Ask Your Question

Ad Beumer's profile - activity

2015-02-20 04:47:37 -0500 received badge  Enthusiast
2015-02-12 07:10:25 -0500 answered a question Newbie question, Installation guide juno ubuntu, tenants not showing

Right, I found it.

I typoed the 'keystone endpoint-create' command and made adminurl point to http://controller:5000/v2.0 instead of http://controller:35357/v2.0.. .

2015-02-10 02:56:30 -0500 commented answer Newbie question, Installation guide juno ubuntu, tenants not showing

Thanks for your reply. The thing is that what I see is not what I should see. If I interpret the installation guide correctly, that is. I updated my question to show more clearly what's happening

2015-02-10 02:52:25 -0500 received badge  Editor (source)
2015-02-10 02:07:31 -0500 received badge  Famous Question (source)
2015-02-06 06:32:27 -0500 answered a question Newbie question, Installation guide juno ubuntu, tenants not showing

Thank you for your reply.

With the variables set everything is working as It should. We both agree that's not an issue.

However, if I understand the http://docs.openstack.org/juno/install-guide/install/apt/content/keystone-verify.html (installation guide) correctly, I should be able to unset the variables, request a token, issue a tenant-list request and still get the same results. What happens instead is that with the vars set I get to see all tenants, unset I only get the admin tenant.

A snippet from the installation guide:

Verify operation

This section describes how to verify operation of the Identity service.

Unset the temporary OS_SERVICE_TOKEN and OS_SERVICE_ENDPOINT environment variables:

$ unset OS_SERVICE_TOKEN OS_SERVICE_ENDPOINT

As the admin tenant and user, request an authentication token:

$ keystone --os-tenant-name admin --os-username admin --os-password ADMIN_PASS \
  --os-auth-url http://controller:35357/v2.0 token-get

Replace ADMIN_PASS with the password you chose for the admin user in the Identity service. You might need to use single quotes (') around your password if it includes special characters.

Lengthy output that includes a token value verifies operation for the admin tenant and user.

As the admin tenant and user, list tenants to verify that the admin tenant and user can execute admin-only CLI commands and that the Identity service contains the tenants that you created in the section called “Create tenants, users, and roles”:

$ keystone --os-tenant-name admin --os-username admin --os-password ADMIN_PASS \
  --os-auth-url http://controller:35357/v2.0 tenant-list
+----------------------------------+----------+---------+
|                id                |   name   | enabled |
+----------------------------------+----------+---------+
| 6f4c1e4cbfef4d5a8a1345882fbca110 |  admin   |   True  |
| 4aa51bb942be4dd0ac0555d7591f80a6 |   demo   |   True  |
| 6b69202e1bf846a4ae50d65bc4789122 | service  |   True  |
+----------------------------------+----------+---------+

Apparently, I'm still supposed to see all tenants available

This is how it works out in my case: (with OS_SERVICE vars unset)

openstack_user@controller:~$ date
Fri Feb  6 10:42:53 CET 2015

openstack_user@controller:~$ keystone --os-tenant-name admin --os-username admin --os-password 'SupSecPass!' --os-auth-url http://controller:35357/v2.0 token-get
+-----------+----------------------------------+
|  Property |              Value               |
+-----------+----------------------------------+
|  expires  |       2015-02-06T10:42:59Z       |
|     id    | 5e0dbd9f72a54e388151f2aeaa8ef76e |
| tenant_id | 0c49889b611f40319af62877fd602327 |
|  user_id  | 21e4e9d4a2b841afb736ff99f5f92b33 |
+-----------+----------------------------------+

openstack_user@controller:~$ keystone --os-tenant-name admin --os-username admin --os-password 'SupSecPass!' --os-auth-url http://controller:35357/v2.0 tenant-list
+----------------------------------+-------+---------+
|                id                |  name | enabled |
+----------------------------------+-------+---------+
| 0c49889b611f40319af62877fd602327 | admin |   True  |
+----------------------------------+-------+---------+

openstack_user@controller:~$ date
Fri Feb  6 10:43:07 CET 2015

Logging set to DEBUG:

2015-02-06 10:42:59.557 5955 DEBUG keystone.middleware.core [-] Auth token not in the request header. Will not build auth context. process_request /usr/lib/python2.7/dist-packages/keystone/middleware/core.py:270
2015-02-06 10:42:59.559 5955 DEBUG keystone.common.wsgi [-] arg_dict: {} __call__ /usr/lib/python2.7/dist-packages/keystone/common/wsgi.py:191
2015-02-06 10:42:59.647 5955 INFO eventlet.wsgi.server [-] 10.0.0.11 - - [06/Feb/2015 10:42:59] "POST /v2.0/tokens HTTP/1.1" 200 971 0.090574
2015-02-06 10:43:04.671 5955 DEBUG keystone.middleware.core [-] Auth token not in the request header. Will not build auth context. process_request /usr/lib/python2.7/dist-packages/keystone/middleware/core.py:270
2015-02-06 10:43:04.674 5955 DEBUG keystone.common.wsgi [-] arg_dict: {} __call__ /usr/lib/python2.7/dist-packages/keystone/common/wsgi.py:191
2015-02-06 10:43:04.759 5955 INFO eventlet.wsgi ...
(more)
2015-02-06 04:54:10 -0500 received badge  Notable Question (source)
2015-02-06 04:43:15 -0500 answered a question Creating tenant during openstack installation gives error

Just to make sure: you can ping controller?

