调试易

补充一下：
在keystone数据库的token表中，虽然显示的失败，但在token中是有记录的。id 和expiresextra域看起来很正常，extra域的记录为：
 {"metadata": {"roles": ["7357707b5552435b915ce3660b035c17"]}, "user": {"email": null, "enabled": true, "id": "ca470ec95a494c01a167daf10c8ce968", "name": "adminUser", "tenantId": "4082c6a9dd844f1fbf2e4dde00f84713"}, "tenant": {"enabled": true, "id": "4082c6a9dd844f1fbf2e4dde00f84713", "name": "openstackDemo", "description": "Default Tenant"}}

For me the problem with the using %(tenat_id)s in keystone was due to older version of python (and nova) in the Ubuntu software repositories when I first installed Ubtuntu 12.04 and the openstack software.This was fixed by:$ sudo apt-get update
$ sudo apt-get dist-upgrade
$ sudo apt-get upgradeBoth python and nova were upgraded.I then entered the service endpoints exactly as shown in http://docs.openstack.org/trunk/openstack-compute/install/content/keystone-service-endpoint-create.html, using %(tenant_id)s, e.g:
It was not necessary to define $TENANT or substitute tenant_id with code numbers for the 2 service tenant, e.g.
$ keystone --token 012345SECRET99TOKEN012345 \
--endpoint http://192.168.206.130:35357/v2.0/ \
endpoint-create \
 --region RegionOne \
 --service_id=abc0f03c02904c24abdcc3b7910e2eed \
 --publicurl='http://192.168.206.130:8774/v2/%(tenant_id)s' \
 --internalurl='http://192.168.206.130:8774/v2/%(tenant_id)s' \
 --adminurl='http://192.168.206.130:8774/v2/%(tenant_id)s'After reading through http://www.gossamer-threads.com/lists/openstack/dev/10816 , I also added the following line in my keystone.conf. Although the template_file line may not be needed.[catalog]
driver = keystone.catalog.backends.sql.Catalog
template_file = /etc/keystone/default_catalog.templatesI was then able to see the endpoints for both service tenants using the curl command:curl -d '{"auth": {"tenantName": "openstackDemo", "passwordCredentials":{"username": "adminUser", "password": "secretword"}}}' -H "Content-type: application/json" http://192.168.206.130:35357/v2.0/tokens | python -mjson.tool
Listed the endpoints for the openstsckDemo tenant, with the service tenant id code:                "endpoints": [
                    {
                        "adminURL": "http://192.168.206.130:8774/v2/abcd12345678912345678912345",
                        "internalURL": "http://192.168.206.130:8774/v2/abcd12345678912345678912345",
                        "publicURL": "http://192.168.206.130:8774/v2/abcd12345678912345678912345",
                        "region": "RegionOne"
                    }
                ],
                "endpoints_links": [],
                "name": "nova",
                "type": "compute"$ curl -d '{"auth": {"tenantName": "service", "passwordCredentials":{"username": "nova", "password": "novapasword"}}}' -H "Content-type: application/json" http://192.168.206.130:35357/v2.0/tokens | python -mjson.tool
Listed the endpoints for the service tenant, with the service tenant id code:                "endpoints": [
                    {
                        "adminURL": "http://192.168.206.130:8774/v2/efghij12345678912345678912345",
                        "internalURL": "http://192.168.206.130:8774/v2/efghij12345678912345678912345",
                        "publicURL": "http://192.168.206.130:8774/v2/efghij12345678912345678912345",
                        "region": "RegionOne"
                    }
                ],
                "endpoints_links": [],
                "name": "nova",
                "type": "compute"
            },I was then able to authenticate glance add commands wihtout getting an error.