（Openstack）無法將圖像上傳到圖像服務

Question

我是Openstack的新手，並試圖構建自己的Openstack環境。 遵循「Red Hat Enterprise Linux 7，CentOS 7和Fedora 20的OpenStack安裝指南」（在Fedora 21上）後，我在將cirrOS上傳到Image-Service時遇到了一個問題。

我的OpenStack版本，指的這個命令：「[根@本地〜]＃梯形管理 - 版本」應該是 2014年2月2日

後，我嘗試上傳我得到這個輸出的圖像：

ADMIN-OPENRC.SH: 

export OS_TENANT_NAME=admin 
export OS_USERNAME=admin 
export OS_PASSWORD=MYPASS 
export OS_AUTH_URL=http://controller:35357/v2.0 

[根@本地〜]＃源admin-openrc.sh [根@本地〜]＃一目瞭然 --debug圖像創建--name 「cirros-0.3.3-x86_64的」 --file /tmp/images/cirros-0.3.3-x86_64-disk.img --disk-format qcow2 --container-format bare --is-public True - 進展curl -i -X POST -H'接受編碼：gzip，deflate'-H'x-image-meta-container_format： 裸'-H'接受：/'-H'X-Auth -Token： {SHA1} 726116102202fa50ff0c064ca3cadb86b65fe997'-H'x-image-meta-size： 13200896'-H'Connection：keep-alive'-H'x-image-meta-is_public： True'-H'User -agent：python-glanceclient'-H'Content-Type： application/octet-stream'-H'x-image-meta-disk_format：qcow2'-H 'x-image-meta-name：cirros-0.3。 3-x86_64' http://controller:9292/v1/images [=============================>] 100％請求返回的失敗狀態401.無效的OpenStack標識 憑據。

我不得不提一下，我可以從梯形得到一個令牌沒有問題：

[根@本地〜]＃梯形令牌獲得
+ --------- - + ---------------------------------- +
|屬性| Value |
+ ----------- + ---------------------------------- +
|過期| 2015-07-03T10：26：38Z |
| id | 96299e7c355d43a9b8e5b7f47a4d4cdd |
| tenant_id | 425de1784b644473b6f1cffe874992c5 |
| user_id | 0a85326e1c744d449327894b6a276b5d |
+ ----------- + ---------------------------------- +

Here are my config files: 

GLANCE-API.CONF & GLANCE-REGISTRY.CONF 
connection=mysql://glance:MYPASS@controller/glance 
[keystone_authtoken] 
auth_uri = http://controller:5000/v2.0 
identity_uri = http://controller:35357 
admin_tenant_name = service 
admin_user = glance 
admin_password = MYPASS 

KEYSTONE.CONF 
connection=mysql://keystone:MYPASS@controller/keystone </b> 


Here is my api.log: 
/var/log/glance/api.log 
2015-07-03 11:15:00.763 3447 WARNING keystonemiddleware.auth_token [-] Retrying on HTTP connection exception: Unable to establish connection to http://controller:35357/ 
2015-07-03 11:15:01.266 3447 WARNING keystonemiddleware.auth_token [-] Retrying on HTTP connection exception: Unable to establish connection to http://controller:35357/ 
2015-07-03 11:15:02.269 3447 WARNING keystonemiddleware.auth_token [-] Retrying on HTTP connection exception: Unable to establish connection to http://controller:35357/ 
2015-07-03 11:15:04.273 3447 ERROR keystonemiddleware.auth_token [-] HTTP connection exception: Unable to establish connection to http://controller:35357/ 
2015-07-03 11:15:04.274 3447 WARNING keystonemiddleware.auth_token [-] Authorization failed for token 
2015-07-03 11:15:04.274 3447 INFO keystonemiddleware.auth_token [-] Invalid user token - deferring reject downstream 
2015-07-03 11:15:04.327 3447 INFO glance.wsgi.server [-] 192.168.13.92 - - [03/Jul/2015 11:15:04] "POST /v1/images HTTP/1.1" 401 571 3.579172 
2015-07-03 11:30:29.083 3446 WARNING keystonemiddleware.auth_token [-] Retrying on HTTP connection exception: Unable to establish connection to http://controller:35357/ 
2015-07-03 11:30:29.587 3446 WARNING keystonemiddleware.auth_token [-] Retrying on HTTP connection exception: Unable to establish connection to http://controller:35357/ 
2015-07-03 11:30:30.591 3446 WARNING keystonemiddleware.auth_token [-] Retrying on HTTP connection exception: Unable to establish connection to http://controller:35357/ 
2015-07-03 11:30:32.595 3446 ERROR keystonemiddleware.auth_token [-] HTTP connection exception: Unable to establish connection to http://controller:35357/ 
2015-07-03 11:30:32.595 3446 WARNING keystonemiddleware.auth_token [-] Authorization failed for token 
2015-07-03 11:30:32.595 3446 INFO keystonemiddleware.auth_token [-] Invalid user token - deferring reject downstream 
2015-07-03 11:30:32.649 3446 INFO glance.wsgi.server [-] 192.168.13.92 - - [03/Jul/2015 11:30:32] "POST /v1/images HTTP/1.1" 401 571 3.581761 

