keystone
node.js cms and web app framework
KeystoneJS · Node.js cms and web application platform built on Express and MongoDB
get a head-start on the features you need. keystonejs is the easiest way to build dynamic websites, applications and apis with node.js and mongodb.
I'm really trying to understand the under the hood of keystone regarding the relationships among endpoints, regions, tenants, services, users and roles.
I've tried to find the related documents but sadly, failed.
Could anybody give any pointers or explanations?
Source: (StackOverflow)
I set up keystone v3, and then created a domain dom1, a user adm1 and grant this user to admin role. Authenticate this user with domain scope. Then create a project under dom1. I tried to list projects with the same token that created the project. All I got is "You are not authorized to perform the requested action: identity:list_projects".
If I take out the rule domain_id:%(domain_id)s in policy.v3cloudsample.json for "identity:list_projects", everything works well.
Why cannot I list projects with the rule domain_id:%(domain_id)s?
Thanks.
Source: (StackOverflow)
Hello I don't know if this question has been asked but I couldn't find an answer, I'm using the REST API v2.0 that Keystone has as authentication method for my application and I need the user's email address. So do you know if this is possible?? or there is a way of doing this I have been reading the API docs and I found that you can get the user details but you have to be an admin for that. Thanks
http://developer.openstack.org/api-ref-identity-v2.html#admin-users
Source: (StackOverflow)
I am brand new to node and keystone so please bear with me if this is a rookie question.
I am trying to add a static page to the keystone admin panel so that when a user is logged in, only then can they access the static page (it will contain a google analytics API so that the user can track their reporting from the site). I am having no trouble with creating static pages for a non-logged in user, but I cannot find where the logged in nav structure is nested in my app or how to set a view so that only a user who is signed in can see it.
Source: (StackOverflow)
Anyone know a way to get the list of tenants for a user? I know I can get the users for a tenant and I can get a list of all the tenants so technically I could loop through all the tenants and look for a specific user but that seems like a cumbersome approach.
Source: (StackOverflow)
I know it is possible to get a user by id but all I have available is the name. Anyone know how to get a user by name using the keystone client v 2.0?
from keystoneclient.v2_0 import client
keystone = client.Client(username=USER,
password=PASS,
tenant_name=TENANT_NAME,
auth_url=KEYSTONE_URL)
user = keystone.users.get(USER_ID)
need something like the following **
keystone.users.getByName(USER_NAME)
Source: (StackOverflow)
I am new in KeystoneJS CMS and I am wondering if there is any way to write contact page or any other pages in html. For example if on Contact page I want to add like my address post code and stuffs and maybe a map with location or new fields for contact. Where shall I write all this stuffs. Are so many files and I don't know where to start.
Thanks
Source: (StackOverflow)
I have swift-proxy and keystone installed in a multi-node environment.
When I try to curl for a token, keystone returns the token successfully
curl -d '{"auth":{"passwordCredentials":{"username": "swift", "password": "swift"}}}' -H "Content-type: application/json" http://host_ip:35357/v2.0/tokens
returns successfully with
{"access": {"token": {"expires": "2012-09-16T20:50:45Z", "id": "43ffcfed72a441e69c12c53b82cd4017"}, "serviceCatalog": {}, "user": {"username": "swift", "roles_links": [], "id": "090faedcf3e641ec9ad39babbc68bc8f", "roles": [], "name": "swift"}}}
When I try running some swift commands, the command just hangs and does not return.
swift -V 2 -A http://host_ip:5000/v2.0 -U service:swift -K swift stat
I see the following log in the keystone logs
2012-09-15 23:54:09 DEBUG [keystone.common.wsgi] ******************** REQUEST ENVIRON ********************
2012-09-15 23:54:09 DEBUG [keystone.common.wsgi] SCRIPT_NAME = /v2.0
2012-09-15 23:54:09 DEBUG [keystone.common.wsgi] webob.adhoc_attrs = {'response': <Response at 0x20a66d0 200 OK>}
2012-09-15 23:54:09 DEBUG [keystone.common.wsgi] REQUEST_METHOD = POST
2012-09-15 23:54:09 DEBUG [keystone.common.wsgi] PATH_INFO = /tokens
2012-09-15 23:54:09 DEBUG [keystone.common.wsgi] SERVER_PROTOCOL = HTTP/1.0
2012-09-15 23:54:09 DEBUG [keystone.common.wsgi] CONTENT_LENGTH = 102
2012-09-15 23:54:09 DEBUG [keystone.common.wsgi] eventlet.posthooks = []
2012-09-15 23:54:09 DEBUG [keystone.common.wsgi] RAW_PATH_INFO = /v2.0/tokens
2012-09-15 23:54:09 DEBUG [keystone.common.wsgi] REMOTE_ADDR = swift_proxy_ip
2012-09-15 23:54:09 DEBUG [keystone.common.wsgi] eventlet.input = <eventlet.wsgi.Input object at 0x207ee10>
2012-09-15 23:54:09 DEBUG [keystone.common.wsgi] wsgi.url_scheme = http
2012-09-15 23:54:09 DEBUG [keystone.common.wsgi] SERVER_PORT = 5000
2012-09-15 23:54:09 DEBUG [keystone.common.wsgi] wsgi.input = <cStringIO.StringI object at 0x22349f0>
2012-09-15 23:54:09 DEBUG [keystone.common.wsgi] openstack.context = {'token_id': None, 'is_admin': False}
2012-09-15 23:54:09 DEBUG [keystone.common.wsgi] HTTP_HOST = keystone_host_ip:5000
2012-09-15 23:54:09 DEBUG [keystone.common.wsgi] wsgi.multithread = True
2012-09-15 23:54:09 DEBUG [keystone.common.wsgi] openstack.params = {u'auth': {u'tenantName': u'service', u'passwordCredentials': {u'username': u'swift', u'password': u'swift'}}}
2012-09-15 23:54:09 DEBUG [keystone.common.wsgi] wsgi.version = (1, 0)
2012-09-15 23:54:09 DEBUG [keystone.common.wsgi] SERVER_NAME = swift_proxy_ip
2012-09-15 23:54:09 DEBUG [keystone.common.wsgi] GATEWAY_INTERFACE = CGI/1.1
2012-09-15 23:54:09 DEBUG [keystone.common.wsgi] wsgi.run_once = False
2012-09-15 23:54:09 DEBUG [keystone.common.wsgi] wsgi.errors = <open file '<stderr>', mode 'w' at 0x7f2a86a3e1e0>
2012-09-15 23:54:09 DEBUG [keystone.common.wsgi] wsgi.multiprocess = False
2012-09-15 23:54:09 DEBUG [keystone.common.wsgi] webob.is_body_seekable = True
2012-09-15 23:54:09 DEBUG [keystone.common.wsgi] CONTENT_TYPE = application/json
2012-09-15 23:54:09 DEBUG [keystone.common.wsgi] HTTP_ACCEPT_ENCODING = identity
2012-09-15 23:54:09 DEBUG [keystone.common.wsgi]
2012-09-15 23:54:09 DEBUG [keystone.common.wsgi] ******************** REQUEST BODY ********************
2012-09-15 23:54:09 DEBUG [keystone.common.wsgi] {"auth": {"tenantName": "service", "passwordCredentials": {"username": "swift", "password": "swift"}}}
2012-09-15 23:54:09 DEBUG [keystone.common.wsgi]
2012-09-15 23:54:09 DEBUG [routes.middleware] Matched POST /tokens
2012-09-15 23:54:09 DEBUG [routes.middleware] Route path: '{path_info:.*}', defaults: {'controller': <keystone.service.PublicRouter object at 0x1d29a10>}
2012-09-15 23:54:09 DEBUG [routes.middleware] Match dict: {'controller': <keystone.service.PublicRouter object at 0x1d29a10>, 'path_info': '/tokens'}
2012-09-15 23:54:09 DEBUG [routes.middleware] Matched POST /tokens
2012-09-15 23:54:09 DEBUG [routes.middleware] Route path: '/tokens', defaults: {'action': u'authenticate', 'controller': <keystone.service.TokenController object at 0x1d29b50>}
2012-09-15 23:54:09 DEBUG [routes.middleware] Match dict: {'action': u'authenticate', 'controller': <keystone.service.TokenController object at 0x1d29b50>}
2012-09-15 23:54:09 DEBUG [keystone.common.wsgi] arg_dict: {}
2012-09-15 23:54:09 DEBUG [root] TOKEN_REF {'id': 'e7846e13518f46f192d89216f4c1a79f', 'expires': datetime.datetime(2012, 9, 16, 20, 54, 9, 786881), 'user': {u'tenantId': u'dfb8e05385a6481892f259c7ea72df02', u'enabled': True, u'email': u'test@email.com', 'name': u'swift', 'id': u'090faedcf3e641ec9ad39babbc68bc8f'}, 'tenant': {u'description': None, u'enabled': True, 'id': u'dfb8e05385a6481892f259c7ea72df02', 'name': u'service'}, 'metadata': {u'roles': [u'b54e958ad08f4585885a325fcaa773e5', u'4f3ae4562e424dcfa9542b1794637f4a']}}
2012-09-15 23:54:09 DEBUG [keystone.common.wsgi] ******************** RESPONSE HEADERS ********************
2012-09-15 23:54:09 DEBUG [keystone.common.wsgi] Content-Type = application/json
2012-09-15 23:54:09 DEBUG [keystone.common.wsgi] Vary = X-Auth-Token
2012-09-15 23:54:09 DEBUG [keystone.common.wsgi] Content-Length = 789
2012-09-15 23:54:09 DEBUG [keystone.common.wsgi]
2012-09-15 23:54:09 DEBUG [keystone.common.wsgi] ******************** RESPONSE BODY ********************
2012-09-15 23:54:09 DEBUG [keystone.common.wsgi] {"access": {"token": {"expires": "2012-09-16T20:54:09Z", "id": "e7846e13518f46f192d89216f4c1a79f", "tenant": {"description": null, "enabled": true, "id": "dfb8e05385a6481892f259c7ea72df02", "name": "service"}}, "serviceCatalog": [{"endpoints": [{"adminURL": "http://swift_proxy_ip:8080", "region": "RegionOne", "internalURL": "http://swift_proxy_ip:8080/v1/AUTH_dfb8e05385a6481892f259c7ea72df02", "publicURL": "http://swift_proxy_ip:8080/v1/AUTH_dfb8e05385a6481892f259c7ea72df02"}], "endpoints_links": [], "type": "object-store", "name": "swift"}], "user": {"username": "swift", "roles_links": [], "id": "090faedcf3e641ec9ad39babbc68bc8f", "roles": [{"id": "b54e958ad08f4585885a325fcaa773e5", "name": "Member"}, {"id": "4f3ae4562e424dcfa9542b1794637f4a", "name": "admin"}], "name": "swift"}}}
2012-09-15 23:54:09 DEBUG [eventlet.wsgi.server] host_ip - - [15/Sep/2012 23:54:09] "POST /v2.0/tokens HTTP/1.1" 200 918 0.059865
Is there something I am missing in the command ? I notice similar behavior for the following commands too - when I try to upload files to a container and list them
swift -V 2 -A http://keystone_host_ip:5000/v2.0 -U service:swift -K swift upload myfiles test.txt
swift -V 2 -A http://keystone_host_ip:5000/v2.0 -U service:swift -K swift list myfiles
Source: (StackOverflow)
I am new in keystone and configuring swift using keystone, I followed openstack guide and configured each and everything according to it, but still I am getting "401 unauthorized" error. Please help me out and let me know what am I doing wrong.
For more clarification please find attached screen shot.
Source: (StackOverflow)
I have a keystone installation mostly used as API resource for mobile app as front-end. When I take a photo with phone I would like to save photo to cloudinary service. Photo is sent to server as base64 string. Can I upload image on cloudinary service using some keystone api or I have to use cloudinary module methods to do it and manually insert data to db?
Source: (StackOverflow)
I'm running devstack (master from github as of 11/21/2014) with the Horizon v2 api (default) and I want to create a read-only user account/role for viewing a single tenant's resources. I'm fairly new to things, and /etc/nova/policy.json and /etc/keystone/policy.json make very little sense right now.
Has anyone created a role that permits just viewing things and no edits/updates/changes? If so, any advice on how to accomplish that?
Source: (StackOverflow)
I'm trying to install Openstack Swift on CentOS 6.5. I only need object storage, so no other Openstack services will be installed. The problem I'm facing now is how to choose the auth system.
I've tried keystone, which seems a little bit too 'heavy' to me. After some Googling, I found swauth, but only a few results about it. So is it fine to use swauth as the auth system, even in a production installation? Thanks!
