Description of problem: Undercloud Swift cannot be reached with the generated stackrc loaded: [stack@undercloud-0 ~]$ source stackrc (undercloud) [stack@undercloud-0 ~]$ swift list /usr/lib/python2.7/site-packages/requests/packages/urllib3/connection.py:303: SubjectAltNameWarning: Certificate for 192.168.24.2 has no `subjectAltName`, falling back to check for a `commonName` for now. This feature is being removed by major browsers and deprecated by RFC 2818. (See https://github.com/shazow/urllib3/issues/497 for details.) SubjectAltNameWarning Authorization Failure. Authorization failed: (http://192.168.24.2:13000/auth/tokens): The resource could not be found. (HTTP 404) Version-Release number of selected component (if applicable): instack-undercloud-7.1.1-0.20170630185738.el7ost.noarch How reproducible: 100% Steps to Reproduce: 1. Deploy OSP12 2. source stackrc 3. swift list Actual results: Authorization Failure. Authorization failed: (http://192.168.24.2:13000/auth/tokens): The resource could not be found. (HTTP 404) Expected results: No authorization failed. Additional info: The OS_AUTH_URL needs /v3 (undercloud) [stack@undercloud-0 ~]$ grep OS_AUTH_URL stackrc OS_AUTH_URL=https://192.168.24.2:13000/ export OS_AUTH_URL (undercloud) [stack@undercloud-0 ~]$ export OS_AUTH_URL=https://192.168.24.2:13000/v3; swift list /usr/lib/python2.7/site-packages/requests/packages/urllib3/connection.py:303: SubjectAltNameWarning: Certificate for 192.168.24.2 has no `subjectAltName`, falling back to check for a `commonName` for now. This feature is being removed by major browsers and deprecated by RFC 2818. (See https://github.com/shazow/urllib3/issues/497 for details.) SubjectAltNameWarning /usr/lib/python2.7/site-packages/requests/packages/urllib3/connection.py:303: SubjectAltNameWarning: Certificate for 192.168.24.2 has no `subjectAltName`, falling back to check for a `commonName` for now. This feature is being removed by major browsers and deprecated by RFC 2818. (See https://github.com/shazow/urllib3/issues/497 for details.) SubjectAltNameWarning ov-kbc7lxvhwu-0-m5fs4wnjql2b-NovaCompute-oux6wrkqfbb6 ov-pwvd26zc7kj-0-jax4m6qwyes6-Controller-4gjqvjbglt3j overcloud overcloud-swift-rings
It should be noted that swiftclient does not work with keystone v3. Use openstackclient instead.
sorry when I say it doesn't work with v3, it doesn't handle the version auto discovery (hence needing /v3 on the url). We've replaced our usages with openstack client equivalent commands.
I can confirm 'openstack container list' is working as expected.
The issue is that the new stackrc files does not contain the version on OS_AUTH_URL env variable and swift client does not currently support versionless auth url. Christian has a patch for this upstream: https://review.openstack.org/#/c/473740/ This will probably show up in osp13 as it didn't land in time for to make into the Pike release upstream.