Ask Your Question
0

cinder list ERROR: Unauthorized (HTTP 401)

asked 2016-02-21 21:48:14 -0500

slosh_liuxin gravatar image

updated 2016-02-21 21:51:39 -0500

Hi, i have problems on openstack kilo.When glance image-list is fine,but cinder list is no fine.This is info:

 - DEBUG:keystoneclient.session:REQ: curl -g -i -X GET http://controller:35357/v3 -H "Accept: application/json" -H    "User-Agent: python-keystoneclient"
  DEBUG:keystoneclient.session:RESP: [200] content-length: 250 vary: X-Auth-Token server: Apache/2.4.6 (CentOS)     mod_wsgi/3.4 Python/2.7.5 date: Mon, 22 Feb 2016 03:42:53 GMT content-type: application/json x-openstack-request-    id: req-13f9a1c1-fbbc-41a4-96cd-9dd6ab786954 
 RESP BODY: {"version": {"status": "stable", "updated": "2015-03-30T00:00:00Z", "media-types": [{"base":     "application/json", "type": "application/vnd.openstack.identity-v3+json"}], "id": "v3.4", "links": [{"href":      "http://controller:35357/v3/", "rel": "self"}]}}

   DEBUG:keystoneclient.auth.identity.v3.base:Making authentication request to http://controller:35357/v3/auth/tokens
   DEBUG:keystoneclient.session:REQ: curl -g -i -X GET http://controller:8776/ -H "Accept: application/json" -H "User-Agent: python-keystoneclient"
   DEBUG:keystoneclient.session:RESP: [200] date: Mon, 22 Feb 2016 03:42:53 GMT content-length: 292 content-type: application/json 
  RESP BODY: {"versions": [{"status": "SUPPORTED", "updated": "2014-06-28T12:20:21Z", "id": "v1.0", "links": [{"href": "http://controller:8776/v1/", "rel": "self"}]}, {"status": "CURRENT", "updated": "2012-11-21T11:33:21Z", "id": "v2.0", "links": [{"href": "http://controller:8776/v2/", "rel": "self"}]}]}

   DEBUG:keystoneclient.auth.identity.v3.base:Making authentication request to http://controller:35357/v3/auth/tokens
   DEBUG:keystoneclient.session:REQ: curl -g -i -X GET http://controller:8776/v2/de8fe81c89d44356846a7b8aec82eb56/os-services -H "User-Agent: python-cinderclient" -H "Accept: application/json" -H "X-Auth-Token:     {SHA1}8ad0a4fa35f238a746a8d0cdbc5a1ce3f8ea24b5"
   DEBUG:keystoneclient.session:RESP:
   DEBUG:keystoneclient.auth.identity.v3.base:Making authentication request to    http://controller:35357/v3/auth/tokens
  DEBUG:keystoneclient.session:RESP:
  ERROR: Unauthorized (HTTP 401)

  It is always called Unauthorized ,here is the error log:
   Feb 22 11:45:19 controller01 cinder-api: 2016-02-22 11:45:19.397 6683 ERROR keystonemiddleware.auth_token [-] Bad     response code while validating token: 400
   Feb 22 11:45:19 controller01 cinder-api: 2016-02-22 11:45:19.398 6683 WARNING keystonemiddleware.auth_token [-]    Identity response: {"error": {"message": "Expecting to find domain in project - the server could not comply with the    request since it is either malformed or otherwise incorrect. The client is assumed to be in error.", "code": 400, "title":    "Bad Request"}}
   Feb 22 11:45:19 controller01 cinder-api: 2016-02-22 11:45:19.398 6683 WARNING keystonemiddleware.auth_token [-] Authorization failed for token



 And this is the cinder.conf with keystone:
  [keystone_authtoken]
  auth_uri = http://controller:5000
  auth_url = http://controller:35357
  auth_plugin=password
  porject_domain_id = default
  user_domain_id = default
  project_name = service
  username = cinder
  password = xxxxxxxx

So,who can tell me where is the problems?Any help will be need!!!!!!

edit retag flag offensive close merge delete
add a comment

3 answers

Sort by ยป oldest newest most voted
1

answered 2016-02-23 14:56:50 -0500

Radhakrishnan Rk gravatar image

updated 2016-02-24 16:07:40 -0500

Eduardo Gonzalez gravatar image

Hi,

Have you added "export OS_VOLUME_API_VERSION=2" in your openrc file . If not added, you will not be able to use cinder api. Keystone could be able to verify your token.

Sample admin-openrc file

export OS_PROJECT_DOMAIN_ID=default

export OS_USER_DOMAIN_ID=default

export OS_PROJECT_NAME=admin

export OS_TENANT_NAME=admin

export OS_USERNAME=admin

export OS_PASSWORD=openstack

export OS_AUTH_URL=http://openstack:35357/v3

export OS_IMAGE_API_VERSION=2

export OS_VOLUME_API_VERSION=2

Best Regards,

Radhakrishnan R

edit flag offensive delete link more

Comments

Thank you very much!I solved this error,it is my fault!

slosh_liuxin gravatar imageslosh_liuxin ( 2016-02-23 17:47:45 -0500 )edit

Can you share how you resolved the error? If is one of the answer mark it as correct answer, please.

Regards

Eduardo Gonzalez gravatar imageEduardo Gonzalez ( 2016-02-25 15:44:54 -0500 )edit
add a comment
0

answered 2016-02-23 08:00:19 -0500

bingoarunprasath gravatar image

If you can see cinder/Volume service in "$ keystone catalog" command, then probably something wrong with the conf file. If you can't see that in catalog, check /etc/cinder/policy.json and make sure that the following lines are present -

"volume:create": [],
 "volume:get_all": [],

If any role is specified, make sure that your user has the same role.

Make sure cinder user is added to 'service' tenant as 'admin' role

$ keystone user-role-add --user cinder --tenant service --role admin

and also make sure that you followed all these steps correctly. (users, endpoints, service tenant) http://docs.openstack.org/juno/instal...

edit flag offensive delete link more

Comments

Thank you very much!I solved this error,it is my fault!

slosh_liuxin gravatar imageslosh_liuxin ( 2016-02-23 17:47:45 -0500 )edit
add a comment
0

answered 2016-02-21 23:57:44 -0500

Jeffrey Guan gravatar image

Please make sure that you are using the right password/username.

edit flag offensive delete link more

Comments

yes,i am very sure that!I can use the username/password login the dashboard.But can not see any messages with volumes on the dashboard.

slosh_liuxin gravatar imageslosh_liuxin ( 2016-02-22 17:52:12 -0500 )edit
add a comment

Your Answer

Please start posting anonymously - your entry will be published after you log in or create a new account.

Add Answer

Get to know Ask OpenStack

Resources for moderators

Question Tools

1 follower

subscribe to rss feed

Stats

Asked: 2016-02-21 21:48:14 -0500

Seen: 1,616 times

Last updated: Feb 24 '16

Related questions

instance launch failure on hyperv

keystone authorization sequence diagram

Lbaas in Kilo error

xenserver vm can't attach cinder volume

keystone error in kilo with ubuntu 14.04

Keystone Kerberos configuration

keystone relocation

How to get service catalog with Python API?

keystone error

Keystone V3 in Kilo