0

我正在安装 openstack(Ussuri 的最小部署),我已经安装了 Horizo​​n,但我遇到了无效的凭据。您可能会在下面找到配置:

您可以在下面找到 Horizo​​n 配置、openstack 域和用户:

 [root@controller ~]# grep ^[^#] /etc/openstack-dashboard/local_settings
import os
from django.utils.translation import ugettext_lazy as _
from openstack_dashboard.settings import HORIZON_CONFIG
DEBUG = False
OPENSTACK_HOST = "controller"
ALLOWED_HOSTS = ['*']
WEBROOT = '/dashboard'
LOCAL_PATH = '/tmp'
SECRET_KEY='971e40214e7da556a451'
CACHES = {
    'default': {
         'BACKEND': 'django.core.cache.backends.memcached.MemcachedCache',
         'LOCATION': 'controller:11211',
    }
}
EMAIL_BACKEND = 'django.core.mail.backends.console.EmailBackend'
OPENSTACK_KEYSTONE_URL = "http://%s/identity/v3" % OPENSTACK_HOST
OPENSTACK_KEYSTONE_MULTIDOMAIN_SUPPORT = True
OPENSTACK_API_VERSIONS = {
    "identity": 3,
    "image": 2,
    "volume": 3,
}
OPENSTACK_KEYSTONE_DEFAULT_DOMAIN = "Default"
OPENSTACK_KEYSTONE_DEFAULT_ROLE = "user"
TIME_ZONE = "UTC"
LOGGING = {
    'version': 1,
    # When set to True this will disable all logging except
    # for loggers specified in this configuration dictionary. Note that
    # if nothing is specified here and disable_existing_loggers is True,
    # django.db.backends will still log unless it is disabled explicitly.
    'disable_existing_loggers': False,
    # If apache2 mod_wsgi is used to deploy OpenStack dashboard
    # timestamp is output by mod_wsgi. If WSGI framework you use does not
    # output timestamp for logging, add %(asctime)s in the following
    # format definitions.
    'formatters': {
        'console': {
            'format': '%(levelname)s %(name)s %(message)s'
        },
        'operation': {
            # The format of "%(message)s" is defined by
            # OPERATION_LOG_OPTIONS['format']
            'format': '%(message)s'
        },
    },
    'handlers': {
        'null': {
            'level': 'DEBUG',
            'class': 'logging.NullHandler',
        },
        'console': {
            # Set the level to "DEBUG" for verbose output logging.
            'level': 'DEBUG' if DEBUG else 'INFO',
            'class': 'logging.StreamHandler',
            'formatter': 'console',
        },
        'operation': {
            'level': 'INFO',
            'class': 'logging.StreamHandler',
            'formatter': 'operation',
        },
    },
    'loggers': {
        'horizon': {
            'handlers': ['console'],
            'level': 'DEBUG',
            'propagate': False,
        },
        'horizon.operation_log': {
            'handlers': ['operation'],
            'level': 'INFO',
            'propagate': False,
        },
        'openstack_dashboard': {
            'handlers': ['console'],
            'level': 'DEBUG',
            'propagate': False,
        },
        'novaclient': {
            'handlers': ['console'],
            'level': 'DEBUG',
            'propagate': False,
        },
        'cinderclient': {
            'handlers': ['console'],
            'level': 'DEBUG',
            'propagate': False,
        },
        'keystoneauth': {
            'handlers': ['console'],
            'level': 'DEBUG',
            'propagate': False,
        },
        'keystoneclient': {
            'handlers': ['console'],
            'level': 'DEBUG',
            'propagate': False,
        },
        'glanceclient': {
            'handlers': ['console'],
            'level': 'DEBUG',
            'propagate': False,
        },
        'neutronclient': {
            'handlers': ['console'],
            'level': 'DEBUG',
            'propagate': False,
        },
        'swiftclient': {
            'handlers': ['console'],
            'level': 'DEBUG',
            'propagate': False,
        },
        'oslo_policy': {
            'handlers': ['console'],
            'level': 'DEBUG',
            'propagate': False,
        },
        'openstack_auth': {
            'handlers': ['console'],
            'level': 'DEBUG',
            'propagate': False,
        },
        'django': {
            'handlers': ['console'],
            'level': 'DEBUG',
            'propagate': False,
        },
        # Logging from django.db.backends is VERY verbose, send to null
        # by default.
        'django.db.backends': {
            'handlers': ['null'],
            'propagate': False,
        },
        'requests': {
            'handlers': ['null'],
            'propagate': False,
        },
        'urllib3': {
            'handlers': ['null'],
            'propagate': False,
        },
        'chardet.charsetprober': {
            'handlers': ['null'],
            'propagate': False,
        },
        'iso8601': {
            'handlers': ['null'],
            'propagate': False,
        },
        'scss': {
            'handlers': ['null'],
            'propagate': False,
        },
    },
}
SECURITY_GROUP_RULES = {
    'all_tcp': {
        'name': _('All TCP'),
        'ip_protocol': 'tcp',
        'from_port': '1',
        'to_port': '65535',
    },
    'all_udp': {
        'name': _('All UDP'),
        'ip_protocol': 'udp',
        'from_port': '1',
        'to_port': '65535',
    },
    'all_icmp': {
        'name': _('All ICMP'),
        'ip_protocol': 'icmp',
        'from_port': '-1',
        'to_port': '-1',
    },
    'ssh': {
        'name': 'SSH',
        'ip_protocol': 'tcp',
        'from_port': '22',
        'to_port': '22',
    },
    'smtp': {
        'name': 'SMTP',
        'ip_protocol': 'tcp',
        'from_port': '25',
        'to_port': '25',
    },
    'dns': {
        'name': 'DNS',
        'ip_protocol': 'tcp',
        'from_port': '53',
        'to_port': '53',
    },
    'http': {
        'name': 'HTTP',
        'ip_protocol': 'tcp',
        'from_port': '80',
        'to_port': '80',
    },
    'pop3': {
        'name': 'POP3',
        'ip_protocol': 'tcp',
        'from_port': '110',
        'to_port': '110',
    },
    'imap': {
        'name': 'IMAP',
        'ip_protocol': 'tcp',
        'from_port': '143',
        'to_port': '143',
    },
    'ldap': {
        'name': 'LDAP',
        'ip_protocol': 'tcp',
        'from_port': '389',
        'to_port': '389',
    },
    'https': {
        'name': 'HTTPS',
        'ip_protocol': 'tcp',
        'from_port': '443',
        'to_port': '443',
    },
    'smtps': {
        'name': 'SMTPS',
        'ip_protocol': 'tcp',
        'from_port': '465',
        'to_port': '465',
    },
    'imaps': {
        'name': 'IMAPS',
        'ip_protocol': 'tcp',
        'from_port': '993',
        'to_port': '993',
    },
    'pop3s': {
        'name': 'POP3S',
        'ip_protocol': 'tcp',
        'from_port': '995',
        'to_port': '995',
    },
    'ms_sql': {
        'name': 'MS SQL',
        'ip_protocol': 'tcp',
        'from_port': '1433',
        'to_port': '1433',
    },
    'mysql': {
        'name': 'MYSQL',
        'ip_protocol': 'tcp',
        'from_port': '3306',
        'to_port': '3306',
    },
    'rdp': {
        'name': 'RDP',
        'ip_protocol': 'tcp',
        'from_port': '3389',
        'to_port': '3389',
    },
}