2015-02-06 04:15:19 -0500 answered a question Newbie question, Installation guide juno ubuntu, tenants not showing

Thank you for your reply.

With the variables set everything is working as It should. We both agree that's not an issue.

However, if I understand the http://docs.openstack.org/juno/install-guide/install/apt/content/keystone-verify.html (installation guide) correctly, I should be able to unset the variables, request a token, issue a tenant-list request and still get the same results. What happens instead is that with the vars set I get to see all tenants, unset I only get the admin tenant.

A snippet from the installation guide:

Verify operation

This section describes how to verify operation of the Identity service.

Unset the temporary OS_SERVICE_TOKEN and OS_SERVICE_ENDPOINT environment variables:

$ unset OS_SERVICE_TOKEN OS_SERVICE_ENDPOINT

As the admin tenant and user, request an authentication token:

$ keystone --os-tenant-name admin --os-username admin --os-password ADMIN_PASS \
  --os-auth-url http://controller:35357/v2.0 token-get

Replace ADMIN_PASS with the password you chose for the admin user in the Identity service. You might need to use single quotes (') around your password if it includes special characters.

Lengthy output that includes a token value verifies operation for the admin tenant and user.

As the admin tenant and user, list tenants to verify that the admin tenant and user can execute admin-only CLI commands and that the Identity service contains the tenants that you created in the section called “Create tenants, users, and roles”:

$ keystone --os-tenant-name admin --os-username admin --os-password ADMIN_PASS \
  --os-auth-url http://controller:35357/v2.0 tenant-list
+----------------------------------+----------+---------+
|                id                |   name   | enabled |
+----------------------------------+----------+---------+
| 6f4c1e4cbfef4d5a8a1345882fbca110 |  admin   |   True  |
| 4aa51bb942be4dd0ac0555d7591f80a6 |   demo   |   True  |
| 6b69202e1bf846a4ae50d65bc4789122 | service  |   True  |
+----------------------------------+----------+---------+

Apparently, I'm still supposed to see all tenants available

This is how it works out in my case: (with OS_SERVICE vars unset)

openstack_user@controller:~$ date
Fri Feb  6 10:42:53 CET 2015

openstack_user@controller:~$ keystone --os-tenant-name admin --os-username admin --os-password 'SupSecPass!' --os-auth-url http://controller:35357/v2.0 token-get
+-----------+----------------------------------+
|  Property |              Value               |
+-----------+----------------------------------+
|  expires  |       2015-02-06T10:42:59Z       |
|     id    | 5e0dbd9f72a54e388151f2aeaa8ef76e |
| tenant_id | 0c49889b611f40319af62877fd602327 |
|  user_id  | 21e4e9d4a2b841afb736ff99f5f92b33 |
+-----------+----------------------------------+

openstack_user@controller:~$ keystone --os-tenant-name admin --os-username admin --os-password 'SupSecPass!' --os-auth-url http://controller:35357/v2.0 tenant-list
+----------------------------------+-------+---------+
|                id                |  name | enabled |
+----------------------------------+-------+---------+
| 0c49889b611f40319af62877fd602327 | admin |   True  |
+----------------------------------+-------+---------+

openstack_user@controller:~$ date
Fri Feb  6 10:43:07 CET 2015

Logging set to DEBUG:

2015-02-06 10:42:59.557 5955 DEBUG keystone.middleware.core [-] Auth token not in the request header. Will not build auth context. process_request /usr/lib/python2.7/dist-packages/keystone/middleware/core.py:270
2015-02-06 10:42:59.559 5955 DEBUG keystone.common.wsgi [-] arg_dict: {} __call__ /usr/lib/python2.7/dist-packages/keystone/common/wsgi.py:191
2015-02-06 10:42:59.647 5955 INFO eventlet.wsgi.server [-] 10.0.0.11 - - [06/Feb/2015 10:42:59] "POST /v2.0/tokens HTTP/1.1" 200 971 0.090574
2015-02-06 10:43:04.671 5955 DEBUG keystone.middleware.core [-] Auth token not in the request header. Will not build auth context. process_request /usr/lib/python2.7/dist-packages/keystone/middleware/core.py:270
2015-02-06 10:43:04.674 5955 DEBUG keystone.common.wsgi [-] arg_dict: {} __call__ /usr/lib/python2.7/dist-packages/keystone/common/wsgi.py:191
2015-02-06 10:43:04.759 5955 INFO eventlet.wsgi ...
(more)
2015-02-06 02:09:33 -0500 received badge  Popular Question (source)
2015-02-05 09:05:51 -0500 asked a question Newbie question, Installation guide juno ubuntu, tenants not showing

My first post on this site, so I hope I don't goof up too much. I'm completely new to OpenStack, but I thought it would be fun project to play with in my spare time.

