KeithJ's profile - activity

2016-04-26 03:15:31 -0600 received badge  Taxonomist
2014-12-14 14:33:08 -0600 received badge  Self-Learner (source)
2014-10-20 04:38:37 -0600 received badge  Famous Question (source)
2014-09-15 07:00:25 -0600 marked best answer setting up user accounts to use openstack

Openstack version : FOLSOM Linux b3dbm2 3.2.0-29-generic #46-Ubuntu SMP Fri Jul 27 17:03:23 UTC 2012 x86_64 x86_64 x86_64 GNU/Linux

Hi I have set up some user_accounts so that our openstack administrators can use their own account. Currently we are all using the openstack account, which is creating issues as different people like to customise their .profile according to their preferences.

Ifr I log in as openstack and run $ nova list --all-tenants I get a list of tenants returned.

However if I run as myself , I get the following returned.

ERROR: Invalid OpenStack Nova credentials.

My profile already has the following set up.

export OS_TENANT_NAME= export OS_USERNAME= export OS_PASSWORD= export OS_AUTH_URL=

What else do I need to do to get this work correctly

thanks in advance

2014-08-14 02:49:09 -0600 received badge  Famous Question (source)
2014-05-29 10:08:12 -0600 answered a question curl api call to stop vm

I eventually got this to work:

I created a file pause.json which looks like the following:


I then issued the following command:

 curl -i http://<controllernode>:8774/v2/<TENANT_ID>/servers/<VM_ID>/action -X POST -H "Content-Type: application/json" -H "X-Auth-Project-Id:<PROJECTNAME>" -H "X-Auth-Token: <TOKEN_ID>" -H "Accept: application/json" -T pause.json

This ended up pausing my VM. I think the Key here was to include H "Accept: application/json" on the command line

curl -i http://<controllernode>:8774/v2/<tenant_id>/servers/<vm_id>/action -X POST -H "Content-Type: application/json" -H "X-Auth-Project-Id:<projectname>" -H "X-Auth-Token: <token_id>" -H "Accept: application/json" -T pause.json

The -H "X-Auth-Project-Id:<projectname>" is optional in this case.

If you do not wish to call a file, you can replace -T pause.json with -d '{"pause":null}'

Note: use unpause to resume your server

2014-05-29 03:55:40 -0600 received badge  Notable Question (source)
2014-05-28 04:17:16 -0600 commented answer curl api call to stop vm

Thsi is the command which is coming back with choices. What am I missing:

curl -s -d '{"os-stop":null} '  -H "X-Auth-Token: e48ccba29d0c4d91bafe9085cc36d03e" |python -m json.tool
2014-05-28 04:15:59 -0600 commented answer curl api call to stop vm

I have got a bit further in that I can now list information using the following call.

curl -s -H "X-Auth-Token: e48ccba29d0c4d91bafe9085cc36d03e"

If I issue a POST i get choices back

2014-05-27 08:16:10 -0600 commented answer curl api call to stop vm

After adding in the -H as suggested, I get the following: "The server could not comply with the request since it is either malformed or otherwise incorrect.", "code": 400

is it possible that you could post a complete working example.

2014-05-27 03:49:57 -0600 received badge  Popular Question (source)
2014-05-26 11:28:39 -0600 answered a question How can I setup authentication via atlassian Crowd

The solution was to install python-crowdmaster from github.

2014-05-26 10:58:32 -0600 received badge  Famous Question (source)
2014-05-26 09:53:22 -0600 asked a question curl api call to stop vm

Hi , I am currently trying to facilitate a user so that he can stop /start his vm through an open-api call. I have successfully obtained a token as follows:

curl -i 'http://<ipaddress>:5000/v2.0/tokens' -X POST -H "Content-Type: application/json" -H "Accept: application/json" -d '{"auth": {"tenantName": "", "passwordCredentials": {"username": "myuser", "password": "myuser"}}}'

I am now trying to pass the token and issuse a server command as follows:

curl -i -X POST -H "Content-Type: application/json" -H 'X-Auth-Token:b13a057539784d6f8a55d9d2d3a115a8'
-d '{"os-stop":null} ' 'http://<ipaddress>:8774/v2.0/<tenant_id>/servers/<vm_id>/action'

eg as follows:

curl -i -X POST -H "Content-Type: application/json" 'X-Auth-Token:b13a057539784d6f8a55d9d2d3a115a8' -d '{"os-stop":null }' http://controller:8774/v2.0/91ca51f6a...

