Ask Your Question
2

neutron-ns-metadata-proxy port is not available

asked 2014-12-10 08:27:51 -0500

vladber gravatar image

updated 2014-12-10 08:44:40 -0500

dbaxps gravatar image

Hi,

In Juno RDO I cannot make my Vms will get a metadata from 169.254.169.254 .

I noticed that the neutron-ns-metadata-proxy is running with the following options - pls note the port - 9697 .

root     28243     1  0 13:42 ?        00:00:00 /usr/bin/python /bin/neutron-ns-metadata-proxy --pid_file=/var/lib/neutron/external/pids/4ee35a51-ab0d-4827-9bb1-5368f8f81ac3.pid --metadata_proxy_socket=/var/lib/neutron/metadata_proxy --router_id=4ee35a51-ab0d-4827-9bb1-5368f8f81ac3 --state_path=/var/lib/neutron --metadata_port=9697 --verbose --log-file=neutron-ns-metadata-proxy-4ee35a51-ab0d-4827-9bb1-5368f8f81ac3.log --log-dir=/var/log/neutron

In the other cluster I have ( Icehouse ) this service runs with --metadata_port=80

I inspected the ns status for dhcp net and neither port 9697 nor 80 do not show up there :

[root@cont neutron(keystone_admin)]#  ip netns exec qdhcp-0c32acbe-ec54-4b00-98f9-d5adfccbf450  netstat -nap
Active Internet connections (servers and established)
Proto Recv-Q Send-Q Local Address           Foreign Address         State       PID/Program name
tcp        0      0 10.10.10.13:53          0.0.0.0:*               LISTEN      27656/dnsmasq
tcp        0      0 169.254.169.254:53      0.0.0.0:*               LISTEN      27656/dnsmasq
tcp6       0      0 fe80::f816:3eff:fefa:53 :::*                    LISTEN      27656/dnsmasq
udp        0      0 10.10.10.13:53          0.0.0.0:*                           27656/dnsmasq
udp        0      0 169.254.169.254:53      0.0.0.0:*                           27656/dnsmasq
udp        0      0 0.0.0.0:67              0.0.0.0:*                           27656/dnsmasq
udp6       0      0 fe80::f816:3eff:fefa:53 :::*                                27656/dnsmasq

This explains why VMs cannot access the metadata .

Why neutron-ns-metadata-proxy runs without port up ?

Regards ,

/Vlad

edit retag flag offensive close merge delete

Comments

On IceHouse Cluster, please, post (as UPDATE to question )

# cat /etc/neutron/metadata_agent.ini | grep -v ^# | grep -v ^$
# cat /etc/nova/nova.conf  | grep -v ^# | grep -v ^$
dbaxps gravatar imagedbaxps ( 2014-12-10 08:48:07 -0500 )edit

and also 

# cat /etc/neutron/l3_agent.ini | grep -v ^# | grep -v ^$
dbaxps gravatar imagedbaxps ( 2014-12-10 08:55:53 -0500 )edit
add a comment

1 answer

Sort by ยป oldest newest most voted
3

answered 2014-12-10 11:35:57 -0500

dbaxps gravatar image

updated 2014-12-11 05:50:34 -0500

Test following configuration on Network Node of IceHouse Cluster :-

 # cat /etc/nova/nova.conf  | grep -v ^# | grep -v ^$ | grep metadata
    enabled_apis=ec2,osapi_compute,metadata
    metadata_listen=0.0.0.0
    metadata_workers=2
    metadata_host=192.168.1.127
    neutron_metadata_proxy_shared_secret=xxxxxxxxxxxxxx
    service_neutron_metadata_proxy=True


   # cat /etc/neutron/metadata_agent.ini | grep -v ^# | grep -v ^$ | grep metadata
    nova_metadata_ip = 192.168.1.127
    nova_metadata_port = 8775
    metadata_proxy_shared_secret =xxxxxxxxxxxxxxx   (same as above)
    metadata_workers =2
    metadata_backlog = 4096

