[原]openstack-kilo--issue(一) httpd彙總

時間  2019-11-16
標籤 openstack kilo issue httpd 彙總 简体版
原文   原文鏈接

/**linux

系統環境:redhat7.2apache

repo:163vim

openstack version : kilobash

author: lihaibosession

**/socket

問題1:Invalid command 'group=keystone', perhaps misspelled or defined by a modul...rationtcp

按照官方文檔(january 10,2016)安裝openstack-kilo的時候,在啓動httpd的時候沒法正常啓動,並報錯:wordpress

 

 
 
[root@controller0 ~]# systemctl status httpd.service
● httpd.service - The Apache HTTP Server
   Loaded: loaded (/usr/lib/systemd/system/httpd.service; enabled; vendor preset: disabled)
   Active: failed (Result: exit-code) since Sat 2016-05-28 20:17:58 EDT; 3min 8s ago
     Docs: man:httpd(8)
           man:apachectl(8)
  Process: 4299 ExecStop=/bin/kill -WINCH ${MAINPID} (code=exited, status=1/FAILURE)
  Process: 4297 ExecStart=/usr/sbin/httpd $OPTIONS -DFOREGROUND (code=exited, status=1/FAILURE)
 Main PID: 4297 (code=exited, status=1/FAILURE)

May 28 20:17:58 controller0 systemd[1]: Starting The Apache HTTP Server...
May 28 20:17:58 controller0 httpd[4297]: AH00526: Syntax error on line 16 of /etc/httpd/conf.d/wsgi-keystone.conf:
May 28 20:17:58 controller0 httpd[4297]: Invalid command 'group=keystone', perhaps misspelled or defined by a modul...ration
May 28 20:17:58 controller0 systemd[1]: httpd.service: main process exited, code=exited, status=1/FAILURE
May 28 20:17:58 controller0 kill[4299]: kill: cannot find process ""
May 28 20:17:58 controller0 systemd[1]: httpd.service: control process exited, code=exited status=1
May 28 20:17:58 controller0 systemd[1]: Failed to start The Apache HTTP Server.
May 28 20:17:58 controller0 systemd[1]: Unit httpd.service entered failed state.
May 28 20:17:58 controller0 systemd[1]: httpd.service failed.
Hint: Some lines were ellipsized, use -l to show in full.
 

 

 
 

 檢查錯誤:打開http配置文件字體
 

/etc/httpd/conf.d/wsgi-keystone.confui
 

因爲是從官方文檔粘貼到文件,全部有兩處group被換行了(下面紅色字體),只須要調整group上面一行的末尾就解決了。[root@controller0 ~]# vim /etc/httpd/conf.d/wsgi-keystoneWSGIDaemonProcess keystone-admin processes=5 threads=1 user=keystone
 

 
 
[root@controller0 ~]# vim /etc/httpd/conf.d/wsgi-keystone.conf
 
 
WSGIDaemonProcess keystone-admin processes=5 threads=1 user=keystone
Listen 5000
Listen 35357
<VirtualHost *:5000>
 
 

WSGIDaemonProcess keystone-public processes=5 threads=1 user=keystone
 
 
group=keystone display-name=%{GROUP}
 
 
WSGIProcessGroup keystone-public
WSGIScriptAlias / /var/www/cgi-bin/keystone/main
WSGIApplicationGroup %{GLOBAL}
WSGIPassAuthorization On
LogLevel info
ErrorLogFormat "%{cu}t %M"
ErrorLog /var/log/httpd/keystone-error.log
CustomLog /var/log/httpd/keystone-access.log combined
</VirtualHost>
<VirtualHost *:35357>
 
 

WSGIDaemonProcess keystone-admin processes=5 threads=1 user=keystone 
 
 
group=keystone display-name=%{GROUP}
 
 

WSGIProcessGroup keystone-admin
WSGIScriptAlias / /var/www/cgi-bin/keystone/admin
WSGIApplicationGroup %{GLOBAL}
WSGIPassAuthorization On
LogLevel info
ErrorLogFormat "%{cu}t %M"
ErrorLog /var/log/httpd/keystone-error.log
CustomLog /var/log/httpd/keystone-access.log combined
</VirtualHost>
 

