Login | Register For Free | Help
Search for: (Advanced)

Mailing List Archive: OpenStack: Dev

keystone installed by devstack redirect http request

  

 
OpenStack dev RSS feed   Index | Next | Previous | View Threaded


lianhao.lu at intel

Aug 24, 2012, 1:03 AM

Post #1 of 3 (129 views)
Permalink
keystone installed by devstack redirect http request
Hi gang,

I used the devstack to install a "all-one-one" develop environment, but the keystone service seemed not working for me.

The host OS is Ubuntu 12.04 with a statically assigned IP address 192.168.79.201. Since this host is in the internal network, I have to use a gateway(with 2 NICs of ip addresses 192.168.79.1 and 10.239.48.224) to login into the 192.168.79.201 host from the 10.239.48.0/24 network to run devstack.

After running devstack successfully, I found that the keystone service was not usable. It mysteriously redirected http requests to the gateway 10.239.48.224(see below for the http response and keystone configurations). Does anyone know why I saw the redirect here? Thanks!

Best Regards,
-Lianhao

$ keystone --debug tenant-list
connect: (127.0.0.1, 5000)
send: 'POST /v2.0/tokens HTTP/1.1\r\nHost: 127.0.0.1:5000\r\nContent-Length: 100\r\ncontent-type: application/json\r\naccept-encoding: gzip, deflate\r\nuser-agent: python-keystoneclient\r\n\r\n{"auth": {"tenantName": "demo", "passwordCredentials": {"username": "admin", "password": "123456"}}}'
reply: 'HTTP/1.1 301 Moved Permanently\r\n'
header: Server: BlueCoat-Security-Appliance
header: Location:http://10.239.48.224
header: Connection: Close
connect: (10.239.48.224, 80)
send: 'POST / HTTP/1.1\r\nHost: 10.239.48.224\r\nContent-Length: 100\r\ncontent-type: application/json\r\naccept-encoding: gzip, deflate\r\nuser-agent: python-keystoneclient\r\n\r\n{"auth": {"tenantName": "demo", "passwordCredentials": {"username": "admin", "password": "123456"}}}'


$ cat /etc/keystone/keystone.conf
[DEFAULT]
admin_token = 123456
[sql]
connection = mysql://root:123456 [at] localhos/keystone?charset=utf8
[catalog]
template_file = /etc/keystone/default_catalog.templates
driver = keystone.catalog.backends.templated.TemplatedCatalog
[ec2]
driver = keystone.contrib.ec2.backends.sql.Ec2
[filter:debug]
paste.filter_factory = keystone.common.wsgi:Debug.factory
[filter:token_auth]
paste.filter_factory = keystone.middleware:TokenAuthMiddleware.factory
[filter:admin_token_auth]
paste.filter_factory = keystone.middleware:AdminTokenAuthMiddleware.factory
[filter:xml_body]
paste.filter_factory = keystone.middleware:XmlBodyMiddleware.factory
[filter:json_body]
paste.filter_factory = keystone.middleware:JsonBodyMiddleware.factory
[filter:user_crud_extension]
paste.filter_factory = keystone.contrib.user_crud:CrudExtension.factory
[filter:crud_extension]
paste.filter_factory = keystone.contrib.admin_crud:CrudExtension.factory
[filter:ec2_extension]
paste.filter_factory = keystone.contrib.ec2:Ec2Extension.factory
[filter:s3_extension]
paste.filter_factory = keystone.contrib.s3:S3Extension.factory
[filter:url_normalize]
paste.filter_factory = keystone.middleware:NormalizingFilter.factory
[filter:stats_monitoring]
paste.filter_factory = keystone.contrib.stats:StatsMiddleware.factory
[filter:stats_reporting]
paste.filter_factory = keystone.contrib.stats:StatsExtension.factory
[app:public_service]
paste.app_factory = keystone.service:public_app_factory
[app:admin_service]
paste.app_factory = keystone.service:admin_app_factory
[pipeline:public_api]
pipeline = stats_monitoring url_normalize token_auth admin_token_auth xml_body json_body debug ec2_extension user_crud_extension public_service
[pipeline:admin_api]
pipeline = stats_monitoring url_normalize token_auth admin_token_auth xml_body json_body debug stats_reporting ec2_extension s3_extension crud_extension admin_service
[app:public_version_service]
paste.app_factory = keystone.service:public_version_app_factory
[app:admin_version_service]
paste.app_factory = keystone.service:admin_version_app_factory
[pipeline:public_version_api]
pipeline = stats_monitoring url_normalize xml_body public_version_service
[pipeline:admin_version_api]
pipeline = stats_monitoring url_normalize xml_body admin_version_service
[composite:main]
use = egg:Paste#urlmap
/v2.0 = public_api
/ = public_version_api
[composite:admin]
use = egg:Paste#urlmap
/v2.0 = admin_api
/ = admin_version_api


