Re: Issue with jclouds computeService listNodes() ?

2018-06-21 Thread Ignasi Barrera 
FTR, I'm not a user of the SimianArmy, but I've just opened a PR to add
support for temporary credentials:
https://github.com/Netflix/SimianArmy/pull/331

On 21 June 2018 at 10:14, archiep...@gmail.com  wrote:

> Hi Ignasi,
> Thank you! I will try this out and let you know if it worked.
>
> Cheers
> Archana
>
> On 2018/06/21 08:00:01, Ignasi Barrera  wrote:
> > Hi Archana,
> >
> > I see the problem here. When using temporary credentials in AWS, the
> > session token must be included in a request header [1], so you need to
> > provide it when configuring the jclouds context with the credentials.
> >
> > By default, the "ContextBuilder.credentials" signature does only allow to
> > pass the access key and secret key, but there is no place to specify that
> > session token. However, the ContextBuilder provides an alternate
> mechanism
> > to configure custom credentials. You can use the
> > "ContextBuilder.credentialsSupplier" method as follows:
> >
> > ContextBuilder.newBuilder("aws-ec2")
> >...
> >.credentialsSupplier(new Supplier() {
> >   @Override
> >   public Credentials get() {
> >  return SessionCredentials.builder()
> > .accessKeyId("temporary access key")
> > .secretAccessKey("temporary secret key")
> > .sessionToken("session token")
> > .expiration(new Date()) // Change to a proper value
> > .build();
> >   }
> >})
> >...
> >
> > ​
> >
> > Could you try this?
> >
> >
> > HTH!
> >
> > I.
> >
> >
> > [1]
> > https://docs.aws.amazon.com/AmazonS3/latest/dev/RESTAuthentication.html#
> UsingTemporarySecurityCredentials
> >
> >
> > On 21 June 2018 at 09:53, Andrea Turli  wrote:
> >
> > > Mmm very interesting!
> > >
> > > The only thing that comes to my mind is:
> > > - is your account allowed to talk to all the regions? From the
> stacktrace
> > > above looks like
> > > org.jclouds.rest.AuthorizationException: POST https://ec2.us-east-1.
> > > amazonaws.com/ HTTP/1.1 -> HTTP/1.1 401 Unauthorized
> > > so maybe your account is not allowed to talk to that region. Can you
> > > confirm? if not you want to control which regions to target you can use
> > > `-Djclouds.regions: "us-west-1" in case you want to limit to Oregon.
> > >
> > > HTH,
> > > Andrea
> > >
> > > On Thu, Jun 21, 2018 at 9:45 AM archiep...@gmail.com <
> archiep...@gmail.com>
> > > wrote:
> > >
> > >> Hi Andrea,
> > >> Thanks for the quick response. I am using an IAM role that has full
> admin
> > >> access. Which is why this case is even more perplexing. Do you have
> any
> > >> other suggestions to try out?
> > >>
> > >> Cheers
> > >> Archana
> > >>
> > >> On 2018/06/20 21:45:31, archiep...@gmail.com 
> > >> wrote:
> > >> > Hi Ignasi,
> > >> > So the function that does the authentication uses a context builder
> and
> > >> generates a temporary access and secret key. I've read that perhaps
> Jclouds
> > >> might not be sending the session token to access aws resources. Do you
> > >> think that is what could be happening?
> > >> >
> > >> > Cheers,
> > >> > Archana
> > >> >
> > >>
> > >
> >
>

Re: error while running JCloudsNove.java

2018-06-21 Thread Ignasi Barrera 
It would be easier if you posted your code in a gist or similar.
BTW, don't you have a proper Java IDE that can help you automatically
import all required packages?

On 21 June 2018 at 10:31, jayshankar nair  wrote:

> Hi Ignasi,
>
> I have included the header file. I am getting the following error in
> override.
>
> javac -classpath ".:lib/*" JCloudsNova.java
> JCloudsNova.java:56: error: cannot find symbol
>.overrides(overrides)
>   ^
>   symbol:   variable overrides
>   location: class JCloudsNova
> 1 error
>
> Code Snippet:
>  import org.jclouds.openstack.keystone.v3.config.*;
>   import org.jclouds.openstack.keystone.config.*;
>
>
>
> final Properties overrides = new Properties();
> overrides.put(KeystoneProperties.KEYSTONE_VERSION, "3");
> overrides.put(KeystoneProperties.SCOPE, "domain:default");
>
>
> novaApi  = ContextBuilder.newBuilder("openstack-nova")
>.endpoint("https://192.168.0.12:5000/v3;)
>.credentials("ldap:foo", "bar")
>.overrides(overrides)
>.buildApi(NovaApi.class);
>
>
>
> Thanks,
> Jayshankar
> On Thursday, June 21, 2018, 1:13:40 PM GMT+5:30, Ignasi Barrera <
> n...@apache.org> wrote:
>
>
> The KeystoneProperties class is in the "org.jclouds.openstack.keystone.config"
> package. If you have jclouds 2.1.0 you should have no issues to import all
> classes referenced in the example.
>
> On 21 June 2018 at 08:40, jayshankar nair  wrote:
>
> Hi,
>
> I am getting compilation errors. What is the header file for
> KeystonePropert
> ies.
>
> error: package org.jclouds.openstack.keystone does not exist
>   import org.jclouds.openstack. keystone.*;
>   ^
> JCloudsNova.java:22: error: cannot find symbol
> overrides.put( KeystoneProperties.KEYSTONE_ VERSION, "3");
>   ^
>   symbol:   variable KeystoneProperties
>   location: class JCloudsNova
> JCloudsNova.java:23: error: cannot find symbol
> overrides.put( KeystoneProperties.SCOPE, "domain:default");
>   ^
>   symbol:   variable KeystoneProperties
>   location: class JCloudsNova
> JCloudsNova.java:55: error: cannot find symbol
>.overrides(overrides)
>   ^
>   symbol:   variable overrides
>   location: class JCloudsNova
> 4 errors
>
> Is there a link where i can download v3 jcloud examples.
>
> Thanks,
> Jayshankar
>
>
> On Thursday, June 21, 2018, 11:05:09 AM GMT+5:30, Ignasi Barrera <
> n...@apache.org> wrote:
>
>
> This helps, thanks.
>
> It looks like your program is trying to connect to a Keystone V2 endpoint,
> but your environment uses the newer Keystone V3.
>
> You need to configure the context to use V3 as detailed here:
> https://jclouds.apache.org/ guides/openstack/#keystone
> 
>
> Could you change the context creation accordingly and see if it works?
>
>
> I.
>
>
> On Thu, Jun 21, 2018, 07:00 jayshankar nair 
> wrote:
>
> Hello Ignasi/Andrea,
>
> I am still facing problem while running jCloudsNova.java. I am able to run
> openstack cli command.
> Openstack version
>
>
>  openstack --version
> openstack 3.15.0
>
> openstack endpoint list
> +- -+---+
> --+--+-+-- -+
> +
> | ID   | Region| Service Name | Service
> Type | Enabled | Interface | URL
> |
> +- -+---+
> --+--+-+-- -+
> +
> | 00055fa2240248bf9e693a1d446c7c 59 | RegionOne | gnocchi  | metric
>| True| public| http://192.168.0.12:8041
>  |
> | 0289010ada1446469e2ff14de09ff7 80 | RegionOne | aodh | alarming
>| True| public| http://192.168.0.12:8042
>  |
> | 09e23e6226b7415eaf17a5bf4d33ee b8 | RegionOne | ceilometer   | metering
>| True| internal  | http://192.168.0.12:8777
>  |
> | 0b574bc23cc54bd8a1266ed858a2e8 7f | RegionOne | neutron  | network
> | True| admin | http://192.168.0.12:9696
>  |
> | 128768ce20c44b8998a949c6e73c3e b2 | RegionOne | swift|
> object-store | True| admin | http://192.168.0.12:8080/v1/
> AUTH_%(tenant_id)s |
> | 13782b29b3a04325be59c9c36d2462 2f | RegionOne | placement|
> placement| True| public| http://192.168.0.12:8778/ placement
>  |
> | 160ef2bc67534bc19b47df8328fdcf 16 | RegionOne | ceilometer   | metering
>| True| admin | http://192.168.0.12:8777
>  |
> | 19b9b5d72f4540f183c4ab574d3efd 71 | RegionOne | cinderv3 | volumev3
>| True| admin | http://192.168.0.12:8776/v3/%( tenant_id)s
>   |
> | 1ded29d260604e9b9cf14706fa558a 21 | RegionOne | cinderv3 | volumev3
>| True| internal  | http://192.168.0.12:8776/v3/%( tenant_id)s
>   |
> | 26698f851ccc44b99d1f3601b9917d 9b | RegionOne | keystone | identity
>| True| admin | http://192.168.0.12:35357/v3
>  |
> |