   # cat /etc/neutron/l3_agent.ini | grep -v ^# | grep -v ^$
    [DEFAULT]
    debug = False
    interface_driver =neutron.agent.linux.interface.OVSInterfaceDriver
    use_namespaces = True
    handle_internal_only_routers = True
    external_network_bridge = br-ex
    metadata_port = 9697
    send_arp_for_ha = 3
    periodic_interval = 40
    periodic_fuzzy_delay = 5
    enable_metadata_proxy = True
    router_delete_namespaces = False

    # cat /etc/neutron/dhcp_agent.ini | grep -v ^# | grep -v ^$ 
    [DEFAULT]
    debug = False
    resync_interval = 30
    interface_driver =neutron.agent.linux.interface.OVSInterfaceDriver
    dhcp_driver = neutron.agent.linux.dhcp.Dnsmasq
    use_namespaces = True
    enable_isolated_metadata = False
    enable_metadata_network = False
    # dnsmasq_config_file = /etc/neutron/dnsmasq.conf
    dhcp_delete_namespaces = False
    root_helper=sudo neutron-rootwrap /etc/neutron/rootwrap.conf
    state_path=/var/lib/neutron

Option enabled_isolated_metada=True , providing access to metadata vi dnsmasq's opts file

root@netnode:/# cat /var/lib/neutron/dhcp/xxxxxxxxxxxxxxxxxxxxxxxxxx/opts 
tag:tag0,option:classless-static-route,169.254.169.254/32,172.17.17.1

was brought to work following http://techbackground.blogspot.ie/201...

edit flag offensive delete link more

Comments

In my settings I have the same ones except these two lines in the /etc/neutron/dhcp_agent.ini

enable_isolated_metadata = True enable_metadata_network = True

  • without then a VMs do not see the 169.254.0.0 network
vladber gravatar imagevladber ( 2014-12-11 02:28:54 -0500 )edit

To get metadata via qrouter-namespace ,i.e neutron-metadata-proxy :-

enable_isolated_metadata = False
enable_metadata_network = False
dbaxps gravatar imagedbaxps ( 2014-12-11 02:59:07 -0500 )edit

Both configurations work. Why neutron-ns-metadata-proxy runs without port up ?
It's not needed you get them via qdhcp-namespace. Did I address your question ?

dbaxps gravatar imagedbaxps ( 2014-12-11 03:01:58 -0500 )edit

To get metadata via qdhcp-namespace follow http://techbackground.blogspot.ie/201... && ip netns exec qdhcp-your-private-net-id netstat -4 -anpt :- 

tcp        0      0 0.0.0.0:80              0.0.0.0:*               LISTEN      27409/python
dbaxps gravatar imagedbaxps ( 2014-12-11 03:09:00 -0500 )edit

The problem has been resolved - due to the link was sent I found that in a dhcp-optsfile for my dnsmasq process there was no option for the 169.254.169.254 . For some reason this route on VM didn't work: 169.254.0.0 0.0.0.0 255.255.0.0 U 0 0 0 eth0 Works now.

vladber gravatar imagevladber ( 2014-12-11 05:34:22 -0500 )edit
add a comment

Your Answer

Please start posting anonymously - your entry will be published after you log in or create a new account.

Add Answer

Get to know Ask OpenStack

Resources for moderators

Question Tools

1 follower

subscribe to rss feed

Stats

Asked: 2014-12-10 08:27:51 -0500

Seen: 4,088 times

Last updated: Dec 11 '14

Related questions

Quantum net-list 400 Bad Request

Metadata service not working in multi node. [closed]

VPN Site connection reset state

Neutron architecture

How to enable SNAT after disable it

Openvswitch agent not creating internal ports after restart

Newton DHCP Agent Problem

Neutron Interface issue.

Query Swift Object by metadata Syntax

Nova can't authenticate to neutron