Icehouse on 14.04 LTS, Unauthorized (HTTP 401) when running "nova image-list"
Hello,
I am following the install guide for Icehouse on Ubuntu LTS 14.04 (here: http://docs.openstack.org/icehouse/install-guide/install/apt/content/index.html).
I have installed and configured Nova per the guide, but am receiving an Unauthorized (HTTP 401)Error when I attempt to run "nova image-list"
Using command line arguments to rule out environment variable errors (no variables are set for OpenStack):
user@Controller-Test:~$ nova --os-username=nova --os-password=NOVA_PASS --os-tenant-name=service --os-auth-url=http://controller-test:35357/v2.0 image-list
ERROR: Unauthorized (HTTP 401)
And trying with keystone admin credentials:
user@Controller-Test:~$ nova --os-username=admin --os-password=ADMIN_PASS --os-tenant-name=admin --os-auth-url=http://controller-test:35357/v2.0 image-list
ERROR: Unauthorized (HTTP 401)
Commands from Keystone complete correctly with either set of credentials:
user@Controller-Test:~$ keystone --os-username=nova --os-password=NOVA_PASS --os-tenant-name=service --os-auth-url=http://controller-test:35357/v2.0 user-list
+----------------------------------+--------+---------+------------------------+
| id | name | enabled | email |
+----------------------------------+--------+---------+------------------------+
| 04cfac10ca2f47c698161428ddddd0b2 | admin | True | OSAdmin@example.net |
| 64f2eded7f0d46938b1e6b11b0a1cb4b | demo | True | OSdemo@example.net |
| 1e78938f407a4d3b86b04d18f25b6020 | glance | True | OSglance@example.net |
| 7446766030224696aa21a7ba409ee03a | nova | True | OSnova@example.net |
+----------------------------------+--------+---------+------------------------+
user@Controller-Test:~$keystone --os-username=admin --os-password=ADMIN_PASS --os-tenant-name=admin --os-auth-url=http://controller-test:35357/v2.0 user-list
+----------------------------------+--------+---------+------------------------+
| id | name | enabled | email |
+----------------------------------+--------+---------+------------------------+
| 04cfac10ca2f47c698161428ddddd0b2 | admin | True | OSAdmin@example.net |
| 64f2eded7f0d46938b1e6b11b0a1cb4b | demo | True | OSdemo@example.net |
| 1e78938f407a4d3b86b04d18f25b6020 | glance | True | OSglance@example.net |
| 7446766030224696aa21a7ba409ee03a | nova | True | OSnova@example.net |
+----------------------------------+--------+---------+------------------------+
As does asking glance for the image-list (I've removed characters from the ID Field for readability):
user@Controller-Test:~$ glance --os-username=nova --os-password=NOVA_PASS --os-tenant-name=service --os-auth-url=http://controller-test:35357/v2.0 image-list
+----------------------------+-------------+-------------+------------------+----------+--------+
| ID | Name | Disk Format | Container Format | Size | Status |
+----------------------------+-------------+-------------+------------------+----------+--------+
| 14b-437d-9188-cc9a62b937bc | CIRROS-Test | qcow2 | bare | 13167616 | active |
+----------------------------+-------------+-------------+------------------+----------+--------+
user@Controller-Test:~$ glance --os-username=admin --os-password=ADMIN_PASS --os-tenant-name=admin --os-auth-url=http://controller-test:35357/v2.0 image-list
+----------------------------+-------------+-------------+------------------+----------+--------+
| ID | Name | Disk Format | Container Format | Size | Status |
+----------------------------+-------------+-------------+------------------+----------+--------+
| 14b-437d-9188-cc9a62b937bc | CIRROS-Test | qcow2 | bare | 13167616 | active |
+----------------------------+-------------+-------------+------------------+----------+--------+
Searching Ask.Openstack gave me a few results for the error above gave me a few results with the Havana release, and they pointed to conflicts between the authentication information being passed via the command and/or environment variables (hence my clarification that not environment variables were set).
I've checked the files referenced in those posts (/etc/nova/nova.conf and /etc/nova/api-paste.ini) and not found anything out of the ordinary (like additional credentials in api-paste.ini)
nova.conf:
[DEFAULT]
dhcpbridge_flagfile=/etc/nova/nova.conf
dhcpbridge=/usr/bin/nova-dhcpbridge
logdir=/var/log/nova
state_path=/var/lib/nova
lock_path=/var/lock/nova
force_dhcp_release=True
iscsi_helper=tgtadm
libvirt_use_virtio_for_bridges=True
connection_type=libvirt
root_helper=sudo nova-rootwrap /etc/nova/rootwrap.conf
verbose=True
ec2_private_dns_show_ip=True
api_paste_config=/etc/nova/api-paste.ini
volumes_path=/var/lib/nova/volumes
enabled_apis=ec2,osapi_compute,metadata
# Authentication Strategy
auth_strategy = keystone
# RabbitMQ Authentication information
rpc_backend = rabbit
rabbit_host = controller-test
rabbit_password = RABBIT_PASS
# IP and VNC server information
my_ip = 172.31.1.200
vncserver_listen = 172.31.1.200
vncserver_proxyclient_address = 172.31.1.200
[database]
connection = mysql://nova:NOVA_DBPASS@controller-test/nova
[keystone_authoken]
auth_uri = http://controller-test:5000
auth_host = controller-test
auth_port = 35357
auth_protocol = http
admin_tenant_name = service
admin_user = nova
admin_password = NOVA_PASS
api-paste.ini:
############
# Metadata #
############
[composite:metadata]
use = egg:Paste#urlmap
/: meta
[pipeline:meta]
pipeline = ec2faultwrap logrequest metaapp
[app:metaapp]
paste ...
I got exactly the same error, did you find a solution ?