我正在 OpenStack 上尝试 Heat 编排。使用以下配置设置单实例堆栈时,出现此错误:
Error: ERROR: Missing required credential: roles [u'_member_']
这可能是什么问题?
谢谢!
heat_template_version: 2013-05-23
description: Simple template to deploy a single compute instance
resources:
my_instance:
type: OS::Nova::Server
properties:
image: CentOS-6-x86_64-GenericCloud-2016-04-05
flavor: c1-tiny
key_name: mine
networks:
- network: private_network
答案1
这成员属性表示 OpenStack 项目上的角色,所以这是 keystone 抛出的错误,我能想到两种可能性 - 调用堆栈的用户没有成员角色(如果您可以登录 Horizon,则您拥有此角色)或 heat 域和 stack 用户尚未设置,从安装先决条件来看:
Orchestration requires additional information in the Identity service to manage stacks. To add this information, complete these steps:
Create the heat domain that contains projects and users for stacks:
$ openstack domain create --description "Stack projects and users" heat
+-------------+----------------------------------+
| Field | Value |
+-------------+----------------------------------+
| description | Stack projects and users |
| enabled | True |
| id | 0f4d1bd326f2454dacc72157ba328a47 |
| name | heat |
+-------------+----------------------------------+
Create the heat_domain_admin user to manage projects and users in the heat domain:
$ openstack user create --domain heat --password-prompt heat_domain_admin
User Password:
Repeat User Password:
+-----------+----------------------------------+
| Field | Value |
+-----------+----------------------------------+
| domain_id | 0f4d1bd326f2454dacc72157ba328a47 |
| enabled | True |
| id | b7bd1abfbcf64478b47a0f13cd4d970a |
| name | heat_domain_admin |
+-----------+----------------------------------+
Add the admin role to the heat_domain_admin user in the heat domain to enable administrative stack management privileges by the heat_domain_admin user:
$ openstack role add --domain heat --user heat_domain_admin admin
Note
This command provides no output.
Create the heat_stack_owner role:
$ openstack role create heat_stack_owner
+-------+----------------------------------+
| Field | Value |
+-------+----------------------------------+
| id | 15e34f0c4fed4e68b3246275883c8630 |
| name | heat_stack_owner |
+-------+----------------------------------+
Add the heat_stack_owner role to the demo project and user to enable stack management by the demo user:
$ openstack role add --project demo --user demo heat_stack_owner
Note
This command provides no output.
Note
You must add the heat_stack_owner role to each user that manages stacks.
Create the heat_stack_user role:
$ openstack role create heat_stack_user
+-------+----------------------------------+
| Field | Value |
+-------+----------------------------------+
| id | 88849d41a55d4d1d91e4f11bffd8fc5c |
| name | heat_stack_user |
+-------+----------------------------------+
Note
The Orchestration service automatically assigns the heat_stack_user role to users that it creates during stack deployment. By default, this role restricts API operations. To avoid conflicts, do not add this role to users with the heat_stack_owner role.