問題提出:前段時間不小心刪除了service項目(租戶),neutron服務一切正常,就是網絡服務不能訪問。查看日誌/var/log/neutron/service.log,發現錯誤原因:
CRITICAL keystonemiddleware.auth_token [-] Unable to validate token: Identity server rejected authorization necessary to fetch token data
問題分析:主要原因是就是跟keystone的認證出了問題,openstack的組件是通過service進行服務的提供。如下圖:
解決方法:爲簡單起見,我先刪除了neutron的所有endpoint,service,role等,然後重新創建
openstack project create --description "Service Project" service
openstack user create --password-prompt neutron User Password: Repeat User Password: +----------+----------------------------------+ | Field | Value | +----------+----------------------------------+ | email | None | | enabled | True | | id | ab67f043d9304017aaa73d692eeb4945 | | name | neutron | | username | neutron | +----------+----------------------------------+
openstack role add --project service --user neutron admin +-------+----------------------------------+ | Field | Value | +-------+----------------------------------+ | id | cd2cb9a39e874ea69e5d4b896eb16128 | | name | admin | +-------+----------------------------------+
openstack service create --name neutron \ --description "OpenStack Networking" network
openstack endpoint create \ --publicurl http://controller
:9696 \ --adminurl http://controller
:9696 \ --internalurl http://controller
:9696 \ --region RegionOne \ network
# service neutron-server restart # service neutron-plugin-openvswitch-agent restart # service neutron-l3-agent restart # service neutron-dhcp-agent restart # service neutron-metadata-agent restart