[英]Configuration Wilma Pep proxy 4.3 - Keyrock 4.3 local instance - IDAS
We have installed a Keyrock instance (Horizon + Keystone) through the automated tools in a local enviroment (Ubuntu 14.0.4 LTS). 我们已通过自动化工具在本地环境(Ubuntu 14.0.4 LTS)中安装了Keyrock实例(Horizon + Keystone)。 We have followed this guide
我们遵循了本指南
Keystone host: ubuntuHost Keystone port: 5000
梯形失真校正主机:ubuntuHost梯形失真校正端口:5000
Horizon host: ubuntuHost Horizon port: 8000
Horizon主机:ubuntuHost Horizon端口:8000
We have installed a Pep Proxy Wilma in another local enviroment (Centos 6.6): 我们在另一个本地环境(Centos 6.6)中安装了Pep Proxy Wilma:
Pep Proxy Wilma host: centosHost Pep Proxy Wilma port: 80800
Pep Proxy Wilma主机:centosHost Pep Proxy Wilma端口:80800
We want to configure the Pep Proxy Wilma to attack an instance of IDAS that is installed in the same enviroment that the Pep Proxy Wilma: 我们要配置Pep Proxy Wilma攻击IDAS实例,该实例安装在与Pep Proxy Wilma相同的环境中:
IDAS host: centosHost IDAS port: 8080
IDAS主机:centosHost IDAS端口:8080
In order to do this we have put the following configuration file of Pep Proxy Wilma: 为此,我们放置了以下Pep Proxy Wilma配置文件:
config.account_host = 'ubuntuHost:8000';
config.account_host ='ubuntuHost:8000';
config.keystone_host = 'ubuntuHost';
config.keystone_host ='ubuntuHost'; config.keystone_port = 5000;
config.keystone_port = 5000;
config.app_host = 'centosHost';
config.app_host ='centosHost'; config.app_port = '8080';
config.app_port ='8080';
config.username = 'idm';
config.username ='idm'; config.password = 'idm';
config.password ='idm';
// in seconds config.chache_time = 300;
//以秒为单位config.chache_time = 300;
When we try to run the pep proxy wilma server, the following error shows up: 当我们尝试运行pep代理wilma服务器时,出现以下错误:
express deprecated app.configure: Check app.get('env') in an if statement server.js:35:5 Starting PEP proxy in port 80800. Keystone authentication ... Error in keystone communication {"error": {"message": "The request you have made requires authentication.", "code": 401, "title": "Unauthorized"}}
快速弃用的app.configure:在if语句server.js:35:5中检查app.get('env'),在端口80800中启动PEP代理。梯形失真验证...梯形失真通信中的错误{“错误”:{“消息“:”您提出的请求需要验证。“,”代码“:401,”标题“:”未经授权“}}
We do not know what is happening here; 我们不知道这里发生了什么; if this has something to do with the horizon or keystone, or both of them
如果这与地平线或梯形失真,或两者都有关系
Could you help us with this? 您能帮我们吗?
Thanks in advance, Rafa. 在此先感谢Rafa。
There can be several reasons why this is failing but I think that most probably is a simple issue where the PEP Proxy user doesn't exists in Keystone or is not properly authorized. 失败的原因可能有多种,但我认为很可能是一个简单的问题,其中在Keystone中不存在PEP代理用户或未正确授权PEP代理用户。
In the configuration file (config.js) of the PEP Proxy you should have two lines like the following: 在PEP代理的配置文件(config.js)中,您应该有两行,如下所示:
config.username = 'pepProxy';
config.password = 'pepProxy';
There has to be a user created in the Keystone back-end for the PEP Proxy, the same way OpenStack services like nova or glance have theirs. 必须在Keystone后端为PEP代理创建一个用户,就像nova或glance这样的OpenStack服务一样。
If you have used the automated tools, you can create this user and authorize it easily: 如果您使用了自动化工具,则可以创建该用户并轻松对其进行授权:
$ fab localhost keystone.console
>>> pep = keystone.users.create(name='pepProxy', password='pepProxy', domain='default')
>>> service_role = keystone.roles.find(name='service') # create it if not found
>>> keystone.roles.grant(role=role, user=pep, domain='default')
You can also do this operations using curl directly if you feel more comfortable with it. 如果您感觉更舒适,也可以直接使用curl进行此操作。 You can find the REST API documented here Keystone Identity API v3
您可以在此处找到记录的REST API Keystone Identity API v3
As I said, there can be other causes why this is happening, please let me know if this answer doesn't fix your issue. 就像我说的那样,还有其他原因会导致这种情况发生,如果此答案不能解决您的问题,请告诉我。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.