I just saw this email, apologize for the delay. I installed the openstack version, rather than the version in pip:
[r...@openstack-controller01.a.pc.ostk.com ~] # rpm -qa | grep python-gnocchi python-gnocchiclient-2.2.0-1.el7.noarch python-gnocchi-2.1.4-1.el7.noarch r...@openstack-controller01.a.pc.ostk.com ~] # rpm -qa | grep oslo-policy python2-oslo-policy-1.6.0-1.el7.noarch On 2/27/17, 1:17 PM, "gordon chung" <g...@live.ca> wrote: >can you add what version of gnocchi, gnocchiclient and oslo.policy you >have? might be easier if open a bug[1]. i don't see anything wrong at >first glance and i don't recall there being a similar issue in past. > >[1] https://bugs.launchpad.net/gnocchi > >On 23/02/17 11:54 AM, Tracy Comstock Roesler wrote: >> I¹ve run into a problem with the gnocchi CLI. Whenever I run Œgnocchi >> status¹ I get a 403 Forbidden, but I can run other commands like >> 'gnocchi resource create¹ no problem. >> >> I¹ve checked the policy.json and it looks like ³admin² has rights to get >> status, the same as create resources. I cannot figure out why get >> status would show a 403 forbidden, but I can run other commands just >>fine. >> >> [root ~] # gnocchi status --debug >> REQ: curl -g -i -X GET http://keystone:35357/v3 -H "Accept: >> application/json" -H "User-Agent: keystoneauth1/2.4.1 >> python-requests/2.10.0 CPython/2.7.5" >> Starting new HTTP connection (1): keystone >> "GET /v3 HTTP/1.1" 200 277 >> RESP: [200] Content-Type: application/json Content-Length: 277 >> Connection: keep-alive Date: Thu, 23 Feb 2017 16:52:40 GMT Server: >> Apache/2.4.6 (CentOS) mod_wsgi/3.4 Python/2.7.5 Vary: X-Auth-Token >> x-openstack-request-id: req-189a8db8-6210-4735-bc66-b2dc90b00a38 >> RESP BODY: {"version": {"status": "stable", "updated": >> "2016-04-04T00:00:00Z", "media-types": [{"base": "application/json", >> "type": "application/vnd.openstack.identity-v3+json"}], "id": "v3.6", >> "links": [{"href": "http://keystone:35357/v3/", "rel": "self"}]}} >> >> Making authentication request to http://keystone:35357/v3/auth/tokens >> "POST /v3/auth/tokens HTTP/1.1" 201 3874 >> REQ: curl -g -i -X GET http://gnocchi:8041/v1/status -H "User-Agent: >> keystoneauth1/2.4.1 python-requests/2.10.0 CPython/2.7.5" -H "Accept: >> application/json, */*" -H "X-Auth-Token: {SHA1}AAA" >> Starting new HTTP connection (1): gnocchi >> "GET /v1/status HTTP/1.1" 403 54 >> RESP: [403] Content-Type: application/json; charset=UTF-8 >> Content-Length: 54 Connection: keep-alive Server: Werkzeug/0.9.1 >> Python/2.7.5 Date: Thu, 23 Feb 2017 16:52:40 GMT >> RESP BODY: {"code": 403, "description": "", "title": "Forbidden"} >> >> Forbidden (HTTP 403) >> Traceback (most recent call last): >> File "/usr/lib/python2.7/site-packages/cliff/app.py", line 346, in >> run_subcommand >> result = cmd.run(parsed_args) >> File "/usr/lib/python2.7/site-packages/cliff/display.py", line 79, in >>run >> column_names, data = self.take_action(parsed_args) >> File >> "/usr/lib/python2.7/site-packages/gnocchiclient/v1/status_cli.py", line >> 21, in take_action >> status = self.app.client.status.get() >> File "/usr/lib/python2.7/site-packages/gnocchiclient/v1/status.py", >> line 21, in get >> return self._get(self.url).json() >> File "/usr/lib/python2.7/site-packages/gnocchiclient/v1/base.py", line >> 37, in _get >> return self.client.api.get(*args, **kwargs) >> File "/usr/lib/python2.7/site-packages/keystoneauth1/adapter.py", line >> 173, in get >> return self.request(url, 'GET', **kwargs) >> File "/usr/lib/python2.7/site-packages/gnocchiclient/client.py", line >> 38, in request >> raise exceptions.from_response(resp, method) >> Forbidden: Forbidden (HTTP 403) >> Traceback (most recent call last): >> File "/usr/bin/gnocchi", line 10, in <module> >> sys.exit(main()) >> File "/usr/lib/python2.7/site-packages/gnocchiclient/shell.py", line >> 211, in main >> return GnocchiShell().run(args) >> File "/usr/lib/python2.7/site-packages/cliff/app.py", line 226, in run >> result = self.run_subcommand(remainder) >> File "/usr/lib/python2.7/site-packages/cliff/app.py", line 346, in >> run_subcommand >> result = cmd.run(parsed_args) >> File "/usr/lib/python2.7/site-packages/cliff/display.py", line 79, in >>run >> column_names, data = self.take_action(parsed_args) >> File >> "/usr/lib/python2.7/site-packages/gnocchiclient/v1/status_cli.py", line >> 21, in take_action >> status = self.app.client.status.get() >> File "/usr/lib/python2.7/site-packages/gnocchiclient/v1/status.py", >> line 21, in get >> return self._get(self.url).json() >> File "/usr/lib/python2.7/site-packages/gnocchiclient/v1/base.py", line >> 37, in _get >> return self.client.api.get(*args, **kwargs) >> File "/usr/lib/python2.7/site-packages/keystoneauth1/adapter.py", line >> 173, in get >> return self.request(url, 'GET', **kwargs) >> File "/usr/lib/python2.7/site-packages/gnocchiclient/client.py", line >> 38, in request >> raise exceptions.from_response(resp, method) >> gnocchiclient.exceptions.Forbidden: Forbidden (HTTP 403) >> >> >> _______________________________________________ >> OpenStack-operators mailing list >> OpenStack-operators@lists.openstack.org >> http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-operators >> > >-- >gord > >_______________________________________________ >OpenStack-operators mailing list >OpenStack-operators@lists.openstack.org >http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-operators > _______________________________________________ OpenStack-operators mailing list OpenStack-operators@lists.openstack.org http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-operators