如何使用Apache jclouds访问HP Helion
我想使用ApacheJClouds1.8.0(通过ApacheBrooklyn项目)访问HP Helion cloud,而我以前使用的配置不再有效。文档建议我使用与控制台相同的用户名和密码,但这会导致HTTP 401身份验证错误 发送的POST数据记录在日志中,如下所示(已格式化并编辑用户名/密码): 我对jclouds的配置包括如下设置标识和凭据:如何使用Apache jclouds访问HP Helion,cloud,openstack,jclouds,brooklyn,Cloud,Openstack,Jclouds,Brooklyn,我想使用ApacheJClouds1.8.0(通过ApacheBrooklyn项目)访问HP Helion cloud,而我以前使用的配置不再有效。文档建议我使用与控制台相同的用户名和密码,但这会导致HTTP 401身份验证错误 发送的POST数据记录在日志中,如下所示(已格式化并编辑用户名/密码): 我对jclouds的配置包括如下设置标识和凭据: identity = user@example.org-tenant1:user@example.org credential = XXXXXXX
identity = user@example.org-tenant1:user@example.org
credential = XXXXXXXX
java.lang.IllegalStateException: Not authorized to access cloud JcloudsLocation[HP Helion (US East):user@example.org-tenant1:user@example.org] to resolve PortableTemplateBuilder[ports=[22], os=ubuntu, locationId=region-b.geo-1, osVersionRegex=12.04, is64bit=true, imageChooserFunction=brooklyn.location.jclouds.BrooklynImageChooser$3@5ec6379b, minRam=2048]
at brooklyn.location.jclouds.JcloudsLocation.buildTemplate(JcloudsLocation.java:1052) ~[brooklyn-locations-jclouds-0.7.0-20140817.024657-169.jar:0.7.0-SNAPSHOT]
Caused by: org.jclouds.rest.AuthorizationException: POST https://region-a.geo-1.identity.hpcloudsvc.com:35357/v2.0/tokens HTTP/1.1 -> HTTP/1.1 401 Unauthorized
at org.jclouds.openstack.nova.v2_0.handlers.NovaErrorHandler.handleError(NovaErrorHandler.java:93) ~[openstack-nova-1.8.0.jar:1.8.0]
Caused by: org.jclouds.http.HttpResponseException: request: POST https://region-a.geo-1.identity.hpcloudsvc.com:35357/v2.0/tokens HTTP/1.1 [{"auth":{"apiAccessKeyCredentials":{"accessKey":"user@example.org","secretKey":"XXXXXXXX"},"tenantName":"user@example.org-tenant1"}}] failed with response: HTTP/1.1 401 Unauthorized
at org.jclouds.openstack.nova.v2_0.handlers.NovaErrorHandler.handleError(NovaErrorHandler.java:78) ~[openstack-nova-1.8.0.jar:1.8.0]
identity = user@example.org-tenant1:user@example.org
credential = XXXXXXXX
java.lang.IllegalStateException: Not authorized to access cloud JcloudsLocation[HP Helion (US East):user@example.org-tenant1:user@example.org] to resolve PortableTemplateBuilder[ports=[22], os=ubuntu, locationId=region-b.geo-1, osVersionRegex=12.04, is64bit=true, imageChooserFunction=brooklyn.location.jclouds.BrooklynImageChooser$3@5ec6379b, minRam=2048]
at brooklyn.location.jclouds.JcloudsLocation.buildTemplate(JcloudsLocation.java:1052) ~[brooklyn-locations-jclouds-0.7.0-20140817.024657-169.jar:0.7.0-SNAPSHOT]
Caused by: org.jclouds.rest.AuthorizationException: POST https://region-a.geo-1.identity.hpcloudsvc.com:35357/v2.0/tokens HTTP/1.1 -> HTTP/1.1 401 Unauthorized
at org.jclouds.openstack.nova.v2_0.handlers.NovaErrorHandler.handleError(NovaErrorHandler.java:93) ~[openstack-nova-1.8.0.jar:1.8.0]
Caused by: org.jclouds.http.HttpResponseException: request: POST https://region-a.geo-1.identity.hpcloudsvc.com:35357/v2.0/tokens HTTP/1.1 [{"auth":{"apiAccessKeyCredentials":{"accessKey":"user@example.org","secretKey":"XXXXXXXX"},"tenantName":"user@example.org-tenant1"}}] failed with response: HTTP/1.1 401 Unauthorized
at org.jclouds.openstack.nova.v2_0.handlers.NovaErrorHandler.handleError(NovaErrorHandler.java:78) ~[openstack-nova-1.8.0.jar:1.8.0]
事实证明,这有几个问题。首先,jclouds在1.8.0中的工作方式发生了变化,记录在 从1.8.0开始,HP云对象存储提供程序要求显式指定region属性。该属性现在用于选择适当的端点。如果未显式设置区域,将选择任意端点,这可能与使用早期版本的jclouds时选择的端点不同 这对我来说不是问题,但我现在正在配置中显式设置区域 其次,在向具有不同内容的端点发送了一些POST请求之后,jclouds似乎正在使用基于访问密钥的身份验证,而不是用户名和密码身份验证。因此,在登录HP Helion后,我从页面顶部的用户名下拉列表中选择了管理访问密钥。然后,我可以单击“显示密钥”来显示所需的访问和密钥数据。如果现有密钥已过期,则可能需要创建新密钥,但我不需要这样做。然后,我只需更改jclouds的身份和凭证数据以适应:
identity = user@example.org-tenant1:ACCESSKEYDATA
credential = SECRETKEYDATA
brooklyn.location.named.hpcloud-west = jclouds:hpcloud-compute
brooklyn.location.named.hpcloud-west.region = region-a.geo-1
brooklyn.location.named.hpcloud-west.displayName = HP Helion (US West)
还可以将
keystenProperties.CREDENTIAL\u TYPECredentialTypes.PASSWORD\u CREDENTIALS