1.keystone认证失败问题:
Failed to discover available identity versions when contacting http://controller:35357/v3. Attempting to parse version from URL.
keystone需要开启5000和35357的两个端口,有时候你会发现你的5000端口启动了,可是35357端口却没有启动,你可以如下排查并解决
查看wsgi-keystone.conf文件是否没有35357端口的相关配置,如果没有就手动添加上去,注意有差异自己修改一下
路径为/usr/share/keystone/wsgi-keystone.conf
需要注意的是文件中的keystone-admin和keystone-public不同处,还有/identity和/identity_admin不同处,修改完之后再去认证keystone查看是否成功,如未成功继续排查The request you have made requires authentication. (HTTP 401) (Request-ID: req-6c15f60e-3fdb-4594-b2f4-e831ffd7833e)
显示以上报错解决方法:
vi /etc/keystone/keystone.conf
找到如下一行,解除注释
#admin_token = <None>
然后按照官方文档步骤继续:
su -s /bin/sh -c "keystone-manage db_sync" keystone
keystone-manage fernet_setup --keystone-user keystone --keystone-group keystone
keystone-manage credential_setup --keystone-user keystone --keystone-group keystone
keystone-manage bootstrap --bootstrap-password ADMIN_PASS \
--bootstrap-admin-url http://controller:35357/v3/ \
--bootstrap-internal-url http://controller:5000/v3/ \
--bootstrap-public-url http://controller:5000/v3/ \
--bootstrap-region-id RegionOne