=crowbar
export OS_TENANT_NAME=admin
export OS_AUTH_URL=http://d00-1e-4f-3d-ce-8b.foo.net.tr:5000/v2.0
export OS_AUTH_STRATEGY=keystone export OS_NO_CACHE=1

# LEGACY NOVA ENVS
export NOVA_USERNAME=${OS_USERNAME}
export NOVA_PROJECT_ID=${OS_TENANT_NAME}
export NOVA_PASSWORD=${OS_PASSWORD}
export NOVA_API_KEY=${OS_PASSWORD}
export NOVA_URL=${OS_AUTH_URL}
export NOVA_VERSION=1.1
export NOVA_REGION_NAME=RegionOne

$ curl -d '{"auth":{"passwordCredentials":{"username": "admin", "password": "crowbar"}}}' -H "Content-type: application/json" http://d00-1e-4f-3d-ce-8b.foo.net.tr:5000/v2.0/tokens 2>/dev/null|python -mjson.tool
{
    "access": {
        "metadata": {
            "is_admin": 0, 
            "roles": []
        }, 
        "serviceCatalog": [], 
        "token": {
            "expires": "2014-03-05T13:53:11Z", 
            "id": "MIIC8QYJKoZIhvcNAQcCoIIC4jCCAt4CAQExCTAHBgUrDgMCGjCCAUcGCSqGSIb3DQEHAaCCATgEggE0eyJhY2Nlc3MiOiB7InRva2VuIjogeyJpc3N1ZWRfYXQiOiAiMjAxNC0wMy0wNFQxMzo1MzoxMS44MjYzNTAiLCAiZXhwaXJlcyI6ICIyMDE0LTAzLTA1VDEzOjUzOjExWiIsICJpZCI6ICJwbGFjZWhvbGRlciJ9LCAic2VydmljZUNhdGFsb2ciOiBbXSwgInVzZXIiOiB7InVzZXJuYW1lIjogImFkbWluIiwgInJvbGVzX2xpbmtzIjogW10sICJpZCI6ICJjZmQyOTI2NWRkNDg0NTEwOWRmODE4NTJlZmM2N2U4NiIsICJyb2xlcyI6IFtdLCAibmFtZSI6ICJhZG1pbiJ9LCAibWV0YWRhdGEiOiB7ImlzX2FkbWluIjogMCwgInJvbGVzIjogW119fX0xggGBMIIBfQIBATBcMFcxCzAJBgNVBAYTAlVTMQ4wDAYDVQQIDAVVbnNldDEOMAwGA1UEBwwFVW5zZXQxDjAMBgNVBAoMBVVuc2V0MRgwFgYDVQQDDA93d3cuZXhhbXBsZS5jb20CAQEwBwYFKw4DAhowDQYJKoZIhvcNAQEBBQAEggEADJC3VKshlaCPow0u-rb+kUGZGJRCqM5Enr1NUZw7nDDHzan2Py+Y3PNhnkup78RHnU6Q4H4IEisJKI1Vd1xEPorQ6py6HRKHhMKnaa3kENQHeBo+0CxvAPbYTzcEOPyuB1vSR2a9lqMDK2InW2QqAmmueIMT55qArKTFNhlI2WXuoFm3OmyDrUU0yR9U5uvthyxvBK6ySK2oRrNXkG2HLI9trDS9esEV4ATsAwzXF0b5WnDstX9TSHn2vOi8cXNGCF+tgjDYIEwe7hSsTkPXV02oaP3gLkvJNJ-p2RQEhAr2ECPpKqnw+16+oFl81NePQVa4sCZz8RBmTDSCEiJSVA==", 
            "issued_at": "2014-03-04T13:53:11.826350"
        }, 
        "user": {
            "id": "cfd29265dd4845109df81852efc67e86", 
            "name": "admin", 
            "roles": [], 
            "roles_links": [], 
            "username": "admin"
        }
    }
}

And below one is the keystone.log whenever i tried to log in from web ui:

Any idea what can be the reason?

2014-03-04 13:54:27.476 3645 DEBUG routes.middleware [-] Matched POST /tokens __call__ /usr/lib/python2.7/dist-packages/routes/middleware.py:100
2014-03-04 13:54:27.476 3645 DEBUG routes.middleware [-] Route path: '{path_info:.*}', defaults: {'controller': <keystone.contrib.s3.core.S3Extension object at 0x346aed0>} __call__ /usr/lib/python2.7/dist-packages/routes/middleware.py:102
2014-03-04 13:54:27.476 3645 DEBUG routes.middleware [-] Match dict: {'controller': <keystone.contrib.s3.core.S3Extension object at 0x346aed0>, 'path_info': '/tokens'} __call__ /usr/lib/python2.7/dist-packages/routes/middleware.py:103
2014-03-04 13:54:27.477 3645 DEBUG routes.middleware [-] Matched POST /tokens __call__ /usr/lib/python2.7/dist-packages/routes/middleware.py:100
2014-03-04 13:54:27.477 3645 DEBUG routes.middleware [-] Route path: '{path_info:.*}', defaults: {'controller': <keystone.contrib.admin_crud.core.CrudExtension object at 0x34659d0>} __call__ /usr/lib/python2.7/dist-packages/routes/middleware.py:102
2014-03-04 13:54:27.477 3645 DEBUG routes.middleware [-] Match dict: {'controller': <keystone.contrib.admin_crud.core.CrudExtension object at 0x34659d0>, 'path_info': '/tokens'} __call__ /usr/lib/python2.7/dist-packages/routes/middleware.py:103
2014-03-04 13:54:27.478 3645 DEBUG routes.middleware [-] Matched POST /tokens __call__ /usr/lib/python2.7/dist-packages/routes/middleware.py:100
2014-03-04 13:54:27.478 3645 DEBUG routes.middleware [-] Route path: '{path_info:.*}', defaults: {'controller': <keystone.common.wsgi.ComposingRouter object at 0x3465fd0>} __call__ /usr/lib/python2.7/dist-packages/routes/middleware.py:102
2014-03-04 13:54:27.478 3645 DEBUG routes.middleware [-] Match dict: {'controller': <keystone.common.wsgi.ComposingRouter object at 0x3465fd0>, 'path_info': '/tokens'} __call__ /usr/lib/python2.7/dist-packages/routes/middleware.py:103
2014-03-04 13:54:27.479 3645 DEBUG routes.middleware [-] Matched POST /tokens __call__ /usr/lib/python2.7/dist-packages/routes/middleware.py:100
2014-03-04 13:54:27.479 3645 DEBUG ...
(more)
edit retag flag offensive close merge delete

