OpenStack Swift+Keystone:无法确定租赁

2024-05-20 12:28:04 发布

您现在位置:Python中文网/ 问答频道 /正文
1341 3

我尝试使用基于Keystone的身份验证(在Keystone API docs here之后)使用curl访问Swift。在

第1章:获取令牌:

curl -d '{"auth": {"passwordCredentials": {
                     "username": "USERNAME", "password": "PASSWORD"}}}' \
     -H "Content-Type: application/json" \
     http://identity:35357/v2.0/tokens

回应:

^{pr2}$

注意,与API docs中所说的相反,响应中缺少租户信息。在

第2章:认证

curl -H "X-Auth-Token: TOKENID" http://swift/v1/AUTH_TENANTID/bucket

回复:401 Unauthorized

第3章:故障排除

在查看Keystone auth_令牌中间件内部后,我发现它在尝试从令牌数据获取租户时失败:

def get_tenant_info():
    """Returns a (tenant_id, tenant_name) tuple from context."""
    def essex():
        """Essex puts the tenant ID and name on the token."""
        return (token['tenant']['id'], token['tenant']['name'])

    def pre_diablo():
        """Pre-diablo, Keystone only provided tenantId."""
         return (token['tenantId'], token['tenantId'])

    def default_tenant():
        """Pre-grizzly, assume the user's default tenant."""
        return (user['tenantId'], user['tenantName'])

    for method in [essex, pre_diablo, default_tenant]:
        try:
            return method()
        except KeyError:
             pass

    raise InvalidUserToken('Unable to determine tenancy.')

由于令牌数据中没有租户信息,它总是失败。 我可能做错了什么?在


Tags: thenametokenapidefaultdocsreturnkeystone
1条回答
网友
1楼 · 发布于 2024-05-20 12:28:04

这个答案解决了您最初的身份验证问题,但不是问题的其余部分。。。在

您最初的请求:

curl -d '{"auth": {"passwordCredentials": {
                     "username": "USERNAME", "password": "PASSWORD"}}}' \
     -H "Content-Type: application/json" \
     http://identity:35357/v2.0/tokens

需要提供tenantNametenantId属性。如果提供了其中任何一个,那么您的回复应该同时包含租户信息服务目录,以便查找其他服务端点。在

所以:

^{pr2}$

你应该得到这样的东西:

{
  "access": {
    "metadata": {
      "roles": [
        "9fe2ff9ee4384b1894a90878d3e92bab",
        "0ecb6fccfd8546148cbb00b6d51364ce"
      ],
      "is_admin": 0
    },
    "user": {
      "name": "lars",
      "roles": [
        {
          "name": "_member_"
        },
        {
          "name": "admin"
        }
      ],
      "id": "436d522125584cf3a21ddcf628d59e2e",
      "roles_links": [],
      "username": "lars"
    },
    "serviceCatalog": [
      {
        "name": "nova",
        "type": "compute",
        "endpoints_links": [],
        "endpoints": [
          {
            "publicURL": "http://192.168.200.1:8774/v2/28a490a259974817b88ce490a74df8d2",
            "id": "264f2b4179ca4d6ca3a62b7347db11ce",
            "internalURL": "http://192.168.200.1:8774/v2/28a490a259974817b88ce490a74df8d2",
            "region": "RegionOne",
            "adminURL": "http://192.168.200.1:8774/v2/28a490a259974817b88ce490a74df8d2"
          }
        ]
      },
      .
      .
      .
    ],
    "token": {
      "tenant": {
        "name": "users/lars",
        "id": "28a490a259974817b88ce490a74df8d2",
        "enabled": true,
        "description": null
      },
      "id": "TOKENID",
      "expires": "2014-02-21T20:07:36Z",
      "issued_at": "2014-02-20T20:07:36.189044"
    }
  }
}

相关问题 更多 >

    编程相关推荐