openstack- horizon -无效凭据
openstack- horizon -无效凭据
提问于 2020-06-08 05:18:40
我正在安装openstack(Ussuri的最小部署),我已经安装了Horizon,但我面临着无效的凭据。您可以在下面找到配置:
您可以在以下位置找到Horizon配置、OpenStack域和用户:
[root@controller ~]# grep ^[^#] /etc/openstack-dashboard/local_settings
import os
from django.utils.translation import ugettext_lazy as _
from openstack_dashboard.settings import HORIZON_CONFIG
DEBUG = False
OPENSTACK_HOST = "controller"
ALLOWED_HOSTS = ['*']
WEBROOT = '/dashboard'
LOCAL_PATH = '/tmp'
SECRET_KEY='971e40214e7da556a451'
CACHES = {
'default': {
'BACKEND': 'django.core.cache.backends.memcached.MemcachedCache',
'LOCATION': 'controller:11211',
}
}
EMAIL_BACKEND = 'django.core.mail.backends.console.EmailBackend'
OPENSTACK_KEYSTONE_URL = "http://%s/identity/v3" % OPENSTACK_HOST
OPENSTACK_KEYSTONE_MULTIDOMAIN_SUPPORT = True
OPENSTACK_API_VERSIONS = {
"identity": 3,
"image": 2,
"volume": 3,
}
OPENSTACK_KEYSTONE_DEFAULT_DOMAIN = "Default"
OPENSTACK_KEYSTONE_DEFAULT_ROLE = "user"
TIME_ZONE = "UTC"
LOGGING = {
'version': 1,
# When set to True this will disable all logging except
# for loggers specified in this configuration dictionary. Note that
# if nothing is specified here and disable_existing_loggers is True,
# django.db.backends will still log unless it is disabled explicitly.
'disable_existing_loggers': False,
# If apache2 mod_wsgi is used to deploy OpenStack dashboard
# timestamp is output by mod_wsgi. If WSGI framework you use does not
# output timestamp for logging, add %(asctime)s in the following
# format definitions.
'formatters': {
'console': {
'format': '%(levelname)s %(name)s %(message)s'
},
'operation': {
# The format of "%(message)s" is defined by
# OPERATION_LOG_OPTIONS['format']
'format': '%(message)s'
