I have prepaired Gnocchi by documentation at https://gnocchi.xyz/stable_4.2/rest.html. I am using Keystone, but I am not able to make a request.
Sample:
GET http://<serverIP>:8041/v1/metric/0b5aa633-3ebf-49d5-99ad-e78302c41376 HTTP/1.1
Response:
date: Fri, 30 Mar 2018 20:24:26 GMT
server: Apache/2.4.18 (Ubuntu)
www-authenticate: Keystone uri='http://127.0.0.1/identity'
content-length: 114
connection: close
content-type: application/json
{
"error": {
"message": "The request you have made requires authentication.",
"code": 401,
"title": "Unauthorized"
}
}
I have OpenStack Queens installed by DevStack script on my Ubuntu 16.
I have only admin credentials, how can i get X-Auth-Token required?
Get token by using Openstack CLI:
openstack token issue
Output:
+------------+-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
| Field | Value |
+------------+-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
| expires | 2018-04-11T16:48:58+0000 |
| id | gAAAAABazi5qBuJ27ZJ_F_EbtE3kKTheImVW1nrazoB6_LKumLeRnacwavmmLdTThVLENQ0Idj4vm-L1OG1xnjvuRwqOQq1lFpSDP8N_Cazb-QGEIIgMaqflp9Z_NaScKkekrHmddnzRNM1-LHRHoAi5WMwMO2Yyf8CjR8331ME1G6KY1SHzGWo |
| project_id | 97335134c06949fea2caebb0c5baa11a |
| user_id | 35b0022e29ee4e5588fca36d30e95afb |
+------------+-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
It is necessary to use X-Auth-Token header in request.
X-Auth-Token: gAAAAABazi5qBuJ27ZJ_F_EbtE3kKTheImVW1nrazoB6_LKumLeRnacwavmmLdTThVLENQ0Idj4vm-L1OG1xnjvuRwqOQq1lFpSDP8N_Cazb-QGEIIgMaqflp9Z_NaScKkekrHmddnzRNM1-LHRHoAi5WMwMO2Yyf8CjR8331ME1G6KY1SHzGWo
I already got the solution, I was about to post it..
Basically, after the gnocchi is installed on openstack, either real openstack or devstack,
The gnocchi needs to be enabled and authenticated correctly,
The problem before was i was only authenticating the openstack admin, I need to autenticate gnocchi as seperate admin the the real openstack admin,
so here is what i did,
I kinda created a gnocchi-openrc with this
> export OS_PROJECT_DOMAIN_NAME=Default export
> OS_USER_DOMAIN_NAME=Default export OS_PROJECT_NAME=service export
> OS_USERNAME=gnocchi export OS_PASSWORD=********** export
> OS_AUTH_URL=http://20.3.39.13/identity/v3 export
> OS_IDENTITY_API_VERSION=3 export OS_IMAGE_API_VERSION=2 export
> OS_AUTH_TYPE=password
Then makes it permanent
sudo openstack role add --project service --user gnocchi admin
Then I tried to upgrade ceilometer with this
ceilometer-upgrade,
If there is no error with the ceilometer upgrade, then
We can now source the openstack admin rc file,
source admin-openrc.sh
The gnocchi will be enabled, and the metrics can then be exposed to OSM,
Promethus and graffana then works automatically
I followed the problem here
https://ask.openstack.org/en/question/110863/gnocchi-keystone-unable-to-validate-token/
https://bugzilla.redhat.com/show_bug.cgi?id=1434345 if there is error with ceilometer upgrade
Related
I tried to access Horizon as recommended here, through the IP 10.20.20.1 and admin user, and received the following runtime error:
Request Method: | POST
-- | --
http://10.20.20.1/auth/login/
2.0.13
RuntimeError
Unable to create a new session key. It is likely that the cache is unavailable.
/snap/microstack/196/lib/python3.6/site-packages/django/contrib/sessions/backends/cache.py in create, line 51
/snap/microstack/196/bin/uwsgi
3.6.9
['.', '', '/snap/microstack/196/usr/lib/python36.zip', '/snap/microstack/196/usr/lib/python3.6',
'/snap/microstack/196/usr/lib/python3.6/lib-dynload', '/snap/microstack/196/usr/lib/python3/dist-packages',
'/snap/microstack/196/lib/python3.6/site-packages', '/snap/microstack/196/lib/python3.6/site-packages/openstack_dashboard']
Mon, 17 Aug 2020 12:42:48 +0000
The expected result would be a successful login.