Re: error while running JCloudsNove.java

2018-06-21 Thread Ignasi Barrera 
You need the properties, to configure V3.

The code in the example is OK and works. You need to fix your package
imports. Use a proper java IDE.

On 21 June 2018 at 10:47, jayshankar nair  wrote:

> Hi Ignasi,
>
> I commented the overrides properties and ran JCloudNova.java. I get the
> following error.
>
>  java -classpath ".:lib/*" JCloudsNova
> Jun 21, 2018 8:39:40 AM org.jclouds.logging.jdk.JDKLogger logError
> SEVERE: Command not considered safe to retry because request method is
> POST: 
> [method=org.jclouds.openstack.keystone.v2_0.auth.V2AuthenticationApi.public
> abstract org.jclouds.openstack.keystone.v2_0.domain.Access
> org.jclouds.openstack.keystone.v2_0.auth.V2AuthenticationApi.
> authenticatePassword(org.jclouds.openstack.keystone.auth.domain.
> TenantOrDomainAndCredentials)[TenantOrDomainAndCredentials{tenantOrDomainId=null,
> tenantOrDomainName=ldap, scope=unscoped, credentials=AutoValue_
> PasswordCredentials{username=foo, password=*}}], request=POST
> https://192.168.0.12:5000/v3/tokens HTTP/1.1]
> Exception in thread "main" org.jclouds.http.HttpResponseException:
> Unrecognized SSL message, plaintext connection? connecting to POST
> https://192.168.0.12:5000/v3/tokens HTTP/1.1
> at org.jclouds.http.internal.BaseHttpCommandExecutorService
> .invoke(BaseHttpCommandExecutorService.java:120)
> at org.jclouds.rest.internal.InvokeHttpMethod.invoke(
> InvokeHttpMethod.java:91)
> at org.jclouds.rest.internal.InvokeHttpMethod.apply(
> InvokeHttpMethod.java:74)
> at org.jclouds.rest.internal.InvokeHttpMethod.apply(
> InvokeHttpMethod.java:45)
> at org.jclouds.rest.internal.DelegatesToInvocationFunction.handle(
> DelegatesToInvocationFunction.java:156)
> at org.jclouds.rest.internal.DelegatesToInvocationFunction.invoke(
> DelegatesToInvocationFunction.java:123)
> at com.sun.proxy.$Proxy57.authenticatePassword(Unknown Source)
> at org.jclouds.openstack.keystone.auth.functions.
> AuthenticatePasswordCredentials.authenticate(
> AuthenticatePasswordCredentials.java:48)
> at org.jclouds.openstack.keystone.auth.functions.
> BaseAuthenticator.apply(BaseAuthenticator.java:87)
> at org.jclouds.openstack.keystone.auth.functions.
> BaseAuthenticator.apply(BaseAuthenticator.java:38)
> at com.google.common.cache.CacheLoader$FunctionToCacheLoader.load(
> CacheLoader.java:151)
> at com.google.common.cache.LocalCache$LoadingValueReference.
> loadFuture(LocalCache.java:3527)
> at com.google.common.cache.LocalCache$Segment.loadSync(
> LocalCache.java:2319)
> at com.google.common.cache.LocalCache$Segment.
> lockedGetOrLoad(LocalCache.java:2282)
> at com.google.common.cache.LocalCache$Segment.get(
> LocalCache.java:2197)
> at com.google.common.cache.LocalCache.get(LocalCache.java:3937)
> at com.google.common.cache.LocalCache.getOrLoad(
> LocalCache.java:3941)
> at com.google.common.cache.LocalCache$LocalLoadingCache.
> get(LocalCache.java:4824)
> at com.google.common.cache.LocalCache$LocalLoadingCache.
> getUnchecked(LocalCache.java:4830)
> at org.jclouds.openstack.keystone.auth.config.
> AuthenticationModule$2.get(AuthenticationModule.java:138)
> at org.jclouds.openstack.keystone.auth.config.
> AuthenticationModule$2.get(AuthenticationModule.java:135)
> at org.jclouds.openstack.keystone.v2_0.catalog.
> V2ServiceCatalog.get(V2ServiceCatalog.java:57)
> at org.jclouds.openstack.keystone.v2_0.catalog.
> V2ServiceCatalog.get(V2ServiceCatalog.java:42)
> at org.jclouds.openstack.keystone.catalog.suppliers.
> LocationIdToURIFromServiceEndpointsForTypeAndVersion.get(
> LocationIdToURIFromServiceEndpointsForTypeAndVersion.java:76)
> at org.jclouds.openstack.keystone.catalog.suppliers.
> LocationIdToURIFromServiceEndpointsForTypeAndVersion.get(
> LocationIdToURIFromServiceEndpointsForTypeAndVersion.java:46)
> at org.jclouds.rest.suppliers.MemoizedRetryOnTimeOutButNotOn
> AuthorizationExceptionSupplier$SetAndThrowAuthorizationExcept
> ionSupplierBackedLoader.load(MemoizedRetryOnTimeOutButNotOn
> AuthorizationExceptionSupplier.java:75)
> at org.jclouds.rest.suppliers.MemoizedRetryOnTimeOutButNotOn
> AuthorizationExceptionSupplier$SetAndThrowAuthorizationExcept
> ionSupplierBackedLoader.load(MemoizedRetryOnTimeOutButNotOn
> AuthorizationExceptionSupplier.java:57)
> at com.google.common.cache.LocalCache$LoadingValueReference.
> loadFuture(LocalCache.java:3527)
> at com.google.common.cache.LocalCache$Segment.loadSync(
> LocalCache.java:2319)
> at com.google.common.cache.LocalCache$Segment.
> lockedGetOrLoad(LocalCache.java:2282)
> at com.google.common.cache.LocalCache$Segment.get(
> LocalCache.java:2197)
> at com.google.common.cache.LocalCache.get(LocalCache.java:3937)
> at com.google.common.cache.LocalCache.getOrLoad(
> LocalCache.java:3941)
> at

Re: error while running JCloudsNove.java

2018-06-21 Thread jayshankar nair 
 Hello Ignasi,
It  a small piece of code. I got it from jclouds website.
I am attaching the codeThanks,Jayshankar
   
  

|  | Virus-free. www.avast.com  |



JCloudsNova.java
Description: Binary data

Re: error while running JCloudsNove.java

2018-06-21 Thread Ignasi Barrera 
You declare the local variable "overrides" in a different method where you
use it.

