在运行nova-list 的时候发现报错401:如下面
========>>>>>>>>> 正常显示
[root@controller ~]# nova --debug list DEBUG (session:195) REQ: curl -g -i -X GET http://controller:35357/v3 -H "Accept: app" -H "User-Agent: python-keystoneclient" INFO (connectionpool:203) Starting new HTTP connection (1): controller DEBUG (connectionpool:383) "GET /v3 HTTP/1.1" 200 250 DEBUG (session:224) RESP: [200] content-length: 250 vary: X-Auth-Token keep-alive: ti100 server: Apache/2.4.6 (CentOS) OpenSSL/1.0.1e-fips mod_fcgid/2.3.9 mod_wsgi/3.4 Pynnection: Keep-Alive date: Tue, 17 Jan 2017 07:38:53 GMT content-type: application/jsk-request-id: req-9f10a8db-4c05-408a-934b-0b1d96f07146 RESP BODY: {"version": {"status": "stable", "updated": "2015-03-30T00:00:00Z", "mediaase": "application/json", "type": "application/vnd.openstack.identity-v3+json"}], "idinks": [{"href": "http://controller:35357/v3/", "rel": "self"}]}} DEBUG (base:171) Making authentication request to http://controller:35357/v3/auth/tok DEBUG (connectionpool:383) "POST /v3/auth/tokens HTTP/1.1" 201 5326 DEBUG (iso8601:184) Parsed 2017-01-17T08:38:53.247506Z into {'tz_sign': None, 'second'247506', 'hour': u'08', 'daydash': u'17', 'tz_hour': None, 'month': None, 'timezone'nd': u'53', 'tz_minute': None, 'year': u'2017', 'separator': u'T', 'monthdash': u'01', 'minute': u'38'} with default timezone <iso8601.iso8601.Utc object at 0x232a210> DEBUG (iso8601:140) Got u'2017' for 'year' with default None DEBUG (iso8601:140) Got u'01' for 'monthdash' with default 1 DEBUG (iso8601:140) Got 1 for 'month' with default 1 DEBUG (iso8601:140) Got u'17' for 'daydash' with default 1 DEBUG (iso8601:140) Got 17 for 'day' with default 17 DEBUG (iso8601:140) Got u'08' for 'hour' with default None DEBUG (iso8601:140) Got u'38' for 'minute' with default None DEBUG (iso8601:140) Got u'53' for 'second' with default None DEBUG (session:195) REQ: curl -g -i -X GET http://controller:8774/v2/f57b892b5c50426b7f3/servers/detail -H "User-Agent: python-novaclient" -H "Accept: application/json" -en: {SHA1}b1929005e567f4546937326d942b91a4fad47deb" INFO (connectionpool:203) Starting new HTTP connection (1): controller DEBUG (connectionpool:383) "GET /v2/f57b892b5c50426bb90414d31f0e77f3/servers/detail H15 DEBUG (session:224) RESP: [200] date: Tue, 17 Jan 2017 07:38:53 GMT connection: keep--type: application/json content-length: 15 x-compute-request-id: req-632a635e-269a-4bfa0c261 RESP BODY: {"servers": []} +----+------+--------+------------+-------------+----------+ | ID | Name | Status | Task State | Power State | Networks | +----+------+--------+------------+-------------+----------+ +----+------+--------+------------+-------------+----------+
====>>>>>>再查看nova list 开始报错
[root@controller ~]# nova --debug list DEBUG (session:195) REQ: curl -g -i -X GET http://controller:35357/v3 -H "Accept: application/json" -H "User-Agent: python-keystoneclient" INFO (connectionpool:203) Starting new HTTP connection (1): controller DEBUG (connectionpool:383) "GET /v3 HTTP/1.1" 200 250 DEBUG (session:224) RESP: [200] content-length: 250 vary: X-Auth-Token keep-alive: timeout=5, max=100 server: Apache/2.4.6 (CentOS) OpenSSL/1.0.1e-fips mod_fcgid/2.3.9 mod_wsgi/3.4 Python/2.7.5 connection: Keep-Alive date: Tue, 17 Jan 2017 07:57:53 GMT content-type: application/json x-openstack-request-id: req-5a6ebad3-30d7-4ab7-b75d-bcd07dac35c6 RESP BODY: {"version": {"status": "stable", "updated": "2015-03-30T00:00:00Z", "media-types": [{"base": "application/json", "type": "application/vnd.openstack.identity-v3+json"}], "id": "v3.4", "links": [{"href": "http://controller:35357/v3/", "rel": "self"}]}} DEBUG (base:171) Making authentication request to http://controller:35357/v3/auth/tokens DEBUG (connectionpool:383) "POST /v3/auth/tokens HTTP/1.1" 401 114 DEBUG (session:396) Request returned failure status: 401 DEBUG (shell:914) The request you have made requires