Ask Your Question
0

How does access to the metadata service work when using quantum?

asked 2013-03-27 19:42:47 -0600

dsmith4546 gravatar image

Hello,

I used this install guide https://github.com/mseknibilel/OpenStack-Folsom-Install-guide/blob/stable/GRE/OpenStack_Folsom_Install_Guide_WebVersion.rst (https://github.com/mseknibilel/OpenSt...) . We are not using namespaces.

We have the metadata service installed on the controller, howcome I can't see the 169.254.169.254 address listed anywhere anywhere on the controller. Where does that address live?

If the VM needs to talk to the 169.254.169.254 address, will the layer 3 agent change it to whatever address you have listed for the matadata_ip in the l3_agent.ini file?

edit retag flag offensive close merge delete
add a comment

5 answers

Sort by ยป oldest newest most voted
0

answered 2013-03-27 20:31:36 -0600

arosen gravatar image

If using folsom you will need an iptables rule in order to redirect this request to your nova metadata server.. something like: iptables -t nat -A PREROUTING -d 169.254.169.254 -p tcp -m tcp --dport 80 -j DNAT --to-destination <metadata_server>:8775

I also think your metadata_server needs to be running on the same host as your l3 agent or you need to setup a metadata proxy running on localhost otherwise the packets won't be able to route back to you.

edit flag offensive delete link more
add a comment
0

answered 2013-03-28 08:36:51 -0600

gongysh gravatar image

https://skydrive.live.com/view.aspx?resid=8F95A76243630FB1!127&authkey=!AK0Y3KWzD6o3WVI (https://skydrive.live.com/view.aspx?r...) slide 29. metadata proxy is started auto, u need to start metadata agent.

edit flag offensive delete link more
add a comment
0

answered 2013-03-28 08:38:49 -0600

gongysh gravatar image

169.254.169.254:80 is nated to network node's local port which the metata proxy is listening on, metatada proxy will communicate with metadata agent on the same node, then the metadata agent will connect to nova metadata API.

edit flag offensive delete link more
add a comment
0

answered 2013-03-28 12:24:56 -0600

dsmith4546 gravatar image

Hey, looks like we fixed it, without any custom iptables rules. We followed this documented here: http://docs.openstack.org/folsom/openstack-network/admin/content/adv_cfg_l3_agent_metadata.html (http://docs.openstack.org/folsom/open...)

The page stated that the nova-metadata service must be reachable from the external network. Sense this is the case I updated the metadata ip in the nova.conf and the l3-agent.ini files to reflect the external ip address of the box that is running the metadata service. So in our case we were running the metadata service on the controller. After that, we restarted all of the nova-services and quantum services. We are now able to curl the following address from our vms: 'curl http://169.254.169.254/openstack'

edit flag offensive delete link more
add a comment
0

answered 2013-03-28 12:36:09 -0600

dsmith4546 gravatar image

As a reminder we had to add routes on the host that is running the metadata service that point back to the ip address of the l3 agent. For each private network that you create.

Example)

route add -net 192.168.4.0/24 gw 192.168.38.199 <---That .199 is the address of the l3 agent. route add -net 192.168.5.0/24 gw 192.168.38.199

edit flag offensive delete link more
add a comment

Get to know Ask OpenStack

Resources for moderators

Question Tools

1 follower

subscribe to rss feed

Stats

Asked: 2013-03-27 19:42:47 -0600

Seen: 132 times

Last updated: Mar 28 '13

Related questions

Can't run DHCP Agent

Cannot associate floating-ip

Instances don't get an IP from DHCP (Quantum, OVS, multi-node computes)

How do I modify the IP pool?

load balancer rdp

How to run unit test?

Error Came After editing nova.conf

Unable to get DHCP lease in Juno

ETag of manifest file

cannot ping tenant router gateway