Check on which address Memcached is running. With the command:
systemctl status memcached
And set that IP address in the local_settings.py mine it's located in /etc/openstack-dashboard/local_settings.py
CACHES = {
'default': {
'BACKEND': 'django.core.cache.backends.memcached.MemcachedCache',
'LOCATION': '192.168.122.2:11211',
},
}
I faced the same issue. For me, adding -l 10.20.20.1 (below -l 127.0.0.1) in /etc/memcached.conf and restarting memcached with systemctl restart memcached seemed to do the trick.
Returning to an app from a few months ago, I ran:
amplify push
which returned
Current Environment: dev
| Category | Resource name | Operation | Provider plugin |
| -------- | --------------------- | --------- | ----------------- |
| Api | e9app201907021400api | Update | awscloudformation |
| Auth | eauth201907021400 | No Change | awscloudformation |
? Are you sure you want to continue? Yes
GraphQL schema compiled successfully.
Edit your schema at /Projects/2019/june/e9-app/amp<snip>0api/schema
✖ An error occurred when pushing the resources to the cloud
The AWS Access Key Id you provided does not exist in our records.
So I generated a new set of credentials in the console and installed them with aws configure.
I ran aws configure list
and got
Name Value Type Location
---- ----- ---- --------
profile default manual --profile
access_key ****************CAGH shared-credentials-file
secret_key ****************uU0C shared-credentials-file
region eu-west-1 config-file ~/.aws/config
checked:
cat ~/.aws/credentials
which returned:
[default]
aws_access_key_id = ****************CAGH
aws_secret_access_key = ****************uU0C
amplify push continues to return the same message.
When I go back to the console and look at the user it says "access key age Today" - as opposed to 45 days ago (before I requested new credentials).
Any clues as to what else I can check please?
Try to check your configured 'profileName' in /amplify/.config/local-aws-info.json.
In my case, I was trying to run the push command using a different profile and that didn't work. Switching to the correct profile solved the issue.
It would appear the Inactive key associated with the user account was invalidating the Active key. To test the theory I reactivated the Inactive key. I've since delete the inactive key.
So it would seem to me that amplify doesn't see the non-primary key.
Novice Artifactory user here so please bear with.
Trying to use curl on linux to deploy a file in a repo and failing. trying this running on the same server that's serving artifactory.
% --> curl -u my_idsid -X PUT
"http://localhost:8081/artifactory/test_repo/test_artifact_linux_01" -T
test_aftifact_linux_01
Enter host password for user 'my_idsid':<I entered the pw die my_user here>
HTTP/1.1 100 Continue
HTTP/1.1 403 Forbidden
Server: Artifactory/5.4.6
X-Artifactory-Id: 3444ab9991d26041:29864758:15e2f4940fa:-8000
Content-Type: application/json;charset=ISO-8859-1
Content-Length: 65
Date: Tue, 05 Sep 2017 21:00:20 GMT
Connection: close
{
"errors" : [ {
"status" : 403,
"message" : ""
} ]
}
I was able to put (deploy) a file (an artifact) in this same repo from windows with the drag-drop method for that same user. So I'm thinking that this confirms several things...
1) the repo exists
2) the permissions to allow that user write access is ok
3) the server is up and running ok
And the pw is OK, because when I intentionally enter something wrong, it comes up with a 401 instead.
I looked in artifactory.log and it has this for my attempt...
2017-09-05 17:15:00,332 [http-nio-8081-exec-7] [WARN ]
(o.a.w.s.RequestUtils:155) - Request /test_repo/test_artifact_linux_01
should be a repo request and does not match any repo key
Does not match a repo key ?
I'm using the example here...
https://www.jfrog.com/confluence/display/RTF/Artifactory+REST+API#ArtifactoryRESTAPI-Example-DeployinganArtifact
and plugging in the repo name right after "artifactory" (replacing "my_repository") in the path.
I have a strong suspicion that I'm goofing up the path name, but I don't know what's wrong. How does one determine the proper path to use ?
Thanks in advance for any help.
UPDATE:
My bad. The repo was actually named "test-repo", not "test_repo".
Worked fine once I made that change.
Sorry for the false alarm.
I deployed the storage service OpenStack Swift ontop of a Raspberry Pi 3 with Raspbian = Debian Jessie 8.0. (Thanks to Swift on Pi, the installation was no a big issue).