Comments

which security you are using ? nova or neutron ? There may be some there. Check it

dheeru gravatar imagedheeru ( 2014-03-04 08:19:50 -0600 )edit

I am using Neutron. But i am at the stage of not being able to log in to the dashboard?!

ogzy gravatar imageogzy ( 2014-03-05 01:18:54 -0600 )edit

Also Apache error log: http://dpaste.com/1689947/%3C/p%3E (http://dpaste.com/1689947/)

ogzy gravatar imageogzy ( 2014-03-05 05:23:16 -0600 )edit

1 answer

Sort by ยป oldest newest most voted
0

answered 2017-05-12 06:58:25 -0600

Eric Rakotonirina gravatar image

updated 2017-05-12 07:20:40 -0600

I've also the same problem actually.

Newton, RDO, Centos 7

My config is 3 newton controller nodes for HA. I've followed the reference script with Pacemaker for the install process. I tried to use 5000 or 35357 ports in horizon conf but still unsuccessfull.

I've just installed keystone and horizon and nothing more.

My conf:

+-----------+------------------------------+
| interface | url                          |
+-----------+------------------------------+
| internal  | http://vip-keystone:5000/v3  |
| admin     | http://vip-keystone:35357/v3 |
| public    | http://vip-keystone:5000/v3  |
+-----------+------------------------------+



    openstack user create --password admin_pass admin
    openstack role create admin
    openstack project create admin
    openstack role add --project admin --user admin admin

using the same admin credentials on cli:

[root@controller1 ~(keystone_adminv3)]# openstack service list
+----------------------------------+------------+----------------+
| ID                               | Name       | Type           |
+----------------------------------+------------+----------------+
| 01719e652ca64da3a2402ed1dcabddf6 | cinderv2   | volumev2       |
| 05aef038414449c0ae83b893af1dcb24 | heat-cfn   | cloudformation |
| 19078449957243baabb44e99ab314ec2 | compute    | compute        |
| 19ad89e2f99f4767aef8baddf65c4549 | cinder     | volume         |
| 4502de38ff59460aa0c36a1013db87ac | glance     | image          |
| 57cd494ac1134ff6b9f0a96a11612a46 | swift      | object-store   |
| 70054ceb28074501aa1905e39077d2c8 | keystone   | identity       |
| 9babc41b5d884faeab507bb64fe47bef | neutron    | network        |
| eaecd983a6904a5094352b61cfdcc7b7 | heat       | orchestration  |
| f26a5e39e69741a2924e1a1f9d447b70 | ceilometer | metering       |
+----------------------------------+------------+----------------+

i'm able to do queries. And also with othe users. but when i do this next command, projects are not found:

[root@controller1 ~(keystone_adminv3)]# openstack user list --long +----------------------------------+------------+---------+-------+---------+ | ID | Name | Project | Email | Enabled | +----------------------------------+------------+---------+-------+---------+ | a279ccb6173d4d789a17ba12fa7226b5 | admin | | None | True | | 919f8bee37f24f3b853dbe9e4da8aa6a | demo | | None | True | | cdffdd3d87aa4648ab5d8f64bc47db65 | glance | | None | True | | bb7698f91d904660a3b9110729227342 | cinder | | None | True | | 376f1bf6883c4f8a9a67da869f49376b | swift | | None | True | | 01c0a3bcb7d44bbcbbb516115953d828 | neutron | | None | True | | e56ab5182ef4449fbc841a02e89a04dd | compute | | None | True | | a8e46b4921bd44e3959472d7fe921af0 | heat | | None | True | | 7da64ceb10f343b080ee5af2e94da9fe | ceilometer | | None | True | | 3328d81298454873879252668bb72161 | eric | | None | True | +----------------------------------+------------+---------+-------+---------+

also, when i try to recreate it:

[root@controller1 ~(keystone_adminv3)]# openstack project create admin Conflict occurred attempting to store project - it is not permitted to have two projects with the same name in the same domain : admin (HTTP 409) (Request-ID: req-250236d8-88ff-4931-951a-8444cff1243a)

it seeems that the project is present but i cannot see it.

Any suggestions?

Is this a keystone problem or an horizon problem? or both

regards,

Eric

edit flag offensive delete link more

Your Answer

Please start posting anonymously - your entry will be published after you log in or create a new account.

Add Answer

Get to know Ask OpenStack

Resources for moderators

Question Tools

1 follower

Stats

Asked: 2014-03-04 07:56:05 -0600

Seen: 2,108 times

Last updated: May 12 '17