No offense, but just use a proper IDE to write your code. We can help you
understand how jclouds works, and use it with your OpenStack distribution.
We'll be more than happy to help there, but we're not here to debug such
basic Java stuff for you, or to teach how to write Java code.

On 21 June 2018 at 11:03, jayshankar nair  wrote:

> Hello Ignasi,
>
> It  a small piece of code. I got it from jclouds website.
>
> I am attaching the code
> Thanks,
> Jayshankar
>
>
>
>
> 
>  Virus-free.
> www.avast.com
> 
> <#m_3362870312296683562_DAB4FAD8-2DD7-40BB-A1B8-4E2AA1F9FDF2>
>

Re: Issue with jclouds computeService listNodes() ?

2018-06-21 Thread archieprad 
Hi Andrea, 
Thanks for the quick response. I am using an IAM role that has full admin 
access. Which is why this case is even more perplexing. Do you have any other 
suggestions to try out?  
Cheers Archana

On 2018/06/21 07:40:46, Andrea Turli  wrote: 
> Archana,
> 
> interesting!
> 
> To debug this, I would attach a IAM role with e.g the AmazonEC2FullAccess
> policy set and re-test. If that works, I'll then try to play with more
> restricting policies, in case you don't like AmazonEC2FullAccess in
> production.
> 
> Best,
> Andrea
> 
> On Thu, Jun 21, 2018 at 9:34 AM archiep...@gmail.com 
> wrote:
> 
> > Hi Andrea,
> > I tried the two methods that you suggested and neither of them work. I
> > also tried another method listHardwareProfiles() and it works. Is there
> > some different level of authentication required across these? Please do let
> > me know what you think.
> >
> > Cheers
> > Archana
> >
> > On 2018/06/20 07:26:44, Andrea Turli  wrote:
> > > Hi Archana,
> > >
> > > I don't see any particular reason listNodes  would behave differently
> > when
> > > using IAM role vs Access Key and Secret Key - Once the Ec2Api is
> > configured
> > > to use org.jclouds.aws.domain.SessionCredentials everything should just
> > > work.
> > >
> > > Is listNodes the only failing one? Can you share the stacktrace of a
> > > failing call?
> > > Could you double check listAssignableLocations() or listImages() with the
> > > same IAM role? if they work, can it be related to weird IAM permissions?
> > >
> > > HTH,
> > > Andrea
> > >
> > > On Wed, Jun 20, 2018 at 8:01 AM archiep...@gmail.com <
> > archiep...@gmail.com>
> > > wrote:
> > >
> > > > Hi All,
> > > > I am trying to SSH from one EC2 instance into another using netflix's
> > > > simian army. I am using IAM role instead of Access key and Secret key.
> > > > Wondering if there is an issue with calling listNodes() when using IAM
> > > > role. Any insight on this, or any workaround on the issue is helpful.
> > > >
> > > > Cheers
> > > > Archana
> > > >
> > >
> >
>

Re: Issue with jclouds computeService listNodes() ?

2018-06-21 Thread Andrea Turli 
Mmm very interesting!

The only thing that comes to my mind is:
- is your account allowed to talk to all the regions? From the stacktrace
above looks like
org.jclouds.rest.AuthorizationException: POST
https://ec2.us-east-1.amazonaws.com/ HTTP/1.1 -> HTTP/1.1 401 Unauthorized
so maybe your account is not allowed to talk to that region. Can you
confirm? if not you want to control which regions to target you can use
`-Djclouds.regions: "us-west-1" in case you want to limit to Oregon.

HTH,
Andrea

On Thu, Jun 21, 2018 at 9:45 AM archiep...@gmail.com 
wrote:

> Hi Andrea,
> Thanks for the quick response. I am using an IAM role that has full admin
> access. Which is why this case is even more perplexing. Do you have any
> other suggestions to try out?
>
> Cheers
> Archana
>
> On 2018/06/20 21:45:31, archiep...@gmail.com 
> wrote:
> > Hi Ignasi,
> > So the function that does the authentication uses a context builder and
> generates a temporary access and secret key. I've read that perhaps Jclouds
> might not be sending the session token to access aws resources. Do you
> think that is what could be happening?
> >
> > Cheers,
> > Archana
> >
>

Re: Issue with jclouds computeService listNodes() ?

2018-06-21 Thread Ignasi Barrera 
Hi Archana,

I see the problem here. When using temporary credentials in AWS, the
session token must be included in a request header [1], so you need to
provide it when configuring the jclouds context with the credentials.

By default, the "ContextBuilder.credentials" signature does only allow to
pass the access key and secret key, but there is no place to specify that
session token. However, the ContextBuilder provides an alternate mechanism
to configure custom credentials. You can use the
"ContextBuilder.credentialsSupplier" method as follows:

ContextBuilder.newBuilder("aws-ec2")
   ...
   .credentialsSupplier(new Supplier() {
  @Override
  public Credentials get() {
 return SessionCredentials.builder()
.accessKeyId("temporary access key")
.secretAccessKey("temporary secret key")
.sessionToken("session token")
.expiration(new Date()) // Change to a proper value
.build();
  }
   })
   ...

​

Could you try this?


HTH!

I.


[1]
https://docs.aws.amazon.com/AmazonS3/latest/dev/RESTAuthentication.html#UsingTemporarySecurityCredentials


On 21 June 2018 at 09:53, Andrea Turli  wrote:

> Mmm very interesting!
>
> The only thing that comes to my mind is:
> - is your account allowed to talk to all the regions? From the stacktrace
> above looks like
> org.jclouds.rest.AuthorizationException: POST https://ec2.us-east-1.
> amazonaws.com/ HTTP/1.1 -> HTTP/1.1 401 Unauthorized
> so maybe your account is not allowed to talk to that region. Can you
> confirm? if not you want to control which regions to target you can use
> `-Djclouds.regions: "us-west-1" in case you want to limit to Oregon.
>
> HTH,
> Andrea
>
> On Thu, Jun 21, 2018 at 9:45 AM archiep...@gmail.com 
> wrote:
>
>> Hi Andrea,
>> Thanks for the quick response. I am using an IAM role that has full admin
>> access. Which is why this case is even more perplexing. Do you have any
>> other suggestions to try out?
>>
>> Cheers
>> Archana
>>
>> On 2018/06/20 21:45:31, archiep...@gmail.com 
>> wrote:
>> > Hi Ignasi,
>> > So the function that does the authentication uses a context builder and
>> generates a temporary access and secret key. I've read that perhaps Jclouds
>> might not be sending the session token to access aws resources. Do you
>> think that is what could be happening?
>> >
>> > Cheers,
>> > Archana
>> >
>>
>

Re: What parameters does Jclouds need to use listNodes() ?

2018-06-21 Thread Ignasi Barrera 
You just need to provide the access tokens, and when using temporary
credentials you need to build the ContextBuilder providing the access
tokens and the session token too. See this [1] for more details (and let's
try to continue the discussion there to avoid having the info spread in two
places).