$ curl -i -H "X-Auth-User: test:tester" -H "X-Auth-Key: testing" http://10.0.0.253:8080/auth/v1.0/
HTTP/1.1 200 OK
X-Storage-Url: http://10.0.0.253:8080/v1/AUTH_test
X-Auth-Token-Expires: 77438
X-Auth-Token: AUTH_tka8fff6782f86486a84e3905daa60f308
Content-Type: text/html; charset=UTF-8
X-Storage-Token: AUTH_tka8fff6782f86486a84e3905daa60f308
Content-Length: 0
X-Trans-Id: txa21566e67e8143b1b32db-005908cf2f
X-Openstack-Request-Id: txa21566e67e8143b1b32db-005908cf2f
Date: Tue, 02 May 2017 18:25:51 GMT
I have no futher OpenStack services (like Keystone) running. Only Swift.
My aim is to use s3cmd to interact with the Swift service.
I modified inside the ~/.s3cfg file these values:
access_key = tester
host_base = 10.0.0.253:8080
host_bucket = 10.0.0.253:8080
secret_key = testing
signature_v2 = True
But this did not help:
$ s3cmd ls
ERROR: Error parsing xml: Malformed error XML returned from remote server.. ErrorXML: <html><h1>Unauthorized</h1><p>This server could not verify that you are authorized to access the document you requested.</p></html>
ERROR: S3 error: 401 (Unauthorized)
Is it possible to use s3cmd to interact with the Swift service at all and what steps did I miss?
Openstack-Swift, although an object-storage like s3, has a different API. If you just need a command line, you can try Python-Swiftclient. However if you need a S3 like API, you need to configure the swift3, the middleware, which doesn't comes with Swift by default only after version 2.18.0. For earlier version you should install the middleware.
I am trying to use Openstack (liberty) swift with Ceph (Jewel) using radosgw. The aim is that the objects should be stored under ceph osds. I have a working Openstack and Ceph cluster.
To use Ceph as object storage backend I installed and configured radosgw in ceph cluster . In openstack node I installed "python-swiftclient", created an object-store service and added an endpoint for that service with the URL of radosgw.
I followed the instructions given in the link below.
http://docs.ceph.com/docs/jewel/radosgw/keystone/
ceph.conf
[client.rgw.rgw]
rgw_frontends = "civetweb port=7480"
rgw enable ops log = true
rgw ops log rados = true
rgw thread pool size = 2000
rgw override bucket index max shards = 23
ms dispatch throttle bytes = 209715200
[client.radosgw.gateway]
rgw keystone url = http://controller:35357
rgw keystone admin token = ADMIN
rgw keystone accepted roles = _member_,admin
rgw keystone token cache size = 200
rgw keystone revocation interval = 60
rgw s3 auth use keystone = true
nss db path = /var/ceph/nss
Openstack endpoints
# openstack endpoint list |grep -i object
| 8efd00b48db249e69244a5f3e35356b1 | RegionOne | swift | object-store | True | internal | http://rgw:7480/swift/v1 |
| b7d1c7ccc84640138116d8e6676b28a3 | RegionOne | swift | object-store | True | admin | http://rgw:7480/swift/v1 |
| c7844842b53647a4b623905c54cc6c75 | RegionOne | swift | object-store | True | public | http://rgw:7480/swift/v1 |
Output of swift list from command line
# swift list -v
test_CONTAINER
Output of swift stat from command line
# swift stat -v
StorageURL: http://rgw:7480/swift/v1
Auth Token: AUTH_rgwtk0e00000074657374757365723a737769667431dd200c6d2136112ee6d657300feb16d05ffa8f80a2e53ce6c257b32ec5505ff396e5e8
Account: v1
Containers: 7
Objects: 12
Bytes: 168
Meta Temp-Url-Key: healthseq
X-Account-Bytes-Used-Actual: 40960
X-Timestamp: 1473615022.41820
X-Trans-Id: tx0000000000000000006b3-0057d594ae-1f5cb-default
Content-Type: text/plain; charset=utf-8
Accept-Ranges: bytes
When I try to access the object store - container in openstack dashboard, I get the following error.
http://pastebin.com/ALEvYCX8
Please see the image below for the error that I get while trying to access the object store from dashboard.
just remove this line in your code
[client.radosgw.gateway] and merge the setting