感謝您的努力 凱文

--------------------------編輯---- ------------------------- 全覽-Registry.conf：

[DEFAULT] 
# Show more verbose log output (sets INFO log level output) 
verbose=True 

# Show debugging output in logs (sets DEBUG log level output) 
#debug=False 

# Address to bind the registry server 
#bind_host=0.0.0.0 

# Port the bind the registry server to 
#bind_port=9191 

# Log to this file. Make sure you do not set the same log file for both the API 
# and registry servers! 
# 
# If `log_file` is omitted and `use_syslog` is false, then log messages are 
# sent to stdout as a fallback. 
#log_file=/var/log/glance/registry.log 

# Backlog requests when creating socket 
#backlog=4096 

# TCP_KEEPIDLE value in seconds when creating socket. 
# Not supported on OS X. 
#tcp_keepidle=600 

# API to use for accessing data. Default value points to sqlalchemy 
# package. 
#data_api=glance.db.sqlalchemy.api 

# The number of child process workers that will be 
# created to service Registry requests. The default will be 
# equal to the number of CPUs available. (integer value) 
#workers=None 

# Enable Registry API versions individually or simultaneously 
#enable_v1_registry=True 
#enable_v2_registry=True 

# Limit the api to return `param_limit_max` items in a call to a container. If 
# a larger `limit` query param is provided, it will be reduced to this value. 
#api_limit_max=1000 

# If a `limit` query param is not provided in an api request, it will 
# default to `limit_param_default` 
#limit_param_default=25 

# Role used to identify an authenticated user as administrator 
#admin_role=admin 

# Whether to automatically create the database tables. 
# Default: False 
#db_auto_create=False 

# Enable DEBUG log messages from sqlalchemy which prints every database 
# query and response. 
# Default: False 
#sqlalchemy_debug=True 

# ================= Syslog Options ============================ 

# Send logs to syslog (/dev/log) instead of to file specified 
# by `log_file` 
#use_syslog=False 

# Facility to use. If unset defaults to LOG_USER. 
#syslog_log_facility=LOG_LOCAL1 

# ================= SSL Options =============================== 

# Certificate file to use when starting registry server securely 
#cert_file=/path/to/certfile 

# Private key file to use when starting registry server securely 
#key_file=/path/to/keyfile 

# CA certificate file to use to verify connecting clients 
#ca_file=/path/to/cafile 

# ============ Notification System Options ===================== 

# Driver or drivers to handle sending notifications. Set to 
# 'messaging' to send notifications to a message queue. 
notification_driver = noop 

# Default publisher_id for outgoing notifications. 
# default_publisher_id = image.localhost 

# Messaging driver used for 'messaging' notifications driver 
# rpc_backend = 'rabbit' 

# Configuration options if sending notifications via rabbitmq (these are 
# the defaults) 
#rabbit_host=localhost 
#rabbit_port=5672 
#rabbit_use_ssl=false 
#rabbit_userid=guest 
#rabbit_password=guest 
#rabbit_virtual_host=/ 
#rabbit_notification_exchange=glance 
#rabbit_notification_topic=notifications 
#rabbit_durable_queues=False 

# Configuration options if sending notifications via Qpid (these are 
# the defaults) 
#qpid_notification_exchange=glance 
#qpid_notification_topic=notifications 
#qpid_hostname=localhost 
#qpid_port=5672 
#qpid_username= 
#qpid_password= 
#qpid_sasl_mechanisms= 
#qpid_reconnect_timeout=0 
#qpid_reconnect_limit=0 
#qpid_reconnect_interval_min=0 
#qpid_reconnect_interval_max=0 
#qpid_reconnect_interval=0 
#qpid_heartbeat=5 
# Set to 'ssl' to enable SSL 
#qpid_protocol=tcp 
#qpid_tcp_nodelay=True 


# ================= Database Options ========================== 

[database] 
# The file name to use with SQLite (string value) 
#sqlite_db=glance.sqlite 

# If True, SQLite uses synchronous mode (boolean value) 
#sqlite_synchronous=True 

# The backend to use for db (string value) 
# Deprecated group/name - [DEFAULT]/db_backend 
#backend=sqlalchemy 

# The SQLAlchemy connection string used to connect to the 
# database (string value) 
# Deprecated group/name - [DEFAULT]/sql_connection 
# Deprecated group/name - [DATABASE]/sql_connection 
# Deprecated group/name - [sql]/connection 
connection = mysql://glance:MYPASS@controller/glance 