HTH!

I.



[1]
https://lists.apache.org/thread.html/cfd8d068b510acb2fe89ed81619779e2dd42367cac45c339feb5df82@%3Cuser.jclouds.apache.org%3E

On 21 June 2018 at 07:48, archiep...@gmail.com  wrote:

> Hi All,
> Just trying to understand the internals of Jclouds computeService. So lets
> just say i have an access key and secret key. Is there anything else
> Jclouds needs such as session token that needs to be authenticated ?
>
> Cheers
> Archana
>

Re: Issue with jclouds computeService listNodes() ?

2018-06-21 Thread archieprad 
Hi Andrea,
Yes i changed the code a little and added a 
.endpoint("https://ec2-ap-southeast-1.com;), to change the region. Does that 
resolve it?

Regards
Archana

On 2018/06/21 07:53:48, Andrea Turli  wrote: 
> Mmm very interesting!
> 
> The only thing that comes to my mind is:
> - is your account allowed to talk to all the regions? From the stacktrace
> above looks like
> org.jclouds.rest.AuthorizationException: POST
> https://ec2.us-east-1.amazonaws.com/ HTTP/1.1 -> HTTP/1.1 401 Unauthorized
> so maybe your account is not allowed to talk to that region. Can you
> confirm? if not you want to control which regions to target you can use
> `-Djclouds.regions: "us-west-1" in case you want to limit to Oregon.
> 
> HTH,
> Andrea
> 
> On Thu, Jun 21, 2018 at 9:45 AM archiep...@gmail.com 
> wrote:
> 
> > Hi Andrea,
> > Thanks for the quick response. I am using an IAM role that has full admin
> > access. Which is why this case is even more perplexing. Do you have any
> > other suggestions to try out?
> >
> > Cheers
> > Archana
> >
> > On 2018/06/20 21:45:31, archiep...@gmail.com 
> > wrote:
> > > Hi Ignasi,
> > > So the function that does the authentication uses a context builder and
> > generates a temporary access and secret key. I've read that perhaps Jclouds
> > might not be sending the session token to access aws resources. Do you
> > think that is what could be happening?
> > >
> > > Cheers,
> > > Archana
> > >
> >
>

Re: Issue with jclouds computeService listNodes() ?

2018-06-21 Thread archieprad 
Hi Ignasi,
Thank you! I will try this out and let you know if it worked.

Cheers
Archana

On 2018/06/21 08:00:01, Ignasi Barrera  wrote: 
> Hi Archana,
> 
> I see the problem here. When using temporary credentials in AWS, the
> session token must be included in a request header [1], so you need to
> provide it when configuring the jclouds context with the credentials.
> 
> By default, the "ContextBuilder.credentials" signature does only allow to
> pass the access key and secret key, but there is no place to specify that
> session token. However, the ContextBuilder provides an alternate mechanism
> to configure custom credentials. You can use the
> "ContextBuilder.credentialsSupplier" method as follows:
> 
> ContextBuilder.newBuilder("aws-ec2")
>...
>.credentialsSupplier(new Supplier() {
>   @Override
>   public Credentials get() {
>  return SessionCredentials.builder()
> .accessKeyId("temporary access key")
> .secretAccessKey("temporary secret key")
> .sessionToken("session token")
> .expiration(new Date()) // Change to a proper value
> .build();
>   }
>})
>...
> 
> ​
> 
> Could you try this?
> 
> 
> HTH!
> 
> I.
> 
> 
> [1]
> https://docs.aws.amazon.com/AmazonS3/latest/dev/RESTAuthentication.html#UsingTemporarySecurityCredentials
> 
> 
> On 21 June 2018 at 09:53, Andrea Turli  wrote:
> 
> > Mmm very interesting!
> >
> > The only thing that comes to my mind is:
> > - is your account allowed to talk to all the regions? From the stacktrace
> > above looks like
> > org.jclouds.rest.AuthorizationException: POST https://ec2.us-east-1.
> > amazonaws.com/ HTTP/1.1 -> HTTP/1.1 401 Unauthorized
> > so maybe your account is not allowed to talk to that region. Can you
> > confirm? if not you want to control which regions to target you can use
> > `-Djclouds.regions: "us-west-1" in case you want to limit to Oregon.
> >
> > HTH,
> > Andrea
> >
> > On Thu, Jun 21, 2018 at 9:45 AM archiep...@gmail.com 
> > wrote:
> >
> >> Hi Andrea,
> >> Thanks for the quick response. I am using an IAM role that has full admin
> >> access. Which is why this case is even more perplexing. Do you have any
> >> other suggestions to try out?
> >>
> >> Cheers
> >> Archana
> >>
> >> On 2018/06/20 21:45:31, archiep...@gmail.com 
> >> wrote:
> >> > Hi Ignasi,
> >> > So the function that does the authentication uses a context builder and
> >> generates a temporary access and secret key. I've read that perhaps Jclouds
> >> might not be sending the session token to access aws resources. Do you
> >> think that is what could be happening?
> >> >
> >> > Cheers,
> >> > Archana
> >> >
> >>
> >
>

Re: error while running JCloudsNove.java

2018-06-21 Thread jayshankar nair 
 Hi Ignasi,
I have included the header file. I am getting the following error in override. 
javac -classpath ".:lib/*" JCloudsNova.javaJCloudsNova.java:56: error: cannot 
find symbol   .overrides(overrides)              ^  symbol:   variable 
overrides  location: class JCloudsNova1 error
Code Snippet: import org.jclouds.openstack.keystone.v3.config.*;  import 
org.jclouds.openstack.keystone.config.*;


final Properties overrides = new 
Properties();overrides.put(KeystoneProperties.KEYSTONE_VERSION, 
"3");overrides.put(KeystoneProperties.SCOPE, "domain:default");

novaApi  = ContextBuilder.newBuilder("openstack-nova")   
.endpoint("https://192.168.0.12:5000/v3;)   .credentials("ldap:foo", "bar")   
.overrides(overrides)   .buildApi(NovaApi.class);


Thanks,JayshankarOn Thursday, June 21, 2018, 1:13:40 PM GMT+5:30, Ignasi 
Barrera  wrote:  
 
 The KeystoneProperties class is in the "org.jclouds.openstack.keystone.config" 
package. If you have jclouds 2.1.0 you should have no issues to import all 
classes referenced in the example.
On 21 June 2018 at 08:40, jayshankar nair  wrote:

 Hi,
I am getting compilation errors. What is the header file for KeystoneProperties.
error: package org.jclouds.openstack.keystone does not exist  import 
org.jclouds.openstack. keystone.*;  ^JCloudsNova.java:22: error: cannot find 
symboloverrides.put( KeystoneProperties.KEYSTONE_ VERSION, "3");              ^ 
 symbol:   variable KeystoneProperties  location: class 
JCloudsNovaJCloudsNova.java:23: error: cannot find symboloverrides.put( 
KeystoneProperties.SCOPE, "domain:default");              ^  symbol:   variable 
KeystoneProperties  location: class JCloudsNovaJCloudsNova.java:55: error: 
cannot find symbol   .overrides(overrides)              ^  symbol:   variable 
overrides  location: class JCloudsNova4 errors
Is there a link where i can download v3 jcloud examples.
Thanks,Jayshankar

On Thursday, June 21, 2018, 11:05:09 AM GMT+5:30, Ignasi Barrera 
 wrote:  
 
 This helps, thanks.
It looks like your program is trying to connect to a Keystone V2 endpoint, but 
your environment uses the newer Keystone V3.
You need to configure the context to use V3 as detailed 
here:https://jclouds.apache.org/ guides/openstack/#keystone

Could you change the context creation accordingly and see if it works?

