Thank you for your response, but unfortunately it still doesn't work. I can do cinder-ey things from the command line, including cinder list, type-show, create. The keystonerc_admin file that I use matches yours with the relevant bits changed for my environment, password, region etc. I've filled out the External Provider dialog with the admin user, cinder user and a new user. The dialog reports that it Failed to communicate with the external provider and to consult the log. The log reports the following:
2016-08-31 08:04:21,518 INFO [org.ovirt.engine.core.bll.provider.TestProviderConnectivityCommand] (default task-46) [20342b40] Running command: TestProviderConnectivityCommand internal: false. Entities affected : ID: aaa00000-0000-0000-0000-123456789aaa Type: SystemAction group CREATE_STORAGE_POOL with role type ADMIN 2016-08-31 08:04:21,546 ERROR [org.ovirt.engine.core.bll.provider.storage.AbstractOpenStackStorageProviderProxy] (default task-46) [20342b40] Unauthorized (OpenStack response error code: 401) 2016-08-31 08:04:21,546 ERROR [org.ovirt.engine.core.bll.provider.TestProviderConnectivityCommand] (default task-46) [20342b40] Command 'org.ovirt.engine.core.bll.provider.TestProviderConnectivityCommand' failed: EngineException: (Failed with error PROVIDER_FAILURE and code 5050) Which is very obvious that the username/auth that ovirt is sending isn't allowed to create, but it's using the same username/password that's in the keystonerc_admin file that I can do various command line things with. This is my keystonerc_admin file: OS_AUTH_URL=http://10.128.7.252:5000/v3 OS_PASSWORD=adminpass OS_PROJECT_DOMAIN_NAME=default OS_PROJECT_NAME=admin OS_REGION_NAME=WRI OS_TENANT_NAME=admin OS_USERNAME=admin OS_USER_DOMAIN_NAME=default I had to make add certain fields and change the auth url to v3 otherwise it reported either a malformed URL or more commonly, 401 Unauthorized. Which made me wonder if it's a compatibility issue with the v3 API. I've been working with Openstack Mitaka and ovirt 4.0.2 and 4.0.3 Regards, Logan ----- On Aug 31, 2016, at 6:07 AM, Natalie Gavrilov <ngavr...@redhat.com> wrote: | Hi Logen, | I'll refer only to using authentication , because I had configured it | previously. | This means: /etc/cinder/cinder.conf should have: auth_strategy = keystone | I'm using keystonerc file, example keystonerc_admin: | ---------------------------------------------------------------------------- | unset OS_SERVICE_TOKEN | export OS_USERNAME=admin | export OS_PASSWORD=password | export OS_AUTH_URL=http://CINDER-HOST:5000/v2.0 | export PS1='[\u@\h \W(keystone_admin)]\$ ' | export OS_TENANT_NAME=admin | export OS_REGION_NAME=RegionOne | ---------------------------------------------------------------------------- | This will be step by step as much as possible just to make sure nothing is | missed (assuming Cinder and Ceph are configured correctly). | Go to: | External providers -> Add | Fill in the fields: | Name: | Type: OpenStack Volume | Provider url: http://CINDER_HOST:8776 | Check "Requires Authentication" | Fill in the information, this is an example: | Username: admin | Password: password | Tenant name: admin | Authentication URL: http://CINDER-HOST:5000/v2.0 | Test should return "Test succeeded, managed to access provider." | Now click Ok. | Now lets configure additional information: | Lower pane: Authentication Keys | Click on: New | Fill in UUID field with rbd_secret_uuid | and value :which is the key (it's in /etc/ceph/ceph.client.USERNAME.keyring) | Hope this helps.. | Regards, | Natalie | From: "Aharon Canan" < aca...@redhat.com > | To: "Natalie Gavrilov" < ngavr...@redhat.com > | Sent: Wednesday, August 31, 2016 8:53:22 AM | Subject: Fwd: [ovirt-users] Unable to backend oVirt with Cinder | Hi | Can you help with below? | This is community email and will be great if you can help this guy. | Aharon | ---------- Forwarded message ---------- | From: Logan Kuhn < log...@wolfram.com > | Date: Tue, Aug 30, 2016 at 11:07 PM | Subject: [ovirt-users] Unable to backend oVirt with Cinder | To: users < users@ovirt.org > | I've got Cinder configured and pointed at Ceph for it's back end storage. | I can run ceph commands on the cinder machine and cinder is configured for | noauth and I've also tried it with Keystone for auth. I can run various | cinder commands and it'll return as expected. | When I configure it in oVirt it'll add the external provider fine, but when | I go to create a disk it doesn't populate the volume type field, it's just | empty. The corresponding command for cinder: cinder type-list and cinder | type-show <name> returns fine and it is public. | Ovirt and Cinder are on the same host so it isn't a firewall issue. | Cinder config: | [DEFAULT] | rpc_backend = rabbit | #auth_strategy = keystone | auth_strategy = noauth | enabled_backends = ceph | #glance_api_servers = http://10.128.7.252:9292 | #glance_api_version = 2 | #[keystone_authtoken] | #auth_uri = http://10.128.7.252:5000/v3 | #auth_url = http://10.128.7.252:35357/v3 | #auth_type = password | #memcached_servers = localhost:11211 | #project_domain_name = default | #user_domain_name = default | #project_name = services | #username = user | #password = pass | [ceph] | volume_driver = cinder.volume.drivers.rbd.RBDDriver | volume_backend_name = ceph | rbd_pool = ovirt-images | rbd_user = cinder | rbd_secret_uuid = <secret> | rbd_ceph_conf = /etc/ceph/ceph.conf | rbd_flatten_volume_from_snapshot = true | rbd_max_clone_depth = 5 | rbd_store_chunk_size = 4 | rados_connect_timeout = -1 | #glance_api_version = 2 | [database] | connection = postgresql:// user:pass@10.128.2.33/cinder | [oslo_concurrency] | lock_path = /var/lib/cinder/tmp | [oslo_messaging_rabbit] | rabbit_host = localhost | rabbit_port = 5672 | rabbit_userid = user | rabbit_password = pass | Regards, | Logan | _______________________________________________ | Users mailing list | Users@ovirt.org | http://lists.ovirt.org/mailman/listinfo/users
_______________________________________________ Users mailing list Users@ovirt.org http://lists.ovirt.org/mailman/listinfo/users