# The SQL mode to be used for MySQL sessions. This option, 
# including the default, overrides any server-set SQL mode. To 
# use whatever SQL mode is set by the server configuration, 
# set this to no value. Example: mysql_sql_mode= (string 
# value) 
#mysql_sql_mode=TRADITIONAL 

# Timeout before idle sql connections are reaped (integer 
# value) 
# Deprecated group/name - [DEFAULT]/sql_idle_timeout 
# Deprecated group/name - [DATABASE]/sql_idle_timeout 
# Deprecated group/name - [sql]/idle_timeout 
#idle_timeout=3600 

# Minimum number of SQL connections to keep open in a pool 
# (integer value) 
# Deprecated group/name - [DEFAULT]/sql_min_pool_size 
# Deprecated group/name - [DATABASE]/sql_min_pool_size 
#min_pool_size=1 

# Maximum number of SQL connections to keep open in a pool 
# (integer value) 
# Deprecated group/name - [DEFAULT]/sql_max_pool_size 
# Deprecated group/name - [DATABASE]/sql_max_pool_size 
#max_pool_size=<None> 

# Maximum db connection retries during startup. (setting -1 
# implies an infinite retry count) (integer value) 
# Deprecated group/name - [DEFAULT]/sql_max_retries 
# Deprecated group/name - [DATABASE]/sql_max_retries 
#max_retries=10 

# Interval between retries of opening a sql connection 
# (integer value) 
# Deprecated group/name - [DEFAULT]/sql_retry_interval 
# Deprecated group/name - [DATABASE]/reconnect_interval 
#retry_interval=10 

# If set, use this value for max_overflow with sqlalchemy 
# (integer value) 
# Deprecated group/name - [DEFAULT]/sql_max_overflow 
# Deprecated group/name - [DATABASE]/sqlalchemy_max_overflow 
#max_overflow=<None> 

# Verbosity of SQL debugging information. 0=None, 
# 100=Everything (integer value) 
# Deprecated group/name - [DEFAULT]/sql_connection_debug 
#connection_debug=0 

# Add python stack traces to SQL as comment strings (boolean 
# value) 
# Deprecated group/name - [DEFAULT]/sql_connection_trace 
#connection_trace=False 

# If set, use this value for pool_timeout with sqlalchemy 
# (integer value) 
# Deprecated group/name - [DATABASE]/sqlalchemy_pool_timeout 
#pool_timeout=<None> 

# Enable the experimental use of database reconnect on 
# connection lost (boolean value) 
#use_db_reconnect=False 

# seconds between db connection retries (integer value) 
#db_retry_interval=1 

# Whether to increase interval between db connection retries, 
# up to db_max_retry_interval (boolean value) 
#db_inc_retry_interval=True 

# max seconds between db connection retries, if 
# db_inc_retry_interval is enabled (integer value) 
#db_max_retry_interval=10 

# maximum db connection retries before error is raised. 
# (setting -1 implies an infinite retry count) (integer value) 
#db_max_retries=20 

[keystone_authtoken] 
auth_uri = http://controller:5000/v2.0 
identity_uri = http://controller:35357 
admin_tenant_name = service 
admin_user = glance 
admin_password = MYPASS 

[paste_deploy] 
# Name of the paste configuration file that defines the available pipelines 
#config_file=/usr/share/glance/glance-registry-dist-paste.ini 

# Partial name of a pipeline in your paste configuration file with the 
# service name removed. For example, if your paste section name is 
# [pipeline:glance-registry-keystone], you would configure the flavor below 
# as 'keystone'. 
flavor=keystone 

[profiler] 
# If False fully disable profiling feature. 
#enabled=False 

# If False doesn't trace SQL requests. 
#trace_sqlalchemy=False 

一覽-Api.conf：

[paste_deploy] 
# Name of the paste configuration file that defines the available pipelines 
#config_file=/usr/share/glance/glance-api-dist-paste.ini 

# Partial name of a pipeline in your paste configuration file with the 
# service name removed. For example, if your paste section name is 
# [pipeline:glance-api-keystone], you would configure the flavor below 
# as 'keystone'. 
flavor=keystone 

Answer 1

Kevin，

所有的配置看起來都不錯。以下是我會建議你做

1）運行一目瞭然圖像列表，看看你得到什麼

2）你分配管理角色正確地掃視用戶「梯形的用戶角色添加 - 用戶一目瞭然 - 服務人員 - 管理員「？

3）運行glance之前創建了源代碼admin-openrc.sh嗎？

HTH

問候 阿希什