I.

On Thu, Jun 21, 2018, 07:00 jayshankar nair  wrote:

 Hello Ignasi/Andrea, I am still facing problem while running jCloudsNova.java. 
I am able to run openstack cli command.Openstack version
  
 openstack --versionopenstack 3.15.0
openstack endpoint list+- 
-+---+ --+--+-+-- 
-+ +| ID                
               | Region    | Service Name | Service Type | Enabled | Interface 
| URL                                            
|+- -+---+ 
--+--+-+-- -+ 
+| 00055fa2240248bf9e693a1d446c7c 59 | RegionOne | 
gnocchi      | metric       | True    | public    | http://192.168.0.12:8041    
                   || 0289010ada1446469e2ff14de09ff7 80 | RegionOne | aodh      
   | alarming     | True    | public    | http://192.168.0.12:8042              
         || 09e23e6226b7415eaf17a5bf4d33ee b8 | RegionOne | ceilometer   | 
metering     | True    | internal  | http://192.168.0.12:8777                   
    || 0b574bc23cc54bd8a1266ed858a2e8 7f | RegionOne | neutron      | network   
   | True    | admin     | http://192.168.0.12:9696                       || 
128768ce20c44b8998a949c6e73c3e b2 | RegionOne | swift        | object-store | 
True    | admin     | http://192.168.0.12:8080/v1/ AUTH_%(tenant_id)s || 
13782b29b3a04325be59c9c36d2462 2f | RegionOne | placement    | placement    | 
True    | public    | http://192.168.0.12:8778/ placement             || 
160ef2bc67534bc19b47df8328fdcf 16 | RegionOne | ceilometer   | metering     | 
True    | admin     | http://192.168.0.12:8777                       || 
19b9b5d72f4540f183c4ab574d3efd 71 | RegionOne | cinderv3     | volumev3     | 
True    | admin     | http://192.168.0.12:8776/v3/%( tenant_id)s      || 
1ded29d260604e9b9cf14706fa558a 21 | RegionOne | cinderv3     | volumev3     | 
True    | internal  | http://192.168.0.12:8776/v3/%( tenant_id)s      || 
26698f851ccc44b99d1f3601b9917d 9b | RegionOne | keystone     | identity     | 
True    | admin     | http://192.168.0.12:35357/v3                   || 
2bea479cb5ea4d128ce9e7f8009be7 60 | RegionOne | nova         | compute      | 
True    | admin     | http://192.168.0.12:8774/v2.1/ %(tenant_id)s    || 
3066119a6c9147fa8e4626725c3a34 ad | RegionOne | neutron      | network      | 
True    | public    | http://192.168.0.12:9696                       || 
3912bdc1f8cd4014bb9bfc8292c9ee 7c | RegionOne | glance       | image        | 
True    | internal  | http://192.168.0.12:9292 

Re: Issue with jclouds computeService listNodes() ?

2018-06-21 Thread archieprad 
Hi Andrea,
I tried the two methods that you suggested and neither of them work. I also 
tried another method listHardwareProfiles() and it works. Is there some 
different level of authentication required across these? Please do let me know 
what you think.

Cheers 
Archana

On 2018/06/20 07:26:44, Andrea Turli  wrote: 
> Hi Archana,
> 
> I don't see any particular reason listNodes  would behave differently when
> using IAM role vs Access Key and Secret Key - Once the Ec2Api is configured
> to use org.jclouds.aws.domain.SessionCredentials everything should just
> work.
> 
> Is listNodes the only failing one? Can you share the stacktrace of a
> failing call?
> Could you double check listAssignableLocations() or listImages() with the
> same IAM role? if they work, can it be related to weird IAM permissions?
> 
> HTH,
> Andrea
> 
> On Wed, Jun 20, 2018 at 8:01 AM archiep...@gmail.com 
> wrote:
> 
> > Hi All,
> > I am trying to SSH from one EC2 instance into another using netflix's
> > simian army. I am using IAM role instead of Access key and Secret key.
> > Wondering if there is an issue with calling listNodes() when using IAM
> > role. Any insight on this, or any workaround on the issue is helpful.
> >
> > Cheers
> > Archana
> >
>

Re: Issue with jclouds computeService listNodes() ?

2018-06-21 Thread Andrea Turli 
Archana,

interesting!

To debug this, I would attach a IAM role with e.g the AmazonEC2FullAccess
policy set and re-test. If that works, I'll then try to play with more
restricting policies, in case you don't like AmazonEC2FullAccess in
production.

Best,
Andrea

On Thu, Jun 21, 2018 at 9:34 AM archiep...@gmail.com 
wrote:

> Hi Andrea,
> I tried the two methods that you suggested and neither of them work. I
> also tried another method listHardwareProfiles() and it works. Is there
> some different level of authentication required across these? Please do let
> me know what you think.
>
> Cheers
> Archana
>
> On 2018/06/20 07:26:44, Andrea Turli  wrote:
> > Hi Archana,
> >
> > I don't see any particular reason listNodes  would behave differently
> when
> > using IAM role vs Access Key and Secret Key - Once the Ec2Api is
> configured
> > to use org.jclouds.aws.domain.SessionCredentials everything should just
> > work.
> >
> > Is listNodes the only failing one? Can you share the stacktrace of a
> > failing call?
> > Could you double check listAssignableLocations() or listImages() with the
> > same IAM role? if they work, can it be related to weird IAM permissions?
> >
> > HTH,
> > Andrea
> >
> > On Wed, Jun 20, 2018 at 8:01 AM archiep...@gmail.com <
> archiep...@gmail.com>
> > wrote:
> >
> > > Hi All,
> > > I am trying to SSH from one EC2 instance into another using netflix's
> > > simian army. I am using IAM role instead of Access key and Secret key.
> > > Wondering if there is an issue with calling listNodes() when using IAM
> > > role. Any insight on this, or any workaround on the issue is helpful.
> > >
> > > Cheers
> > > Archana
> > >
> >
>

Re: error while running JCloudsNove.java

2018-06-21 Thread Ignasi Barrera 
The KeystoneProperties class is in the
"org.jclouds.openstack.keystone.config" package. If you have jclouds 2.1.0
you should have no issues to import all classes referenced in the example.