[root@controller ~]# openstack domain list
+---------+---------+---------+--------------------+
| ID      | Name    | Enabled | Description        |
+---------+---------+---------+--------------------+
| default | Default | True    | The default domain |
+---------+---------+---------+--------------------+
[root@controller ~]# openstack user list
+----------------------------------+-----------+
| ID                               | Name      |
+----------------------------------+-----------+
| 14a3b199599b49a1a46c3fac98ae766a | admin     |
| 576d0127cd2247a8af78ea2444687d3c | glance    |
| dc2319d312ee4e2da8a604ae58859695 | placement |
| 53ea4668161346d4934c63ac7b33c360 | nova      |
| 02066788c9c1487aa2b324ec37200f3d | neutron   |
+----------------------------------+-----------+

我使用,默认在域中,管理员在用户和密码:123456 在地平线仪表板:

[root@controller ~]# cat ./admin-openrc
export OS_PROJECT_DOMAIN_NAME=Default
export OS_USER_DOMAIN_NAME=Default
export OS_PROJECT_NAME=admin
export OS_USERNAME=admin
export OS_PASSWORD=123456
export OS_AUTH_URL=http://controller:5000/v3
export OS_IDENTITY_API_VERSION=3
export OS_IMAGE_API_VERSION=2

您也可能会发现 Apache 错误:

[root@controller ~]# tail /var/log/httpd/error_log

[Sun Jun 07 17:02:29.550943 2020] [http2:warn] [pid 3078:tid 139723183282432] AH02951: mod_ssl does not seem to be enabled
[Sun Jun 07 17:02:29.572160 2020] [mpm_event:notice] [pid 3078:tid 139723183282432] AH00489: Apache/2.4.37 (centos) mod_wsgi/4.6.4 Python/3.6 configured -- resuming normal operations
[Sun Jun 07 17:02:29.572225 2020] [core:notice] [pid 3078:tid 139723183282432] AH00094: Command line: '/usr/sbin/httpd -D FOREGROUND'
[Sun Jun 07 17:02:40.937530 2020] [wsgi:error] [pid 3084:tid 139722767623936] WARNING:root:Use of this 'djano.wsgi' file has been deprecated since the Rocky release in favor of 'wsgi.py' in the 'openstack_dashboard' module. This file is a legacy naming from before Django 1.4 and an importable 'wsgi.py' is now the default. This file will be removed in the T release cycle.
[Sun Jun 07 21:02:48.256669 2020] [wsgi:error] [pid 3084:tid 139722767623936] /usr/lib64/python3.6/site-packages/scss/namespace.py:172: DeprecationWarning: inspect.getargspec() is deprecated since Python 3.0, use inspect.signature() or inspect.getfullargspec()
[Sun Jun 07 21:02:48.256716 2020] [wsgi:error] [pid 3084:tid 139722767623936]   argspec = inspect.getargspec(function)
[Sun Jun 07 17:03:06.452632 2020] [authz_core:error] [pid 3092:tid 139722449999616] [client 10.0.0.11:49322] AH01630: client denied by server configuration: /usr/bin/keystone-wsgi-public
[Sun Jun 07 21:03:06.472128 2020] [wsgi:error] [pid 3084:tid 139722767623936] [remote 192.168.137.1:53803] INFO openstack_auth.forms Login failed for user "admin" using domain "Default", remote address 192.168.137.1.
[Sun Jun 07 17:03:10.522805 2020] [authz_core:error] [pid 3092:tid 139722340894464] [client 10.0.0.11:49332] AH01630: client denied by server configuration: /usr/bin/keystone-wsgi-public
[Sun Jun 07 21:03:10.524561 2020] [wsgi:error] [pid 3084:tid 139722809587456] [remote 192.168.137.1:53804] INFO openstack_auth.forms Login failed for user "admin" using domain "Default", remote address 192.168.137.1.

有人可以支持我吗:)

4

3 回答 3

5

地平线配置:OPENSTACK_KEYSTONE_URL = "http://%s/identity/v3" % OPENSTACK_HOST

但是,您的 RC 文件包含 export OS_AUTH_URL=http://controller:5000/v3

我想用 http://%s:5000 替换 http://%s/identity 应该可以解决它。

于 2021-02-17T01:13:35.517 回答
1

这是由于 keystone apache2 站点中的“all in controller”设置不正确而发生的。

您必须通过以下方式更改 apache 中的 keystone.conf:

先说:

WSGIDaemonProcess keystone-public processes=5 threads=1 user=keystone group=keystone display-name=%{GROUP} ” 行,位于“VirtualHost”定义之前。将其从声明中删除。

第二个补充:

/identity 别名的“位置”中的“要求所有已授予”行。

我希望这可能会有所帮助。

于 2020-06-27T09:44:44.770 回答
0

我有同样的问题。当我尝试使用我的用户名、密码和域名登录时,我总是得到无效的凭据。

但我解决了这个问题。

打开 local_settings.py

nano /etc/openstack-dashboard/local_settings.py

默认行是这样的。你应该改变这一行。

OPENSTACK_KEYSTONE_URL = "http://%s:5000/v3.0" % OPENSTACK_HOST

我的解决办法是

OPENSTACK_KEYSTONE_URL = "http://%s:5000/v3" % OPENSTACK_HOST

那么你应该重新启动Apache。

systemctl reload apache2.service

您可以登录。

祝你好运 ! 登录后截图

于 2021-08-09T20:18:00.443 回答