Access to metadata fails: couldn't connect to host

asked 2013-07-16 08:30:59 -0500

anonymous user

Anonymous

updated 2013-07-16 18:33:21 -0500

smaffulli gravatar image

This is the second time I am seeing this issue in grizzly, accessing metadata fails. Last time did a fresh installations. Till y'day it used to work properly. No changes done explicitly. But it fails.

Nothing from logs:

All services working properly.

root@os1controller:/etc/init.d# cd /etc/init.d/; for i in $( ls quantum-* ); do sudo service $i status; done

quantum-dhcp-agent start/running, process 2178
quantum-l3-agent start/running, process 2182
quantum-metadata-agent start/running, process 2175
quantum-plugin-openvswitch-agent start/running, process 2154
quantum-server start/running, process 2151

root@os1controller:/etc/init.d# cd /etc/init.d/; for i in $( ls nova-* ); do sudo service $i status; done

nova-api start/running, process 2164
nova-cert start/running, process 2153
nova-compute start/running, process 2171
nova-conductor start/running, process 2177
nova-consoleauth start/running, process 2168
nova-novncproxy start/running, process 2181
nova-scheduler start/running, process 2179

root@os1controller:/etc/init.d# ps -ef | grep quantum-ns-metadata-proxy

root      4788     1  0 05:40 ?        00:00:00 /usr/bin/python /usr/local/bin/quantum-ns-metadata-proxy --pid_file=/var/lib/quantum/external/pids/041e054a-b85b-41bc-b699-78512e9d98b9.pid --router_id=041e054a-b85b-41bc-b699-78512e9d98b9 --state_path=/var/lib/quantum --metadata_port=9697 --log-file=quantum-ns-metadata-proxy041e054a-b85b-41bc-b699-78512e9d98b9.log --log-dir=/var/log/quantum
root     10603  8919  0 06:15 pts/0    00:00:00 grep --color=auto quantum-ns-metadata-proxy

root@os1controller:/etc/init.d# ip netns exec qdhcp-97815430-6da4-415f-9c60-ee0240b2fb9a iptables -L -t nat

Chain PREROUTING (policy ACCEPT)
target     prot opt source               destination         

Chain INPUT (policy ACCEPT)
target     prot opt source               destination         


Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination         

Chain POSTROUTING (policy ACCEPT)
target     prot opt source               destination         

root@os1controller:/etc/init.d# ip netns exec qrouter-041e054a-b85b-41bc-b699-78512e9d98b9 iptables -L -t nat
Chain PREROUTING (policy ACCEPT)
target     prot opt source               destination         
quantum-l3-agent-PREROUTING  all  --  anywhere             anywhere            

Chain INPUT (policy ACCEPT)
target     prot opt source               destination         

Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination         
quantum-l3-agent-OUTPUT  all  --  anywhere             anywhere            

Chain POSTROUTING (policy ACCEPT)
target     prot opt source               destination         
quantum-l3-agent-POSTROUTING  all  --  anywhere             anywhere            
quantum-postrouting-bottom  all  --  anywhere             anywhere            

Chain quantum-l3-agent-OUTPUT (1 references)
target     prot opt source               destination         
DNAT       all  --  anywhere             10.2.113.70          to:172.16.0.11
DNAT       all  --  anywhere             10.2.113.76          to:172.16.0.16
DNAT       all  --  anywhere             10.2.113.77          to:172.16.0.15
DNAT       all  --  anywhere             10.2.113.74          to:172.16.0.10
DNAT       all  --  anywhere             10.2.113.83          to:172.16.0.21
DNAT       all  --  anywhere             10.2.113.73          to:172.16.0.20

Chain quantum-l3-agent-POSTROUTING (1 references)
target     prot opt source               destination         
ACCEPT     all  --  anywhere             anywhere             ! ctstate DNAT

Chain quantum-l3-agent-PREROUTING (1 references)
target     prot opt source               destination         
REDIRECT   tcp  --  anywhere             169.254.169.254      tcp dpt:http redir ports 9697
DNAT       all  --  anywhere             10.2.113.70          to:172.16.0.11
DNAT       all  --  anywhere             10.2.113.76          to:172.16.0.16
DNAT       all  --  anywhere             10.2.113.77          to:172.16.0.15
DNAT       all  --  anywhere             10.2.113.74          to:172.16.0.10
DNAT       all  --  anywhere             10.2.113.83          to:172.16.0.21
DNAT       all ...
(more)
edit retag flag offensive close merge delete

1 answer

Sort by ยป oldest newest most voted
0

answered 2014-08-18 08:37:50 -0500

TheKid-89 gravatar image

updated 2014-08-18 08:38:08 -0500

it looks like you maybe missing some of your keystone settings.

I looked through your config file and I only see settings for auth_strategy

This is my keystone_authtoken section.

[keystone_authtoken]
auth_uri = http://KEYSTONE-SERVER:5000
auth_host = KEYSTONE-SERVER
auth_port = 35357
auth_protocol = http
admin_tenant_name = service
admin_user = nova
admin_password = KEYSTONE-PASSWORD
edit flag offensive delete link more

Get to know Ask OpenStack

Resources for moderators

Question Tools

Stats

Asked: 2013-07-16 08:30:59 -0500

Seen: 587 times

Last updated: Aug 18 '14