ec2ool for clients in diablo

Asked by Ashokkumar c on 2011-11-16

I installed openstack using devstack.
I can able to use ec2ool on the client controller but i dont know how to use it from a client.

Lets say I created a user "xyz" using dashboard and if the user "xyz" wants to use ec2ools,
 how can i provide him the access key and other so that he can use it

I am using keystone.

Question information

Language:
English Edit question
Status:
Solved
For:
OpenStack Compute (nova) Edit question
Assignee:
No assignee Edit question
Solved by:
Vish Ishaya
Solved:
Last query:
Last reply:
Sateesh (sateesh-chodapuneedi) said : #1

Hi Asok,

The following command would give you nova.zip file.
nova-manage project zipfile $NOVA_PROJECT $NOVA_PROJECT_USER
unzip nova.zip
After unzipping nova.zip, you can see "novarc" file that consists of the required environment variables/settings like access key of $NOVA_PROJECT_USER. Just source the file "novarc" and you will be ready to run euca2ools commands :-)

Hope that helps!

Ashokkumar c (ashokcse) said : #2

hello my friend

I tried nova-manage project list

2011-11-16 16:17:24,788 DEBUG nova.utils [-] backend <module 'nova.db.sqlalchemy.api' from '/opt/stack/nova/nova/db/sqlalchemy/api.pyc'> from (pid=30787) __get_backend /opt/stack/nova/nova/utils.py:44

I user
keystone-manage credentials add admin EC2 'admin' 'secretpassword'

 to create creds and it's created but I dont know where to find it...

Ashokkumar c (ashokcse) said : #3

can anyone tell me how to make creds.zip for user, so that they can use ec2ools.

Vish Ishaya (vishvananda) said : #4

Three environment variables need to be set to use euca2ools.

openrc sets these for you but you could easily create a small rc file for them (note that bundling images currently is not supported).

# Set the ec2 url so euca2ools works
export EC2_URL=${EC2_URL:-http://$HOST_IP:8773/services/Cloud}

# Access key is set in the initial keystone data to be the same as username
export EC2_ACCESS_KEY=${USERNAME:-demo}

# Secret key is set in the initial keystone data to the admin password
export EC2_SECRET_KEY=${ADMIN_PASSWORD:-secrete}

if you give them a file with those three variables set they can use it. To see how to create a new user in keystone with ec2 credentials, checkout files/keystone_data.sh

Also note that you can use any arbitrary string for acess and secret, the keystone_data.sh script just sets access key = username and secret key = password to keep things simple.

On Nov 18, 2011, at 8:45 AM, ashokkumar c wrote:

> Question #178940 on OpenStack Compute (nova) changed:
> https://answers.launchpad.net/nova/+question/178940
>
> ashokkumar c gave more information on the question:
> can anyone tell me how to make creds.zip for user, so that they can use
> ec2ools.
>
> --
> You received this question notification because you are a member of Nova
> Core, which is an answer contact for OpenStack Compute (nova).

Ashokkumar c (ashokcse) said : #5

hi vish
thank you for answering my question. I followed your answer and created a small rc but still I got some error message form the server.Let me tell you what I did

1. I created a credential for existing user xyz by using
keystone-manage $* credentials add admin EC2 'xyz' 'PASSWORD'

2.I created xyzrc with
# Set the ec2 url so euca2ools works
export EC2_URL=${EC2_URL:-http://$10.10.1.2:8773/services/Cloud}

# Access key is set in the initial keystone data to be the same as username
export EC2_ACCESS_KEY=${USERNAME:-xyz}

# Secret key is set in the initial keystone data to the admin password
export EC2_SECRET_KEY=${ADMIN_PASSWORD:-PASSWORD}

3. In the client side I made source xyzrc and run euca-describe-availability-zones verbose
------------------------------
Warning: failed to parse error message from AWS: <unknown>:1:0: syntax error
EC2ResponseError: 400 Bad Request
400 Bad Request

The server could not comply with the request since it is either malformed or otherwise incorrect.
-----------------------
I am trying to resolve this since long time. I even tried by replacing user name and pass with admin name and pass ,it works at cloud controller but not at client node.

pl z tell me how to solve this.

Ashokkumar c (ashokcse) said : #6

Nov 23 11:49:08 cloud 2011-11-23 11:49:08,104 INFO nova.api [-] 0.346399s 110.10.1.29 GET /services/Cloud/ None:None 400 [Boto/1.9b (linux2)] text/plain text/plain

Best Vish Ishaya (vishvananda) said : #7

try:

export EC2_ACCESS_KEY=xyz
export EC2_SECRET_KEY=PASSWORD

verify that echo $EC2_ACCESS_KEY and echo $EC2_SECRET_KEY give the proper values.

