On Thu, Jun 6, 2013 at 10:43 AM, claudio marques <mrqss_...@hotmail.com>wrote:
> Hi Doug > > I send authentications from the admin user. In order for me to explain you > better the issue i will paste here the phases that i am trying to do: > > I use curl and send the admin user/password and ask for a token: > > curl -d '{"auth":{"passwordCredentials":{"username": "admin", "password": > "admin_pass"}}}' -H "Content-type: application/json" > http://localhost:35357/v2.0/tokens > > It returns this > > {"access": {"token": {"issued_at": "2013-06-06T14:11:26.005501", > "expires": "2013-06-07T14:11:26Z", "id": > "MIICbgYJKoZIhvcNAQcCoIICXzCCAlsCAQExCTAHBgUrDgMCGjCCAUcGCSqGSIb3DQEHAaCCATgEggE0eyJhY2Nlc3MiOiB7InRva2VuIjogeyJpc3N1ZWRfYXQiOiAiMjAxMy0wNi0wNlQxNDoxMToyNi4wMDU1MDEiLCAiZXhwaXJlcyI6ICIyMDEzLTA2LTA3VDE0OjExOjI2WiIsICJpZCI6ICJwbGFjZWhvbGRlciJ9LCAic2VydmljZUNhdGFsb2ciOiBbXSwgInVzZXIiOiB7InVzZXJuYW1lIjogImFkbWluIiwgInJvbGVzX2xpbmtzIjogW10sICJpZCI6ICIwYjE0ZTE2NDRmZmE0MzM2OTY3MDg3NDU4Y2Q4NWM1NiIsICJyb2xlcyI6IFtdLCAibmFtZSI6ICJhZG1pbiJ9LCAibWV0YWRhdGEiOiB7ImlzX2FkbWluIjogMCwgInJvbGVzIjogW119fX0xgf8wgfwCAQEwXDBXMQswCQYDVQQGEwJVUzEOMAwGA1UECBMFVW5zZXQxDjAMBgNVBAcTBVVuc2V0MQ4wDAYDVQQKEwVVbnNldDEYMBYGA1UEAxMPd3d3LmV4YW1wbGUuY29tAgEBMAcGBSsOAwIaMA0GCSqGSIb3DQEBAQUABIGALO7HS8ddSpYzEmRK9eLHOkFQPifzbNSHrf9I62keB+BDmBHAD47Lhz+jg-SkRJXKlyWVL0YG3Mhd3R9srSRC15rMGNhC0wSt0ohcppjzIr-OT8x6UabTYdU0We-54+4dEbyIgMH6fIuWKLq3DKvk+Qb-57JGknBemnFSrZHZjNE="}, > "serviceCatalog": [], "user": {"username": "admin", "roles_links": [], > "id": "0b14e1644ffa4336967087458cd85c56", "roles": [], "name": "admin"}, > "metadata": {"is_admin": 0, "roles": []}}} > > Then, i use curl again with the token that i just received with the > following command > > > curl -k -D -H "X-Auth-Token: > MIICbgYJKoZIhvcNAQcCoIICXzCCAlsCAQExCTAHBgUrDgMCGjCCAUcGCSqGSIb3DQEHAaCCATgEggE0eyJhY2Nlc3MiOiB7InRva2VuIjogeyJpc3N1ZWRfYXQiOiAiMjAxMy0wNi0wNlQxNDoxMToyNi4wMDU1MDEiLCAiZXhwaXJlcyI6ICIyMDEzLTA2LTA3VDE0OjExOjI2WiIsICJpZCI6ICJwbGFjZWhvbGRlciJ9LCAic2VydmljZUNhdGFsb2ciOiBbXSwgInVzZXIiOiB7InVzZXJuYW1lIjogImFkbWluIiwgInJvbGVzX2xpbmtzIjogW10sICJpZCI6ICIwYjE0ZTE2NDRmZmE0MzM2OTY3MDg3NDU4Y2Q4NWM1NiIsICJyb2xlcyI6IFtdLCAibmFtZSI6ICJhZG1pbiJ9LCAibWV0YWRhdGEiOiB7ImlzX2FkbWluIjogMCwgInJvbGVzIjogW119fX0xgf8wgfwCAQEwXDBXMQswCQYDVQQGEwJVUzEOMAwGA1UECBMFVW5zZXQxDjAMBgNVBAcTBVVuc2V0MQ4wDAYDVQQKEwVVbnNldDEYMBYGA1UEAxMPd3d3LmV4YW1wbGUuY29tAgEBMAcGBSsOAwIaMA0GCSqGSIb3DQEBAQUABIGALO7HS8ddSpYzEmRK9eLHOkFQPifzbNSHrf9I62keB+BDmBHAD47Lhz+jg-SkRJXKlyWVL0YG3Mhd3R9srSRC15rMGNhC0wSt0ohcppjzIr-OT8x6UabTYdU0We-54+4dEbyIgMH6fIuWKLq3DKvk+Qb-57JGknBemnFSrZHZjNE=" > -X 'GET' -v http://localhost:8777/v2/meters > > The return value is this > > ** getaddrinfo(3) failed for X-Auth-Token:80* > ** Couldn't resolve host 'X-Auth-Token'* > ** Closing connection 0* > *curl: (6) Couldn't resolve host 'X-Auth-Token'* > It looks like curl does not like the way you are passing some of the parameters. It is interpreting the header name as a host name. Doug > ** About to connect() to localhost port 8777 (#1)* > ** Trying 127.0.0.1...* > ** Connected to localhost (127.0.0.1) port 8777 (#1)* > *> GET /v2/meters HTTP/1.1* > *> User-Agent: curl/7.29.0* > *> Host: localhost:8777* > *> Accept: */** > *>* > ** HTTP 1.0, assume close after body* > *< HTTP/1.0 401 Unauthorized* > *< Date: Thu, 06 Jun 2013 14:14:06 GMT* > *< Server: WSGIServer/0.1 Python/2.7.4* > *< WWW-Authenticate: Keystone uri='http://127.0.0.1:35357'* > *< Content-Length: 381* > *< Content-Type: text/html; charset=UTF-8* > *<* > *<html>* > * <head>* > * <title>401 Unauthorized</title>* > * </head>* > * <body>* > * <h1>401 Unauthorized</h1>* > * This server could not verify that you are authorized to access the > document you requested. Either you supplied the wrong credentials (e.g., > bad password), or your browser does not understand how to supply the > credentials required.