Ask Your Question
0

BadRequest: Specifying 'tenant_id' other than authenticated tenant neutron [closed]

asked 2015-01-12 17:56:49 -0500

foster gravatar image

updated 2015-01-13 15:23:41 -0500

rbowen gravatar image

I am getting this error BadRequest: Specifying 'tenant_id' other than authenticated tenant neutron) when creating instance (juno) on centos 7.

Output of keystone user-list:

+----------------------------------+---------+---------+-------------------+
|                id                |   name  | enabled |       email       |
+----------------------------------+---------+---------+-------------------+
| 11acab4a34134c48983f67f0b71a7ca8 |  admin  |   True  | vtladmin@noaa.gov |
| 4863b19205f24801ba6d07fea1911860 |   demo  |   True  |  vtldemo@noaa.gov |
| df6b07fbfe5244a5b063d166fbe4170d |  glance |   True  |                   |
| f7d7a44fbb1148bbb36589eab729072d | neutron |   True  |                   |
| b999fe55e6064dcca0970209ddd7f69e |   nova  |   True  |                   |
+----------------------------------+---------+---------+-------------------+

output of keystone tenant-list:

+----------------------------------+---------+---------+
|                id                |   name  | enabled |
+----------------------------------+---------+---------+
| 369017fe38824263ab65187748fa0939 |  admin  |   True  |
| 02179cc1b30f41aab0df1f1819c97af6 |   demo  |   True  |
| 3886a88ba0dc4996a775a4ff34b7c5ce | service |   True  |
+----------------------------------+---------+---------+

output of keystone role-list:

+----------------------------------+----------+
|                id                |   name   |
+----------------------------------+----------+
| 9fe2ff9ee4384b1894a90878d3e92bab | _member_ |
| 842d5520961148879d44dbfce7098d5c |  admin   |
+----------------------------------+----------+

I turned on debugging and get the following in the keystone log:

2015-01-12 11:08:13.370 24013 DEBUG keystone.middleware.core [-] RBAC: auth_context: {'is_delegated_auth': False, 'access_token_id': None, 'user_id': u'df6b07fbfe5244a5b063d166fbe4170d', 'roles': [u'admin'], 'trustee_id': None, 'trustor_id': None, 'consumer_id': None, 'token': <KeystoneToken (audit_id=Mkm4bsbZQJK57vjc3LhnGw, audit_chain_id=Mkm4bsbZQJK57vjc3LhnGw) at 0x4ac9cf0>, 'project_id': u'3886a88ba0dc4996a775a4ff34b7c5ce', 'trust_id': None} process_request /usr/lib/python2.7/site-packages/keystone/middleware/core.py:280
2015-01-12 11:08:13.400 24013 DEBUG keystone.common.wsgi [-] arg_dict: {} __call__ /usr/lib/python2.7/site-packages/keystone/common/wsgi.py:191
2015-01-12 11:08:13.400 24013 DEBUG keystone.common.controller [-] RBAC: Authorizing identity:validate_token() _build_policy_check_credentials /usr/lib/python2.7/site-packages/keystone/common/controller.py:55
2015-01-12 11:08:13.400 24013 DEBUG keystone.common.controller [-] RBAC: using auth context from the request environment _build_policy_check_credentials /usr/lib/python2.7/site-packages/keystone/common/controller.py:60
2015-01-12 11:08:13.403 24013 DEBUG keystone.common.kvs.core [-] KVS lock acquired for: os-revoke-events acquire /usr/lib/python2.7/site-packages/keystone/common/kvs/core.py:380
2015-01-12 11:08:13.404 24013 DEBUG keystone.common.kvs.core [-] KVS lock released for: os-revoke-events release /usr/lib/python2.7/site-packages/keystone/common/kvs/core.py:399
2015-01-12 11:08:13.405 24013 DEBUG keystone.policy.backends.rules [-] enforce identity:validate_token: {'is_delegated_auth': False, 'access_token_id': None, 'user_id': u'df6b07fbfe5244a5b063d166fbe4170d', 'roles': [u'admin'], 'trustee_id': None, 'trustor_id': None, 'consumer_id': None, 'token': <KeystoneToken (audit_id=Mkm4bsbZQJK57vjc3LhnGw, audit_chain_id=Mkm4bsbZQJK57vjc3LhnGw) at 0x4ac9cf0>, 'project_id': u'3886a88ba0dc4996a775a4ff34b7c5ce', 'trust_id': None} enforce /usr/lib/python2.7/site-packages/keystone/policy/backends/rules.py:100
2015-01-12 11:08:13.408 24013 DEBUG keystone.common.controller [-] RBAC: Authorization granted inner /usr/lib/python2.7/site-packages/keystone/common/controller.py:155
@

I looked at one other post on this issue but I don't know if that solution applies to Juno.

Any help would be appreciated.

edit retag flag offensive reopen merge delete

Closed for the following reason the question is answered, right answer was accepted by foster
close date 2015-01-14 11:32:30.923545

Comments

It looks like somethings wrong with keystone, but I don't know how to troubleshoot this problem. When I run the keystone user-list I can see my users, but when I run keystone user-role-list --user <name> I get nothing, and when I look in the keystone.log file I see could not find user <name>.

foster gravatar imagefoster ( 2015-01-13 08:47:22 -0500 )edit

I have also tried to recreate the user using the user-id, tenant-id and project-id and still the same issue..using link: https://ask.openstack.org/en/question/53124/keystone-user-role-add-gives-error-could-not-find-user-admin/ (https://ask.openstack.org/en/question...)

foster gravatar imagefoster ( 2015-01-13 08:48:27 -0500 )edit

1 answer

Sort by ยป oldest newest most voted
0

answered 2015-01-14 11:31:32 -0500

foster gravatar image

updated 2015-01-14 11:32:02 -0500

I fixed this issue. The problem was not following the guide..I was missing some important data inside the neutron and keystone file.

Thanks!

edit flag offensive delete link more

Comments

Hey, I'm encountering exactly the same problem right now and I think I was strictly following the installation guide. Could you point out what data inside neutron and keystone were you missing? Many thanks!

guoger gravatar imageguoger ( 2015-05-06 22:20:41 -0500 )edit
1

Hi guoger, I have been facing the same issue. I was missing something in the configuration files of nova on the compute node. Check that the parameter 'admin_tenant_name' is set with the right value! (in my case : admin_tenant_name = service)

ismael gravatar imageismael ( 2015-05-28 07:04:13 -0500 )edit

Get to know Ask OpenStack

Resources for moderators

Question Tools

2 followers

Stats

Asked: 2015-01-12 17:56:49 -0500

Seen: 429 times

Last updated: Jan 14 '15