On Nov 22, 2011, at 8:50 PM, ashokkumar c wrote:

> Question #178940 on OpenStack Compute (nova) changed:
> https://answers.launchpad.net/nova/+question/178940
>
> Status: Answered => Open
>
> ashokkumar c is still having a problem:
> hi vish
> thank you for answering my question. I followed your answer and created a small rc but still I got some error message form the server.Let me tell you what I did
>
> 1. I created a credential for existing user xyz by using
> keystone-manage $* credentials add admin EC2 'xyz' 'PASSWORD'
>
> 2.I created xyzrc with
> # Set the ec2 url so euca2ools works
> export EC2_URL=${EC2_URL:-http://$10.10.1.2:8773/services/Cloud}
>
> # Access key is set in the initial keystone data to be the same as username
> export EC2_ACCESS_KEY=${USERNAME:-xyz}
>
> # Secret key is set in the initial keystone data to the admin password
> export EC2_SECRET_KEY=${ADMIN_PASSWORD:-PASSWORD}
>
> 3. In the client side I made source xyzrc and run euca-describe-availability-zones verbose
> ------------------------------
> Warning: failed to parse error message from AWS: <unknown>:1:0: syntax error
> EC2ResponseError: 400 Bad Request
> 400 Bad Request
>
> The server could not comply with the request since it is either malformed or otherwise incorrect.
> -----------------------
> I am trying to resolve this since long time. I even tried by replacing user name and pass with admin name and pass ,it works at cloud controller but not at client node.
>
> pl z tell me how to solve this.
>
> --
> You received this question notification because you are a member of Nova
> Core, which is an answer contact for OpenStack Compute (nova).

Vish Ishaya (vishvananda) said : #8

you also need to specify a default tenant as the last perameter to your credentials add command -- there should be another admin at the end.
On Nov 23, 2011, at 10:30 AM, Vish Ishaya wrote:

> Question #178940 on OpenStack Compute (nova) changed:
> https://answers.launchpad.net/nova/+question/178940
>
> Status: Open => Answered
>
> Vish Ishaya proposed the following answer:
> try:
>
> export EC2_ACCESS_KEY=xyz
> export EC2_SECRET_KEY=PASSWORD
>
> verify that echo $EC2_ACCESS_KEY and echo $EC2_SECRET_KEY give the
> proper values.
>
> On Nov 22, 2011, at 8:50 PM, ashokkumar c wrote:
>
>> Question #178940 on OpenStack Compute (nova) changed:
>> https://answers.launchpad.net/nova/+question/178940
>>
>> Status: Answered => Open
>>
>> ashokkumar c is still having a problem:
>> hi vish
>> thank you for answering my question. I followed your answer and created a small rc but still I got some error message form the server.Let me tell you what I did
>>
>> 1. I created a credential for existing user xyz by using
>> keystone-manage $* credentials add admin EC2 'xyz' 'PASSWORD'
>>
>> 2.I created xyzrc with
>> # Set the ec2 url so euca2ools works
>> export EC2_URL=${EC2_URL:-http://$10.10.1.2:8773/services/Cloud}
>>
>> # Access key is set in the initial keystone data to be the same as username
>> export EC2_ACCESS_KEY=${USERNAME:-xyz}
>>
>> # Secret key is set in the initial keystone data to the admin password
>> export EC2_SECRET_KEY=${ADMIN_PASSWORD:-PASSWORD}
>>
>> 3. In the client side I made source xyzrc and run euca-describe-availability-zones verbose
>> ------------------------------
>> Warning: failed to parse error message from AWS: <unknown>:1:0: syntax error
>> EC2ResponseError: 400 Bad Request
>> 400 Bad Request
>>
>> The server could not comply with the request since it is either malformed or otherwise incorrect.
>> -----------------------
>> I am trying to resolve this since long time. I even tried by replacing user name and pass with admin name and pass ,it works at cloud controller but not at client node.
>>
>> pl z tell me how to solve this.
>>
>> --
>> You received this question notification because you are a member of Nova
>> Core, which is an answer contact for OpenStack Compute (nova).
>
> --
> You received this question notification because you are a member of Nova
> Core, which is an answer contact for OpenStack Compute (nova).

Ashokkumar c (ashokcse) said : #9

Thank you vish

I tried #7 and it worked.problem was even I sourced the rc file the env variable does not changed, so I used #7 commands to change directly . Now its working.

Ashokkumar c (ashokcse) said : #10

Thanks Vish Ishaya, that solved my question.