instances in provider network cannot reach metadata agent
I've been installing OpenStack using the official installation guide (https://docs.openstack.org/install-guide/openstack-services.html (https://docs.openstack.org/install-gu...)) and have gotten everything to work except metadata agent on provider networks (internal networks work just fine).
(the problem itself is way at the bottom, if you want to skip right to it)
My setup looks like this:
CONTROLLER
1 x controller node with 2 x physical interfaces
ens192: 10.45.252.80 (external / provider)
ens224: 10.10.10.10 (internal / management)
nova / neutron services running on controller:
neutron-dhcp-agent.service
neutron-l3-agent.service
neutron-linuxbridge-agent.service
neutron-metadata-agent.service
neutron-server.service
openstack-nova-api.service
openstack-nova-conductor.service
openstack-nova-novncproxy.service
openstack-nova-scheduler.service
controller# cat /etc/neutron/plugins/ml2/ml2_conf.ini
[ml2]
type_drivers = flat,vlan,vxlan
tenant_network_types = vxlan
mechanism_drivers = linuxbridge,l2population
extension_drivers = port_security
[ml2_type_flat]
flat_networks = provider
[ml2_type_vlan]
network_vlan_ranges = provider
[ml2_type_vxlan]
vni_ranges = 1:1000
[securitygroup]
enable_ipset = true
controller# cat /etc/neutron/plugins/ml2/linuxbridge_agent.ini
[linux_bridge]
physical_interface_mappings = provider:ens192
[vxlan]
enable_vxlan = true
local_ip = 10.10.10.10
l2_population = true
[securitygroup]
enable_security_group = true
firewall_driver = neutron.agent.linux.iptables_firewall.IptablesFirewallDriver
controller# cat /etc/neutron/dhcp_agent.ini
[DEFAULT]
interface_driver = linuxbridge
dhcp_driver = neutron.agent.linux.dhcp.Dnsmasq
enable_isolated_metadata = True
force_metadata = True
COMPUTE
1 x compute node with 2 x vlan interfaces
eno1.1: 10.45.252.156 (external / provider)
eno2.1: 10.10.10.20 (internal / provider)
nova / neutron services running on controller:
neutron-linuxbridge-agent.service
openstack-nova-compute.service
compute# cat /etc/neutron/plugins/ml2/linuxbridge_agent.ini
[linux_bridge]
physical_interface_mappings = provider:eno1.1
[vxlan]
enable_vxlan = true
local_ip = 10.10.10.20
l2_population = true
[securitygroup]
enable_security_group = true
firewall_driver = neutron.agent.linux.iptables_firewall.IptablesFirewallDriver
And finally, the network and subnet in OpenStack:
controller# openstack network show provider -f yaml
admin_state_up: UP
availability_zone_hints: ''
availability_zones: nova
created_at: '2019-10-10T17:47:11Z'
description: ''
dns_domain: null
id: 2bf5174c-fac3-4897-9fa8-2188b0e56edb
ipv4_address_scope: null
ipv6_address_scope: null
is_default: null
is_vlan_transparent: null
location:
cloud: ''
project:
domain_id: null
domain_name: Default
id: f6a16351f9294942a9fe93f52a76c70d
name: admin
region_name: ''
zone: null
mtu: 1450
name: provider
port_security_enabled: true
project_id: f6a16351f9294942a9fe93f52a76c70d
provider:network_type: vxlan
provider:physical_network: null
provider:segmentation_id: 98
qos_policy_id: null
revision_number: 2
router:external: Internal
segments: null
shared: true
status: ACTIVE
subnets: b038b166-fc85-44f1-9837-8364e6f3de5d
tags: ''
updated_at: '2019-10-10T17:47:11Z'
controller# openstack subnet show provider -f yaml
allocation_pools: 10.45.252.220-10.45.252.250
cidr: 10.45.252.0/23
created_at: '2019-10-10T17:47:11Z'
description: ''
dns_nameservers: 16.110.135.51, 16.110.135.52
enable_dhcp: true
gateway_ip: 10.45.252.1
host_routes: ''
id: b038b166-fc85-44f1-9837-8364e6f3de5d
ip_version: 4
ipv6_address_mode: null
ipv6_ra_mode: null
location:
cloud: ''
project:
domain_id: null
domain_name: Default
id: f6a16351f9294942a9fe93f52a76c70d
name: admin
region_name: ''
zone: null
name: provider
network_id: 2bf5174c-fac3-4897-9fa8-2188b0e56edb
prefix_length: null
project_id: f6a16351f9294942a9fe93f52a76c70d
revision_number: 0
segment_id: null
service_types: ''
subnetpool_id: null
tags: ''
updated_at: '2019-10-10T17:47:11Z'
When I spawn a vm connected to this network, however it takes a very long time to get passed
Starting LSB: Bring up/down networking...
cloud-init then allocates an IP address to the instance,
Cloud-init v. 18.2 running 'init' at Thu, 10 Oct 2019 19:02:40 +0000. Up 7.14 seconds.
ci-info: +++++++++++++++++++++++++++++++Net device info+++++++++++++++++++++++++++++++
ci-info: +--------+------+---------------+---------------+-------+-------------------+
ci-info: | Device | Up | Address | Mask | Scope | Hw-Address |
ci-info: +--------+------+---------------+---------------+-------+-------------------+
ci-info: | eth0 ...
For provider networks I usually use config drive because it's an external network and it isn't handled by neutron.