On 21 June 2018 at 08:40, jayshankar nair  wrote:

> Hi,
>
> I am getting compilation errors. What is the header file for
> KeystonePropert
> ies.
>
> error: package org.jclouds.openstack.keystone does not exist
>   import org.jclouds.openstack.keystone.*;
>   ^
> JCloudsNova.java:22: error: cannot find symbol
> overrides.put(KeystoneProperties.KEYSTONE_VERSION, "3");
>   ^
>   symbol:   variable KeystoneProperties
>   location: class JCloudsNova
> JCloudsNova.java:23: error: cannot find symbol
> overrides.put(KeystoneProperties.SCOPE, "domain:default");
>   ^
>   symbol:   variable KeystoneProperties
>   location: class JCloudsNova
> JCloudsNova.java:55: error: cannot find symbol
>.overrides(overrides)
>   ^
>   symbol:   variable overrides
>   location: class JCloudsNova
> 4 errors
>
> Is there a link where i can download v3 jcloud examples.
>
> Thanks,
> Jayshankar
>
>
> On Thursday, June 21, 2018, 11:05:09 AM GMT+5:30, Ignasi Barrera <
> n...@apache.org> wrote:
>
>
> This helps, thanks.
>
> It looks like your program is trying to connect to a Keystone V2 endpoint,
> but your environment uses the newer Keystone V3.
>
> You need to configure the context to use V3 as detailed here:
> https://jclouds.apache.org/guides/openstack/#keystone
>
> Could you change the context creation accordingly and see if it works?
>
>
> I.
>
>
> On Thu, Jun 21, 2018, 07:00 jayshankar nair 
> wrote:
>
> Hello Ignasi/Andrea,
>
> I am still facing problem while running jCloudsNova.java. I am able to run
> openstack cli command.
> Openstack version
>
>
>  openstack --version
> openstack 3.15.0
>
> openstack endpoint list
> +--+---+
> --+--+-+---+
> +
> | ID   | Region| Service Name | Service
> Type | Enabled | Interface | URL
> |
> +--+---+
> --+--+-+---+
> +
> | 00055fa2240248bf9e693a1d446c7c59 | RegionOne | gnocchi  | metric
>| True| public| http://192.168.0.12:8041
>  |
> | 0289010ada1446469e2ff14de09ff780 | RegionOne | aodh | alarming
>| True| public| http://192.168.0.12:8042
>  |
> | 09e23e6226b7415eaf17a5bf4d33eeb8 | RegionOne | ceilometer   | metering
>| True| internal  | http://192.168.0.12:8777
>  |
> | 0b574bc23cc54bd8a1266ed858a2e87f | RegionOne | neutron  | network
> | True| admin | http://192.168.0.12:9696
>  |
> | 128768ce20c44b8998a949c6e73c3eb2 | RegionOne | swift|
> object-store | True| admin | http://192.168.0.12:8080/v1/
> AUTH_%(tenant_id)s |
> | 13782b29b3a04325be59c9c36d24622f | RegionOne | placement|
> placement| True| public| http://192.168.0.12:8778/placement
>|
> | 160ef2bc67534bc19b47df8328fdcf16 | RegionOne | ceilometer   | metering
>| True| admin | http://192.168.0.12:8777
>  |
> | 19b9b5d72f4540f183c4ab574d3efd71 | RegionOne | cinderv3 | volumev3
>| True| admin | http://192.168.0.12:8776/v3/%(tenant_id)s
> |
> | 1ded29d260604e9b9cf14706fa558a21 | RegionOne | cinderv3 | volumev3
>| True| internal  | http://192.168.0.12:8776/v3/%(tenant_id)s
> |
> | 26698f851ccc44b99d1f3601b9917d9b | RegionOne | keystone | identity
>| True| admin | http://192.168.0.12:35357/v3
>  |
> | 2bea479cb5ea4d128ce9e7f8009be760 | RegionOne | nova | compute
> | True| admin | http://192.168.0.12:8774/v2.1/%(tenant_id)s
>   |
> | 3066119a6c9147fa8e4626725c3a34ad | RegionOne | neutron  | network
> | True| public| http://192.168.0.12:9696
>  |
> | 3912bdc1f8cd4014bb9bfc8292c9ee7c | RegionOne | glance   | image
> | True| internal  | http://192.168.0.12:9292
>  |
> | 4243ebf7df0f46fbb062b828d7147ca4 | RegionOne | neutron  | network
> | True| internal  | http://192.168.0.12:9696
>  |
> | 491809ebcf99486bb050f3dd7c54e91e | RegionOne | swift|
> object-store | True| internal  | http://192.168.0.12:8080/v1/
> AUTH_%(tenant_id)s |
> | 59c73f5064b7494faa5ca3b389403746 | RegionOne | cinderv2 | volumev2
>| True| public| http://192.168.0.12:8776/v2/%(tenant_id)s
> |
> | 59d32fdf1d01465bbfeb30291cf3edb0 | RegionOne | swift|
> object-store | True| public| http://192.168.0.12:8080/v1/
> AUTH_%(tenant_id)s |
> | 6b5f1f96bef1441fa16947e3d2578732 | RegionOne | cinder   | volume
>| True| admin | http://192.168.0.12:8776/v1/%(tenant_id)s
> |
> | 724aafb2db954e3e867f841f790fb8b7 | RegionOne | keystone | identity
>| True| internal  |

Re: Issue with jclouds computeService listNodes() ?

2018-06-21 Thread archieprad 
Hi Andrea,
Thanks for the quick response. I am using an IAM role that has full admin 
access. Which is why this case is even more perplexing. Do you have any other 
suggestions to try out?

Cheers
Archana

On 2018/06/20 21:45:31, archiep...@gmail.com  wrote: 
> Hi Ignasi,
> So the function that does the authentication uses a context builder and 
> generates a temporary access and secret key. I've read that perhaps Jclouds 
> might not be sending the session token to access aws resources. Do you think 
> that is what could be happening?
> 
> Cheers,
> Archana
>

Re: error while running JCloudsNove.java

2018-06-21 Thread Ignasi Barrera 
"Caused by: javax.net.ssl.SSLException: Unrecognized SSL message, plaintext
connection?"

It looks like you are configuring an "https" endpoint, but in the service
list you passed, the V3 identity endpoint is "http". Copy the right
endpoint and try again.

On 21 June 2018 at 11:33, jayshankar nair  wrote:

> Hello Ignasi,
>
> I apologise for the silly mistake .I  would use better ide like Netbeans.
> I am still not
>  able to run the code. I have sent the error dump earlier.
>
> Can u suggest some pointers.
>
> Thanks in advance.
> Jayshankar
> On Thursday, June 21, 2018, 2:43:25 PM GMT+5:30, Ignasi Barrera <
> n...@apache.org> wrote:
>
>
> You declare the local variable "overrides" in a different method where you
> use it.
>
> No offense, but just use a proper IDE to write your code. We can help you
> understand how jclouds works, and use it with your OpenStack distribution.
> We'll be more than happy to help there, but we're not here to debug such
> basic Java stuff for you, or to teach how to write Java code.
>
> On 21 June 2018 at 11:03, jayshankar nair  wrote:
>
> Hello Ignasi,
>
> It  a small piece of code. I got it from jclouds website.
>
> I am attaching the code
> Thanks,
> Jayshankar
>
>
>
>
> 
>  Virus-free.
> www.avast.com
> 
> <#m_5479553445569233092_m_3362870312296683562_DAB4FAD8-2DD7-40BB-A1B8-4E2AA1F9FDF2>
>
>
>

Re: error while running JCloudsNove.java

2018-06-21 Thread jayshankar nair 
 Hello Ignasi,
I apologise for the silly mistake .I  would use better ide like Netbeans. I am 
still not able to run the code. I have sent the error dump earlier.
Can u suggest some pointers. 
Thanks in advance.JayshankarOn Thursday, June 21, 2018, 2:43:25 PM 
GMT+5:30, Ignasi Barrera  wrote:  
 
 You declare the local variable "overrides" in a different method where you use 
it.
No offense, but just use a proper IDE to write your code. We can help you 
understand how jclouds works, and use it with your OpenStack distribution. 
We'll be more than happy to help there, but we're not here to debug such basic 
Java stuff for you, or to teach how to write Java code.
On 21 June 2018 at 11:03, jayshankar nair  wrote:

 Hello Ignasi,
It  a small piece of code. I got it from jclouds website.
I am attaching the codeThanks,Jayshankar
   
  

|  | Virus-free. www.avast.com  |

Re: Signature v4 support for non amazon S3

2018-06-21 Thread Ranjith R 
I was looking at https://issues.apache.org/jira/browse/JCLOUDS-480 and it
talks about the default signing for AWS being v4 and other s3 clones being
v2.  I just want to know if I can use v4 for a s3 clone?  Is there any
example that I can look at?

