Ask Your Question
0

metadata tenant issue

asked 2012-11-20 08:16:56 -0500

kobilaredo gravatar image

The metadata service is not able to serve metadata to VM's. Every time the a VM connects to the metadata service I see this error message in the logs: ERROR nova.api.metadata.handler [-] Failed to get metadata for ip: x.x.x.x

I tried to get metadata from inside the VM by running curl http://<compute-node-ip>:8775/2009-04-04/meta-data/instance-id but got a 404 Error. and the logs on the compute node show the same nova.api.metadata.handler error.

How is the nova.api.metadata.handler associating IP address and instance's metadata? could this be related to quantum?

Any help would be much appreciated :-)

edit retag flag offensive close merge delete

4 answers

Sort by ยป oldest newest most voted
0

answered 2012-12-03 07:48:53 -0500

kobilaredo gravatar image

this was an issue with my role names - see bug https://bugs.launchpad.net/quantum/+bug/1082832 (https://bugs.launchpad.net/quantum/+b...) frm more information

edit flag offensive delete link more
0

answered 2012-11-20 22:15:55 -0500

kobilaredo gravatar image

I did some code tracing and found that the problem is with nova.network.quantumv2.api._get_instance_uuids_by_ip() where quantumv2.get_client(context).list_ports(**search_opts) returns an empty list. not sure why it can't find any ports because when I run quantum port-list I see all the active ports and also by looking at quantum.ports table I can see all the ports in there.

Any ideas why quantumv2.get_client(context) doesn't get the active ports? (it seems to get everything else: network, subnets, etc...)

edit flag offensive delete link more
0

answered 2012-11-21 00:07:30 -0500

kobilaredo gravatar image

quantumclient/v2_0/client.py list_ports() is failing to get the ports. Could this be a problem with my token?

edit flag offensive delete link more
0

answered 2012-11-21 03:26:28 -0500

kobilaredo gravatar image

So I think I found the root cause: In my nova.conf I have the following options set: quantum_admin_tenant_name= service quantum_admin_username= quantum quantum_admin_password= <quantum password=""> when an instance is talking to the metadata service it uses a token with these credentials, and based of that token, it gets the tenant-id. In my case the tenant-id in the token is service, and the service tenant is not able to see the active ports for tenant member which created the instance. If I change around the credentials in nova.conf to something like: quantum_admin_tenant_name= member quantum_admin_username= user1 quantum_admin_password= <user1 password=""> then I'm able to get the metadata for the instance. what's the recommended solution for this issue? has anyone else seen this in folsom with quantum?

edit flag offensive delete link more

Your Answer

Please start posting anonymously - your entry will be published after you log in or create a new account.

Add Answer

Get to know Ask OpenStack

Resources for moderators

Question Tools

1 follower

Stats

Asked: 2012-11-20 08:16:56 -0500

Seen: 106 times

Last updated: Dec 03 '12