How does access to the metadata service work when using quantum?

asked 2013-03-27 19:42:47 -0600

dsmith4546
1 ●3 ●3 ●3

Hello,

I used this install guide https://github.com/mseknibilel/OpenStack-Folsom-Install-guide/blob/stable/GRE/OpenStack_Folsom_Install_Guide_WebVersion.rst (https://github.com/mseknibilel/OpenSt...) . We are not using namespaces.

We have the metadata service installed on the controller, howcome I can't see the 169.254.169.254 address listed anywhere anywhere on the controller. Where does that address live?

If the VM needs to talk to the 169.254.169.254 address, will the layer 3 agent change it to whatever address you have listed for the matadata_ip in the l3_agent.ini file?

edit retag flag offensive close merge delete

add a comment

0

answered 2013-03-27 20:31:36 -0600

arosen
106 ●1 ●4 ●6 http://blog.aaronorose...

If using folsom you will need an iptables rule in order to redirect this request to your nova metadata server.. something like: iptables -t nat -A PREROUTING -d 169.254.169.254 -p tcp -m tcp --dport 80 -j DNAT --to-destination <metadata_server>:8775

I also think your metadata_server needs to be running on the same host as your l3 agent or you need to setup a metadata proxy running on localhost otherwise the packets won't be able to route back to you.

edit flag offensive delete link

add a comment

0

answered 2013-03-28 08:36:51 -0600

gongysh
36 ●2 ●2 ●3

https://skydrive.live.com/view.aspx?resid=8F95A76243630FB1!127&authkey=!AK0Y3KWzD6o3WVI (https://skydrive.live.com/view.aspx?r...) slide 29. metadata proxy is started auto, u need to start metadata agent.

edit flag offensive delete link

add a comment

0

answered 2013-03-28 08:38:49 -0600

gongysh
36 ●2 ●2 ●3

169.254.169.254:80 is nated to network node's local port which the metata proxy is listening on, metatada proxy will communicate with metadata agent on the same node, then the metadata agent will connect to nova metadata API.

edit flag offensive delete link

add a comment

0

answered 2013-03-28 12:24:56 -0600

dsmith4546
1 ●3 ●3 ●3

Hey, looks like we fixed it, without any custom iptables rules. We followed this documented here: http://docs.openstack.org/folsom/openstack-network/admin/content/adv_cfg_l3_agent_metadata.html (http://docs.openstack.org/folsom/open...)

The page stated that the nova-metadata service must be reachable from the external network. Sense this is the case I updated the metadata ip in the nova.conf and the l3-agent.ini files to reflect the external ip address of the box that is running the metadata service. So in our case we were running the metadata service on the controller. After that, we restarted all of the nova-services and quantum services. We are now able to curl the following address from our vms: 'curl http://169.254.169.254/openstack'

edit flag offensive delete link

add a comment

0

answered 2013-03-28 12:36:09 -0600

dsmith4546
1 ●3 ●3 ●3

As a reminder we had to add routes on the host that is running the metadata service that point back to the ip address of the l3 agent. For each private network that you create.

Example)

route add -net 192.168.4.0/24 gw 192.168.38.199 <---That .199 is the address of the l3 agent. route add -net 192.168.5.0/24 gw 192.168.38.199

edit flag offensive delete link

add a comment

How does access to the metadata service work when using quantum?

5 answers

Your Answer

Get to know Ask OpenStack

Question Tools

Stats

Related questions

Feedback About This Page

OpenStack

Community

Documentation

Branding & Legal

How does access to the metadata service work when using quantum? edit

5 answers

Your Answer

Get to know Ask OpenStack

Question Tools

Stats

Related questions

Feedback About This Page

OpenStack

Community

Documentation

Branding & Legal

How does access to the metadata service work when using quantum?