91ca51f6aff347089b5439931c770b39 is the tenant-id 8c67ea2e-9477-4714-bddf-092efc03b7ba is the vm-id b13a057539784d6f8a55d9d2d3a115a8 is the token-id

curl: (6) Couldn't resolve host 'X-Auth-Token:b13a057539784d6f8a55d9d2d3a115a8'

I know I am very close to getting this to work. Can someone help with where I am going wrong.

2014-05-19 00:40:29 -0600 received badge  Famous Question (source)
2014-04-03 10:31:33 -0600 received badge  Notable Question (source)
2014-04-01 08:28:45 -0600 received badge  Notable Question (source)
2014-03-30 23:54:50 -0600 received badge  Popular Question (source)
2014-03-30 23:16:59 -0600 received badge  Famous Question (source)
2014-03-30 23:16:59 -0600 received badge  Notable Question (source)
2014-03-24 04:33:02 -0600 commented question How can I setup authentication via atlassian Crowd

Thanks. I have uncommented everything in the ldap section, and I now get connection refused. I have pasted the ldap section of the keystone.conf file I can't see where I am supposed to add the crowd credentials.

2014-03-21 07:07:36 -0600 asked a question How can I setup authentication via atlassian Crowd


Openstack Version: Grizzly running on Ubuntu

I am trying to set up authentication from the Dashboard using atlassian Crowd. Here are the relevant sections of the keystone.conf file

driver = keystone.identity.backends.ldap.Identity

  url = <url>
  user = admin dc=Manager,dc=example,dc=com
password = ****
 suffix = cn=example,cn=com
  use_dumb_member = False
 allow_subtree_delete = False
 dumb_member = cn=dumb,dc=example,dc=com

# Maximum results per page; a value of zero ('0') disables paging (default)
 page_size = 0

# The LDAP dereferencing option for queries. This can be either 'never',
# 'searching', 'always', 'finding' or 'default'. The 'default' option falls
# back to using default dereferencing configured by your ldap.conf.
 alias_dereferencing = default

# The LDAP scope for queries, this can be either 'one'
# (onelevel/singleLevel) or 'sub' (subtree/wholeSubtree)
 query_scope = one

 user_tree_dn = ou=Users,dc=example,dc=com
 user_filter =
 user_objectclass = inetOrgPerson
 user_domain_id_attribute = businessCategory
 user_id_attribute = cn
 user_name_attribute = sn
 user_mail_attribute = email
 user_pass_attribute = userPassword
 user_enabled_attribute = enabled
 user_enabled_mask = 0
 user_enabled_default = True
 user_attribute_ignore = tenant_id,tenants
 user_allow_create = True
 user_allow_update = True
 user_allow_delete = True
 user_enabled_emulation = False
 user_enabled_emulation_dn =

 tenant_tree_dn = ou=Groups,dc=example,dc=com
 tenant_filter =
 tenant_objectclass = groupOfNames
 tenant_domain_id_attribute = businessCategory
 tenant_id_attribute = cn
 tenant_member_attribute = member
 tenant_name_attribute = ou
 tenant_desc_attribute = desc
 tenant_enabled_attribute = enabled
 tenant_attribute_ignore =
 tenant_allow_create = True
 tenant_allow_update = True
 tenant_allow_delete = True
 tenant_enabled_emulation = False
 tenant_enabled_emulation_dn =

 role_tree_dn = ou=Roles,dc=example,dc=com
 role_filter =
 role_objectclass = organizationalRole
 role_id_attribute = cn
 role_name_attribute = ou
 role_member_attribute = roleOccupant
 role_attribute_ignore =
 role_allow_create = True
 role_allow_update = True
 role_allow_delete = True

 group_tree_dn =
 group_filter =
 group_objectclass = groupOfNames
 group_id_attribute = cn
 group_name_attribute = ou
 group_member_attribute = member
 group_desc_attribute = desc
 group_attribute_ignore =
 group_allow_create = True
 group_allow_update = True
 group_allow_delete = True

I only need to configure access through the dashboard.

Can anyone give me an example of the steps required.

2014-03-14 08:21:10 -0600 received badge  Popular Question (source)
2014-03-13 09:09:43 -0600 answered a question Redirect users to maintenance page

Hi Sam thanks for your answer.
I have also found that I can create a .htaccess folder in /usr/share/openstack-dashboard/openstack_dashboard/wsgi and redirect to /var/www/maintenance.html since my maintenance file is in /var/www or alternatively put my maintenace.html in that directory.

