Bug 1313654 - Tuskar can't pass overcloud "Initialization Needed" stage
Tuskar can't pass overcloud "Initialization Needed" stage
Status: CLOSED WONTFIX
Product: Red Hat OpenStack
Classification: Red Hat
Component: openstack-tuskar-ui (Show other bugs)
7.0 (Kilo)
Unspecified Unspecified
unspecified Severity unspecified
: ---
: 7.0 (Kilo)
Assigned To: Ana Krivokapic
yeylon@redhat.com
:
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2016-03-02 02:03 EST by Gilles Dubreuil
Modified: 2016-04-18 02:48 EDT (History)
6 users (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2016-03-02 05:15:12 EST
Type: Bug
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

  None (edit)
Description Gilles Dubreuil 2016-03-02 02:03:11 EST
When deploying the overcloud from the command line using
"openstack overcloud deploy" the deployment is successful meanwhile Tuskar Overview page says "Initialization needed".
When using the "Initialize" button it fails with "Error: Unauthorized: Unable to initialize Overcloud." error message.
Everything works from the CLI, but Tuskar can't be used.

Using OSP-Director 7.3:
python-tuskarclient-0.1.18-5.el7ost.noarch
openstack-tuskar-0.4.18-5.el7ost.noarch
openstack-tuskar-ui-extras-0.0.4-2.el7ost.noarch
openstack-tuskar-ui-0.4.0-5.el7ost.noarch
python-rdomanager-oscplugin-0.0.10-28.el7ost.noarch


Horizon log confirms (although I didn't get more details with debug=True):
----------------------------
2016-03-02 06:49:48,105 22360 ERROR horizon.exceptions Unauthorized: The request you have made requires authentication. (HTTP 401) (Request-ID: req-fc5bcad5-3197-40b9-9b8a-94e406227611)
Traceback (most recent call last):
  File "/usr/lib/python2.7/site-packages/tuskar_ui/infrastructure/overview/forms.py", line 466, in handle
    pki_setup=False)
  File "/usr/lib/python2.7/site-packages/os_cloud_config/keystone.py", line 149, in initialize
    _create_roles(keystone_v2, timeout, poll_interval)
  File "/usr/lib/python2.7/site-packages/os_cloud_config/keystone.py", line 462, in _create_roles
    _create_role(keystone, 'admin')
  File "/usr/lib/python2.7/site-packages/os_cloud_config/keystone.py", line 217, in _create_role
    role = keystone.roles.findall(name=name)
  File "/usr/lib/python2.7/site-packages/keystoneclient/base.py", line 263, in findall
    for obj in self.list():
  File "/usr/lib/python2.7/site-packages/keystoneclient/v2_0/roles.py", line 47, in list
    return self._list("/OS-KSADM/roles", "roles")
  File "/usr/lib/python2.7/site-packages/keystoneclient/base.py", line 113, in _list
    resp, body = self.client.get(url, **kwargs)
  File "/usr/lib/python2.7/site-packages/keystoneclient/adapter.py", line 170, in get
    return self.request(url, 'GET', **kwargs)
  File "/usr/lib/python2.7/site-packages/keystoneclient/adapter.py", line 206, in request
    resp = super(LegacyJsonAdapter, self).request(*args, **kwargs)
  File "/usr/lib/python2.7/site-packages/keystoneclient/adapter.py", line 95, in request
    return self.session.request(url, method, **kwargs)
  File "/usr/lib/python2.7/site-packages/keystoneclient/utils.py", line 318, in inner
    return func(*args, **kwargs)
  File "/usr/lib/python2.7/site-packages/keystoneclient/session.py", line 397, in request
    raise exceptions.from_response(resp, method, url)
Unauthorized: The request you have made requires authentication. (HTTP 401) (Request-ID: req-fc5bcad5-3197-40b9-9b8a-94e406227611)
----------------------------


Nothing seems wrong with Keystone:
----------------------------
2016-03-02 01:56:53.539 7566 DEBUG keystone.middleware.core [-] Auth token not in the request header. Will not build auth context. process_request /usr/lib/python2.7/site-packages/keystone/middleware/core.py:223
2016-03-02 01:56:53.540 7566 INFO keystone.common.wsgi [-] POST http://192.0.2.1:5000/v3/ec2tokens
2016-03-02 01:56:53.612 7566 INFO eventlet.wsgi.server [-] 192.0.2.1 - - [02/Mar/2016 01:56:53] "POST /v3/ec2tokens HTTP/1.1" 200 6726 0.073603
2016-03-02 01:56:53.622 7558 DEBUG keystone.middleware.core [-] RBAC: auth_context: {'is_delegated_auth': False, 'access_token_id': None, 'user_id': u'280bbc2771994e9383adc197e962a146', 'roles': [u'_member_', u'admin'], 'trustee_id': None, 'trustor_id': None, 'consumer_id': None, 'token': <KeystoneToken (audit_id=He6oRPmeS2Sgn6rOpEvwgQ, audit_chain_id=He6oRPmeS2Sgn6rOpEvwgQ) at 0x4f44550>, 'project_id': u'45c76a0c8c2f43a7b84c046be1720a71', 'trust_id': None} process_request /usr/lib/python2.7/site-packages/keystone/middleware/core.py:233
2016-03-02 01:56:53.625 7558 INFO keystone.common.wsgi [-] GET http://192.0.2.1:35357/v3/auth/tokens
2016-03-02 01:56:53.625 7558 DEBUG keystone.common.controller [-] RBAC: Authorizing identity:validate_token() _build_policy_check_credentials /usr/lib/python2.7/site-packages/keystone/common/controller.py:61
2016-03-02 01:56:53.625 7558 DEBUG keystone.common.controller [-] RBAC: using auth context from the request environment _build_policy_check_credentials /usr/lib/python2.7/site-packages/keystone/common/controller.py:66
2016-03-02 01:56:53.634 7558 DEBUG keystone.policy.backends.rules [-] enforce identity:validate_token: {'is_delegated_auth': False, 'access_token_id': None, 'user_id': u'280bbc2771994e9383adc197e962a146', 'roles': [u'_member_', u'admin'], 'trustee_id': None, 'trustor_id': None, 'consumer_id': None, 'token': <KeystoneToken (audit_id=He6oRPmeS2Sgn6rOpEvwgQ, audit_chain_id=He6oRPmeS2Sgn6rOpEvwgQ) at 0x4f44550>, 'project_id': u'45c76a0c8c2f43a7b84c046be1720a71', 'trust_id': None} enforce /usr/lib/python2.7/site-packages/keystone/policy/backends/rules.py:76
2016-03-02 01:56:53.635 7558 DEBUG keystone.common.controller [-] RBAC: Authorization granted inner /usr/lib/python2.7/site-packages/keystone/common/controller.py:161
2016-03-02 01:56:53.642 7558 INFO eventlet.wsgi.server [-] 192.0.2.1 - - [02/Mar/2016 01:56:53] "GET /v3/auth/tokens HTTP/1.1" 200 6726 0.026206
----------------------------
Comment 2 Ana Krivokapic 2016-03-02 05:15:12 EST
We are not developing Tuskar or Tuskar-UI any longer.

Note You need to log in before you can comment on or make changes to this bug.