[原]openstack-kilo--issue(十三)Unauthorized: The request you have made requires authentication. (HTTP 401) (Request

在运行nova-list 的时候发现报错401：如下面

========>>>>>>>>> 正常显示

[root@controller ~]# nova --debug list
DEBUG (session:195) REQ: curl -g -i -X GET http://controller:35357/v3 -H "Accept: app" -H "User-Agent: python-keystoneclient"
INFO (connectionpool:203) Starting new HTTP connection (1): controller
DEBUG (connectionpool:383) "GET /v3 HTTP/1.1" 200 250
DEBUG (session:224) RESP: [200] content-length: 250 vary: X-Auth-Token keep-alive: ti100 server: Apache/2.4.6 (CentOS) OpenSSL/1.0.1e-fips mod_fcgid/2.3.9 mod_wsgi/3.4 Pynnection: Keep-Alive date: Tue, 17 Jan 2017 07:38:53 GMT content-type: application/jsk-request-id: req-9f10a8db-4c05-408a-934b-0b1d96f07146 
RESP BODY: {"version": {"status": "stable", "updated": "2015-03-30T00:00:00Z", "mediaase": "application/json", "type": "application/vnd.openstack.identity-v3+json"}], "idinks": [{"href": "http://controller:35357/v3/", "rel": "self"}]}}

DEBUG (base:171) Making authentication request to http://controller:35357/v3/auth/tok
DEBUG (connectionpool:383) "POST /v3/auth/tokens HTTP/1.1" 201 5326
DEBUG (iso8601:184) Parsed 2017-01-17T08:38:53.247506Z into {'tz_sign': None, 'second'247506', 'hour': u'08', 'daydash': u'17', 'tz_hour': None, 'month': None, 'timezone'nd': u'53', 'tz_minute': None, 'year': u'2017', 'separator': u'T', 'monthdash': u'01', 'minute': u'38'} with default timezone <iso8601.iso8601.Utc object at 0x232a210>
DEBUG (iso8601:140) Got u'2017' for 'year' with default None
DEBUG (iso8601:140) Got u'01' for 'monthdash' with default 1
DEBUG (iso8601:140) Got 1 for 'month' with default 1
DEBUG (iso8601:140) Got u'17' for 'daydash' with default 1
DEBUG (iso8601:140) Got 17 for 'day' with default 17
DEBUG (iso8601:140) Got u'08' for 'hour' with default None
DEBUG (iso8601:140) Got u'38' for 'minute' with default None
DEBUG (iso8601:140) Got u'53' for 'second' with default None
DEBUG (session:195) REQ: curl -g -i -X GET http://controller:8774/v2/f57b892b5c50426b7f3/servers/detail -H "User-Agent: python-novaclient" -H "Accept: application/json" -en: {SHA1}b1929005e567f4546937326d942b91a4fad47deb"
INFO (connectionpool:203) Starting new HTTP connection (1): controller
DEBUG (connectionpool:383) "GET /v2/f57b892b5c50426bb90414d31f0e77f3/servers/detail H15
DEBUG (session:224) RESP: [200] date: Tue, 17 Jan 2017 07:38:53 GMT connection: keep--type: application/json content-length: 15 x-compute-request-id: req-632a635e-269a-4bfa0c261 
RESP BODY: {"servers": []}

+----+------+--------+------------+-------------+----------+
| ID | Name | Status | Task State | Power State | Networks |
+----+------+--------+------------+-------------+----------+
+----+------+--------+------------+-------------+----------+




====>>>>>>再查看nova list 开始报错

[root@controller ~]# nova --debug list
DEBUG (session:195) REQ: curl -g -i -X GET http://controller:35357/v3 -H "Accept: application/json" -H "User-Agent: python-keystoneclient"
INFO (connectionpool:203) Starting new HTTP connection (1): controller
DEBUG (connectionpool:383) "GET /v3 HTTP/1.1" 200 250
DEBUG (session:224) RESP: [200] content-length: 250 vary: X-Auth-Token keep-alive: timeout=5, max=100 server: Apache/2.4.6 (CentOS) OpenSSL/1.0.1e-fips mod_fcgid/2.3.9 mod_wsgi/3.4 Python/2.7.5 connection: Keep-Alive date: Tue, 17 Jan 2017 07:57:53 GMT content-type: application/json x-openstack-request-id: req-5a6ebad3-30d7-4ab7-b75d-bcd07dac35c6 
RESP BODY: {"version": {"status": "stable", "updated": "2015-03-30T00:00:00Z", "media-types": [{"base": "application/json", "type": "application/vnd.openstack.identity-v3+json"}], "id": "v3.4", "links": [{"href": "http://controller:35357/v3/", "rel": "self"}]}}

DEBUG (base:171) Making authentication request to http://controller:35357/v3/auth/tokens
DEBUG (connectionpool:383) "POST /v3/auth/tokens HTTP/1.1" 401 114
DEBUG (session:396) Request returned failure status: 401
DEBUG (shell:914) The request you have made requires authentication. (HTTP 401) (Request-ID: req-1e2bdba2-c76d-4afd-bf3c-0cfdb2413025)
Traceback (most recent call last):
  File "/usr/lib/python2.7/site-packages/novaclient/shell.py", line 911, in main
    OpenStackComputeShell().main(argv)
  File "/usr/lib/python2.7/site-packages/novaclient/shell.py", line 838, in main
    args.func(self.cs, args)
  File "/usr/lib/python2.7/site-packages/novaclient/v2/shell.py", line 1377, in do_list
    sort_dirs=sort_dirs)
  File "/usr/lib/python2.7/site-packages/novaclient/v2/servers.py", line 583, in list
    return self._list("/servers%s%s" % (detail, query_string), "servers")
  File "/usr/lib/python2.7/site-packages/novaclient/base.py", line 64, in _list
    _resp, body = self.api.client.get(url)
  File "/usr/lib/python2.7/site-packages/keystoneclient/adapter.py", line 170, in get
    return self.request(url, 'GET', **kwargs)
  File "/usr/lib/python2.7/site-packages/novaclient/client.py", line 89, in request
    **kwargs)
  File "/usr/lib/python2.7/site-packages/keystoneclient/adapter.py", line 206, in request
    resp = super(LegacyJsonAdapter, self).request(*args, **kwargs)
  File "/usr/lib/python2.7/site-packages/keystoneclient/adapter.py", line 95, in request
    return self.session.request(url, method, **kwargs)
  File "/usr/lib/python2.7/site-packages/keystoneclient/utils.py", line 318, in inner
    return func(*args, **kwargs)
  File "/usr/lib/python2.7/site-packages/keystoneclient/session.py", line 313, in request
    auth_headers = self.get_auth_headers(auth)
  File "/usr/lib/python2.7/site-packages/keystoneclient/session.py", line 598, in get_auth_headers
    return auth.get_headers(self, **kwargs)
  File "/usr/lib/python2.7/site-packages/keystoneclient/auth/base.py", line 114, in get_headers
    token = self.get_token(session)
  File "/usr/lib/python2.7/site-packages/keystoneclient/auth/identity/base.py", line 104, in get_token
    return self.get_access(session).auth_token
  File "/usr/lib/python2.7/site-packages/keystoneclient/auth/identity/base.py", line 144, in get_access
    self.auth_ref = self.get_auth_ref(session)
  File "/usr/lib/python2.7/site-packages/keystoneclient/auth/identity/generic/base.py", line 176, in get_auth_ref
    return self._plugin.get_auth_ref(session, **kwargs)
  File "/usr/lib/python2.7/site-packages/keystoneclient/auth/identity/v3/base.py", line 173, in get_auth_ref
    authenticated=False, log=False, **rkwargs)
  File "/usr/lib/python2.7/site-packages/keystoneclient/session.py", line 497, in post
    return self.request(url, 'POST', **kwargs)
  File "/usr/lib/python2.7/site-packages/keystoneclient/utils.py", line 318, in inner
    return func(*args, **kwargs)
  File "/usr/lib/python2.7/site-packages/keystoneclient/session.py", line 397, in request
    raise exceptions.from_response(resp, method, url)
Unauthorized: The request you have made requires authentication. (HTTP 401) (Request-ID: req-1e2bdba2-c76d-4afd-bf3c-0cfdb2413025)
ERROR (Unauthorized): The request you have made requires authentication. (HTTP 401) (Request-ID: req-1e2bdba2-c76d-4afd-bf3c-0cfdb2413025)

问题点回想：在两次查看中间操作了什么？？ 回想起更改了GUI界面admin用户的密码

即下图：

如果此时没有更改admin用户环境，就会导致401错误：

所以解决办法是:更改admin用户环境admin-openrc.sh

[root@controller ~]# cat admin-openrc.sh 
export OS_PROJECT_DOMAIN_ID=default
export OS_USER_DOMAIN_ID=default
export OS_PROJECT_NAME=admin
export OS_TENANT_NAME=admin
export OS_USERNAME=admin
export OS_PASSWORD=NEW_PASSWORD      -----<此密码就为上图中黄色位置的密码>
export OS_AUTH_URL=http://${HOSTNAME}:35357/v3 
export OS_IMAGE_API_VERSION=2
 
export OS_VOLUME_API_VERSION=2

#export OS_URL=http://${HOSTNAME}:35357/v2.0
#export ADMIN_TOKEN=118befef8350d34fc931

[root@controller ~]# source admin-openrc.sh     ---------<使更改生效>

========再查看就正常了 不再报401错误
[root@controller ~]# nova list                               
+----+------+--------+------------+-------------+----------+
| ID | Name | Status | Task State | Power State | Networks |
+----+------+--------+------------+-------------+----------+
+----+------+--------+------------+-------------+----------+