<br /><br />* > *Authentication required* > * > * > * > * > * </body>* > ** Closing connection 1* > > No data is returned in any case. > > I manually installed 3 node openStack and ceilometer , so i am not using > devStack. > > Even when i try to send manually credentials of the admin user: > > *ceilometer --os-username admin --os-password password --os-tenant-name > admin --os-auth-url http://localhost:5000/v2.0 resource-list* > > the result is this: > > *No handlers could be found for logger "ceilometerclient.common.http"* > *Invalid OpenStack Identity credentials.* > > Is there any possibility that keystone is not validating all the Tokens? > > > Claudio Marques > > > ------------------------------ > Date: Thu, 6 Jun 2013 09:42:38 -0400 > From: doug.hellm...@dreamhost.com > To: clau...@onesource.pt > CC: openstack@lists.launchpad.net > Subject: Re: [Openstack] Ceilometer-api Auth Error > > > > > > On Thu, Jun 6, 2013 at 7:22 AM, Claudio Marques <clau...@onesource.pt>wrote: > > Hi Stackers > > > Hi have a problem with ceilometer-api. I want access it via curl or http > and every time i try to do it i simple get the same errors. > > This server could not verify that you are authorized to access the > document you requested. Either you supplied the wrong credentials (e.g., > bad password), or your browser does not understand how to supply the > credentials required. > > My ceilometer.conf file is like this: > > [DEFAULT] > os_username=admin > os_password=admin_pass > os_tenant_name=admin > os_auth_url=http://10.0.1.167:5000/v2.0/ > signing_dirname = /tmp/keystone-signing-ceilometer > metering_api_port=8777 > auth_strategy=keystone > nova_control_exchange=nova > hypervisor_inspector=libvirt > libvirt_type=qemu > glance_control_exchange=glance > quantum_control_exchange=quantum > debug=true > verbose=true > > log_dir=/var/log/ceilometer > rpc_backend=ceilometer.openstack.common.rpc.impl_kombu > rabbit_host=localhost > rabbit_port=5672 > rabbit_userid=guest > rabbit_password=guest > rabbit_retry_backoff=2 > rabbit_max_retries=0 > rabbit_use_ssl=False > > database_connection=mongodb://10.0.1.25:27017/ceilometer > sql_connection_debug=0 > cinder_control_exchange=cinder > enable_v1_api=true > > [keystone_authtoken] > > auth_host = localhost > auth_port = 5000 > admin_user = admin > admin_password = admin_pass > admin_tenant_name = admin > auth_uri = http://10.0.1.167:5000/v2.0/ > > What auth chould i pass in order to get metrics form ceilometer? > > > The ceilometer API uses keystone authentication, just like the other > OpenStack services. If you pass credentials for a regular user, you can see > data about the tenant/project you're authenticating with. If you pass > credentials for an admin user, you can see all data. > > Doug > > > > Thank's for any reply > > > > > _______________________________________________ > Mailing list: https://launchpad.net/~openstack > Post to : openstack@lists.launchpad.net > Unsubscribe : https://launchpad.net/~openstack > More help : https://help.launchpad.net/ListHelp > > > > _______________________________________________ Mailing list: > https://launchpad.net/~openstack Post to : > openstack@lists.launchpad.netUnsubscribe : > https://launchpad.net/~openstack More help : > https://help.launchpad.net/ListHelp > > _______________________________________________ > Mailing list: https://launchpad.net/~openstack > Post to : openstack@lists.launchpad.net > Unsubscribe : https://launchpad.net/~openstack > More help : https://help.launchpad.net/ListHelp > >
_______________________________________________ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp