I am able to login as a non-admin user and access the containers. In addition to missing nova-cert, I also had to change the keystoneauth settings in /etc/swift/proxy-server.conf to add "Member" to the operator_roles list, which I suppose is equivalent to making a "Member" user the equivalent of an administrator for Swift.
-Wyllys On Mar 15, 2013, at 1:02 PM, Jay Pipes <jaypi...@gmail.com> wrote: > It's actually not nova-cert that you need. It is the Keystone EC2 > credentials API extension that is the problem. It only works for users > with admin role. > > I logged a bug on it and am working on a fix: > > https://bugs.launchpad.net/keystone/+bug/1136190 > > Best, > -jay > > On 03/14/2013 10:57 AM, Wyllys Ingersoll wrote: >> >> I figured it out - nova-cert was not installed and running. I need to add >> this to my setup when EC2 is enabled, I wasn't aware of the dependency. >> >> -Wyllys >> >> >> >> On Mar 14, 2013, at 10:35 AM, Wyllys Ingersoll <wyllys.ingers...@evault.com> >> wrote: >> >>> >>> I have EC2 configured correctly as far as I can tell because I am able to >>> view my containers using the S3 APIs and S3 tools such as CyberDuck or >>> s3curl.pl, using ec2 credentials returned by the keystone command line tool. >>> >>> However, when I use the Horizon user settings interface and select >>> "Download EC2 Credentials", nothing happens and it eventually returns yet >>> another "System Error". >>> >>> According to the logs, the failure is because the call to request >>> "os-certificates" is timing out. I know this is probably because some >>> other nova service is not running, but Im not sure which one it needs to >>> complete this transaction. It'd be nice if the error message somewhere >>> that indicated which service was not responding or what to do about it. >>> Can someone tell me which nova service I need to have running and >>> configured to issue os-certificates? >>> >>> Also, I really only want the EC2 credentials to be created and downloaded, >>> Im not so much interested in the X509 certificates at this point. It'd be >>> nice if the user settings EC2 panel had more options, such as just creating >>> and/or listing the EC2 access ID and Key for a particular user rather than >>> assuming you want/need everything all at once. >>> >>> thanks, >>> Wyllys Ingersoll >>> EVault >>> >>> >>> >>> _______________________________________________ >>> Mailing list: https://launchpad.net/~openstack >>> Post to : openstack@lists.launchpad.net >>> Unsubscribe : https://launchpad.net/~openstack >>> More help : https://help.launchpad.net/ListHelp >> >> >> _______________________________________________ >> Mailing list: https://launchpad.net/~openstack >> Post to : openstack@lists.launchpad.net >> Unsubscribe : https://launchpad.net/~openstack >> More help : https://help.launchpad.net/ListHelp >> > > _______________________________________________ > Mailing list: https://launchpad.net/~openstack > Post to : openstack@lists.launchpad.net > Unsubscribe : https://launchpad.net/~openstack > More help : https://help.launchpad.net/ListHelp _______________________________________________ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp
