论坛 › Openstack › openstack部署中的错误总结

yaomint 发表于 2018-6-2 14:54:56

openstack部署中的错误总结

　　在安装到glance上传镜象时出错，折腾不出来，先记在这儿
　　1、 glance index
Failed to show index. Got error:
You are not authenticated.
　　解决方法：
　　keystone配置出错，解决keystone问题
　　1、删除以前MYSQL生成的KEYSTONE的表
　　drop table ec2_credential;
drop table endpoint;
drop table metadata;
drop table migrate_version;
drop table role;
drop table service;
drop table tenant;
drop table token;
drop table user;
drop table user_tenant_membership;
drop table user;
drop table token;
show tables;
drop table tenant;
　　2、重启keystone服务及初始化数据库
　　service keystone restart
keystone-manage db_sync
　　3、/etc/keystone/keystone.conf配置文件中（选择数据库或模板文件方式中的一种）
　　
driver = keystone.catalog.backends.sql.Catalog
#driver = keystone.catalog.backends.templated.TemplatedCatalog
#template_file = /etc/keystone/default_catalog.templates
　　4、为了生成API，建立endpoint
　　
# From http://www.hastexo.com/resources/docs/installing-openstack-essex-20121-ubuntu-1204-precise-pangolin
# Modified by Emilien Macchi
# Please send me feedback at emilien.macchi@gmail.com
# Thank's to Martin !
　　ADMIN_PASSWORD=${ADMIN_PASSWORD:-password}
SERVICE_PASSWORD=${SERVICE_PASSWORD:-$ADMIN_PASSWORD}
export SERVICE_TOKEN="password"
export SERVICE_ENDPOINT="http://localhost:35357/v2.0"
SERVICE_TENANT_NAME=${SERVICE_TENANT_NAME:-service}
　　function get_id () {
    echo `$@ | awk '/ id / { print $4 }'`
}
　　# Tenants
ADMIN_TENANT=$(get_id keystone tenant-create --name=admin)
SERVICE_TENANT=$(get_id keystone tenant-create --name=$SERVICE_TENANT_NAME)
DEMO_TENANT=$(get_id keystone tenant-create --name=demo)
INVIS_TENANT=$(get_id keystone tenant-create --name=invisible_to_admin)
　　# Users
ADMIN_USER=$(get_id keystone user-create --name=admin --pass="$ADMIN_PASSWORD" --email=admin@domain.com)
DEMO_USER=$(get_id keystone user-create --name=demo --pass="$ADMIN_PASSWORD" --email=demo@domain.com)
　　# Roles
ADMIN_ROLE=$(get_id keystone role-create --name=admin)
KEYSTONEADMIN_ROLE=$(get_id keystone role-create --name=KeystoneAdmin)
KEYSTONESERVICE_ROLE=$(get_id keystone role-create --name=KeystoneServiceAdmin)
　　# Add Roles to Users in Tenants
keystone user-role-add --user $ADMIN_USER --role $ADMIN_ROLE --tenant_id $ADMIN_TENANT
keystone user-role-add --user $ADMIN_USER --role $ADMIN_ROLE --tenant_id $DEMO_TENANT
keystone user-role-add --user $ADMIN_USER --role $KEYSTONEADMIN_ROLE --tenant_id $ADMIN_TENANT
keystone user-role-add --user $ADMIN_USER --role $KEYSTONESERVICE_ROLE --tenant_id $ADMIN_TENANT
　　# The Member role is used by Horizon and Swift
MEMBER_ROLE=$(get_id keystone role-create --name=Member)
keystone user-role-add --user $DEMO_USER --role $MEMBER_ROLE --tenant_id $DEMO_TENANT
keystone user-role-add --user $DEMO_USER --role $MEMBER_ROLE --tenant_id $INVIS_TENANT
　　# Configure service users/roles
NOVA_USER=$(get_id keystone user-create --name=nova --pass="$SERVICE_PASSWORD" --tenant_id $SERVICE_TENANT --email=nova@domain.com)
keystone user-role-add --tenant_id $SERVICE_TENANT --user $NOVA_USER --role $ADMIN_ROLE
　　GLANCE_USER=$(get_id keystone user-create --name=glance --pass="$SERVICE_PASSWORD" --tenant_id $SERVICE_TENANT --email=glance@domain.com)
keystone user-role-add --tenant_id $SERVICE_TENANT --user $GLANCE_USER --role $ADMIN_ROLE
　　SWIFT_USER=$(get_id keystone user-create --name=swift --pass="$SERVICE_PASSWORD" --tenant_id $SERVICE_TENANT --email=swift@domain.com)
keystone user-role-add --tenant_id $SERVICE_TENANT --user $SWIFT_USER --role $ADMIN_ROLE
　　RESELLER_ROLE=$(get_id keystone role-create --name=ResellerAdmin)
keystone user-role-add --tenant_id $SERVICE_TENANT --user $NOVA_USER --role $RESELLER_ROLE
　　# If you want to use Quantum with Keystone (not stable in Essex)
QUANTUM_USER=$(get_id keystone user-create --name=quantum --pass="$SERVICE_PASSWORD" --tenant_id $SERVICE_TENANT --email=quantum@domain.com)
keystone user-role-add --tenant_id $SERVICE_TENANT --user $QUANTUM_USER --role $ADMIN_ROLE
keystone service-create --name=quantum --type=network --description="Quantum Service"
　　5、检查服务
　　keystone --token password --endpoint http://10.13.4.20:35357/v2.0 user-list
keystone --token password --endpoint http://10.13.4.20:35357/v2.0 role-list
keystone --token password --endpoint http://10.13.4.20:35357/v2.0 tenant-list
keystone --token password --endpoint http://10.13.4.20:35357/v2.0 service-list
keystone --token password --endpoint http://10.13.4.20:35357/v2.0 endpoint-list
　　6、校验
　　curl -d '{"auth": {"tenantName": "admin", "passwordCredentials":{"username": "admin", "password": "password"}}}' -H "Content-type: application/json" http://localhost:35357/v2.0/tokens|python -mjson.tool

查看完整版本: openstack部署中的错误总结