authentication. (HTTP 401) (Request-ID: req-1e2bdba2-c76d-4afd-bf3c-0cfdb2413025) Traceback (most recent call last): File "/usr/lib/python2.7/site-packages/novaclient/shell.py", line 911, in main OpenStackComputeShell().main(argv) File "/usr/lib/python2.7/site-packages/novaclient/shell.py", line 838, in main args.func(self.cs, args) File "/usr/lib/python2.7/site-packages/novaclient/v2/shell.py", line 1377, in do_list sort_dirs=sort_dirs) File "/usr/lib/python2.7/site-packages/novaclient/v2/servers.py", line 583, in list return self._list("/servers%s%s" % (detail, query_string), "servers") File "/usr/lib/python2.7/site-packages/novaclient/base.py", line 64, in _list _resp, body = self.api.client.get(url) File "/usr/lib/python2.7/site-packages/keystoneclient/adapter.py", line 170, in get return self.request(url, 'GET', **kwargs) File "/usr/lib/python2.7/site-packages/novaclient/client.py", line 89, in request **kwargs) File "/usr/lib/python2.7/site-packages/keystoneclient/adapter.py", line 206, in request resp = super(LegacyJsonAdapter, self).request(*args, **kwargs) File "/usr/lib/python2.7/site-packages/keystoneclient/adapter.py", line 95, in request return self.session.request(url, method, **kwargs) File "/usr/lib/python2.7/site-packages/keystoneclient/utils.py", line 318, in inner return func(*args, **kwargs) File "/usr/lib/python2.7/site-packages/keystoneclient/session.py", line 313, in request auth_headers = self.get_auth_headers(auth) File "/usr/lib/python2.7/site-packages/keystoneclient/session.py", line 598, in get_auth_headers return auth.get_headers(self, **kwargs) File "/usr/lib/python2.7/site-packages/keystoneclient/auth/base.py", line 114, in get_headers token = self.get_token(session) File "/usr/lib/python2.7/site-packages/keystoneclient/auth/identity/base.py", line 104, in get_token return self.get_access(session).auth_token File "/usr/lib/python2.7/site-packages/keystoneclient/auth/identity/base.py", line 144, in get_access self.auth_ref = self.get_auth_ref(session) File "/usr/lib/python2.7/site-packages/keystoneclient/auth/identity/generic/base.py", line 176, in get_auth_ref return self._plugin.get_auth_ref(session, **kwargs) File "/usr/lib/python2.7/site-packages/keystoneclient/auth/identity/v3/base.py", line 173, in get_auth_ref authenticated=False, log=False, **rkwargs) File "/usr/lib/python2.7/site-packages/keystoneclient/session.py", line 497, in post return self.request(url, 'POST', **kwargs) File "/usr/lib/python2.7/site-packages/keystoneclient/utils.py", line 318, in inner return func(*args, **kwargs) File "/usr/lib/python2.7/site-packages/keystoneclient/session.py", line 397, in request raise exceptions.from_response(resp, method, url) Unauthorized: The request you have made requires authentication. (HTTP 401) (Request-ID: req-1e2bdba2-c76d-4afd-bf3c-0cfdb2413025) ERROR (Unauthorized): The request you have made requires authentication. (HTTP 401) (Request-ID: req-1e2bdba2-c76d-4afd-bf3c-0cfdb2413025)
问题点回想:在两次查看中间操作了什么?? 回想起更改了GUI界面admin用户的密码
即下图:
如果此时没有更改admin用户环境,就会导致401错误:
所以解决办法是:更改admin用户环境admin-openrc.sh
[root@controller ~]# cat admin-openrc.sh export OS_PROJECT_DOMAIN_ID=default export OS_USER_DOMAIN_ID=default export OS_PROJECT_NAME=admin export OS_TENANT_NAME=admin export OS_USERNAME=admin export OS_PASSWORD=NEW_PASSWORD -----<此密码就为上图中黄色位置的密码> export OS_AUTH_URL=http://${HOSTNAME}:35357/v3 export OS_IMAGE_API_VERSION=2 export OS_VOLUME_API_VERSION=2 #export OS_URL=http://${HOSTNAME}:35357/v2.0 #export ADMIN_TOKEN=118befef8350d34fc931
[root@controller ~]# source admin-openrc.sh ---------<使更改生效>
========再查看就正常了 不再报401错误
[root@controller ~]# nova list
+----+------+--------+------------+-------------+----------+
| ID | Name | Status | Task State | Power State | Networks |
+----+------+--------+------------+-------------+----------+
+----+------+--------+------------+-------------+----------+