Ask Your Question
1

Metadata Problem in Neutron Flat Network

asked 2014-04-17 09:58:09 -0500

Y Sertdemir gravatar image

Hello,

My setup is Ubuntu-12.04.04 with saucy kernel. I setup my environment with neutron flat network. I have a management network used for services and a shared network for instances. DHCP and instance networking works fine but metadata does not work. I do not use l3 agent or metadata agent on neutron server because I have a flat network anyway. My instances gets their IP fine but when they try to get instance-data from metadata, they fail, and give timeout error.

console.log from a Cirros image, (Same error with Ubuntu images)

checking http://169.254.169.254/2009-04-04/instance-id
failed 1/20: up 1.13. request failed
failed 2/20: up 13.18. request failed
failed 3/20: up 25.20. request failed
failed 4/20: up 37.23. request failed
failed 5/20: up 49.25. request failed
failed 6/20: up 61.27. request failed
failed 7/20: up 73.29. request failed
failed 8/20: up 85.32. request failed
failed 9/20: up 97.34. request failed
failed 10/20: up 109.36. request failed
failed 11/20: up 121.38. request failed
failed 12/20: up 133.40. request failed
failed 13/20: up 145.43. request failed
failed 14/20: up 157.45. request failed
failed 15/20: up 169.48. request failed
failed 16/20: up 181.50. request failed
failed 17/20: up 193.52. request failed
failed 18/20: up 205.54. request failed
failed 19/20: up 217.56. request failed
failed 20/20: up 229.58. request failed
failed to read iid from metadata. tried 20

In cirros image, I tried to connect my metadata IP with "curl http://172.25.166.1:8775/" it responses fine, but when I try to get "curl http://169.254.169.254/" it does not return anything and lastly time out.

Because of this problem, my Ubuntu image does not work. I am not sure when I disable metadata service, whether Ubuntu images generate password or not. I tried to edit my ubuntu image to create static password, it does not dedicate password to the user.

1 - I tried almost all different settings in nova.conf for metadata but nothing worked. I guess neutron flat networking needs a NAT definition on compute host or something, but I cannot see any NAT definition anywhere in iptables. 2 - I tried to install nova-api-metadata service on compute host. It does not effect anything, do I really need this service on Compute nodes or not? 3 - If I disable metadata service in nova, do Ubuntu images generate cloud.cfg?

edit retag flag offensive close merge delete

1 answer

Sort by ยป oldest newest most voted
0

answered 2014-04-22 01:42:44 -0500

Y Sertdemir gravatar image

updated 2014-04-22 01:44:53 -0500

I finally found the solution in this forum: http://lists.openstack.org/pipermail/...

When you use flat networking you have two options:

  1. You need to use metadata via dhcp namespace (Source: http://techbackground.blogspot.ie/201... ) I did not test this setup because I cannot change my subnet right now. The logic is not to use default gateway option in subnet, and enter 0.0.0.0/0 route to subnet manually. (Check discussion part of the link)

  2. You need to create a router in network node in Openstack, create port on your instance network for this router and choose an IP different than your real router. This router will be used just for metadata. Install neutron-metadata-agent to network node where you install l3 agent. Configure your nova.conf in compute and controller nodes:

    metadata_host=192.168.0.1

    service_neutron_metadata_proxy = True

    neutron_metadata_proxy_shared_secret = x1x1x1x1x

Configure your metadata_agent.ini in network node:

auth_url = http://192.168.0.1:5000/v2.0
auth_region = RegionOne
admin_tenant_name = service
admin_user = neutron
admin_password = xxxxxxx
nova_metadata_ip = 192.168.0.1
nova_metadata_port = 8775
metadata_proxy_shared_secret = x1x1x1x1x
edit flag offensive delete link more

Comments

1

For 1: This is fixed in Icehouse, and there is no need for the workaround. Now the subnet's gateway_ip can point at non-Neutron router (so instances will get this as their default route). Dnsmasq will push out a static route for 169.254.169.254 via the DHCP IP.

darragh-oreilly gravatar imagedarragh-oreilly ( 2014-04-22 06:27:22 -0500 )edit

Thanks for info.

Y Sertdemir gravatar imageY Sertdemir ( 2014-04-24 01:23:34 -0500 )edit

Your Answer

Please start posting anonymously - your entry will be published after you log in or create a new account.

Add Answer

Get to know Ask OpenStack

Resources for moderators

Question Tools

1 follower

Stats

Asked: 2014-04-17 09:58:09 -0500

Seen: 7,175 times

Last updated: Apr 22 '14