 

改動後驗證配置文件是否正確:
 

 
 

 
 
[root@controller0 ~]# service httpd configtest
Syntax OK

 

 

 問題2:(13)Permission denied: AH00072: make_sock: could not bind to address [::]:5000
 

 
 
 1 [root@controller0 ~]# systemctl start httpd.service
 2 Job for httpd.service failed because the control process exited with error code. See "systemctl status httpd.service" and "journalctl -xe" for details.
 3 [root@controller0 ~]# systemctl status httpd.service
 4 ● httpd.service - The Apache HTTP Server
 5    Loaded: loaded (/usr/lib/systemd/system/httpd.service; enabled; vendor preset: disabled)
 6    Active: failed (Result: exit-code) since Sat 2016-05-28 20:22:34 EDT; 11s ago
 7      Docs: man:httpd(8)
 8            man:apachectl(8)
 9   Process: 4501 ExecStop=/bin/kill -WINCH ${MAINPID} (code=exited, status=1/FAILURE)
10   Process: 4499 ExecStart=/usr/sbin/httpd $OPTIONS -DFOREGROUND (code=exited, status=1/FAILURE)
11  Main PID: 4499 (code=exited, status=1/FAILURE)
12 
13 May 28 20:22:34 controller0 httpd[4499]: (13)Permission denied: AH00072: make_sock: could not bind to address [::]:5000
14 May 28 20:22:34 controller0 httpd[4499]: (13)Permission denied: AH00072: make_sock: could not bind to address 0.0.0.0:5000
15 May 28 20:22:34 controller0 httpd[4499]: no listening sockets available, shutting down
16 May 28 20:22:34 controller0 httpd[4499]: AH00015: Unable to open logs
17 May 28 20:22:34 controller0 systemd[1]: httpd.service: main process exited, code=exited, status=1/FAILURE
18 May 28 20:22:34 controller0 kill[4501]: kill: cannot find process ""
19 May 28 20:22:34 controller0 systemd[1]: httpd.service: control process exited, code=exited status=1
20 May 28 20:22:34 controller0 systemd[1]: Failed to start The Apache HTTP Server.
21 May 28 20:22:34 controller0 systemd[1]: Unit httpd.service entered failed state.
22 May 28 20:22:34 controller0 systemd[1]: httpd.service failed.
 

 

 問題檢查:audit daemon
 

檢查/var/log/audit/audit.log和/var/log/message:
 

 
 
1 [root@controller0 audit]# cat /var/log/audit/audit.log |grep 5000
2 type=AVC msg=audit(1464574273.240:492): avc:  denied  { name_bind } for  pid=4289 comm="httpd" src=5000 scontext=system_u:system_r:httpd_t:s0 tcontext=system_u:object_r:commplex_main_port_t:s0 tclass=tcp_socke
 

 

 
 
 cat /var/log/messages 
......
 1 May 29 22:18:01 controller0 systemd-logind: New session 1 of user root.
 2 May 29 22:18:01 controller0 systemd: Started Session 1 of user root.
 3 May 29 22:18:01 controller0 systemd: Starting Session 1 of user root.
 4 May 29 22:18:01 controller0 dbus-daemon: dbus[1027]: [system] Activating service name='org.freedesktop.problems' (using servicehelper)
 5 May 29 22:18:01 controller0 dbus[1027]: [system] Activating service name='org.freedesktop.problems' (using servicehelper)
 6 May 29 22:18:01 controller0 dbus[1027]: [system] Successfully activated service 'org.freedesktop.problems'
 7 May 29 22:18:01 controller0 dbus-daemon: dbus[1027]: [system] Successfully activated service 'org.freedesktop.problems'
 8 May 29 22:18:26 controller0 systemd-logind: New session 2 of user root.
 9 May 29 22:18:26 controller0 systemd: Started Session 2 of user root.
10 May 29 22:18:26 controller0 systemd: Starting Session 2 of user root.
11 May 29 22:19:19 controller0 systemd: Starting The Apache HTTP Server...
12 May 29 22:19:19 controller0 httpd: (13)Permission denied: AH00072: make_sock: could not bind to address [::]:5000
13 May 29 22:19:19 controller0 httpd: (13)Permission denied: AH00072: make_sock: could not bind to address 0.0.0.0:5000
14 May 29 22:19:19 controller0 httpd: no listening sockets available, shutting down
15 May 29 22:19:19 controller0 httpd: AH00015: Unable to open logs
16 May 29 22:19:19 controller0 systemd: httpd.service: main process exited, code=exited, status=1/FAILURE
 

