Ask Your Question
0

can't import public SSH key in Public Instance

asked 2015-12-11 10:35:24 -0500

nixman gravatar image

updated 2015-12-13 22:42:56 -0500

Bipin gravatar image

I want to test openstack on Dedicated server with OVH

[root@neutron ~]# ip netns
qdhcp-4468870e-3218-45d6-8811-14bf78b85b71
qdhcp-76629398-f33f-4811-845f-ebc1a69cac64
qrouter-0e7953fc-e40d-4795-a106-1b16b47acc3a

For demo subnet

[root@neutron ~]# ip netns exec qdhcp-76629398-f33f-4811-845f-ebc1a69cac64 ip a
11: tap8763a788-f6: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UNKNOWN 
    link/ether fa:16:3e:33:69:a4 brd ff:ff:ff:ff:ff:ff
    inet 10.0.0.2/24 brd 10.0.0.255 scope global tap8763a788-f6
       valid_lft forever preferred_lft forever
    inet6 fe80::f816:3eff:fe33:69a4/64 scope link 
       valid_lft forever preferred_lft forever

[root@neutron ~]# ip netns exec qdhcp-76629398-f33f-4811-845f-ebc1a69cac64 route -n
Table de routage IP du noyau
Destination     Passerelle      Genmask         Indic Metric Ref    Use Iface
0.0.0.0         10.0.0.1        0.0.0.0         UG    0      0        0 tap8763a788-f6
10.0.0.0        0.0.0.0         255.255.255.0   U     0      0        0 tap8763a788-f6

i verify if my metadata service is working properly

[root@neutron ~]# ip netns exec qdhcp-76629398-f33f-4811-845f-ebc1a69cac64  curl http://169.254.169.254
1.0
2007-01-19
2007-03-01
2007-08-29
2007-10-10
2007-12-15
2008-02-01
2008-09-01
2009-04-04

For Ext-subnet

I buy public IP which are routed in my dedicated server

[root@neutron ~]# ip netns exec qdhcp-4468870e-3218-45d6-8811-14bf78b85b71 ip a
12: tapb7d508b9-c7: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UNKNOWN 
    link/ether fa:16:3e:19:0a:40 brd ff:ff:ff:ff:ff:ff
    inet 51.2XX.XX.2/24 brd 51.XXX.XX.255 scope global tapb7d508b9-c7
       valid_lft forever preferred_lft forever
    inet6 fe80::f826:3eff:fe12:a40/64 scope link 
       valid_lft forever preferred_lft forever

[root@neutron ~]# ip netns exec qdhcp-4468870e-3218-45d6-8811-14bf78b85b71 route -n
Table de routage IP du noyau
Destination     Passerelle      Genmask         Indic Metric Ref    Use Iface
0.0.0.0         51.2XX.XX.254  0.0.0.0         UG    0      0        0 tapb7d508b9-c7
51.2XX.XX.0    0.0.0.0         255.255.255.0   U     0      0        0 tapb7d508b9-c7

I can't get answer for this 

[root@neutron ~]# ip netns exec qdhcp-4468870e-3218-45d6-8811-14bf78b85b71 curl http://169.254.169.254
curl: (7) Failed connect to 169.254.169.254:80; Connexion terminée par expiration du délai d'attente

[root@neutron ~]# ovs-vsctl show
62b97c5d-da05-412c-85dc-5c750ee0c009
    Bridge br-int
        fail_mode: secure
        Port "tapb7d508b9-c7"
            tag: 2
            Interface "tapb7d508b9-c7"
                type: internal
        Port "qr-20ff9711-8a"
            tag: 1
            Interface "qr-20ff9711-8a"
                type: internal
        Port int-br-vlan
            Interface int-br-vlan
                type: patch
                options: {peer=phy-br-vlan}
        Port br-int
            Interface br-int
                type: internal
        Port int-br-data
            Interface int-br-data
                type: patch
                options: {peer=phy-br-data}
        Port "tap8763a788-f6"
            tag: 1
            Interface "tap8763a788-f6"
                type: internal
    Bridge br-vlan
        Port br-vlan
            Interface br-vlan
                type: internal
        Port "eth1"
            Interface "eth1"
        Port phy-br-vlan
            Interface phy-br-vlan
                type: patch
                options: {peer=int-br-vlan}
    Bridge br-data
        Port br-data
            Interface br-data
                type: internal
        Port "eth2"
            Interface "eth2"
        Port phy-br-data
            Interface phy-br-data
                type: patch
                options: {peer=int-br-data}
    ovs_version: "2.3.1"
edit retag flag offensive close merge delete
add a comment

2 answers

Sort by » oldest newest most voted
0

answered 2015-12-11 11:26:21 -0500

dbaxps gravatar image

updated 2015-12-11 11:45:48 -0500

Please, see

[root@ip-192-169-142-54 ~(keystone_demo)]# ip netns
qrouter-15aaee00-223f-4bf9-b7e0-a1ff4f97c20e
qdhcp-b526aca8-e8b0-4d39-a7d4-4d4e0ebfe5ed

