Pivotal Knowledge Base

Follow

Pivotal Cloud Foundry error "Could not log in: Invalid tenant" when configuring Ops Manager IaaS

Environment

Pivotal Cloud Foundry: 1.10

Symptom

You received OpenStack errors when configuring Pivotal Cloud Foundry (PCF) Ops Manager and a subsequent error with user authentication failures

"Could not log in: Invalid tenant 'dev-pcf-north-01'"

Cause

Ops Manager uses a library called Fog which only finds and displays the first project in the "OpenStack project list" that is assigned to that user. If Ops Manager was configured to use a tenant/project other than the first one, a later check in the Pivotal code fails which causes this error. 

Analysis

OpsManager/Pivotal Cloud Foundry will use the first project in the OpenStack project list. The user is authenticated with OpenStack, in this case, is probably a member of several projects as designed by the user for additional Pivotal Cloud Foundry installations.

Because the project configured in Ops Manager was a project listed further down on the list of the OpenStack projects, configuration failed.

Workaround

The workaround is to create a user assigned to a singular project only and use it to configure Pivotal Cloud Foundry. The error will be resolved by making the user a member of the same groups in both OpenStack and LDAP. 

Additional Information

Use an account which has access to the tenant you want to use for OpsManager/Pivotal Cloud Foundry to prevent PCF from choosing (by default) the first project in the OpenStack project list.

For details about deploying Pivotal Cloud Foundry on OpenStack, click here.

 

Comments

Powered by Zendesk