• [原]openstack-kilo--issue(一) httpd汇总


    /**

    系统环境:redhat7.2

    repo:163

    openstack version : kilo

    author: lihaibo

    **/

    问题1:Invalid command 'group=keystone', perhaps misspelled or defined by a modul...ration

    按照官方文档(january 10,2016)安装openstack-kilo的时候,在启动httpd的时候无法正常启动,并报错:

    
    
    [root@controller0 ~]# systemctl status httpd.service
    ● httpd.service - The Apache HTTP Server
       Loaded: loaded (/usr/lib/systemd/system/httpd.service; enabled; vendor preset: disabled)
       Active: failed (Result: exit-code) since Sat 2016-05-28 20:17:58 EDT; 3min 8s ago
         Docs: man:httpd(8)
               man:apachectl(8)
      Process: 4299 ExecStop=/bin/kill -WINCH ${MAINPID} (code=exited, status=1/FAILURE)
      Process: 4297 ExecStart=/usr/sbin/httpd $OPTIONS -DFOREGROUND (code=exited, status=1/FAILURE)
     Main PID: 4297 (code=exited, status=1/FAILURE)
    
    May 28 20:17:58 controller0 systemd[1]: Starting The Apache HTTP Server...
    May 28 20:17:58 controller0 httpd[4297]: AH00526: Syntax error on line 16 of /etc/httpd/conf.d/wsgi-keystone.conf:
    May 28 20:17:58 controller0 httpd[4297]: Invalid command 'group=keystone', perhaps misspelled or defined by a modul...ration
    May 28 20:17:58 controller0 systemd[1]: httpd.service: main process exited, code=exited, status=1/FAILURE
    May 28 20:17:58 controller0 kill[4299]: kill: cannot find process ""
    May 28 20:17:58 controller0 systemd[1]: httpd.service: control process exited, code=exited status=1
    May 28 20:17:58 controller0 systemd[1]: Failed to start The Apache HTTP Server.
    May 28 20:17:58 controller0 systemd[1]: Unit httpd.service entered failed state.
    May 28 20:17:58 controller0 systemd[1]: httpd.service failed.
    Hint: Some lines were ellipsized, use -l to show in full.

     检查错误:打开http配置文件

    /etc/httpd/conf.d/wsgi-keystone.conf

    由于是从官方文档粘贴到文件,所有有两处group被换行了(下面红色字体),只需要调整group上面一行的末尾就解决了。[root@controller0 ~]# vim /etc/httpd/conf.d/wsgi-keystoneWSGIDaemonProcess keystone-admin processes=5 threads=1 user=keystone

    [root@controller0 ~]# vim /etc/httpd/conf.d/wsgi-keystone.conf

    WSGIDaemonProcess keystone-admin processes=5 threads=1 user=keystone
    Listen 5000
    Listen 35357
    <VirtualHost *:5000>


    WSGIDaemonProcess keystone-public processes=5 threads=1 user=keystone

    group=keystone display-name=%{GROUP}

    WSGIProcessGroup keystone-public
    WSGIScriptAlias / /var/www/cgi-bin/keystone/main
    WSGIApplicationGroup %{GLOBAL}
    WSGIPassAuthorization On
    LogLevel info
    ErrorLogFormat "%{cu}t %M"
    ErrorLog /var/log/httpd/keystone-error.log
    CustomLog /var/log/httpd/keystone-access.log combined
    </VirtualHost>
    <VirtualHost *:35357>


    WSGIDaemonProcess keystone-admin processes=5 threads=1 user=keystone

    group=keystone display-name=%{GROUP}


    WSGIProcessGroup keystone-admin
    WSGIScriptAlias / /var/www/cgi-bin/keystone/admin
    WSGIApplicationGroup %{GLOBAL}
    WSGIPassAuthorization On
    LogLevel info
    ErrorLogFormat "%{cu}t %M"
    ErrorLog /var/log/httpd/keystone-error.log
    CustomLog /var/log/httpd/keystone-access.log combined
    </VirtualHost>

    改动后验证配置文件是否正确:

     

    [root@controller0 ~]# service httpd configtest
    Syntax OK
    

     问题2:(13)Permission denied: AH00072: make_sock: could not bind to address [::]:5000

     1 [root@controller0 ~]# systemctl start httpd.service
     2 Job for httpd.service failed because the control process exited with error code. See "systemctl status httpd.service" and "journalctl -xe" for details.
     3 [root@controller0 ~]# systemctl status httpd.service
     4 ● httpd.service - The Apache HTTP Server
     5    Loaded: loaded (/usr/lib/systemd/system/httpd.service; enabled; vendor preset: disabled)
     6    Active: failed (Result: exit-code) since Sat 2016-05-28 20:22:34 EDT; 11s ago
     7      Docs: man:httpd(8)
     8            man:apachectl(8)
     9   Process: 4501 ExecStop=/bin/kill -WINCH ${MAINPID} (code=exited, status=1/FAILURE)
    10   Process: 4499 ExecStart=/usr/sbin/httpd $OPTIONS -DFOREGROUND (code=exited, status=1/FAILURE)
    11  Main PID: 4499 (code=exited, status=1/FAILURE)
    12 
    13 May 28 20:22:34 controller0 httpd[4499]: (13)Permission denied: AH00072: make_sock: could not bind to address [::]:5000
    14 May 28 20:22:34 controller0 httpd[4499]: (13)Permission denied: AH00072: make_sock: could not bind to address 0.0.0.0:5000
    15 May 28 20:22:34 controller0 httpd[4499]: no listening sockets available, shutting down
    16 May 28 20:22:34 controller0 httpd[4499]: AH00015: Unable to open logs
    17 May 28 20:22:34 controller0 systemd[1]: httpd.service: main process exited, code=exited, status=1/FAILURE
    18 May 28 20:22:34 controller0 kill[4501]: kill: cannot find process ""
    19 May 28 20:22:34 controller0 systemd[1]: httpd.service: control process exited, code=exited status=1
    20 May 28 20:22:34 controller0 systemd[1]: Failed to start The Apache HTTP Server.
    21 May 28 20:22:34 controller0 systemd[1]: Unit httpd.service entered failed state.
    22 May 28 20:22:34 controller0 systemd[1]: httpd.service failed.