$ cat /etc/keystone/default_catalog.templates
catalog.RegionOne.identity.publicURL = http://192.168.79.201:$(public_port)s/v2.0
catalog.RegionOne.identity.adminURL = http://192.168.79.201:$(admin_port)s/v2.0
catalog.RegionOne.identity.internalURL = http://192.168.79.201:$(public_port)s/v2.0
catalog.RegionOne.identity.name = Identity Service

catalog.RegionOne.compute.publicURL = http://192.168.79.201:8774/v2/$(tenant_id)s
catalog.RegionOne.compute.adminURL = http://192.168.79.201:8774/v2/$(tenant_id)s
catalog.RegionOne.compute.internalURL = http://192.168.79.201:8774/v2/$(tenant_id)s
catalog.RegionOne.compute.name = Compute Service

catalog.RegionOne.volume.publicURL = http://192.168.79.201:8776/v1/$(tenant_id)s
catalog.RegionOne.volume.adminURL = http://192.168.79.201:8776/v1/$(tenant_id)s
catalog.RegionOne.volume.internalURL = http://192.168.79.201:8776/v1/$(tenant_id)s
catalog.RegionOne.volume.name = Volume Service

catalog.RegionOne.ec2.publicURL = http://192.168.79.201:8773/services/Cloud
catalog.RegionOne.ec2.adminURL = http://192.168.79.201:8773/services/Admin
catalog.RegionOne.ec2.internalURL = http://192.168.79.201:8773/services/Cloud
catalog.RegionOne.ec2.name = EC2 Service

catalog.RegionOne.s3.publicURL = http://192.168.79.201:3333
catalog.RegionOne.s3.adminURL = http://192.168.79.201:3333
catalog.RegionOne.s3.internalURL = http://192.168.79.201:3333
catalog.RegionOne.s3.name = S3 Service

catalog.RegionOne.image.publicURL = http://192.168.79.201:9292
catalog.RegionOne.image.adminURL = http://192.168.79.201:9292
catalog.RegionOne.image.internalURL = http://192.168.79.201:9292
catalog.RegionOne.image.name = Image Service

_______________________________________________
Mailing list: https://launchpad.net/~openstack
Post to : openstack [at] lists
Unsubscribe : https://launchpad.net/~openstack
More help : https://help.launchpad.net/ListHelp


dolph.mathews at gmail

Aug 24, 2012, 5:57 AM

Post #2 of 3 (124 views)
Permalink
Re: keystone installed by devstack redirect http request [In reply to]
Keystone doesn't return 301's (ever). However, your 301 response headers
show:

Server: BlueCoat-Security-Appliance

I'm guessing that wasn't installed by devstack :)

-Dolph

On Fri, Aug 24, 2012 at 3:03 AM, Lu, Lianhao <lianhao.lu [at] intel> wrote:

