6.0 KiB
Troubleshooting Guide
Source file (~/openrc)
If you try run swift cli in controller nodes, please check
OS_AUTH_URL is correct. If the value is
http://<KEYSTONE_VIP>:5000/
, please correct it to
http://<KEYSTONE_IP>:5000/v2.0
as following.
@node-17:~# cat openrc root#!/bin/sh ...='http://<KEYSTONE_VIP>:5000/v2.0' export OS_AUTH_URL ...
External Load Balancer
If there is a external load balancer in front of you Swift cluster,
and you confgiure the swift cluster with it. Please fill the external LB
IP for Swift API IP Address
in plugin page <swift_api_ip_address>
.
Swift endpoint in Keystone DB
Before you upload any VM image to Glance, we suggest to check the Swift endpoint in Keystone DB first. Make sure the Swift endpoint is correct.
For swift endpoint, please make sure the endpoints
(publicurl
and internalurl
) look like
http://<SWIFT_API_IP>:80/v1/KEY_%(tenant_id)s
.
list | grep swift $ openstack endpoint
401 Unauthorized issue from clients
If any client runs into 401 Unauthorized
issue, please
use Swift CLI verify it again and make sure the settings of middlewares
in Swift cluster are correct.
For example, if you get a error with swift stat
.
$ swift stat//10.200.5.5:80/v1/KEY_32f0b6cd7299412e9f7966b324 Account HEAD failed: http: fb6aea401 Unauthorized
Try to use --debug
to get more details.
--debug stat -v $ swift <SKIP>.. .. INFO:requests.packages.urllib3.connectionpool:Starting new HTTP connection1): 10.200.5.5 ("HEAD /v1/KEY_32f0b6cd72994 DEBUG:requests.packages.urllib3.connectionpool: 12e9f7966b324fb6aea HTTP/1.1" 401 0 INFO:swiftclient:REQ: curl -i http://10.200.5.5:80/v1/KEY_32f0b6cd7299412e 9f7966b324fb6aea -I -H "X-Auth-Token: gAAAAABXMe1s87mzqZK1Ee8hyJQ86fv9 NDcSChKCLk-PTQfa353J5t3N4EL-OCHbZuqt6hRFBJehUozgF4FNNd5Q_rfXBejo817U_F f6mAy6-hP2l0KWbxON1mfZL_UCfjjWclrSD2-bK38JvTfrqWdM99cqfdMBDZS-wqHn1dZz O0g2r-Kzxcc" INFO:swiftclient:RESP STATUS: 401 Unauthorized INFO:swiftclient:RESP HEADERS: [('Content-Length', '0'), ('Connection', 'keep-alive'), ('X-Trans-Id', 'txecd82ae98e714ef0b4c0c-005731ed6c') , ('Date', 'Tue, 10 May 2016 14:17:16 GMT'), ('Content-Type', 'text/htm l; charset=UTF-8'), ('Www-Authenticate', 'Swift realm="KEY_32f0b6cd72 99412e9f7966b324fb6aea", Keystone uri=\'http://10.200.7.2:5000/\'')] ERROR:swiftclient:Account HEAD failed: http://10.200.5.5:80/v1/KEY_32f0b6c d7299412e9f7966b324fb6aea 401 Unauthorized Traceback (most recent call last): File "/usr/lib/pymodules/python2.7/swiftclient/client.py", line 1261, in _retry rv = func(self.url, self.token, *args, **kwargs) File "/usr/lib/pymodules/python2.7/swiftclient/client.py", line 541, in head_account http_response_content=body) ClientException: Account HEAD failed: http://10.200.5.5:80/v1/KEY_32f0b6cd 7299412e9f7966b324fb6aea 401 Unauthorized Account HEAD failed: http://10.200.5.5:80/v1/KEY_32f0b6cd7299412e9f7966b32 4fb6aea 401 Unauthorized
If the keystone IP and Swift user and password are correct, please
find the password
from deployment yaml files<find_keystone_password>
and
config Swift middlewares <setup_swift_middleware>
first. Once that're done, please verify it with Swift CLI<verity_cluster_swift_cli>
.
403 Forbidden issue from clients through S3 APIs
When you saw clients get 403 response from S3 APIs, please check Swift3 Keystone Integration Middleware first and make sure auth_url is point to keystone amdinurl.
~$ ./s3get.sh test http://172.16.0.100:80 \ > e8f3617f41d34d02a7ba129f8581a3b6 \ > 85f2ae90a9614a8b832747af3c6e6c9b \ > test rc.admin Wed, 15 Jun 2016 14:15:14 UTC /test/rc.admin * Hostname was NOT found in DNS cache * Trying 172.16.0.100... * Connected to 172.16.0.100 (172.16.0.100) port 80 (#0) > GET /test/rc.admin HTTP/1.1 > User-Agent: curl/7.35.0 > Host: 172.16.0.100 > Accept: */* > Date: Wed, 15 Jun 2016 14:15:14 UTC > Authorization: AWS e8f3617f41d34d02a7ba129f8581a3b6:RG6hF77QUN/fmMMLSFP5SauMD7Q= > < HTTP/1.1 403 Forbidden HTTP/1.1 403 Forbidden < x-amz-id-2: tx6359093a27f642db8a398-00576162f3 x-amz-id-2: tx6359093a27f642db8a398-00576162f3 < x-amz-request-id: tx6359093a27f642db8a398-00576162f3 x-amz-request-id: tx6359093a27f642db8a398-00576162f3 < Content-Type: application/xml Content-Type: application/xml < X-Trans-Id: tx6359093a27f642db8a398-00576162f3 X-Trans-Id: tx6359093a27f642db8a398-00576162f3 < Date: Wed, 15 Jun 2016 14:15:15 GMT Date: Wed, 15 Jun 2016 14:15:15 GMT < Transfer-Encoding: chunked Transfer-Encoding: chunked
And if that is still can't solve the problem or you see other error
codes (500 Internal server error, etc.) from S3 APIs, please try to
check the swift logs (/var/log/swift/all.log) to see is any exception on
that. And you will have a X-Trams-Id
for each request, so
please use that to grep Swift logs likes,
# Please login to SwiftStack Nodes $ grep tx6359093a27f642db8a398-00576162f3 /var/log/swift/all.log
And send the output to SwiftStack Support.