     问题检查:audit daemon

    检查/var/log/audit/audit.log和/var/log/message:

    1 [root@controller0 audit]# cat /var/log/audit/audit.log |grep 5000
    2 type=AVC msg=audit(1464574273.240:492): avc:  denied  { name_bind } for  pid=4289 comm="httpd" src=5000 scontext=system_u:system_r:httpd_t:s0 tcontext=system_u:object_r:commplex_main_port_t:s0 tclass=tcp_socke
     cat /var/log/messages 
    ......
    1
    May 29 22:18:01 controller0 systemd-logind: New session 1 of user root. 2 May 29 22:18:01 controller0 systemd: Started Session 1 of user root. 3 May 29 22:18:01 controller0 systemd: Starting Session 1 of user root. 4 May 29 22:18:01 controller0 dbus-daemon: dbus[1027]: [system] Activating service name='org.freedesktop.problems' (using servicehelper) 5 May 29 22:18:01 controller0 dbus[1027]: [system] Activating service name='org.freedesktop.problems' (using servicehelper) 6 May 29 22:18:01 controller0 dbus[1027]: [system] Successfully activated service 'org.freedesktop.problems' 7 May 29 22:18:01 controller0 dbus-daemon: dbus[1027]: [system] Successfully activated service 'org.freedesktop.problems' 8 May 29 22:18:26 controller0 systemd-logind: New session 2 of user root. 9 May 29 22:18:26 controller0 systemd: Started Session 2 of user root. 10 May 29 22:18:26 controller0 systemd: Starting Session 2 of user root. 11 May 29 22:19:19 controller0 systemd: Starting The Apache HTTP Server... 12 May 29 22:19:19 controller0 httpd: (13)Permission denied: AH00072: make_sock: could not bind to address [::]:5000 13 May 29 22:19:19 controller0 httpd: (13)Permission denied: AH00072: make_sock: could not bind to address 0.0.0.0:5000 14 May 29 22:19:19 controller0 httpd: no listening sockets available, shutting down 15 May 29 22:19:19 controller0 httpd: AH00015: Unable to open logs 16 May 29 22:19:19 controller0 systemd: httpd.service: main process exited, code=exited, status=1/FAILURE

    分析:网上说需要使用root用户关闭selinux。由于操作命令时使用的是root用户,所以排除这个可能

      其次防火墙都是关闭了的,其他如果能控制端口的可能是selinux,检查selinux

    1)检查selinux状态

    1 [root@controller0 ~]# getenforce 
    2 enforcing                                     #如果不为disabled 则表示为selinux正常运行

    2)检查/etc/selinux/config

     1 # This file controls the state of SELinux on the system.
     2 # SELINUX= can take one of these three values:
     3 #     enforcing - SELinux security policy is enforced.
     4 #     permissive - SELinux prints warnings instead of enforcing.
     5 #     disabled - No SELinux policy is loaded.
     6 SELINUX=enforcing                             #这个地方是关键点,发现selinux还是打开的。修改为disabled
     7 # SELINUXTYPE= can take one of three two values:
     8 #     targeted - Targeted processes are protected,
     9 #     minimum - Modification of targeted policy. Only selected processes are protected.
    10 #     mls - Multi Level Security protection.
    11 SELINUXTYPE=targeted
    
    SELINUX=enforcing 改为 selinux=distabled
    重启reboot
    查看
    [root@controller0 ~]# netstat -anp|grep 5000
    tcp6       0      0 :::5000                 :::*                    LISTEN      1762/httpd  

    lsof查看
    COMMAND  PID   USER   FD   TYPE DEVICE SIZE/OFF NODE NAME
    httpd   1762   root    6u  IPv6  24712      0t0  TCP *:commplex-main (LISTEN)
    httpd   1959 apache    6u  IPv6  24712      0t0  TCP *:commplex-main (LISTEN)
    httpd   1961 apache    6u  IPv6  24712      0t0  TCP *:commplex-main (LISTEN)
    httpd   1962 apache    6u  IPv6  24712      0t0  TCP *:commplex-main (LISTEN)
    httpd   1973 apache    6u  IPv6  24712      0t0  TCP *:commplex-main (LISTEN)
    httpd   1974 apache    6u  IPv6  24712      0t0  TCP *:commplex-main (LISTEN)

    问题解决,参考:https://lkubaski.wordpress.com/2012/10/17/solving-the-permission-denied-make_sock-could-not-bind-to-address-issue-when-starting-apache-on-linux/

    问题三: openstack The request you have made requires authentication. (HTTP 401)

    在核心组件装好了以后,heat创建用户的时候出现了401错误

    检查了安装日志中有个验证环节,是 unset OS_TOKEN OS_URL

     

     执行之后:

    就能正常创建:

      

  • 相关阅读:
    10.1~10.15学习情况
    ACM-ICPC 2018 沈阳赛区网络预赛
    打卡4
    打卡3
    tab 简单的tab
    css 圆形动画
    pdf和图片之间的转换
    对list进行分组
    C# 打开所在文件夹
    读取xml文件
  • 原文地址:https://www.cnblogs.com/horizonli/p/5538876.html
Copyright © 2020-2023  润新知