> Hi gang,
>
> I used the devstack to install a "all-one-one" develop environment, but
> the keystone service seemed not working for me.
>
> The host OS is Ubuntu 12.04 with a statically assigned IP address
> 192.168.79.201. Since this host is in the internal network, I have to use a
> gateway(with 2 NICs of ip addresses 192.168.79.1 and 10.239.48.224) to
> login into the 192.168.79.201 host from the 10.239.48.0/24 network to run
> devstack.
>
> After running devstack successfully, I found that the keystone service was
> not usable. It mysteriously redirected http requests to the gateway
> 10.239.48.224(see below for the http response and keystone configurations).
> Does anyone know why I saw the redirect here? Thanks!
>
> Best Regards,
> -Lianhao
>
> $ keystone --debug tenant-list
> connect: (127.0.0.1, 5000)
> send: 'POST /v2.0/tokens HTTP/1.1\r\nHost: 127.0.0.1:5000\r\nContent-Length:
> 100\r\ncontent-type: application/json\r\naccept-encoding: gzip,
> deflate\r\nuser-agent: python-keystoneclient\r\n\r\n{"auth": {"tenantName":
> "demo", "passwordCredentials": {"username": "admin", "password":
> "123456"}}}'
> reply: 'HTTP/1.1 301 Moved Permanently\r\n'
> header: Server: BlueCoat-Security-Appliance
> header: Location:http://10.239.48.224
> header: Connection: Close
> connect: (10.239.48.224, 80)
> send: 'POST / HTTP/1.1\r\nHost: 10.239.48.224\r\nContent-Length:
> 100\r\ncontent-type: application/json\r\naccept-encoding: gzip,
> deflate\r\nuser-agent: python-keystoneclient\r\n\r\n{"auth": {"tenantName":
> "demo", "passwordCredentials": {"username": "admin", "password":
> "123456"}}}'
>
>
> $ cat /etc/keystone/keystone.conf
> [DEFAULT]
> admin_token = 123456
> [sql]
> connection = mysql://root:123456 [at] localhos/keystone?charset=utf8
> [catalog]
> template_file = /etc/keystone/default_catalog.templates
> driver = keystone.catalog.backends.templated.TemplatedCatalog
> [ec2]
> driver = keystone.contrib.ec2.backends.sql.Ec2
> [filter:debug]
> paste.filter_factory = keystone.common.wsgi:Debug.factory
> [filter:token_auth]
> paste.filter_factory = keystone.middleware:TokenAuthMiddleware.factory
> [filter:admin_token_auth]
> paste.filter_factory = keystone.middleware:AdminTokenAuthMiddleware.factory
> [filter:xml_body]
> paste.filter_factory = keystone.middleware:XmlBodyMiddleware.factory
> [filter:json_body]
> paste.filter_factory = keystone.middleware:JsonBodyMiddleware.factory
> [filter:user_crud_extension]
> paste.filter_factory = keystone.contrib.user_crud:CrudExtension.factory
> [filter:crud_extension]
> paste.filter_factory = keystone.contrib.admin_crud:CrudExtension.factory
> [filter:ec2_extension]
> paste.filter_factory = keystone.contrib.ec2:Ec2Extension.factory
> [filter:s3_extension]
> paste.filter_factory = keystone.contrib.s3:S3Extension.factory
> [filter:url_normalize]
> paste.filter_factory = keystone.middleware:NormalizingFilter.factory
> [filter:stats_monitoring]
> paste.filter_factory = keystone.contrib.stats:StatsMiddleware.factory
> [filter:stats_reporting]
> paste.filter_factory = keystone.contrib.stats:StatsExtension.factory
> [app:public_service]
> paste.app_factory = keystone.service:public_app_factory
> [app:admin_service]
> paste.app_factory = keystone.service:admin_app_factory
> [pipeline:public_api]
> pipeline = stats_monitoring url_normalize token_auth admin_token_auth
> xml_body json_body debug ec2_extension user_crud_extension public_service
> [pipeline:admin_api]
> pipeline = stats_monitoring url_normalize token_auth admin_token_auth
> xml_body json_body debug stats_reporting ec2_extension s3_extension
> crud_extension admin_service
> [app:public_version_service]
> paste.app_factory = keystone.service:public_version_app_factory
> [app:admin_version_service]
> paste.app_factory = keystone.service:admin_version_app_factory
> [pipeline:public_version_api]
> pipeline = stats_monitoring url_normalize xml_body public_version_service
> [pipeline:admin_version_api]
> pipeline = stats_monitoring url_normalize xml_body admin_version_service
> [composite:main]
> use = egg:Paste#urlmap
> /v2.0 = public_api
> / = public_version_api
> [composite:admin]
> use = egg:Paste#urlmap
> /v2.0 = admin_api
> / = admin_version_api
>
>
> $ cat /etc/keystone/default_catalog.templates
> catalog.RegionOne.identity.publicURL = http://192.168.79.201:
> $(public_port)s/v2.0
> catalog.RegionOne.identity.adminURL = http://192.168.79.201:
> $(admin_port)s/v2.0
> catalog.RegionOne.identity.internalURL = http://192.168.79.201:
> $(public_port)s/v2.0
> catalog.RegionOne.identity.name = Identity Service
>
> catalog.RegionOne.compute.publicURL =
> http://192.168.79.201:8774/v2/$(tenant_id)s
> catalog.RegionOne.compute.adminURL =
> http://192.168.79.201:8774/v2/$(tenant_id)s
> catalog.RegionOne.compute.internalURL =
> http://192.168.79.201:8774/v2/$(tenant_id)s
> catalog.RegionOne.compute.name = Compute Service
>
> catalog.RegionOne.volume.publicURL =
> http://192.168.79.201:8776/v1/$(tenant_id)s
> catalog.RegionOne.volume.adminURL =
> http://192.168.79.201:8776/v1/$(tenant_id)s
> catalog.RegionOne.volume.internalURL =
> http://192.168.79.201:8776/v1/$(tenant_id)s
> catalog.RegionOne.volume.name = Volume Service
>
> catalog.RegionOne.ec2.publicURL =
> http://192.168.79.201:8773/services/Cloud
> catalog.RegionOne.ec2.adminURL = http://192.168.79.201:8773/services/Admin
> catalog.RegionOne.ec2.internalURL =
> http://192.168.79.201:8773/services/Cloud
> catalog.RegionOne.ec2.name = EC2 Service
>
> catalog.RegionOne.s3.publicURL = http://192.168.79.201:3333
> catalog.RegionOne.s3.adminURL = http://192.168.79.201:3333
> catalog.RegionOne.s3.internalURL = http://192.168.79.201:3333
> catalog.RegionOne.s3.name = S3 Service
>
> catalog.RegionOne.image.publicURL = http://192.168.79.201:9292
> catalog.RegionOne.image.adminURL = http://192.168.79.201:9292
> catalog.RegionOne.image.internalURL = http://192.168.79.201:9292
> catalog.RegionOne.image.name = Image Service
>
> _______________________________________________
> Mailing list: https://launchpad.net/~openstack
> Post to : openstack [at] lists
> Unsubscribe : https://launchpad.net/~openstack
> More help : https://help.launchpad.net/ListHelp
>