Thanks,
Ranjith

On Mon, Jun 18, 2018 at 7:21 PM Ranjith R  wrote:

> Hi All - I know signature v4 signing is implemented for Amazon S3
> (aws-s3). Just wanted to know if I can use v4 signing for a non amazon
> cloud which supports S3 API and sigV4  (s3).  If it does, what changes
> should be done from the client side?
>
> Thanks,
> Ranjith
>

Re: Signature v4 support for non amazon S3

2018-06-21 Thread Ignasi Barrera 
I haven't tried it, but you should be able to define a Guice module that
extends the default S3 module and overrides the request signer
configuration. Then you can pass that one to the list of modules you pass
when creating the context:

@ConfiguresHttpApipublic static class S3V4SignerModule extends
S3HttpApiModule {
   @Override
   protected void bindRequestSigner() {
  
bind(RequestAuthorizeSignature.class).to(RequestAuthorizeSignatureV4.class).in(Scopes.SINGLETON);
   }
}
public static void main(String[] args) {
   ContextBuilder.newBuilder("s3")
  ...
  .modules(ImmutableSet.of(new S3V4SignerModule(), ...))
  ...
}

​

Make sure you annotate the custom module with "@ConfiguresHttpApi".
Can you try this?



I.


On 21 June 2018 at 11:58, Ranjith R  wrote:

> I was looking at https://issues.apache.org/jira/browse/JCLOUDS-480 and it
> talks about the default signing for AWS being v4 and other s3 clones being
> v2.  I just want to know if I can use v4 for a s3 clone?  Is there any
> example that I can look at?
>
> Thanks,
> Ranjith
>
> On Mon, Jun 18, 2018 at 7:21 PM Ranjith R  wrote:
>
>> Hi All - I know signature v4 signing is implemented for Amazon S3
>> (aws-s3). Just wanted to know if I can use v4 signing for a non amazon
>> cloud which supports S3 API and sigV4  (s3).  If it does, what changes
>> should be done from the client side?
>>
>> Thanks,
>> Ranjith
>>
>

Re: Signature v4 support for non amazon S3

2018-06-21 Thread Ranjith R 
Thanks Ignasi.  That worked.

Thanks,
Ranjith

On Thu, Jun 21, 2018 at 4:03 PM Ignasi Barrera  wrote:

> I haven't tried it, but you should be able to define a Guice module that
> extends the default S3 module and overrides the request signer
> configuration. Then you can pass that one to the list of modules you pass
> when creating the context:
>
> @ConfiguresHttpApipublic static class S3V4SignerModule extends 
> S3HttpApiModule {
>@Override
>protected void bindRequestSigner() {
>   
> bind(RequestAuthorizeSignature.class).to(RequestAuthorizeSignatureV4.class).in(Scopes.SINGLETON);
>}
> }
> public static void main(String[] args) {
>ContextBuilder.newBuilder("s3")
>   ...
>   .modules(ImmutableSet.of(new S3V4SignerModule(), ...))
>   ...
> }
>
> ​
>
> Make sure you annotate the custom module with "@ConfiguresHttpApi".
> Can you try this?
>
>
>
> I.
>
>
> On 21 June 2018 at 11:58, Ranjith R  wrote:
>
>> I was looking at https://issues.apache.org/jira/browse/JCLOUDS-480 and
>> it talks about the default signing for AWS being v4 and other s3 clones
>> being v2.  I just want to know if I can use v4 for a s3 clone?  Is there
>> any example that I can look at?
>>
>> Thanks,
>> Ranjith
>>
>> On Mon, Jun 18, 2018 at 7:21 PM Ranjith R  wrote:
>>
>>> Hi All - I know signature v4 signing is implemented for Amazon S3
>>> (aws-s3). Just wanted to know if I can use v4 signing for a non amazon
>>> cloud which supports S3 API and sigV4  (s3).  If it does, what changes
>>> should be done from the client side?
>>>
>>> Thanks,
>>> Ranjith
>>>
>>
>

Re: Signature v4 support for non amazon S3

2018-06-21 Thread Ranjith R 
With sigv4, we see that we are doing single chunk upload with signed
payload.  We also noticed that the data is read twice (once for calculating
the hash and once for actual transfer).  While reading the sig v4
documentation at
https://docs.aws.amazon.com/AmazonS3/latest/API/sigv4-auth-using-authorization-header.html
I saw that there is a unsigned payload option.   Is there a way to use
unsigned payload from jclouds to avoid this double read?

Thanks,
Ranjith

On Thu, Jun 21, 2018 at 8:33 PM Ignasi Barrera  wrote:

> Yeah! :)
>
>
> On 21 June 2018 at 16:41, Ranjith R  wrote:
>
>> Thanks Ignasi.  That worked.
>>
>> Thanks,
>> Ranjith
>>
>> On Thu, Jun 21, 2018 at 4:03 PM Ignasi Barrera  wrote:
>>
>>> I haven't tried it, but you should be able to define a Guice module that
>>> extends the default S3 module and overrides the request signer
>>> configuration. Then you can pass that one to the list of modules you pass
>>> when creating the context:
>>>
>>> @ConfiguresHttpApipublic static class S3V4SignerModule extends 
>>> S3HttpApiModule {
>>>@Override
>>>protected void bindRequestSigner() {
>>>   
>>> bind(RequestAuthorizeSignature.class).to(RequestAuthorizeSignatureV4.class).in(Scopes.SINGLETON);
>>>}
>>> }
>>> public static void main(String[] args) {
>>>ContextBuilder.newBuilder("s3")
>>>   ...
>>>   .modules(ImmutableSet.of(new S3V4SignerModule(), ...))
>>>   ...
>>> }
>>>
>>> ​
>>>
>>> Make sure you annotate the custom module with "@ConfiguresHttpApi".
>>> Can you try this?
>>>
>>>
>>>
>>> I.
>>>
>>>
>>> On 21 June 2018 at 11:58, Ranjith R  wrote:
>>>
 I was looking at https://issues.apache.org/jira/browse/JCLOUDS-480 and
 it talks about the default signing for AWS being v4 and other s3 clones
 being v2.  I just want to know if I can use v4 for a s3 clone?  Is there
 any example that I can look at?

