Dashboard with Keystone over SSL
Hello everyone,
I am using Grizzly on CentOS 6.4. I am mainly interested in Swift, Keystone, and the Dashboard service. The other services are irrelevant to me. I understand that Dashboard requires Compute and Glance to avoid completely hacking the customization code. I have Glance and Compute running in a virtual environment, but they are essentially just dummy services. They are properly registered in Keystone though. Keystone and Swift work well on their own.
I am having an issue with Dashboard even logging in when Keystone is configured to use SSL. I have edited the /etc/openstack-dashboard/local_settings file:
OPENSTACK_HOST = "keystone1.domain.local"
OPENSTACK_KEYSTONE_URL = "https://%s:5000/v2.0" % OPENSTACK_HOST
OPENSTACK_KEYSTONE_DEFAULT_ROLE = "Member"
I am able to bring up the login page for Dashboard. It appears to authenticate, but never loads and is perpetually stuck at the Login screen. The following can be found in the httpd error_log file. Notice that Dashboard initially makes three HTTPS calls to the correct Keystone server. It also appears to authenticate just fine, since if I don't use the correct password, it tells me that authentication has failed immediately (This is evident in the log below). At the end, Dashboard seems to default to HTTP to connect to the Keystone server, my guess is to pull the service catalog. I am not seeing anywhere to change this behavior. Can anyone help please?
[Thu Sep 05 16:17:03 2013] [error] DEBUG:openstack_auth.backend:Beginning user authentication for user "admin".
[Thu Sep 05 16:17:03 2013] [error] INFO:urllib3.connectionpool:Starting new HTTPS connection (1): keystone1.domain.local
[Thu Sep 05 16:17:04 2013] [error] DEBUG:urllib3.connectionpool:"POST /v2.0/tokens HTTP/1.1" 401 None
[Thu Sep 05 16:17:04 2013] [error] Request returned failure status: 401
[Thu Sep 05 16:17:04 2013] [error] Authorization Failed.
[Thu Sep 05 16:17:04 2013] [error] DEBUG:openstack_auth.backend:Unable to communicate with identity service: {"error": {"message": "The request you
have made requires authentication.", "code": 401, "title": "Not Authorized"}}.
[Thu Sep 05 16:17:09 2013] [error] DEBUG:openstack_auth.backend:Beginning user authentication for user "admin".
[Thu Sep 05 16:17:09 2013] [error] INFO:urllib3.connectionpool:Starting new HTTPS connection (1): keystone1.domain.local
[Thu Sep 05 16:17:10 2013] [error] DEBUG:urllib3.connectionpool:"POST /v2.0/tokens HTTP/1.1" 200 None
[Thu Sep 05 16:17:10 2013] [error] INFO:urllib3.connectionpool:Starting new HTTPS connection (1): keystone1.domain.local
[Thu Sep 05 16:17:10 2013] [error] DEBUG:urllib3.connectionpool:"GET /v2.0/tenants HTTP/1.1" 200 None
[Thu Sep 05 16:17:10 2013] [error] INFO:urllib3.connectionpool:Starting new HTTPS connection (1): keystone1.domain.local
[Thu Sep 05 16:17:10 2013] [error] DEBUG:urllib3.connectionpool:"POST /v2.0/tokens HTTP/1.1" 200 None
[Thu Sep 05 16:17:10 2013] [error] INFO:urllib3.connectionpool:Starting new HTTP connection (1): keystone1.domain.local
[Thu Sep 05 16:17:10 2013] [error ...