},
},
'handlers': {
'null': {
'level': 'DEBUG',
'class': 'logging.NullHandler',
},
'console': {
# Set the level to "DEBUG" for verbose output logging.
'level': 'DEBUG' if DEBUG else 'INFO',
'class': 'logging.StreamHandler',
'formatter': 'console',
},
'operation': {
'level': 'INFO',
'class': 'logging.StreamHandler',
'formatter': 'operation',
},
},
'loggers': {
'horizon': {
'handlers': ['console'],
'level': 'DEBUG',
'propagate': False,
},
'horizon.operation_log': {
'handlers': ['operation'],
'level': 'INFO',
'propagate': False,
},
'openstack_dashboard': {
'handlers': ['console'],
'level': 'DEBUG',
'propagate': False,
},
'novaclient': {
'handlers': ['console'],
'level': 'DEBUG',
'propagate': False,
},
'cinderclient': {
'handlers': ['console'],
'level': 'DEBUG',
'propagate': False,
},
'keystoneauth': {
'handlers': ['console'],
'level': 'DEBUG',
'propagate': False,
},
'keystoneclient': {
'handlers': ['console'],
'level': 'DEBUG',
'propagate': False,
},
'glanceclient': {
'handlers': ['console'],
'level': 'DEBUG',
'propagate': False,
},
'neutronclient': {
'handlers': ['console'],
'level': 'DEBUG',
'propagate': False,
},
'swiftclient': {
'handlers': ['console'],
'level': 'DEBUG',
'propagate': False,
},
'oslo_policy': {
'handlers': ['console'],
'level': 'DEBUG',
'propagate': False,
},
'openstack_auth': {
'handlers': ['console'],
'level': 'DEBUG',
'propagate': False,
},
'django': {
'handlers': ['console'],
'level': 'DEBUG',
'propagate': False,
},
# Logging from django.db.backends is VERY verbose, send to null
# by default.
'django.db.backends': {
'handlers': ['null'],
'propagate': False,
},
'requests': {
'handlers': ['null'],
'propagate': False,
},
'urllib3': {
'handlers': ['null'],
'propagate': False,
},
'chardet.charsetprober': {
'handlers': ['null'],
'propagate': False,
},
'iso8601': {
'handlers': ['null'],
'propagate': False,
},
'scss': {
'handlers': ['null'],
'propagate': False,
},
},
}
SECURITY_GROUP_RULES = {
'all_tcp': {
'name': _('All TCP'),
'ip_protocol': 'tcp',
'from_port': '1',
'to_port': '65535',
},
'all_udp': {
'name': _('All UDP'),
'ip_protocol': 'udp',
'from_port': '1',
'to_port': '65535',
},
'all_icmp': {
'name': _('All ICMP'),
'ip_protocol': 'icmp',
'from_port': '-1',
'to_port': '-1',
},
'ssh': {
'name': 'SSH',
'ip_protocol': 'tcp',
'from_port': '22',
'to_port': '22',
},
'smtp': {
'name': 'SMTP',
'ip_protocol': 'tcp',
'from_port': '25',
'to_port': '25',
},
'dns': {
'name': 'DNS',
'ip_protocol': 'tcp',
'from_port': '53',
'to_port': '53',
},
'http': {
'name': 'HTTP',
'ip_protocol': 'tcp',
'from_port': '80',
'to_port': '80',
},
'pop3': {
'name': 'POP3',
'ip_protocol': 'tcp',
'from_port': '110',
'to_port': '110',
},
'imap': {
'name': 'IMAP',
'ip_protocol': 'tcp',
'from_port': '143',
'to_port': '143',
},
'ldap': {
'name': 'LDAP',
'ip_protocol': 'tcp',
'from_port': '389',
'to_port': '389',
},
'https': {
'name': 'HTTPS',
'ip_protocol': 'tcp',
'from_port': '443',
'to_port': '443',
},
'smtps': {
'name': 'SMTPS',
'ip_protocol': 'tcp',
'from_port': '465',
'to_port': '465',
},
'imaps': {
'name': 'IMAPS',
'ip_protocol': 'tcp',
'from_port': '993',
'to_port': '993',
},
'pop3s': {
'name': 'POP3S',
'ip_protocol': 'tcp',
'from_port': '995',
'to_port': '995',
},
'ms_sql': {
'name': 'MS SQL',
'ip_protocol': 'tcp',
'from_port': '1433',
'to_port': '1433',
},
'mysql': {
'name': 'MYSQL',
'ip_protocol': 'tcp',
'from_port': '3306',
'to_port': '3306',
},
'rdp': {
'name': 'RDP',
'ip_protocol': 'tcp',
'from_port': '3389',
'to_port': '3389',
},
}
[root@controller ~]# openstack domain list
+---------+---------+---------+--------------------+
| ID | Name | Enabled | Description |
+---------+---------+---------+--------------------+
| default | Default | True | The default domain |
+---------+---------+---------+--------------------+
[root@controller ~]# openstack user list
+----------------------------------+-----------+
| ID | Name |
+----------------------------------+-----------+
| 14a3b199599b49a1a46c3fac98ae766a | admin |
| 576d0127cd2247a8af78ea2444687d3c | glance |
| dc2319d312ee4e2da8a604ae58859695 | placement |
| 53ea4668161346d4934c63ac7b33c360 | nova |
| 02066788c9c1487aa2b324ec37200f3d | neutron |
+----------------------------------+-----------+我在horizon dashboard中使用,默认值为domin,用户为admin,密码为123456:
[root@controller ~]# cat ./admin-openrc
export OS_PROJECT_DOMAIN_NAME=Default
export OS_USER_DOMAIN_NAME=Default
export OS_PROJECT_NAME=admin
export OS_USERNAME=admin
export OS_PASSWORD=123456
export OS_AUTH_URL=http://controller:5000/v3
export OS_IDENTITY_API_VERSION=3
export OS_IMAGE_API_VERSION=2此外,您可能会发现Apache错误:
[root@controller ~]# tail /var/log/httpd/error_log
[Sun Jun 07 17:02:29.550943 2020] [http2:warn] [pid 3078:tid 139723183282432] AH02951: mod_ssl does not seem to be enabled
[Sun Jun 07 17:02:29.572160 2020] [mpm_event:notice] [pid 3078:tid 139723183282432] AH00489: Apache/2.4.37 (centos) mod_wsgi/4.6.4 Python/3.6 configured -- resuming normal operations
[Sun Jun 07 17:02:29.572225 2020] [core:notice] [pid 3078:tid 139723183282432] AH00094: Command line: '/usr/sbin/httpd -D FOREGROUND'
[Sun Jun 07 17:02:40.937530 2020] [wsgi:error] [pid 3084:tid 139722767623936] WARNING:root:Use of this 'djano.wsgi' file has been deprecated since the Rocky release in favor of 'wsgi.py' in the 'openstack_dashboard' module. This file is a legacy naming from before Django 1.4 and an importable 'wsgi.py' is now the default. This file will be removed in the T release cycle.