2014-03-13 08:15:58 -0600 asked a question Redirect users to maintenance page

Hi Guys

ubuntu server. I am trying to implement a feature, whereby we can redirect the user to a static html page if we are performing any maintenance on Openstack.

I have mod-rewrite working in the .htaccess file in /var/www

.htacess file looks like the following:

RewriteEngine on RewriteRule ^/?index.html$ maintenance.html [L]

So now if I go to :

http:<ipaddress> instead of getting the index.html I get the maintenance html.

This tells me that the rewrite option is working correctly.

Ok Now where I am struggling is the actual address I need for the dashboard so that when somebody tries to access it, it points to my maintenance.html file rather than the dashboard. eg if my dashboard address is http: what do i need to put instead of index.html ?

RewriteRule ^/?index.html$ maintenance.html [L]

2014-03-03 03:33:02 -0600 received badge  Notable Question (source)
2014-02-28 10:32:23 -0600 received badge  Supporter (source)
2014-02-28 10:31:59 -0600 answered a question Is there an openstack command which will allow me to protect a vm

Thanks for the answer. Quite simply we are using puppet to do orchestration. One of the options is to delete vms in project which are not protected. So here in this case, we may want to prevent some vms from being deleted.

Thats the main reason for the question. During my search, I noticed that this is a requested feature, but development has not been started.

2014-02-28 10:29:27 -0600 received badge  Scholar (source)
2014-02-28 07:28:46 -0600 received badge  Popular Question (source)
2014-02-26 05:59:53 -0600 answered a question Auto assign floating ip

Note: I am on the Grizzly Release.

I think you can do it as follows:

export OS_TENANT_NAME=<tenant_name>
export OS_USERNAME=<username>
export OS_PASSword=<password>

nova floating-ip-list

    | Ip            | Instance Id                          | Fixed Ip    | Pool    |
    | | e4f76f99-a6f3-49f5-a084-3143bb6d51ac |   | ext_net |
    | | d31c5e83-b370-47ab-8f28-aca628767b82 | | ext_net |
    | | 6355bc1e-ab62-4d8c-b148-1af60a9db6b3 | | ext_net |

The floating IP's are in the left column. The first instance-id is actually the router_id rather than a vm.

2014-02-26 03:47:04 -0600 received badge  Enthusiast
2014-02-25 11:07:51 -0600 received badge  Editor (source)
2014-02-25 10:15:09 -0600 asked a question Is there an openstack command which will allow me to protect a vm

Release Grizzly Currently if I want to protect a specific VM I have to go into the mysql database and perform an update. Naturally, I would prefer to avoid doing this.

Is there any openstack service command which can be used to protect a vm. Essentially, I am looking for a way of preventing the VM being deleted, even if someone tries to terminate the VM.

I have looked through nova --help and their is nothing which appears obvious.

I think glance image-update can be used to protect/unprotect the snapshot rather than the vm

2014-02-25 09:33:54 -0600 answered a question Create User using an API call
Apologies; It seemed I misunderstood the question.    But from teh manuals I found this:

and if you look under users you will find this when you click on the detail button

Adds a user.

Normal Response Codes201
Error Response CodesidentityFault (400, 500, …), badRequest (400), unauthorized (401), forbidden (403), badMethod (405), overLimit (413), serviceUnavailable (503), itemNotFound (404)
    "user": {
        "default_project_id": "--default-project-id--",
        "description": "a user",
        "domain_id": "1789d1",
        "email": "...",
        "id": "--user-id--",
        "links": {
            "self": "http://identity:35357/v3/users/--user-id--"
        "name": "admin"
2014-02-17 13:45:18 -0600 received badge  Popular Question (source)
2014-01-03 08:49:48 -0600 answered a question How can I delay the deletion of a vm until the snapshot has been completed

Ok well what I did was this. I created the snapshots and at the same time wrote out a file containing the vm_id and snapshotname.

I then wrote another script which read in this file and if the snapshot progress is 100% complete I then delete the VM. All fiels which do not have snapshot complete get written out to another file. This way it can be used as an input file at a later date

2014-01-02 11:46:15 -0600 asked a question How can I delay the deletion of a vm until the snapshot has been completed

Release: Folsom

I need to create a snapshot of a vm before deleting it. Currently I can create a snapshot via a script (however I can not see the created snapshot).

I must only delete the vm instance if the snapshot has been created