 

分析:網上說須要使用root用戶關閉selinux。因爲操做命令時使用的是root用戶,因此排除這個可能
 

  其次防火牆都是關閉了的,其餘若是能控制端口的多是selinux,檢查selinux
 

1)檢查selinux狀態
 

 
 
1 [root@controller0 ~]# getenforce 
2 enforcing                                     #若是不爲disabled 則表示爲selinux正常運行
 

 

2)檢查/etc/selinux/config
 

 
 
 1 # This file controls the state of SELinux on the system.
 2 # SELINUX= can take one of these three values:
 3 #     enforcing - SELinux security policy is enforced.
 4 #     permissive - SELinux prints warnings instead of enforcing.
 5 #     disabled - No SELinux policy is loaded.
 6 SELINUX=enforcing                             #這個地方是關鍵點,發現selinux仍是打開的。修改成disabled
 7 # SELINUXTYPE= can take one of three two values:
 8 #     targeted - Targeted processes are protected,
 9 #     minimum - Modification of targeted policy. Only selected processes are protected.
10 #     mls - Multi Level Security protection.
11 SELINUXTYPE=targeted

 

 

SELINUX=enforcing 改成 selinux=distabled
重啓reboot
查看
 

 
 
[root@controller0 ~]# netstat -anp|grep 5000
tcp6       0      0 :::5000                 :::*                    LISTEN      1762/httpd  

lsof查看
COMMAND  PID   USER   FD   TYPE DEVICE SIZE/OFF NODE NAME
httpd   1762   root    6u  IPv6  24712      0t0  TCP *:commplex-main (LISTEN)
httpd   1959 apache    6u  IPv6  24712      0t0  TCP *:commplex-main (LISTEN)
httpd   1961 apache    6u  IPv6  24712      0t0  TCP *:commplex-main (LISTEN)
httpd   1962 apache    6u  IPv6  24712      0t0  TCP *:commplex-main (LISTEN)
httpd   1973 apache    6u  IPv6  24712      0t0  TCP *:commplex-main (LISTEN)
httpd   1974 apache    6u  IPv6  24712      0t0  TCP *:commplex-main (LISTEN)
 

 

問題解決,參考:https://lkubaski.wordpress.com/2012/10/17/solving-the-permission-denied-make_sock-could-not-bind-to-address-issue-when-starting-apache-on-linux/
 

 
 

問題三: openstack The request you have made requires authentication. (HTTP 401)
 

在覈心組件裝好了之後,heat建立用戶的時候出現了401錯誤
 

檢查了安裝日誌中有個驗證環節,是 unset OS_TOKEN OS_URL
 

 
 

 
 

 執行以後:
 

 

就能正常建立:
 



        

            

        	





    

		

            
相關文章

            

                

                

                    

                

            


            
相關標籤/搜索

            
        


    

        

            

        

        

        
        

        

        

    




	

    





    

    	

    

        每日一句
    

    
    
    	每一个你不满意的现在,都有一个你没有努力的曾经。
    







    

    


    



    

        本站公眾號
    

    

           歡迎關注本站公眾號,獲取更多信息

        
    




    

    




	


	







    

        聯繫我們
        最近搜索
        最新文章
        
        沪ICP备13005482号-10

            MyBatis教程
            SQL 教程
            MySQL教程
            Java 教程
            Thymeleaf 教程
            Hibernate教程
            Spring教程 
            Redis教程