[Sun Jun 07 21:02:48.256669 2020] [wsgi:error] [pid 3084:tid 139722767623936] /usr/lib64/python3.6/site-packages/scss/namespace.py:172: DeprecationWarning: inspect.getargspec() is deprecated since Python 3.0, use inspect.signature() or inspect.getfullargspec()
[Sun Jun 07 21:02:48.256716 2020] [wsgi:error] [pid 3084:tid 139722767623936] argspec = inspect.getargspec(function)
[Sun Jun 07 17:03:06.452632 2020] [authz_core:error] [pid 3092:tid 139722449999616] [client 10.0.0.11:49322] AH01630: client denied by server configuration: /usr/bin/keystone-wsgi-public
[Sun Jun 07 21:03:06.472128 2020] [wsgi:error] [pid 3084:tid 139722767623936] [remote 192.168.137.1:53803] INFO openstack_auth.forms Login failed for user "admin" using domain "Default", remote address 192.168.137.1.
[Sun Jun 07 17:03:10.522805 2020] [authz_core:error] [pid 3092:tid 139722340894464] [client 10.0.0.11:49332] AH01630: client denied by server configuration: /usr/bin/keystone-wsgi-public
[Sun Jun 07 21:03:10.524561 2020] [wsgi:error] [pid 3084:tid 139722809587456] [remote 192.168.137.1:53804] INFO openstack_auth.forms Login failed for user "admin" using domain "Default", remote address 192.168.137.1.有谁能支持我吗?)
回答 3
Stack Overflow用户
发布于 2021-02-17 09:13:36
Horizon配置: OPENSTACK_KEYSTONE_URL = "http://%s/identity/v3“% OPENSTACK_HOST
但是,您的RC文件包含导出OS_AUTH_URL=http://controller:5000/v3
我想用http://%s:5000替换http://%s/identity应该可以解决这个问题。
Stack Overflow用户
发布于 2020-06-27 17:44:45
这是由于keystone apache2站点中的"all in controller“设置不正确造成的。
你必须用下一种方式修改apache中的keystone.conf:
第一个放入:
"WSGIDaemonProcess keystone-public processes=5 threads=1 user=keystone group=keystone display-=%{}“行,组在外部,紧接在组"VirtualHost”定义之前。将其从声明中删除。
第二次添加:
/identity别名的“位置”行中的“需要所有已授予的”行。
我希望这能有所帮助。
Stack Overflow用户
发布于 2021-08-09 20:18:00
我也有同样的问题。当我尝试使用我的用户名、密码和域名登录时,我总是得到无效的凭据。
但我解决了这个问题。
打开local_settings.py
nano /etc/openstack-dashboard/local_settings.py缺省行是这样的。您应该更改此行。
OPENSTACK_KEYSTONE_URL = "http://%s:5000/v3.0" % OPENSTACK_HOST我的解决方案是,
OPENSTACK_KEYSTONE_URL = "http://%s:5000/v3" % OPENSTACK_HOST然后,您应该重新启动Apache。
systemctl reload apache2.service您可以登录。
页面原文内容由Stack Overflow提供。腾讯云小微IT领域专用引擎提供翻译支持
原文链接:
https://stackoverflow.com/questions/62251808
复制相关文章
相似问题
腾讯云开发者
Copyright © 2013 - 2026 Tencent Cloud. All Rights Reserved. 腾讯云 版权所有
深圳市腾讯计算机系统有限公司 ICP备案/许可证号:粤B2-20090059 
粤公网安备44030502008569号
腾讯云计算(北京)有限责任公司 京ICP证150476号 | 京ICP备11018762号