 Thanks,
 Ranjith

 On Mon, Jun 18, 2018 at 7:21 PM Ranjith R  wrote:

> Hi All - I know signature v4 signing is implemented for Amazon S3
> (aws-s3). Just wanted to know if I can use v4 signing for a non amazon
> cloud which supports S3 API and sigV4  (s3).  If it does, what changes
> should be done from the client side?
>
> Thanks,
> Ranjith
>

>>>
>

Re: Signature v4 support for non amazon S3

2018-06-21 Thread Ignasi Barrera 
Yeah! :)


On 21 June 2018 at 16:41, Ranjith R  wrote:

> Thanks Ignasi.  That worked.
>
> Thanks,
> Ranjith
>
> On Thu, Jun 21, 2018 at 4:03 PM Ignasi Barrera  wrote:
>
>> I haven't tried it, but you should be able to define a Guice module that
>> extends the default S3 module and overrides the request signer
>> configuration. Then you can pass that one to the list of modules you pass
>> when creating the context:
>>
>> @ConfiguresHttpApipublic static class S3V4SignerModule extends 
>> S3HttpApiModule {
>>@Override
>>protected void bindRequestSigner() {
>>   
>> bind(RequestAuthorizeSignature.class).to(RequestAuthorizeSignatureV4.class).in(Scopes.SINGLETON);
>>}
>> }
>> public static void main(String[] args) {
>>ContextBuilder.newBuilder("s3")
>>   ...
>>   .modules(ImmutableSet.of(new S3V4SignerModule(), ...))
>>   ...
>> }
>>
>> ​
>>
>> Make sure you annotate the custom module with "@ConfiguresHttpApi".
>> Can you try this?
>>
>>
>>
>> I.
>>
>>
>> On 21 June 2018 at 11:58, Ranjith R  wrote:
>>
>>> I was looking at https://issues.apache.org/jira/browse/JCLOUDS-480 and
>>> it talks about the default signing for AWS being v4 and other s3 clones
>>> being v2.  I just want to know if I can use v4 for a s3 clone?  Is there
>>> any example that I can look at?
>>>
>>> Thanks,
>>> Ranjith
>>>
>>> On Mon, Jun 18, 2018 at 7:21 PM Ranjith R  wrote:
>>>
 Hi All - I know signature v4 signing is implemented for Amazon S3
 (aws-s3). Just wanted to know if I can use v4 signing for a non amazon
 cloud which supports S3 API and sigV4  (s3).  If it does, what changes
 should be done from the client side?

 Thanks,
 Ranjith

>>>
>>

Re: error while running JCloudsNove.java

2018-06-21 Thread jayshankar nair 
 Hi,
I am getting compilation errors. What is the header file for KeystoneProperties.
error: package org.jclouds.openstack.keystone does not exist  import 
org.jclouds.openstack.keystone.*;  ^JCloudsNova.java:22: error: cannot find 
symboloverrides.put(KeystoneProperties.KEYSTONE_VERSION, "3");              ^  
symbol:   variable KeystoneProperties  location: class 
JCloudsNovaJCloudsNova.java:23: error: cannot find 
symboloverrides.put(KeystoneProperties.SCOPE, "domain:default");              ^ 
 symbol:   variable KeystoneProperties  location: class 
JCloudsNovaJCloudsNova.java:55: error: cannot find symbol   
.overrides(overrides)              ^  symbol:   variable overrides  location: 
class JCloudsNova4 errors
Is there a link where i can download v3 jcloud examples.
Thanks,Jayshankar

On Thursday, June 21, 2018, 11:05:09 AM GMT+5:30, Ignasi Barrera 
 wrote:  
 
 This helps, thanks.
It looks like your program is trying to connect to a Keystone V2 endpoint, but 
your environment uses the newer Keystone V3.
You need to configure the context to use V3 as detailed 
here:https://jclouds.apache.org/guides/openstack/#keystone

Could you change the context creation accordingly and see if it works?

I.

On Thu, Jun 21, 2018, 07:00 jayshankar nair  wrote:

 Hello Ignasi/Andrea, I am still facing problem while running jCloudsNova.java. 
I am able to run openstack cli command.Openstack version
  
 openstack --versionopenstack 3.15.0
openstack endpoint 
list+--+---+--+--+-+---++|
 ID                               | Region    | Service Name | Service Type | 
Enabled | Interface | URL                                            
|+--+---+--+--+-+---++|
 00055fa2240248bf9e693a1d446c7c59 | RegionOne | gnocchi      | metric       | 
True    | public    | http://192.168.0.12:8041                       || 
0289010ada1446469e2ff14de09ff780 | RegionOne | aodh         | alarming     | 
True    | public    | http://192.168.0.12:8042                       || 
09e23e6226b7415eaf17a5bf4d33eeb8 | RegionOne | ceilometer   | metering     | 
True    | internal  | http://192.168.0.12:8777                       || 
0b574bc23cc54bd8a1266ed858a2e87f | RegionOne | neutron      | network      | 
True    | admin     | http://192.168.0.12:9696                       || 
128768ce20c44b8998a949c6e73c3eb2 | RegionOne | swift        | object-store | 
True    | admin     | http://192.168.0.12:8080/v1/AUTH_%(tenant_id)s || 
13782b29b3a04325be59c9c36d24622f | RegionOne | placement    | placement    | 
True    | public    | http://192.168.0.12:8778/placement             || 
160ef2bc67534bc19b47df8328fdcf16 | RegionOne | ceilometer   | metering     | 
True    | admin     | http://192.168.0.12:8777                       || 
19b9b5d72f4540f183c4ab574d3efd71 | RegionOne | cinderv3     | volumev3     | 
True    | admin     | http://192.168.0.12:8776/v3/%(tenant_id)s      || 
1ded29d260604e9b9cf14706fa558a21 | RegionOne | cinderv3     | volumev3     | 
True    | internal  | http://192.168.0.12:8776/v3/%(tenant_id)s      || 
26698f851ccc44b99d1f3601b9917d9b | RegionOne | keystone     | identity     | 
True    | admin     | http://192.168.0.12:35357/v3                   || 
2bea479cb5ea4d128ce9e7f8009be760 | RegionOne | nova         | compute      | 
True    | admin     | http://192.168.0.12:8774/v2.1/%(tenant_id)s    || 
3066119a6c9147fa8e4626725c3a34ad | RegionOne | neutron      | network      | 
True    | public    | http://192.168.0.12:9696                       || 
3912bdc1f8cd4014bb9bfc8292c9ee7c | RegionOne | glance       | image        | 
True    | internal  | http://192.168.0.12:9292                       || 
4243ebf7df0f46fbb062b828d7147ca4 | RegionOne | neutron      | network      | 
True    | internal  | http://192.168.0.12:9696                       || 
491809ebcf99486bb050f3dd7c54e91e | RegionOne | swift        | object-store | 
True    | internal  | http://192.168.0.12:8080/v1/AUTH_%(tenant_id)s || 
59c73f5064b7494faa5ca3b389403746 | RegionOne | cinderv2     | volumev2     | 
True    | public    | http://192.168.0.12:8776/v2/%(tenant_id)s      || 
59d32fdf1d01465bbfeb30291cf3edb0 | RegionOne | swift        | object-store | 
True    | public    | http://192.168.0.12:8080/v1/AUTH_%(tenant_id)s || 
6b5f1f96bef1441fa16947e3d2578732 | RegionOne | cinder       | volume       | 
True    | admin     | http://192.168.0.12:8776/v1/%(tenant_id)s      || 
724aafb2db954e3e867f841f790fb8b7 | RegionOne | keystone     | identity     | 
True    | internal  | http://192.168.0.12:5000/v3                    || 
7b149ecd13ed4278bc45e106b1d7fcf2 | RegionOne | glance       | image        | 
True    | public    | http://192.168.0.12:9292                       || 
7d093993eeb34acdb9c7c1afe9c77144 | RegionOne |