Unable to get metadata proxy to work
I just installed OpenStack pike on CentOs 7 and I am trying to get the demo instance to get the cloud metadata information. I have created a private network and it appears that routing within the instance is setup properly. I have done a tcpdump and traced the request to 169.254.169.254 to the controller node on the tap interface for the subnet. It just seems the requests are not being to routed to the metadata service. Do I need to setup a router in OpenStack to route the requests to the service? If so how do I do this? Here is my list of ports:
+--------------------------------------+------+-------------------+------------------------------------------------------------------------------+--------+
| ID | Name | MAC Address | Fixed IP Addresses | Status |
+--------------------------------------+------+-------------------+------------------------------------------------------------------------------+--------+
| 47d01d48-01b3-4178-b98c-fa3332073a7b | | fa:16:3e:09:02:e8 | ip_address='192.168.0.100', subnet_id='ca04a8d5-f47a-4832-9a84-602e1d0d3ca9' | ACTIVE |
| aeea927c-d837-4a19-9d58-c17fa50c5115 | | fa:16:3e:bb:a7:43 | ip_address='192.168.0.106', subnet_id='ca04a8d5-f47a-4832-9a84-602e1d0d3ca9' | ACTIVE |
+--------------------------------------+------+-------------------+------------------------------------------------------------------------------+--------+
106 is my demo instance and 100 is the neutron "gateway". The routes appear to be setup properly in cirros demo instance.
When I attempt to curl http://169.254.169.254/openstack this is output of tcpdump on the controller node:
12:09:40.499175 IP (tos 0x0, ttl 64, id 35229, offset 0, flags [DF], proto TCP (6), length 60)
controller.36129 > 169.254.169.254.http: Flags [S], cksum 0x9c8a (correct), seq 1018126589, win 14100, options [mss 1410,sackOK,TS val 1108320 ecr 0,nop,wscale 3], length 0
12:09:41.496448 IP (tos 0x0, ttl 64, id 35230, offset 0, flags [DF], proto TCP (6), length 60)
controller.36129 > 169.254.169.254.http: Flags [S], cksum 0x9b90 (correct), seq 1018126589, win 14100, options [mss 1410,sackOK,TS val 1108570 ecr 0,nop,wscale 3], length 0
12:09:43.500526 IP (tos 0x0, ttl 64, id 35231, offset 0, flags [DF], proto TCP (6), length 60)
controller.36129 > 169.254.169.254.http: Flags [S], cksum 0x999b (correct), seq 1018126589, win 14100, options [mss 1410,sackOK,TS val 1109071 ecr 0,nop,wscale 3], length 0
So it appears the traffic is getting through everywhere, its just not getting to the metadata service. I am unable to find any errors in any logs for either nova or neutron. Some other useful information:
lsof /var/lib/neutron/metadata_proxy
COMMAND PID USER FD TYPE DEVICE SIZE/OFF NODE NAME
neutron-m 4387 neutron 4u unix 0xffff88154e7da000 0t0 44885 /var/lib/neutron/metadata_proxy
neutron-m 4397 neutron 4u unix 0xffff88154e7da000 0t0 44885 /var/lib/neutron/metadata_proxy
neutron-m 4398 neutron 4u unix 0xffff88154e7da000 0t0 44885 /var/lib/neutron/metadata_proxy
neutron-m 4399 neutron 4u unix 0xffff88154e7da000 0t0 44885 /var/lib/neutron/metadata_proxy
neutron-m 4400 neutron 4u unix 0xffff88154e7da000 0t0 44885 /var/lib/neutron/metadata_proxy
neutron-m 4401 neutron 4u unix 0xffff88154e7da000 0t0 44885 /var/lib/neutron/metadata_proxy
neutron-m 4402 neutron 4u unix 0xffff88154e7da000 0t0 44885 /var/lib/neutron/metadata_proxy
ip netns
qdhcp-dfe4adfc-1e1f-4414-a6f4-43d5b6ef9a3f (id: 1)
Agent List
+--------------------------------------+--------------------+---------------------------------+-------------------+-------+-------+---------------------------+
| ID | Agent Type | Host | Availability Zone | Alive | State | Binary |
+--------------------------------------+--------------------+---------------------------------+-------------------+-------+-------+---------------------------+
| 25d86fcb-7f91-4f08-a48a-e09a618944bf | DHCP agent | controller | nova | :-) | UP | neutron-dhcp-agent |
| 27adc48c-317d-4734-b2b3-249ce4f1ba9a | Linux bridge agent ...