Ask Your Question
0

how to access metadata server when we use neutron provider network

asked 2013-12-04 08:04:08 -0600

limao gravatar image

Hi all,

When we use neutron provider network and use a external Router. We do not need L3 agent function in Openstack. But the NAT rules for 169.254.169.254 is done in add router and delete router. What ever I know that I can add NAT in the external Router, but I still want this is done in Openstack .

The only way I can think out is that set route for 169.254.169.254 via dhcp addr in VM. And manually to modify the NAT rules in dhcp namespace.

Any way to solve this problem in Openstack?

Thanks so much.

edit retag flag offensive close merge delete

6 answers

Sort by ยป oldest newest most voted
0

answered 2013-12-05 07:11:11 -0600

limao gravatar image

Thanks Alfred Shen, that solved my question.

edit flag offensive delete link more
0

answered 2016-03-02 07:42:57 -0600

astafeye gravatar image

When and for what purpose will we use enable_metadata_network = True? TIA Alex

edit flag offensive delete link more
0

answered 2013-12-04 19:41:34 -0600

alfredcs gravatar image

The metadata is served out on namespace along with dhcp which is handled by neutron-metadata-agent. The service is an unix socket based process running on the hypervisor node serving dnsmasq. During VM boot, it contacts the hard coded address http://169.254.169.254/latest for metadata service and metadata proxy queries controller node for metadata.

ip netns list

qdhcp-78612bad-5ffc-4574-a7c3-ce057bac9511

ip netns exec qdhcp-78612bad-5ffc-4574-a7c3-ce057bac9511 ip addr

13: tap2f723171-fd: <broadcast,up,lower_up> mtu 1500 qdisc noqueue state UNKNOWN link/ether fa:16:3e:e4:16:ab brd ff:ff:ff:ff:ff:ff inet 10.52.225.105/24 brd 10.52.225.255 scope global tap2f723171-fd inet 169.254.169.254/16 brd 169.254.255.255 scope global tap2f723171-fd inet6 fe80::f816:3eff:fee4:16ab/64 scope link valid_lft forever preferred_lft forever 15: lo: <loopback,up,lower_up> mtu 16436 qdisc noqueue state UNKNOWN link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 inet 127.0.0.1/8 scope host lo inet6 ::1/128 scope host valid_lft forever preferred_lft forever

ip netns exec qdhcp-78612bad-5ffc-4574-a7c3-ce057bac9511 netstat -anpe

Active Internet connections (servers and established) Proto Recv-Q Send-Q Local Address Foreign Address State User Inode PID/Program name
tcp 0 0 0.0.0.0:80 0.0.0.0:* LISTEN 0 59391 6932/python <--- Metadata proxy process tcp 0 0 10.52.225.105:53 0.0.0.0:* LISTEN 0 5236675 9367/dnsmasq <--- Dnsmasq tcp 0 0 169.254.169.254:53 0.0.0.0:* LISTEN 0 5236673 9367/dnsmasq
tcp 0 0 fe80::f816:3eff:fee4:16a:53 :::* LISTEN 0 5236680 9367/dnsmasq
udp 0 0 0.0.0.0:67 0.0.0.0:* 0 5236665 9367/dnsmasq
udp 0 0 10.52.225.105:53 0.0.0.0:* 0 5236674 9367/dnsmasq
udp 0 0 169.254.169.254:53 0.0.0.0:* 0 5236672 9367/dnsmasq
udp 0 0 fe80::f816:3eff:fee4:16ab:53 :::* 0 5236679 9367/dnsmasq
Active UNIX domain sockets (servers and established) Proto RefCnt Flags Type State I-Node PID/Program name Path

ps -f --pid 6932| fold -w 80 -s

UID PID PPID C STIME TTY TIME CMD root 6932 1 0 Dec02 ? 00:00:00 /usr/bin/python /usr/bin/neutron-ns-metadata-proxy --pid_file=/var/lib/neutron/external/pids/78612bad-5ffc-4574-a7c3-ce057bac9511.p id --metadata_proxy_socket=/var/lib/neutron/metadata_proxy --network_id=78612bad-5ffc-4574-a7c3-ce057bac9511 --state_path=/var/lib/neutron --metadata_port=80 --log-file=neutron-ns-metadata-proxy-78612bad-5ffc-4574-a7c3-ce057bac9511.log --log-dir=/var/log/neutron

ps -f --pid 9367| fold -w 80 -s

UID PID PPID C STIME TTY TIME CMD nobody 9367 1 0 01:08 ? 00:00:00 dnsmasq --no-hosts --no-resolv --strict-order --bind-interfaces --interface=tap2f723171-fd --except-interface=lo --pid-file=/var/lib/neutron/dhcp/78612bad-5ffc-4574-a7c3-ce057bac9511/pid --dhcp-hostsfile=/var/lib/neutron/dhcp/78612bad-5ffc-4574-a7c3-ce057bac9511/host --dhcp-optsfile=/var/lib/neutron/dhcp/78612bad-5ffc-4574-a7c3-ce057bac9511/opts --leasefile-ro --dhcp-range=set:tag0,10.52.225.0,static,86400s --dhcp-lease-max=256 --conf-file=/etc/neutron/dnsmasq.conf --domain=svc.wpc2.pdx.wd

cat /var/lib/neutron/dhcp/78612bad-5ffc-4574-a7c3-ce057bac9511/opts

tag:tag0,option:dns-server,10.52.9.20 ... (more)

edit flag offensive delete link more
0

answered 2013-12-05 07:21:38 -0600

limao gravatar image

BTW, here is someting we need to be careful: 1. in dhcp_agent.ini, we need to enable isolated metadata and metadata network: enable_isolated_metadata = True enable_metadata_network = True

  1. When we create subnet, we can'set gateway_ip. And need to setup default route , this is because the following bug, and has solved in Icehouse. https://bugs.launchpad.net/neutron/+bug/1236783 (https://bugs.launchpad.net/neutron/+b...)

  2. When I use cirros , I find that udhcp will not ask for "Classless-Static-Route", Cirros will not get the route for 169.254.169.254, so we will have problem. And I use CentOS6.3 it can work well. This means when we use this feature, some OS may not work.

Thanks again for Alfred Shen's help.

edit flag offensive delete link more
0

answered 2013-12-05 09:57:55 -0600

darragh-oreilly gravatar image

Hi Liping,

I don't think you need enable_metadata_network in your case.

The cirros problem should be fixed soon https://bugs.launchpad.net/cirros/+bu...

re, Darragh.

edit flag offensive delete link more
0

answered 2013-12-06 02:02:03 -0600

limao gravatar image

Dear Darragh,

Thanks so much for your kindly reminder, it's my mistake. We do not need enable_metadata_network. And great to see we will solve the cirros problem.

Regards, Liping Mao

edit flag offensive delete link more

Your Answer

Please start posting anonymously - your entry will be published after you log in or create a new account.

Add Answer

Get to know Ask OpenStack

Resources for moderators

Question Tools

1 follower

Stats

Asked: 2013-12-04 08:04:08 -0600

Seen: 2,473 times

Last updated: Mar 02 '16