--
-Dolph


lianhao.lu at intel

Aug 27, 2012, 1:16 AM

Post #3 of 3 (126 views)
Permalink
Re: keystone installed by devstack redirect http request [In reply to]
You're right. The 301 is returned by my http proxy server. The reason is that the httplib2 python module keystone client uses would use the proxy server in the environment variable http_proxy, but the content of no_proxy environment variable is not actually used in establishing the connection.

Best Regards,
Lianhao

From: antiver [at] gmail [mailto:antiver [at] gmail] On Behalf Of Dolph Mathews
Sent: Friday, August 24, 2012 8:58 PM
To: Lu, Lianhao
Cc: openstack [at] lists
Subject: Re: [Openstack] keystone installed by devstack redirect http request

Keystone doesn't return 301's (ever). However, your 301 response headers show:

Server: BlueCoat-Security-Appliance

I'm guessing that wasn't installed by devstack :)

-Dolph
On Fri, Aug 24, 2012 at 3:03 AM, Lu, Lianhao <lianhao.lu [at] intel<mailto:lianhao.lu [at] intel>> wrote:
Hi gang,

I used the devstack to install a "all-one-one" develop environment, but the keystone service seemed not working for me.

The host OS is Ubuntu 12.04 with a statically assigned IP address 192.168.79.201. Since this host is in the internal network, I have to use a gateway(with 2 NICs of ip addresses 192.168.79.1 and 10.239.48.224) to login into the 192.168.79.201 host from the 10.239.48.0/24<http://10.239.48.0/24> network to run devstack.

After running devstack successfully, I found that the keystone service was not usable. It mysteriously redirected http requests to the gateway 10.239.48.224(see below for the http response and keystone configurations). Does anyone know why I saw the redirect here? Thanks!

Best Regards,
-Lianhao

$ keystone --debug tenant-list
connect: (127.0.0.1, 5000)
send: 'POST /v2.0/tokens HTTP/1.1\r\nHost: 127.0.0.1:5000<http://127.0.0.1:5000>\r\nContent-Length: 100\r\ncontent-type: application/json\r\naccept-encoding: gzip, deflate\r\nuser-agent: python-keystoneclient\r\n\r\n{"auth": {"tenantName": "demo", "passwordCredentials": {"username": "admin", "password": "123456"}}}'
reply: 'HTTP/1.1 301 Moved Permanently\r\n'
header: Server: BlueCoat-Security-Appliance
header: Location:http://10.239.48.224
header: Connection: Close
connect: (10.239.48.224, 80)
send: 'POST / HTTP/1.1\r\nHost: 10.239.48.224\r\nContent-Length: 100\r\ncontent-type: application/json\r\naccept-encoding: gzip, deflate\r\nuser-agent: python-keystoneclient\r\n\r\n{"auth": {"tenantName": "demo", "passwordCredentials": {"username": "admin", "password": "123456"}}}'

--
-Dolph

OpenStack dev RSS feed   Index | Next | Previous | View Threaded
 
 


Interested in having your list archived? Contact Gossamer Threads
 
  Web Applications & Managed Hosting Powered by Gossamer Threads Inc.