[root@ip-192-169-142-54 ~(keystone_demo)]# ip netns exec qdhcp-b526aca8-e8b0-4d39-a7d4-4d4e0ebfe5ed curl http://169.254.169.254/latest/meta-data
<html>
 <head>
  <title>404 Not Found</title>
 </head>
 <body>
  <h1>404 Not Found</h1>
  The resource could not be found.<br /><br />
 </body>
</html>

[root@ip-192-169-142-54 ~(keystone_demo)]# ssh -i oskeyvip.pem ubuntu@192.169.142.151
The authenticity of host '192.169.142.151 (192.169.142.151)' can't be established.
ECDSA key fingerprint is b2:03:72:69:9e:d2:0b:2c:7c:43:47:90:21:42:af:b6.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added '192.169.142.151' (ECDSA) to the list of known hosts.
Welcome to Ubuntu 14.04.3 LTS (GNU/Linux 3.13.0-68-generic x86_64)

 * Documentation:  https://help.ubuntu.com/

  System information as of Fri Dec 11 10:16:03 UTC 2015

  System load:  0.02              Processes:           75
  Usage of /:   3.9% of 19.65GB   Users logged in:     0
  Memory usage: 3%                IP address for eth0: 10.0.0.4
  Swap usage:   0%

  Graph this data and manage this system at:
    https://landscape.canonical.com/

  Get cloud support with Ubuntu Advantage Cloud Guest:
    http://www.ubuntu.com/business/services/cloud


Last login: Fri Dec 11 10:16:08 2015 from 10.0.0.2
ubuntu@ubuntusrv01:~$ curl http://169.254.169.254/latest/meta-data
ami-id
ami-launch-index
ami-manifest-path
block-device-mapping/
hostname
instance-action
instance-id
instance-type
local-hostname
local-ipv4
placement/
public-hostname
public-ipv4
public-keys/
reservation-id

If you have a question "WHY" ?
Then see :- http://bderzhavets.blogspot.com/2015/...
Better read blogs of Neutron Core Developers :-
http://techbackground.blogspot.ie/201... (by Darragh O'Reilly )
instead of my remakes. It helps.

edit flag offensive delete link more
add a comment
0

answered 2015-12-13 15:24:54 -0500

nixman gravatar image

Thanks,

I solve problem

in /etc/neutron/dhcp_agent.ini

enable_isolated_metadata = True 

[root@neutron ~]# ip netns exec qdhcp-f9afafa6-71dc-4698-88b0-686a04ef3abd ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN 
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
    inet6 ::1/128 scope host 
       valid_lft forever preferred_lft forever
16: tapd185670c-43: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UNKNOWN 
    link/ether fa:16:3e:9c:fa:92 brd ff:ff:ff:ff:ff:ff
    inet 192.168.1.2/24 brd 192.168.1.255 scope global tapd185670c-43
       valid_lft forever preferred_lft forever
    inet 169.254.169.254/16 brd 169.254.255.255 scope global tapd185670c-43
       valid_lft forever preferred_lft forever
    inet6 fe80::f816:3eff:fe9c:fa92/64 scope link 
       valid_lft forever preferred_lft forever

and namespace for floating ip

[root@neutron ~]# ip netns exec qdhcp-4468870e-3218-45d6-8811-14bf78b85b71 ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN 
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
    inet6 ::1/128 scope host 
       valid_lft forever preferred_lft forever
15: tapd0f4d16a-9c: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UNKNOWN 
    link/ether fa:15:3e:54:2a:d3 brd ff:ff:ff:ff:ff:ff
    inet 1XX.XXX.XX.XX/29 brd 1XX.XXX.XX.XX9 scope global tapd0f4d16a-9c
       valid_lft forever preferred_lft forever
    inet 169.254.169.254/16 brd 169.254.255.255 scope global tapd0f4d16a-9c
       valid_lft forever preferred_lft forever
    inet 5X.2XX.XX.1/24 brd 5X.2XX.XX.255 scope global tapd0f4d16a-9c
       valid_lft forever preferred_lft forever
    inet6 fe60::f716:3eff:fe54:2ad2/64 scope link 
       valid_lft forever preferred_lft forever
edit flag offensive delete link more
add a comment

Your Answer

Please start posting anonymously - your entry will be published after you log in or create a new account.

Add Answer

Get to know Ask OpenStack

Resources for moderators

Question Tools

1 follower

subscribe to rss feed

Stats

Asked: 2015-12-11 10:35:24 -0500

Seen: 175 times

Last updated: Dec 13 '15

Related questions

openstack networking without dhcp in ironic

cloud-init can't get meta-data

curl http://169.254.169.254 fail on instance : code 500

How to automatically inject OS_AUTH parameter to instances

Update instances metadata with cli

What are the restrictions of metadata on Swift Object ?

force windows image to use EC2 metadata only for cloudbase-init

Calling 'http://169.254.169.254/2009-04-04/meta-data/instance-id' failed : Network is unreachable

Instance metadata

Metadata server strange issue