glance and keystone configuration
I've tried configuring glance with keystone, but glance index command says that it's not authorized.
Where is the error in my configuration?
Thanks for your help.
Thomas
# glance -v --host 127.0.0.1 --auth_token 999888777666 index
Failed to show index. Got error:
Internal Server error: Traceback (most recent call last):
File "/usr/lib/
result = self.applicatio
File "/usr/lib/
resp = self.call_func(req, *args, **self.kwargs)
File "/usr/lib/
return self.func(req, *args, **kwargs)
File "/usr/lib/
response = req.get_
File "/usr/lib/
application, catch_exc_
File "/usr/lib/
app_iter = application(
File "/usr/lib/
return self._forward_
File "/usr/lib/
return self.app(env, start_response)
File "/usr/lib/
resp = self.call_func(req, *args, **self.kwargs)
File "/usr/lib/
return self.func(req, *args, **kwargs)
File "/usr/lib/
response = req.get_
File "/usr/lib/
application, catch_exc_
File "/usr/lib/
app_iter = application(
File "/usr/lib/
return resp(environ, start_response)
File "/usr/lib/
response = self.app(environ, start_response)
File "/usr/lib/
return resp(environ, start_response)
File "/usr/lib/
resp = self.call_func(req, *args, **self.kwargs)
File "/usr/lib/
return self.func(req, *args, **kwargs)
File "/usr/lib/
request, **action_args)
File "/usr/lib/
return method(*args, **kwargs)
File "/usr/lib/
**params)
File "/usr/lib/
return c.get_images(
File "/usr/lib/
res = self.do_
File "/usr/lib/
raise exception.
NotAuthorized: 401 Unauthorized
This server could not verify that you are authorized to access the document you requested. Either you supplied the wrong credentials (e.g., bad password), or your browser does not understand how to supply the credentials required.
Authentication required
Completed in 0.0539 sec.
# dpkg -l |grep glance
ii glance 2011.3~
ii python-glance 2011.3~
# dpkg -l |grep keystone
ii keystone 1.0~d4~
ii keystone-doc 1.0~d4~
ii python-keystone 1.0~d4~
# keystone-manage user list
id enabled tenant
-------
joeuser 1 1234
joeadmin 1 1234
admin 1 1234
serviceadmin 1 1234
disabled 0 1234
# keystone-manage token list
token user expiration tenant
-------
887665443383838 joeuser 2012-02-05 00:00:00 1234
999888777666 admin 2015-02-05 00:00:00 1234
111222333444 serviceadmin 2015-02-05 00:00:00 1234
000999 admin 2010-02-05 00:00:00 1234
999888777 disabled 2015-02-05 00:00:00 1234
# keystone-manage tenant list
tenant enabled
-------
1234 1
ANOTHER:TENANT 1
0000 0
# export |grep OS_
declare -x OS_AUTH_
declare -x OS_AUTH_
declare -x OS_AUTH_
declare -x OS_AUTH_URL="http://
declare -x OS_AUTH_
glance-api.conf:
...
[pipeline:
#pipeline = versionnegotiation context apiv1app
# NOTE: use the following pipeline for keystone
pipeline = versionnegotiation authtoken context apiv1app
# To enable Image Cache Management API replace pipeline with below:
# pipeline = versionnegotiation context imagecache apiv1app
# NOTE: use the following pipeline for keystone auth (with caching)
#pipeline = versionnegotiation authtoken context imagecache apiv1app
[pipeline:versions]
pipeline = versionsapp
[app:versionsapp]
paste.app_factory = glance.
[app:apiv1app]
paste.app_factory = glance.
[filter:
paste.filter_
[filter:imagecache]
paste.filter_
[filter:context]
paste.filter_
[filter:authtoken]
paste.filter_
service_protocol = http
service_host = 127.0.0.1
service_port = 5000
auth_host = 127.0.0.1
auth_port = 5001
auth_protocol = http
auth_uri = http://
admin_token = 999888777666
glance api.log:
2011-09-19 13:41:29 DEBUG [eventlet.
2011-09-19 13:41:43 DEBUG [glance.
2011-09-19 13:41:43 DEBUG [glance.
2011-09-19 13:41:43 DEBUG [root] HTTP PERF: 0.02209 seconds to GET 127.0.0.1:5001 /v2.0/tokens/
2011-09-19 13:41:43 DEBUG [root] HTTP PERF: 0.02110 seconds to GET 127.0.0.1:5001 /v2.0/tokens/
2011-09-19 13:41:43 DEBUG [routes.middleware] Matched GET /images
2011-09-19 13:41:43 DEBUG [routes.middleware] Route path: '/images', defaults: {'action': u'index', 'controller': <glance.
2011-09-19 13:41:43 DEBUG [routes.middleware] Match dict: {'action': u'index', 'controller': <glance.
2011-09-19 13:41:43 DEBUG [eventlet.
File "/usr/lib/
result = self.applicatio
File "/usr/lib/
resp = self.call_func(req, *args, **self.kwargs)
File "/usr/lib/
return self.func(req, *args, **kwargs)
File "/usr/lib/
response = req.get_
File "/usr/lib/
application, catch_exc_
File "/usr/lib/
app_iter = application(
File "/usr/lib/
return self._forward_
File "/usr/lib/
return self.app(env, start_response)
File "/usr/lib/
resp = self.call_func(req, *args, **self.kwargs)
File "/usr/lib/
return self.func(req, *args, **kwargs)
File "/usr/lib/
response = req.get_
File "/usr/lib/
application, catch_exc_
File "/usr/lib/
app_iter = application(
File "/usr/lib/
return resp(environ, start_response)
File "/usr/lib/
response = self.app(environ, start_response)
File "/usr/lib/
return resp(environ, start_response)
File "/usr/lib/
resp = self.call_func(req, *args, **self.kwargs)
File "/usr/lib/
return self.func(req, *args, **kwargs)
File "/usr/lib/
request, **action_args)
File "/usr/lib/
return method(*args, **kwargs)
File "/usr/lib/
**params)
File "/usr/lib/
return c.get_images(
File "/usr/lib/
res = self.do_
File "/usr/lib/
raise exception.
NotAuthorized: 401 Unauthorized
This server could not verify that you are authorized to access the document you requested. Either you supplied the wrong credentials (e.g., bad password), or your browser does not understand how to supply the credentials required.
Authentication required
Question information
- Language:
- English Edit question
- Status:
- Solved
- For:
- Glance Edit question
- Assignee:
- No assignee Edit question
- Solved by:
- Tamas Kapolnasi
- Solved:
- Last query:
- Last reply: