[ovirt-users] Unable to backend oVirt with Cinder
Daniel Erez
derez at redhat.com
Thu Sep 1 02:57:22 EDT 2016
On Wed, Aug 31, 2016 at 4:27 PM, Logan Kuhn <logank at wolfram.com> wrote:
> Thank you for your response, but unfortunately it still doesn't work.
>
> I can do cinder-ey things from the command line, including cinder list,
> type-show, create. The keystonerc_admin file that I use matches yours with
> the relevant bits changed for my environment, password, region etc. I've
> filled out the External Provider dialog with the admin user, cinder user
> and a new user. The dialog reports that it Failed to communicate with the
> external provider and to consult the log. The log reports the following:
>
> 2016-08-31 08:04:21,518 INFO [org.ovirt.engine.core.bll.provider.
> TestProviderConnectivityCommand] (default task-46) [20342b40] Running
> command: TestProviderConnectivityCommand internal: false. Entities
> affected : ID: aaa00000-0000-0000-0000-123456789aaa Type: SystemAction
> group CREATE_STORAGE_POOL with role type ADMIN
> 2016-08-31 08:04:21,546 ERROR [org.ovirt.engine.core.bll.provider.storage.
> AbstractOpenStackStorageProviderProxy] (default task-46) [20342b40]
> Unauthorized (OpenStack response error code: 401)
> 2016-08-31 08:04:21,546 ERROR [org.ovirt.engine.core.bll.provider.
> TestProviderConnectivityCommand] (default task-46) [20342b40] Command
> 'org.ovirt.engine.core.bll.provider.TestProviderConnectivityCommand'
> failed: EngineException: (Failed with error PROVIDER_FAILURE and code 5050)
>
> Which is very obvious that the username/auth that ovirt is sending isn't
> allowed to create, but it's using the same username/password that's in the
> keystonerc_admin file that I can do various command line things with.
>
> This is my keystonerc_admin file:
>
> OS_AUTH_URL=http://10.128.7.252:5000/v3
> OS_PASSWORD=adminpass
> OS_PROJECT_DOMAIN_NAME=default
> OS_PROJECT_NAME=admin
> OS_REGION_NAME=WRI
> OS_TENANT_NAME=admin
> OS_USERNAME=admin
> OS_USER_DOMAIN_NAME=default
>
> I had to make add certain fields and change the auth url to v3 otherwise
> it reported either a malformed URL or more commonly, 401 Unauthorized.
> Which made me wonder if it's a compatibility issue with the v3 API. I've
> been working with Openstack Mitaka and ovirt 4.0.2 and 4.0.3
>
For keystone authentication, we support v2.0.
Have you tried 'http://10.128.7.252:5000/v2.0' as authentication URL on add
provider dialog?
>
> Regards,
> Logan
>
> ----- On Aug 31, 2016, at 6:07 AM, Natalie Gavrilov <ngavrilo at redhat.com>
> wrote:
>
> Hi Logen,
>
> I'll refer only to* using authentication*, because I had configured it
> previously.
> This means: /etc/cinder/cinder.conf should have: auth_strategy = keystone
> I'm using keystonerc file, example keystonerc_admin:
> ------------------------------------------------------------
> ----------------
> unset OS_SERVICE_TOKEN
> export OS_USERNAME=admin
> export OS_PASSWORD=password
> export OS_AUTH_URL=http://CINDER-HOST:5000/v2.0
> export PS1='[\u@\h \W(keystone_admin)]\$ '
>
> export OS_TENANT_NAME=admin
> export OS_REGION_NAME=RegionOne
> ------------------------------------------------------------
> ----------------
>
> This will be step by step as much as possible just to make sure nothing is
> missed (assuming Cinder and Ceph are configured correctly).
>
> Go to:
> External providers -> Add
> Fill in the fields:
> Name:
> Type: *OpenStack Volume*
> Provider url: http://CINDER_HOST:8776
> <http://ogofen-cinder.scl.lab.tlv.redhat.com:8776>
> Check "Requires Authentication"
>
> Fill in the information, this is an example:
> Username: admin
> Password: password
> Tenant name: admin
> Authentication URL: http://CINDER-HOST:5000/v2.0
> <http://natalie-cinder.scl.lab.tlv.redhat.com:5000/v2.0>
>
> Test should return *"Test succeeded, managed to access provider."*
> Now click Ok.
>
>
> *Now lets configure additional information:*
>
> Lower pane: *Authentication Keys*
> Click on: New
> Fill in *UUID* field with rbd_secret_uuid
> and *value*:which is the key (it's in /etc/ceph/ceph.client.
> USERNAME.keyring)
>
>
> Hope this helps..
>
> Regards,
> Natalie
>
> ------------------------------
>
> From: "Aharon Canan" <acanan at redhat.com>
> To: "Natalie Gavrilov" <ngavrilo at redhat.com>
> Sent: Wednesday, August 31, 2016 8:53:22 AM
> Subject: Fwd: [ovirt-users] Unable to backend oVirt with Cinder
>
> Hi
>
> Can you help with below?
> This is community email and will be great if you can help this guy.
>
> Aharon
> ---------- Forwarded message ----------
> From: Logan Kuhn <logank at wolfram.com>
> Date: Tue, Aug 30, 2016 at 11:07 PM
> Subject: [ovirt-users] Unable to backend oVirt with Cinder
> To: users <users at ovirt.org>
>
>
> I've got Cinder configured and pointed at Ceph for it's back end storage.
> I can run ceph commands on the cinder machine and cinder is configured for
> noauth and I've also tried it with Keystone for auth. I can run various
> cinder commands and it'll return as expected.
>
> When I configure it in oVirt it'll add the external provider fine, but when
> I go to create a disk it doesn't populate the volume type field, it's just
> empty. The corresponding command for cinder: cinder type-list and cinder
> type-show <name> returns fine and it is public.
>
> Ovirt and Cinder are on the same host so it isn't a firewall issue.
>
> Cinder config:
> [DEFAULT]
> rpc_backend = rabbit
> #auth_strategy = keystone
> auth_strategy = noauth
> enabled_backends = ceph
> #glance_api_servers = http://10.128.7.252:9292
> #glance_api_version = 2
>
> #[keystone_authtoken]
> #auth_uri = http://10.128.7.252:5000/v3
> #auth_url = http://10.128.7.252:35357/v3
> #auth_type = password
> #memcached_servers = localhost:11211
> #project_domain_name = default
> #user_domain_name = default
> #project_name = services
> #username = user
> #password = pass
>
> [ceph]
> volume_driver = cinder.volume.drivers.rbd.RBDDriver
> volume_backend_name = ceph
> rbd_pool = ovirt-images
> rbd_user = cinder
> rbd_secret_uuid = <secret>
> rbd_ceph_conf = /etc/ceph/ceph.conf
> rbd_flatten_volume_from_snapshot = true
> rbd_max_clone_depth = 5
> rbd_store_chunk_size = 4
> rados_connect_timeout = -1
> #glance_api_version = 2
>
> [database]
> connection = postgresql://user:pass@10.128.2.33/cinder
>
> [oslo_concurrency]
> lock_path = /var/lib/cinder/tmp
>
> [oslo_messaging_rabbit]
> rabbit_host = localhost
> rabbit_port = 5672
> rabbit_userid = user
> rabbit_password = pass
>
> Regards,
> Logan
>
> _______________________________________________
> Users mailing list
> Users at ovirt.org
> http://lists.ovirt.org/mailman/listinfo/users
>
>
> _______________________________________________
> Users mailing list
> Users at ovirt.org
> http://lists.ovirt.org/mailman/listinfo/users
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.ovirt.org/pipermail/users/attachments/20160901/dca4f306/attachment.html>
More information about the Users
mailing list