Source: (StackOverflow)
I want to perform CRUD operation on openstack keystone user. according to keystone api docs we must use GET request along with x-auth-token information . I have written a code for that but i could not get any user list but instead i get "404 Not Found\n\nThe resource could not be found.\n\n . my code is below
#!/usr/bin/python
import httplib
import urllib
import os
import json
from urlparse import urlparse
#Define openstack url
url = "x.x.x.x:5000"
osuser = "osuser"
ospassword = "whatever"
params ='{"auth":{"tenantName":"openstackDemo", "passwordCredentials":{"username":"osuser", "password": "ospassword"}}}'
headers = {"Content-Type": "application/json"}
#make http request
conn = httplib.HTTPConnection(url)
conn.request("POST", "/v2.0/tokens", params,headers)
#get http response
response = conn.getresponse()
data = response.read()
verify_services = json.loads(data)
conn.close()
#print "The service verificetion is:%s\n\t" % verify_services
#Get keystone token
keystone_token = verify_services ['access']['token']['id']
print "Printing api token :\n"
print keystone_token
user_id = verify_services['access']['user']['id']
print "Printing user id : \n"
print user_id
# Get keystone URL
keystone_url = verify_services ['access']['serviceCatalog'][5]
print "Printing keystone end points url: \n"
print keystone_url
#Now take the keystone public url and uid
for publicurl in keystone_url['endpoints']:
key_admin_url = publicurl['adminURL']
key_pub_url = publicurl['publicURL']
keystone_user_id = publicurl['id']
print "printing keystone public url:\n"
print key_pub_url
print "Printing keystone user id:\n"
print keystone_user_id
##################
# Get the user list
#################
apiurlt = urlparse(key_pub_url)
print apiurlt
url2 = apiurlt[1]
print url2
#params1 = '{"username":"samit", "email":"sanjaya@kth.se","enabled":true,"password":"secret", "roles":"member"}'
p = urllib.urlencode({})
headers1 = {"X-Auth-Token":"keystone_token", "Content-type":"application/json"}
conn2 = httplib.HTTPConnection(url2)
conn2.request("GET", "%s/users" %apiurlt[2] , p,headers1)
response2 = conn2.getresponse()
data2 = response2.read()
user_list = json.dumps(data2)
conn.close()
print "getting users:\n"
print response.status
print response.reason
print user_list
i dont know what is wrong with my code can you help me...
Source: (StackOverflow)
I'm trying to install opnstack grizzly on a fresh ubuntu 12.04 server.
The sript runs fin until it reach this point :
screen -S stack -p key -X stuff 'cd /opt/stack/keystone &&
/opt/stack/keystone/bin/keystone-all --config-file /etc/keystone/keystone.con' --log-
config
/etc/keystone/logging.conf -d --debug || touch "/opt/stack/status/stack/key.failure"
2013-07-16 17:33:03 + echo 'Waiting for keystone to start...'
2013-07-16 17:33:03 Waiting for keystone to start...
2013-07-16 17:33:03 + timeout 60 sh -c 'while ! http_proxy= curl -s
http://192.168.20.69:5000/v2.0/ >/dev/null; do sleep 1; done'
2013-07-16 17:34:03 + die 311 'keystone did not start'
2013-07-16 17:34:03 + local exitcode=0
2013-07-16 17:34:03 + set +o xtrace
2013-07-16 17:34:03 [ERROR] ./stack.sh:311 keystone did not start
the log file :
File "/opt/stack/keystone/bin/keystone-all", line 112, in <module>
options = deploy.appconfig('config:%s' % paste_config)
File "/usr/lib/python2.7/dist-packages/paste/deploy/loadwsgi.py", line 261, in appconfig
global_conf=global_conf)
File "/usr/lib/python2.7/dist-packages/paste/deploy/loadwsgi.py", line 296, in loadcontext
global_conf=global_conf)
File "/usr/lib/python2.7/dist-packages/paste/deploy/loadwsgi.py", line 320, in _loadconfig
return loader.get_context(object_type, name, global_conf)
File "/usr/lib/python2.7/dist-packages/paste/deploy/loadwsgi.py", line 413, in get_context
defaults = self.parser.defaults()
File "/usr/lib/python2.7/dist-packages/paste/deploy/loadwsgi.py", line 68, in defaults
defaults[key] = self.get('DEFAULT', key) or val
File "/usr/lib/python2.7/ConfigParser.py", line 623, in get
return self._interpolate(section, option, value, d)
File "/usr/lib/python2.7/dist-packages/paste/deploy/loadwsgi.py", line 75, in _interpolate
self, section, option, rawval, vars)
File "/usr/lib/python2.7/ConfigParser.py", line 669, in _interpolate
option, section, rawval, e.args[0])
ConfigParser.InterpolationMissingOptionError: Error in file /etc/keystone/keystone.conf:
Bad value substitution:
section: [DEFAULT]
option : admin_endpoint
key : admin_port
rawval : http://192.168.20.69:%(admin_port)s/
the parsing instruction :
https://github.com/openstack/keystone/blob/master/keystone/common/config.py
the ConfigParser.InterpolationMissingOptionError :
Exception raised when an option referenced from a value does not exist. Subclass of InterpolationError.
I actually don't understan which option referenced does not exist..
Thank you in advance for your help.
Damien
Source: (StackOverflow)
I am confused with "multi-core" processors concept.
Some multi-core processors, link ARM A9/x86, we run uni-OS, like linux/windows. Every core works well.
But others, link TI's C6678, we run a linux on core pac0, and run sys/bios on every other core pacs, they communicate through syslink.
What's the architecture difference between these multi-core processors?
Source: (StackOverflow)