I found an abandoned server on one of our racks and kinda nicked it. Put VMWare hypervisor on it, created a few machines, put Ubuntu 14.04 server on them and started installing OpenStack.

I'm following the jan 20th Juno installation guide and started building the 3-node setup (controller, network, compute1)

I've been going through the manual without any problems, but ran into a snag at the 'Verify operation' section at page 37. after unsetting OS_SERVICE_..., tenant-list only shows the admin-tenant, where it's supposed to show all three tenants.

openstack_user@controller:~$ cat /etc/lsb-release 
DISTRIB_ID=Ubuntu
DISTRIB_RELEASE=14.04
DISTRIB_CODENAME=trusty
DISTRIB_DESCRIPTION="Ubuntu 14.04.1 LTS"

openstack_user@controller:~$ uname -or
3.13.0-44-generic GNU/Linux


openstack_user@controller:~$ unset OS_SERVICE_TOKEN
openstack_user@controller:~$ unset OS_SERVICE_ENDPOINT

openstack_user@controller:~$ keystone --os-tenant-name admin --os-username admin --os-password 'SupSecPass!' --os-auth-url http://controller:35357/v2.0 token-get
+-----------+----------------------------------+
|  Property |              Value               |
+-----------+----------------------------------+
|  expires  |       2015-02-05T10:36:03Z       |
|     id    | 3fae6db2c6b6469d9938b6741663c60a |
| tenant_id | 0c49889b611f40319af62877fd602327 |
|  user_id  | 21e4e9d4a2b841afb736ff99f5f92b33 |
+-----------+----------------------------------+

openstack_user@controller:~$ date
Thu Feb  5 10:37:59 CET 2015

openstack_user@controller:~$ keystone --os-tenant-name admin --os-username admin --os-password 'SupSecPass!' --os-auth-url http://controller:35357/v2.0 tenant-list
+----------------------------------+-------+---------+
|                id                |  name | enabled |
+----------------------------------+-------+---------+
| 0c49889b611f40319af62877fd602327 | admin |   True  |
+----------------------------------+-------+---------+

openstack_user@controller:~$ keystone --os-tenant-name admin --os-username admin --os-password 'SupSecPass!' --os-auth-url http://controller:35357/v2.0 user-list
The resource could not be found. (HTTP 404)

openstack_user@controller:~$ keystone --os-tenant-name admin --os-username admin --os-password 'SupSecPass!' --os-auth-url http://controller:35357/v2.0 role-list
The resource could not be found. (HTTP 404)

openstack_user@controller:~$ sudo tail /var/log/keystone/keystone-all.log
2015-02-05 12:17:56.743 2936 INFO eventlet.wsgi.server [-] 10.0.0.11 - - [05/Feb/2015 12:17:56] "POST /v2.0/tokens HTTP/1.1" 200 971 0.086453
2015-02-05 12:17:56.751 2938 INFO eventlet.wsgi.server [-] 10.0.0.11 - - [05/Feb/2015 12:17:56] "GET /v2.0/tenants/0c49889b611f40319af62877fd602327/users/21e4e9d4a2b841afb736ff99f5f92b33/roles HTTP/1.1" 404 252 0.011384
2015-02-05 13:28:21.483 2936 INFO eventlet.wsgi.server [-] 10.0.0.11 - - [05/Feb/2015 13:28:21] "POST /v2.0/tokens HTTP/1.1" 200 971 0.094130
2015-02-05 13:28:21.495 2938 INFO eventlet.wsgi.server [-] 10.0.0.11 - - [05/Feb/2015 13:28:21] "GET /v2.0/tenants/0c49889b611f40319af62877fd602327/users/21e4e9d4a2b841afb736ff99f5f92b33/roles HTTP/1.1" 404 252 0.014653
2015-02-05 13:30:19.179 2936 INFO eventlet.wsgi.server [-] 10.0.0.11 - - [05/Feb/2015 13:30:19] "POST /v2.0/tokens HTTP/1.1" 200 971 0.092760
2015-02-05 13:30:19.195 2938 INFO eventlet.wsgi.server [-] 10.0.0.11 - - [05/Feb/2015 13:30:19] "GET /v2.0/tenants HTTP/1.1" 200 296 0.021879
2015-02-05 13:32:14.491 2936 INFO eventlet.wsgi.server [-] 10.0.0.11 - - [05/Feb/2015 13:32:14] "POST /v2.0/tokens ...
(more)